diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-02-23 16:08:09 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-02-23 16:08:09 -0500 |
| commit | c159617c0c0078bbbc877c069987dbf94f2cb956 (patch) | |
| tree | ae84df3320d9c60e4af497708ac5625fcbb61d8a | |
| parent | a33d9f9b2b74da38f560dd971cab048ae5ad0a69 (diff) | |
| download | tor-c159617c0c0078bbbc877c069987dbf94f2cb956.tar.gz tor-c159617c0c0078bbbc877c069987dbf94f2cb956.zip | |
Start an 0.2.8.13 changelog
| -rw-r--r-- | ChangeLog | 26 | ||||
| -rw-r--r-- | changes/geoip-february2017 | 4 | ||||
| -rw-r--r-- | changes/geoip-january2017 | 4 | ||||
| -rw-r--r-- | changes/trove-2017-001.2 | 8 |
4 files changed, 26 insertions, 16 deletions
@@ -1,3 +1,29 @@ +Changes in version 0.2.8.13 - 2017-03-?? + Tor 0.2.8.13 backports a security fixes from later Tor + releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this + this release, if for some reason they cannot upgrade to a later + release series, and if they build Tor with the --enable-expensive-hardening + option. + + Note that support for Tor 0.2.8.x is ending this year: we will not issue + any fixes for the Tor 0.2.8.x series after 1 August 2017. If you need + a Tor release series with longer-term support, we recommend Tor 0.2.9.x. + + + o Major bugfixes (parsing, also in 0.3.0.4-rc): + - Fix an integer underflow bug when comparing malformed Tor versions. + This bug is harmless, except when Tor has been built with + --enable-expensive-hardening, which would turn it into a crash; + or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with + -ftrapv by default. + Part of TROVE-2017-001. Fixes bug 21278; bugfix on + 0.0.8pre1. Found by OSS-Fuzz. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + + Changes in version 0.2.8.12 - 2016-12-19 Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018 below) where Tor clients could crash when attempting to visit a diff --git a/changes/geoip-february2017 b/changes/geoip-february2017 deleted file mode 100644 index ec54b6122a..0000000000 --- a/changes/geoip-february2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2017 b/changes/geoip-january2017 deleted file mode 100644 index de1a4cbe2a..0000000000 --- a/changes/geoip-january2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/trove-2017-001.2 b/changes/trove-2017-001.2 deleted file mode 100644 index 3ef073cf9f..0000000000 --- a/changes/trove-2017-001.2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (parsing): - - Fix an integer underflow bug when comparing malformed Tor versions. - This bug is harmless, except when Tor has been built with - --enable-expensive-hardening, which would turn it into a crash; - or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with - -ftrapv by default. - Part of TROVE-2017-001. Fixes bug 21278; bugfix on - 0.0.8pre1. Found by OSS-Fuzz. |