summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2012-06-12 07:50:34 -0400
committerRoger Dingledine <arma@torproject.org>2012-06-12 07:50:34 -0400
commit7516b4ac99fddf05f54dadaeaee95e49c729a36c (patch)
treece9a7fefbbde36f43a3d9594d8af4c0208a1709b
parent2294d16113e65a935cb07aa4a1f918b3bdf73d44 (diff)
downloadtor-7516b4ac99fddf05f54dadaeaee95e49c729a36c.tar.gz
tor-7516b4ac99fddf05f54dadaeaee95e49c729a36c.zip
forward-port the 0.2.2.37 changelog
-rw-r--r--ChangeLog27
-rw-r--r--ReleaseNotes27
2 files changed, 54 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 72a3f2e1ea..cc7663c23c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -36,6 +36,33 @@ Changes in version 0.2.3.17-alpha - 2012-06-??
CircuitBuildTimeout is set unreasonably low. Resolves ticket 5452.
+Changes in version 0.2.2.37 - 2012-06-06
+ Tor 0.2.2.37 introduces a workaround for a critical renegotiation
+ bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
+ currently).
+
+ o Major bugfixes:
+ - Work around a bug in OpenSSL that broke renegotiation with TLS
+ 1.1 and TLS 1.2. Without this workaround, all attempts to speak
+ the v2 Tor connection protocol when both sides were using OpenSSL
+ 1.0.1 would fail. Resolves ticket 6033.
+ - When waiting for a client to renegotiate, don't allow it to add
+ any bytes to the input buffer. This fixes a potential DoS issue.
+ Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
+ - Fix an edge case where if we fetch or publish a hidden service
+ descriptor, we might build a 4-hop circuit and then use that circuit
+ for exiting afterwards -- even if the new last hop doesn't obey our
+ ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
+
+ o Minor bugfixes:
+ - Fix a build warning with Clang 3.1 related to our use of vasprintf.
+ Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
+
+ o Minor features:
+ - Tell GCC and Clang to check for any errors in format strings passed
+ to the tor_v*(print|scan)f functions.
+
+
Changes in version 0.2.3.16-alpha - 2012-06-05
Tor 0.2.3.16-alpha introduces a workaround for a critical renegotiation
bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
diff --git a/ReleaseNotes b/ReleaseNotes
index 563f94dbb6..93e38faf3f 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -3,6 +3,33 @@ This document summarizes new features and bugfixes in each stable release
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.2.37 - 2012-06-06
+ Tor 0.2.2.37 introduces a workaround for a critical renegotiation
+ bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
+ currently).
+
+ o Major bugfixes:
+ - Work around a bug in OpenSSL that broke renegotiation with TLS
+ 1.1 and TLS 1.2. Without this workaround, all attempts to speak
+ the v2 Tor connection protocol when both sides were using OpenSSL
+ 1.0.1 would fail. Resolves ticket 6033.
+ - When waiting for a client to renegotiate, don't allow it to add
+ any bytes to the input buffer. This fixes a potential DoS issue.
+ Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
+ - Fix an edge case where if we fetch or publish a hidden service
+ descriptor, we might build a 4-hop circuit and then use that circuit
+ for exiting afterwards -- even if the new last hop doesn't obey our
+ ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
+
+ o Minor bugfixes:
+ - Fix a build warning with Clang 3.1 related to our use of vasprintf.
+ Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
+
+ o Minor features:
+ - Tell GCC and Clang to check for any errors in format strings passed
+ to the tor_v*(print|scan)f functions.
+
+
Changes in version 0.2.2.36 - 2012-05-24
Tor 0.2.2.36 updates the addresses for two of the eight directory
authorities, fixes some potential anonymity and security issues,