forward-port the 0.4.8.x change stanzas

somehow our release process is not moving these into git main

1 files changed, 148 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 3669a5c39f..632cd8a751 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,151 @@
+Changes in version 0.4.8.9 - 2023-11-09
+  This is another security release fixing a high severity bug affecting onion
+  services which is tracked by TROVE-2023-006. We are also releasing a guard
+  major bugfix as well. If you are an onion service operator, we strongly
+  recommend to update as soon as possible.
+
+  o Major bugfixes (guard usage):
+    - When Tor excluded a guard due to temporary circuit restrictions,
+      it considered *additional* primary guards for potential usage by
+      that circuit. This could result in more than the specified number
+      of guards (currently 2) being used, long-term, by the tor client.
+      This could happen when a Guard was also selected as an Exit node,
+      but it was exacerbated by the Conflux guard restrictions. Both
+      instances have been fixed. Fixes bug 40876; bugfix
+      on 0.3.0.1-alpha.
+
+  o Major bugfixes (onion service, TROVE-2023-006):
+    - Fix a possible hard assert on a NULL pointer when recording a
+      failed rendezvous circuit on the service side for the MetricsPort.
+      Fixes bug 40883; bugfix on 0.4.8.1-alpha
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on November 09, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/11/09.
+
+
+Changes in version 0.4.8.8 - 2023-11-03
+  We are releasing today a fix for a high security issue, TROVE-2023-004, that
+  is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
+  as soon as posssible.
+
+  o Major bugfixes (TROVE-2023-004, relay):
+    - Mitigate an issue when Tor compiled with OpenSSL can crash during
+      handshake with a remote relay. Fixes bug 40874; bugfix
+      on 0.2.7.2-alpha.
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on November 03, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/11/03.
+
+  o Minor bugfixes (directory authority):
+    - Look at the network parameter "maxunmeasuredbw" with the correct
+      spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
+
+  o Minor bugfixes (vanguards addon support):
+    - Count the conflux linked cell as valid when it is successfully
+      processed. This will quiet a spurious warn in the vanguards addon.
+      Fixes bug 40878; bugfix on 0.4.8.1-alpha.
+
+
+Changes in version 0.4.8.7 - 2023-09-25
+  This version fixes a single major bug in the Conflux subsystem on the client
+  side. See below for more information. The upcoming Tor Browser 13 stable will
+  pick this up.
+
+  o Major bugfixes (conflux):
+    - Fix an issue that prevented us from pre-building more conflux sets
+      after existing sets had been used. Fixes bug 40862; bugfix
+      on 0.4.8.1-alpha.
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on September 25, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/09/25.
+
+
+Changes in version 0.4.8.6 - 2023-09-18
+  This version contains an important fix for onion service regarding congestion
+  control and its reliability. Apart from that, uneeded BUG warnings have been
+  suppressed especially about a compression bomb seen on relays. We strongly
+  recommend, in particular onion service operators, to upgrade as soon as
+  possible to this latest stable.
+
+  o Major bugfixes (onion service):
+    - Fix a reliability issue where services were expiring their
+      introduction points every consensus update. This caused
+      connectivity issues for clients caching the old descriptor and
+      intro points. Bug reported and fixed by gitlab user
+      @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha.
+
+  o Minor features (debugging, compression):
+    - Log the input and output buffer sizes when we detect a potential
+      compression bomb. Diagnostic for ticket 40739.
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on September 18, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/09/18.
+
+  o Minor bugfix (defensive programming):
+    - Disable multiple BUG warnings of a missing relay identity key when
+      starting an instance of Tor compiled without relay support. Fixes
+      bug 40848; bugfix on 0.4.3.1-alpha.
+
+  o Minor bugfixes (bridge authority):
+    - When reporting a pseudo-networkstatus as a bridge authority, or
+      answering "ns/purpose/*" controller requests, include accurate
+      published-on dates from our list of router descriptors. Fixes bug
+      40855; bugfix on 0.4.8.1-alpha.
+
+  o Minor bugfixes (compression, zstd):
+    - Use less frightening language and lower the log-level of our run-
+      time ABI compatibility check message in our Zstd compression
+      subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha.
+
+
+Changes in version 0.4.8.5 - 2023-08-30
+  Quick second release after the first stable few days ago fixing minor
+  annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation
+  failures and PoW unit test.
+
+  o Minor features (fallbackdir):
+    - Regenerate fallback directories generated on August 30, 2023.
+
+  o Minor features (geoip data):
+    - Update the geoip files to match the IPFire Location Database, as
+      retrieved on 2023/08/30.
+
+  o Minor bugfix (NetBSD, compilation):
+    - Fix compilation issue on NetBSD by avoiding an unnecessary
+      dependency on "huge" page mappings in Equi-X. Fixes bug 40843;
+      bugfix on 0.4.8.1-alpha.
+
+  o Minor bugfix (NetBSD, testing):
+    - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on
+      x86_64 and aarch64 NetBSD hosts, by adding support for
+      PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha.
+
+  o Minor bugfixes (conflux):
+    - Demote a relay-side warn about too many legs to ProtocolWarn, as
+      there are conditions that it can briefly happen during set
+      construction. Also add additional set logging details for all
+      error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha.
+    - Prevent non-fatal assert stacktrace caused by using conflux sets
+      during their teardown process. Fixes bug 40842; bugfix
+      on 0.4.8.1-alpha.
+
+
 Changes in version 0.4.8.4 - 2023-08-23
   Finally, this is the very first stable release of the 0.4.8.x series making
   Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire