diff options
| -rw-r--r-- | ChangeLog | 13 | ||||
| -rw-r--r-- | changes/buffer_bug | 7 |
2 files changed, 12 insertions, 8 deletions
@@ -1,10 +1,21 @@ -Changes in version 0.2.1.32 - 201?-??-?? +Changes in version 0.2.1.32 - 2011-12-16 + Tor 0.2.1.32 backports important security and privacy fixes for + oldstable. This release is intended only for package maintainers and + others who cannot use the 0.2.2 stable series. All others should be + using Tor 0.2.2.x or newer. + + The Tor 0.2.1.x series will reach formal end-of-life some time in + early 2012, when we will stop releasing patches for it. o Major bugfixes (also included in 0.2.2.x): - Correctly sanity-check that we don't underflow on a memory allocation (and then assert) for hidden service introduction point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; bugfix on 0.2.1.5-alpha. + - Fix a heap overflow bug that could occur when trying to pull + data into the first chunk of a buffer, when that chunk had + already had some data drained from it. Fixes CVE-2011-2778; + bugfix on 0.2.0.16-alpha. Reported by "Vektor". o Minor features: - Update to the December 6 2011 Maxmind GeoLite Country database. diff --git a/changes/buffer_bug b/changes/buffer_bug deleted file mode 100644 index 634f609533..0000000000 --- a/changes/buffer_bug +++ /dev/null @@ -1,7 +0,0 @@ - - o Major bugfixes: - - Fix a heap overflow bug that could occur when trying to pull - data into the first chunk of a buffer, when that chunk had - already had some data drained from it. Fixes CVE-2011-2778; - bugfix on 0.2.0.16-alpha. Reported by "Vektor". - |