diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:41:17 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:41:17 -0500 |
| commit | 1826ff6532804c2c074ade36a70262f986cfb3e3 (patch) | |
| tree | 2b5bdb2a17563a0c86dd7a3701cd9be30bc55157 | |
| parent | de43ef3e3e93b5cb48b00fb4022426f0acdf081f (diff) | |
| download | tor-1826ff6532804c2c074ade36a70262f986cfb3e3.tar.gz tor-1826ff6532804c2c074ade36a70262f986cfb3e3.zip | |
Draft changelog for 0.2.9.15
| -rw-r--r-- | ChangeLog | 36 | ||||
| -rw-r--r-- | changes/bug25249 | 3 | ||||
| -rw-r--r-- | changes/bug25249.2 | 3 | ||||
| -rw-r--r-- | changes/trove-2018-001.1 | 6 | ||||
| -rw-r--r-- | changes/trove-2018-004 | 8 |
5 files changed, 34 insertions, 22 deletions
@@ -1,7 +1,25 @@ Changes in version 0.2.9.15 - 2018-03-xx Tor 0.2.9.15 backports important security and stability bugfixes from - later Tor releases. All Tor users should upgrade to this release, or - to another of the releases coming out today. + later Tor releases. + + It includes an important security fix for a remote crash attack + against directory authorities, tracked as TROVE-2018-001. + + This release also backports our new system for improved resistance to + denial-of-service attacks against relays. + + This release also fixes several minor bugs and annoyances from + earlier releases. + + All directory authorities should upgrade to one of the versions + released today. All relays not already running Tor 0.3.3.2-alpha or + later should upgrade to one of the versions released today. + + o Major bugfixes (denial-of-service, directory authority, backport from 0.3.3.3-alpha): + - Fix a protocol-list handling bug that could be used to remotely crash + directory authorities with a null-pointer exception. Fixes bug 25074; + bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001 and + CVE-2018-0490. o Major features (denial-of-service mitigation): - Give relays some defenses against the recent network overload. We @@ -98,6 +116,14 @@ with the OwningControllerProcess feature. Fixes bug 24198; bugfix on 0.2.5.1-alpha. + o Minor bugfixes (denial-of-service, backport from 0.3.3.3-alpha): + - Fix a possible crash on malformed consensus. If a consensus had + contained an unparseable protocol line, it could have made clients + and relays crash with a null-pointer exception. To exploit this + issue, however, an attacker would need to be able to subvert the + directory authority system. Fixes bug 25251; bugfix on + 0.2.9.4-alpha. Also tracked as TROVE-2018-004. + o Minor bugfixes (memory usage): - When queuing DESTROY cells on a channel, only queue the circuit-id and reason fields: not the entire 514-byte cell. This fix should @@ -142,6 +168,12 @@ the other side ever sent a create_fast cell to us. Backports part of the fixes from bugs 22805 and 24898. + o Minor bugfixes (spec conformance, backport from 0.3.3.3-alpha): + - Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on + 0.2.9.4-alpha. + - Forbid UINT32_MAX as a protocol version. Fixes part of bug 25249; + bugfix on 0.2.9.4-alpha. + Changes in version 0.2.9.14 - 2017-12-01 Tor 0.2.9.14 backports important security and stability bugfixes from diff --git a/changes/bug25249 b/changes/bug25249 deleted file mode 100644 index b4153eeaef..0000000000 --- a/changes/bug25249 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (spec conformance): - - Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on - 0.2.9.4-alpha. diff --git a/changes/bug25249.2 b/changes/bug25249.2 deleted file mode 100644 index 9058c11071..0000000000 --- a/changes/bug25249.2 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (spec conformance): - - Forbid UINT32_MAX as a protocol version. Fixes part of bug 25249; - bugfix on 0.2.9.4-alpha. diff --git a/changes/trove-2018-001.1 b/changes/trove-2018-001.1 deleted file mode 100644 index f0ee92f409..0000000000 --- a/changes/trove-2018-001.1 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (denial-of-service, directory authority): - - Fix a protocol-list handling bug that could be used to remotely crash - directory authorities with a null-pointer exception. Fixes bug 25074; - bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001. - - diff --git a/changes/trove-2018-004 b/changes/trove-2018-004 deleted file mode 100644 index 37e0a89b0d..0000000000 --- a/changes/trove-2018-004 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (denial-of-service): - - Fix a possible crash on malformed consensus. If a consensus had - contained an unparseable protocol line, it could have made clients - and relays crash with a null-pointer exception. To exploit this - issue, however, an attacker would need to be able to subvert the - directory-authority system. Fixes bug 25251; bugfix on - 0.2.9.4-alpha. Also tracked as TROVE-2018-004. - |