diff options
| author | Nick Mathewson <nickm@torproject.org> | 2021-03-15 09:27:26 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2021-03-15 09:27:26 -0400 |
| commit | 0c66af2e69ab1ddf02a645d33eba3ce14c6cc4a8 (patch) | |
| tree | b04b6009fd784b6d56e1bc4f55c5b1576cbfba3a /ChangeLog | |
| parent | 0d04a9a82945680788cff446215b98fd68b9f055 (diff) | |
| download | tor-0c66af2e69ab1ddf02a645d33eba3ce14c6cc4a8.tar.gz tor-0c66af2e69ab1ddf02a645d33eba3ce14c6cc4a8.zip | |
Changelog for 0.3.5.14.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 48 |
1 files changed, 48 insertions, 0 deletions
@@ -1,3 +1,51 @@ +Changes in version 0.3.5.14 - 2021-03-16 + Tor 0.3.5.14 backports fixes for two important denial-of-service bugs + in earlier versions of Tor. + + One of these vulnerabilities (TROVE-2021-001) would allow an attacker + who can send directory data to a Tor instance to force that Tor + instance to consume huge amounts of CPU. This is easiest to exploit + against authorities, since anybody can upload to them, but directory + caches could also exploit this vulnerability against relays or clients + when they download. The other vulnerability (TROVE-2021-002) only + affects directory authorities, and would allow an attacker to remotely + crash the authority with an assertion failure. Patches have already + been provided to the authority operators, to help ensure + network stability. + + We recommend that everybody upgrade to one of the releases that fixes + these issues (0.3.5.14, 0.4.4.8, or 0.4.5.7) as they become available + to you. + + This release also updates our GeoIP data source, and fixes a + compatibility issue. + + o Major bugfixes (security, denial of service, backport from 0.4.5.7): + - Disable the dump_desc() function that we used to dump unparseable + information to disk. It was called incorrectly in several places, + in a way that could lead to excessive CPU usage. Fixes bug 40286; + bugfix on 0.2.2.1-alpha. This bug is also tracked as TROVE-2021- + 001 and CVE-2021-28089. + - Fix a bug in appending detached signatures to a pending consensus + document that could be used to crash a directory authority. Fixes + bug 40316; bugfix on 0.2.2.6-alpha. Tracked as TROVE-2021-002 + and CVE-2021-28090. + + o Minor features (geoip data, backport from 0.4.5.7): + - We have switched geoip data sources. Previously we shipped IP-to- + country mappings from Maxmind's GeoLite2, but in 2019 they changed + their licensing term, so we were unable to update them after that + point. We now ship geoip files based on the IPFire Location + Database instead. (See https://location.ipfire.org/ for more + information). This release updates our geoip files to match the + IPFire Location Database as retrieved on 2021/03/12. Closes + ticket 40224. + + o Removed features (mallinfo deprecated, backport from 0.4.5.7): + - Remove mallinfo() usage entirely. Libc 2.33+ now deprecates it. + Closes ticket 40309. + + Changes in version 0.3.5.13 - 2020-02-03 Tor 0.3.5.13 backports numerous bugfixes from later releases, including one that made v3 onion services more susceptible to |