diff options
| author | Roger Dingledine <arma@torproject.org> | 2012-10-25 16:00:23 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2012-10-25 16:00:23 -0400 |
| commit | 4984e60a7f58056ed741bb68308e3b437bd7fdd7 (patch) | |
| tree | 4ba1df1306a83cb90c51a393a94f528206454792 | |
| parent | 41a3cb592307133faf6824994ade153fa96595b2 (diff) | |
| download | tor-4984e60a7f58056ed741bb68308e3b437bd7fdd7.tar.gz tor-4984e60a7f58056ed741bb68308e3b437bd7fdd7.zip | |
update the release notes too
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | ReleaseNotes | 28 |
2 files changed, 17 insertions, 13 deletions
@@ -7,7 +7,7 @@ Changes in version 0.2.3.24-rc - 2012-10-25 o Major bugfixes (security): - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed - by "some guy from France." Fix for CVE-2012-2250; bugfix on + by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory diff --git a/ReleaseNotes b/ReleaseNotes index db82dc158e..5717330a7d 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -260,6 +260,22 @@ Changes in version 0.2.3.x - 2012-10-?? was closed. Fixes bug 7139; bugfix on all versions of Tor linked against OpenSSL 1.0.0 or later. Found by Florent Daignière. + o Major bugfixes (crashes and asserts): + - Avoid a pair of double-free and use-after-mark bugs that can + occur with certain timings in canceled and re-received DNS + requests. Fixes bug 6472; bugfix on 0.0.7rc1. + - Fix a denial of service attack by which any directory authority + could crash all the others, or by which a single v2 directory + authority could crash everybody downloading v2 directory + information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. + - Fix an assert that directory authorities could trigger on sighup + during some configuration state transitions. We now don't treat + it as a fatal error when the new descriptor we just generated in + init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha. + - Avoid segfault when starting up having run with an extremely old + version of Tor and parsing its state file. Fixes bug 6801; bugfix + on 0.2.2.23-alpha. + o Major bugfixes (clients): - If we are unable to find any exit that supports our predicted ports, stop calling them predicted, so that we don't loop and build @@ -543,18 +559,6 @@ Changes in version 0.2.3.x - 2012-10-?? structures. Fixes issue 3135; issue noted by "wanoskarnet". - Shorten links in the tor-exit-notice file. Patch by Christian Kujau. - o Minor bugfixes (crashes and asserts): - - Avoid a pair of double-free and use-after-mark bugs that can - occur with certain timings in canceled and re-received DNS - requests. Fixes bug 6472; bugfix on 0.0.7rc1. - - Fix an assert that directory authorities could trigger on sighup - during some configuration state transitions. We now don't treat - it as a fatal error when the new descriptor we just generated in - init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha. - - Avoid segfault when starting up having run with an extremely old - version of Tor and parsing its state file. Fixes bug 6801; bugfix - on 0.2.2.23-alpha. - o Minor bugfixes (code security): - Prevent a null-pointer dereference when receiving a data cell for a nonexistent stream when the circuit in question has an |