diff options
| -rw-r--r-- | ChangeLog | 148 | ||||
| -rw-r--r-- | ReleaseNotes | 142 | ||||
| -rw-r--r-- | changes/bug40841 | 5 | ||||
| -rw-r--r-- | changes/bug40842 | 4 | ||||
| -rw-r--r-- | changes/bug40855 | 6 | ||||
| -rw-r--r-- | changes/bug40858 | 6 | ||||
| -rw-r--r-- | changes/bug40862 | 3 | ||||
| -rw-r--r-- | changes/bug40869 | 3 | ||||
| -rw-r--r-- | changes/bug40876 | 8 | ||||
| -rw-r--r-- | changes/bug40878 | 4 | ||||
| -rw-r--r-- | changes/fallbackdirs-2023-08-30 | 2 | ||||
| -rw-r--r-- | changes/fallbackdirs-2023-09-18 | 2 | ||||
| -rw-r--r-- | changes/fallbackdirs-2023-09-25 | 2 | ||||
| -rw-r--r-- | changes/fallbackdirs-2023-11-03 | 2 | ||||
| -rw-r--r-- | changes/fallbackdirs-2023-11-09 | 2 | ||||
| -rw-r--r-- | changes/geoip-2023-08-30 | 3 | ||||
| -rw-r--r-- | changes/geoip-2023-09-18 | 3 | ||||
| -rw-r--r-- | changes/geoip-2023-09-25 | 3 | ||||
| -rw-r--r-- | changes/geoip-2023-11-03 | 3 | ||||
| -rw-r--r-- | changes/geoip-2023-11-09 | 3 | ||||
| -rw-r--r-- | changes/ticket40739 | 3 | ||||
| -rw-r--r-- | changes/ticket40815 | 4 | ||||
| -rw-r--r-- | changes/ticket40843 | 3 | ||||
| -rw-r--r-- | changes/ticket40844 | 4 | ||||
| -rw-r--r-- | changes/ticket40848 | 4 | ||||
| -rw-r--r-- | changes/ticket40874 | 3 | ||||
| -rw-r--r-- | changes/ticket40883 | 4 |
27 files changed, 290 insertions, 89 deletions
@@ -1,3 +1,151 @@ +Changes in version 0.4.8.9 - 2023-11-09 + This is another security release fixing a high severity bug affecting onion + services which is tracked by TROVE-2023-006. We are also releasing a guard + major bugfix as well. If you are an onion service operator, we strongly + recommend to update as soon as possible. + + o Major bugfixes (guard usage): + - When Tor excluded a guard due to temporary circuit restrictions, + it considered *additional* primary guards for potential usage by + that circuit. This could result in more than the specified number + of guards (currently 2) being used, long-term, by the tor client. + This could happen when a Guard was also selected as an Exit node, + but it was exacerbated by the Conflux guard restrictions. Both + instances have been fixed. Fixes bug 40876; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (onion service, TROVE-2023-006): + - Fix a possible hard assert on a NULL pointer when recording a + failed rendezvous circuit on the service side for the MetricsPort. + Fixes bug 40883; bugfix on 0.4.8.1-alpha + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on November 09, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/11/09. + + +Changes in version 0.4.8.8 - 2023-11-03 + We are releasing today a fix for a high security issue, TROVE-2023-004, that + is affecting relays. Also a few minor bugfixes detailed below. Please upgrade + as soon as posssible. + + o Major bugfixes (TROVE-2023-004, relay): + - Mitigate an issue when Tor compiled with OpenSSL can crash during + handshake with a remote relay. Fixes bug 40874; bugfix + on 0.2.7.2-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on November 03, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/11/03. + + o Minor bugfixes (directory authority): + - Look at the network parameter "maxunmeasuredbw" with the correct + spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha. + + o Minor bugfixes (vanguards addon support): + - Count the conflux linked cell as valid when it is successfully + processed. This will quiet a spurious warn in the vanguards addon. + Fixes bug 40878; bugfix on 0.4.8.1-alpha. + + +Changes in version 0.4.8.7 - 2023-09-25 + This version fixes a single major bug in the Conflux subsystem on the client + side. See below for more information. The upcoming Tor Browser 13 stable will + pick this up. + + o Major bugfixes (conflux): + - Fix an issue that prevented us from pre-building more conflux sets + after existing sets had been used. Fixes bug 40862; bugfix + on 0.4.8.1-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on September 25, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/09/25. + + +Changes in version 0.4.8.6 - 2023-09-18 + This version contains an important fix for onion service regarding congestion + control and its reliability. Apart from that, uneeded BUG warnings have been + suppressed especially about a compression bomb seen on relays. We strongly + recommend, in particular onion service operators, to upgrade as soon as + possible to this latest stable. + + o Major bugfixes (onion service): + - Fix a reliability issue where services were expiring their + introduction points every consensus update. This caused + connectivity issues for clients caching the old descriptor and + intro points. Bug reported and fixed by gitlab user + @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha. + + o Minor features (debugging, compression): + - Log the input and output buffer sizes when we detect a potential + compression bomb. Diagnostic for ticket 40739. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on September 18, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/09/18. + + o Minor bugfix (defensive programming): + - Disable multiple BUG warnings of a missing relay identity key when + starting an instance of Tor compiled without relay support. Fixes + bug 40848; bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (bridge authority): + - When reporting a pseudo-networkstatus as a bridge authority, or + answering "ns/purpose/*" controller requests, include accurate + published-on dates from our list of router descriptors. Fixes bug + 40855; bugfix on 0.4.8.1-alpha. + + o Minor bugfixes (compression, zstd): + - Use less frightening language and lower the log-level of our run- + time ABI compatibility check message in our Zstd compression + subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha. + + +Changes in version 0.4.8.5 - 2023-08-30 + Quick second release after the first stable few days ago fixing minor + annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation + failures and PoW unit test. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on August 30, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/08/30. + + o Minor bugfix (NetBSD, compilation): + - Fix compilation issue on NetBSD by avoiding an unnecessary + dependency on "huge" page mappings in Equi-X. Fixes bug 40843; + bugfix on 0.4.8.1-alpha. + + o Minor bugfix (NetBSD, testing): + - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on + x86_64 and aarch64 NetBSD hosts, by adding support for + PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha. + + o Minor bugfixes (conflux): + - Demote a relay-side warn about too many legs to ProtocolWarn, as + there are conditions that it can briefly happen during set + construction. Also add additional set logging details for all + error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. + - Prevent non-fatal assert stacktrace caused by using conflux sets + during their teardown process. Fixes bug 40842; bugfix + on 0.4.8.1-alpha. + + Changes in version 0.4.8.4 - 2023-08-23 Finally, this is the very first stable release of the 0.4.8.x series making Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire diff --git a/ReleaseNotes b/ReleaseNotes index 3504ec179c..6030c1ac77 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,148 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.4.8.9 - 2023-11-09 + This is another security release fixing a high severity bug affecting onion + services which is tracked by TROVE-2023-006. We are also releasing a guard + major bugfix as well. If you are an onion service operator, we strongly + recommend to update as soon as possible. + + o Major bugfixes (guard usage): + - When Tor excluded a guard due to temporary circuit restrictions, + it considered *additional* primary guards for potential usage by + that circuit. This could result in more than the specified number + of guards (currently 2) being used, long-term, by the tor client. + This could happen when a Guard was also selected as an Exit node, + but it was exacerbated by the Conflux guard restrictions. Both + instances have been fixed. Fixes bug 40876; bugfix + on 0.3.0.1-alpha. + + o Major bugfixes (onion service, TROVE-2023-006): + - Fix a possible hard assert on a NULL pointer when recording a + failed rendezvous circuit on the service side for the MetricsPort. + Fixes bug 40883; bugfix on 0.4.8.1-alpha + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on November 09, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/11/09. + + +Changes in version 0.4.8.8 - 2023-11-03 + We are releasing today a fix for a high security issue, TROVE-2023-004, that + is affecting relays. Also a few minor bugfixes detailed below. Please upgrade + as soon as posssible. + + o Major bugfixes (TROVE-2023-004, relay): + - Mitigate an issue when Tor compiled with OpenSSL can crash during + handshake with a remote relay. Fixes bug 40874; bugfix + on 0.2.7.2-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on November 03, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/11/03. + + o Minor bugfixes (directory authority): + - Look at the network parameter "maxunmeasuredbw" with the correct + spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha. + + o Minor bugfixes (vanguards addon support): + - Count the conflux linked cell as valid when it is successfully + processed. This will quiet a spurious warn in the vanguards addon. + Fixes bug 40878; bugfix on 0.4.8.1-alpha. + + +Changes in version 0.4.8.7 - 2023-09-25 + This version fixes a single major bug in the Conflux subsystem on the client + side. See below for more information. The upcoming Tor Browser 13 stable will + pick this up. + + o Major bugfixes (conflux): + - Fix an issue that prevented us from pre-building more conflux sets + after existing sets had been used. Fixes bug 40862; bugfix + on 0.4.8.1-alpha. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on September 25, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/09/25. + + +Changes in version 0.4.8.6 - 2023-09-18 + o Major bugfixes (onion service): + - Fix a reliability issue where services were expiring their + introduction points every consensus update. This caused + connectivity issues for clients caching the old descriptor and + intro points. Bug reported and fixed by gitlab user + @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha. + + o Minor features (debugging, compression): + - Log the input and output buffer sizes when we detect a potential + compression bomb. Diagnostic for ticket 40739. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on September 18, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/09/18. + + o Minor bugfix (defensive programming): + - Disable multiple BUG warnings of a missing relay identity key when + starting an instance of Tor compiled without relay support. Fixes + bug 40848; bugfix on 0.4.3.1-alpha. + + o Minor bugfixes (bridge authority): + - When reporting a pseudo-networkstatus as a bridge authority, or + answering "ns/purpose/*" controller requests, include accurate + published-on dates from our list of router descriptors. Fixes bug + 40855; bugfix on 0.4.8.1-alpha. + + o Minor bugfixes (compression, zstd): + - Use less frightening language and lower the log-level of our run- + time ABI compatibility check message in our Zstd compression + subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha. + + +Changes in version 0.4.8.5 - 2023-08-30 + Quick second release after the first stable few days ago fixing minor + annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation + failures and PoW unit test. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on August 30, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/08/30. + + o Minor bugfix (NetBSD, compilation): + - Fix compilation issue on NetBSD by avoiding an unnecessary + dependency on "huge" page mappings in Equi-X. Fixes bug 40843; + bugfix on 0.4.8.1-alpha. + + o Minor bugfix (NetBSD, testing): + - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on + x86_64 and aarch64 NetBSD hosts, by adding support for + PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha. + + o Minor bugfixes (conflux): + - Demote a relay-side warn about too many legs to ProtocolWarn, as + there are conditions that it can briefly happen during set + construction. Also add additional set logging details for all + error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. + - Prevent non-fatal assert stacktrace caused by using conflux sets + during their teardown process. Fixes bug 40842; bugfix + on 0.4.8.1-alpha. + + Changes in version 0.4.8.4 - 2023-08-23 Finally, this is the very first stable release of the 0.4.8.x series making, among other features, Proof-of-Work (prop#327) and Conflux (prop#329) diff --git a/changes/bug40841 b/changes/bug40841 deleted file mode 100644 index 2e67db3261..0000000000 --- a/changes/bug40841 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (conflux): - - Demote a relay-side warn about too many legs to ProtocolWarn, - as there are conditions that it can briefly happen during set - construction. Also add additional set logging details for - all error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. diff --git a/changes/bug40842 b/changes/bug40842 deleted file mode 100644 index bf3bd8bd03..0000000000 --- a/changes/bug40842 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (conflux): - - Prevent non-fatal assert stacktrace caused by using conflux - sets during their teardown process. Fixes bug 40842; - bugfix on 0.4.8.1-alpha. diff --git a/changes/bug40855 b/changes/bug40855 deleted file mode 100644 index b455ac9a48..0000000000 --- a/changes/bug40855 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (bridge authority): - - When reporting a pseudo-networkstatus as a bridge authority, - or answering "ns/purpose/*" controller requests, - include accurate published-on dates from our - list of router descriptors. Fixes bug 40855; - bugfix on 0.4.8.1-alpha. diff --git a/changes/bug40858 b/changes/bug40858 deleted file mode 100644 index 4b9d85616e..0000000000 --- a/changes/bug40858 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (onion service): - - Fix a reliability issue where services were expiring their - introduction points every consensus update. This caused connectivity - issues for clients caching the old descriptor and intro points. Bug - reported and fixed by gitlab user @hyunsoo.kim676. Fixes bug 40858; - bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40862 b/changes/bug40862 deleted file mode 100644 index 83ad9376d9..0000000000 --- a/changes/bug40862 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (conflux): - - Fix an issue that prevented us from pre-building more conflux sets after - existing sets had been used. Fixes bug 40862; bugfix on 0.4.8.1-alpha. diff --git a/changes/bug40869 b/changes/bug40869 deleted file mode 100644 index da9666333f..0000000000 --- a/changes/bug40869 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (directory authority): - - Look at the network parameter "maxunmeasuredbw" with the - correct spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha. diff --git a/changes/bug40876 b/changes/bug40876 deleted file mode 100644 index a467cf64c1..0000000000 --- a/changes/bug40876 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (guard usage): - - When Tor excluded a guard due to temporary circuit restrictions, - it considered *additional* primary guards for potential usage - by that circuit. This could result in more than the specified number - of guards (currently 2) being used, long-term, by the tor client. - This could happen when a Guard was also selected as an Exit node, - but it was exacerbated by the Conflux guard restrictions. Both - instances have been fixed. Fixes bug 40876; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug40878 b/changes/bug40878 deleted file mode 100644 index 503ace69da..0000000000 --- a/changes/bug40878 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (vanguards addon support): - - Count the conflux linked cell as valid when it is successfully - processed. This will quiet a spurious warn in the vanguards addon. - Fixes bug 40878; bugfix on 0.4.8.1-alpha. diff --git a/changes/fallbackdirs-2023-08-30 b/changes/fallbackdirs-2023-08-30 deleted file mode 100644 index 499fc8e168..0000000000 --- a/changes/fallbackdirs-2023-08-30 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on August 30, 2023. diff --git a/changes/fallbackdirs-2023-09-18 b/changes/fallbackdirs-2023-09-18 deleted file mode 100644 index be3ef1720f..0000000000 --- a/changes/fallbackdirs-2023-09-18 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on September 18, 2023. diff --git a/changes/fallbackdirs-2023-09-25 b/changes/fallbackdirs-2023-09-25 deleted file mode 100644 index b5cd48d5d1..0000000000 --- a/changes/fallbackdirs-2023-09-25 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on September 25, 2023. diff --git a/changes/fallbackdirs-2023-11-03 b/changes/fallbackdirs-2023-11-03 deleted file mode 100644 index a6456a97e7..0000000000 --- a/changes/fallbackdirs-2023-11-03 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on November 03, 2023. diff --git a/changes/fallbackdirs-2023-11-09 b/changes/fallbackdirs-2023-11-09 deleted file mode 100644 index fcdc92280b..0000000000 --- a/changes/fallbackdirs-2023-11-09 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on November 09, 2023. diff --git a/changes/geoip-2023-08-30 b/changes/geoip-2023-08-30 deleted file mode 100644 index 2238cbf788..0000000000 --- a/changes/geoip-2023-08-30 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/08/30. diff --git a/changes/geoip-2023-09-18 b/changes/geoip-2023-09-18 deleted file mode 100644 index d09d9d4a53..0000000000 --- a/changes/geoip-2023-09-18 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/09/18. diff --git a/changes/geoip-2023-09-25 b/changes/geoip-2023-09-25 deleted file mode 100644 index a6ec201381..0000000000 --- a/changes/geoip-2023-09-25 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/09/25. diff --git a/changes/geoip-2023-11-03 b/changes/geoip-2023-11-03 deleted file mode 100644 index eedd3394ad..0000000000 --- a/changes/geoip-2023-11-03 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/11/03. diff --git a/changes/geoip-2023-11-09 b/changes/geoip-2023-11-09 deleted file mode 100644 index cf38ab9b47..0000000000 --- a/changes/geoip-2023-11-09 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/11/09. diff --git a/changes/ticket40739 b/changes/ticket40739 deleted file mode 100644 index f60bfc5d87..0000000000 --- a/changes/ticket40739 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (debugging, compression): - - Log the input and output buffer sizes when we detect a potential - compression bomb. Diagnostic for ticket 40739. diff --git a/changes/ticket40815 b/changes/ticket40815 deleted file mode 100644 index 88129b7bb1..0000000000 --- a/changes/ticket40815 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compression, zstd): - - Use less frightening language and lower the log-level of our run-time ABI - compatibility check message in our Zstd compression subsystem. Fixes bug - 40815; bugfix on 0.4.3.1-alpha. diff --git a/changes/ticket40843 b/changes/ticket40843 deleted file mode 100644 index 3af63a9164..0000000000 --- a/changes/ticket40843 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfix (NetBSD, compilation): - - Fix compilation issue on NetBSD by avoiding an unnecessary dependency on - "huge" page mappings in Equi-X. Fixes bug 40843; bugfix on 0.4.8.1-alpha.
\ No newline at end of file diff --git a/changes/ticket40844 b/changes/ticket40844 deleted file mode 100644 index 73d3bb2b76..0000000000 --- a/changes/ticket40844 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (NetBSD, testing): - - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on x86_64 - and aarch64 NetBSD hosts, by adding support for PROT_MPROTECT() flags. - Fixes bug 40844; bugfix on 0.4.8.1-alpha.
\ No newline at end of file diff --git a/changes/ticket40848 b/changes/ticket40848 deleted file mode 100644 index a50a9a028f..0000000000 --- a/changes/ticket40848 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (defensive programming): - - Disable multiple BUG warnings of a missing relay identity key when - starting an instance of Tor compiled without relay support. - Fixes bug 40848; bugfix on 0.4.3.1-alpha. diff --git a/changes/ticket40874 b/changes/ticket40874 deleted file mode 100644 index e1091f6b63..0000000000 --- a/changes/ticket40874 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (TROVE-2023-004, relay): - - Mitigate an issue when Tor compiled with OpenSSL can crash during - handshake with a remote relay. Fixes bug 40874; bugfix on 0.2.7.2-alpha. diff --git a/changes/ticket40883 b/changes/ticket40883 deleted file mode 100644 index 1186571122..0000000000 --- a/changes/ticket40883 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (onion service, TROVE-2023-006): - - Fix a possible hard assert on a NULL pointer when recording a failed - rendezvous circuit on the service side for the MetricsPort. Fixes bug - 40883; bugfix on 0.4.8.1-alpha |