aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-06-11 16:37:08 -0400
committerNick Mathewson <nickm@torproject.org>2018-06-11 16:37:08 -0400
commit8be3513743aa953d03ff321ceee029cace1f78d8 (patch)
tree951b5e099457d96444cf90b1705c27525cc71330 /ChangeLog
parentf399887cfec8ddaf33cac06b2abad25a3d42aac9 (diff)
downloadtor-8be3513743aa953d03ff321ceee029cace1f78d8.tar.gz
tor-8be3513743aa953d03ff321ceee029cace1f78d8.zip
start the 0.3.4.2-alpha changelog
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog59
1 files changed, 59 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 757700a725..4bdc524c85 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,62 @@
+Changes in version 0.3.4.2-alpha - 2018-06-12
+ Tor 0.3.4.2-alpha fixes several minor bugs in the previous alpha release,
+ and forward-ports an authority-only security fix from 0.3.3.6.
+
+ o Major bugfixes (security, directory authority, denial-of-service, also in 0.3.3.6):
+ - Fix a bug that could have allowed an attacker to force a
+ directory authority to use up all its RAM by passing it a
+ maliciously crafted protocol versions string. Fixes bug 25517;
+ bugfix on 0.2.9.4-alpha. This issue is also tracked as
+ TROVE-2018-005.
+
+ o Minor features (continuous integration):
+ - Add the necessary configuration files for continuous integration
+ testing on Windows, via the Appveyor platform. Closes ticket 25549.
+ Patches from Marcin Cieślak and Isis Lovecruft.
+
+ o Minor bugfixes (compatibility, openssl):
+ - Work around a change in OpenSSL 1.1.1 where
+ return values that would previously indicate "no password" now
+ indicate an empty password. Without this workaround, Tor instances
+ running with OpenSSL 1.1.1 would accept descriptors that other Tor
+ instances would reject. Fixes bug 26116; bugfix on 0.2.5.16.
+
+ o Minor bugfixes (compilation):
+ - Fix compilation when building with OpenSSL 1.1.0 with the
+ "no-deprecated" flag enabled. Fixes bug 26156; bugfix on 0.3.4.1-alpha.
+
+ o Minor bugfixes (control port):
+ - Do not count 0-length RELAY_COMMAND_DATA cells as valid data in CIRC_BW
+ events. Previously, such cells were counted entirely in the OVERHEAD
+ field. Now they are not. Fixes bug 26259; bugfix on 0.3.4.1-alpha.
+
+ o Minor bugfixes (controller):
+ - Improve accuracy of the BUILDTIMEOUT_SET control port event's
+ TIMEOUT_RATE and CLOSE_RATE fields. (We were previously miscounting
+ the total number of circuits for these field values.) Fixes bug
+ 26121; bugfix on 0.3.3.1-alpha.
+
+ o Minor bugfixes (hardening):
+ - Prevent a possible out-of-bounds smartlist read in
+ protover_compute_vote(). Fixes bug 26196; bugfix on
+ 0.2.9.4-alpha.
+
+ o Minor bugfixes (onion services):
+ - Fix a bug that blocked the creation of ephemeral v3 onion services. Fixes
+ bug 25939; bugfix on 0.3.4.1-alpha.
+
+ o Minor bugfixes (test coverage tools):
+ - Update our "cov-diff" script to handle output from the latest
+ version of gcov, and to remove extraneous timestamp information
+ from its output. Fixes bugs 26101 and 26102; bugfix on
+ 0.2.5.1-alpha.
+
+ o Documentation:
+ - In code comment, point the reader to the exact section
+ in Tor specification that specifies circuit close error
+ code values. Resolves ticket 25237.
+
+
Changes in version 0.3.3.6 - 2018-05-22
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
backports several important fixes from the 0.3.4.1-alpha.