diff options
-rw-r--r-- | ChangeLog | 129 | ||||
-rw-r--r-- | changes/bug2081_followup | 9 | ||||
-rw-r--r-- | changes/bug2097-more | 6 | ||||
-rw-r--r-- | changes/bug2146.1 | 4 | ||||
-rw-r--r-- | changes/bug2210 | 5 | ||||
-rw-r--r-- | changes/bug2235 | 3 | ||||
-rw-r--r-- | changes/bytecount | 5 | ||||
-rw-r--r-- | changes/fix2195-fix | 6 | ||||
-rw-r--r-- | changes/gabelmoo-newip | 3 | ||||
-rw-r--r-- | changes/geoip-dec2010 | 3 | ||||
-rw-r--r-- | changes/mingw-openssl098m | 3 | ||||
-rw-r--r-- | changes/remove-website | 5 | ||||
-rw-r--r-- | changes/security_bug | 5 | ||||
-rw-r--r-- | changes/task2196 | 5 |
14 files changed, 129 insertions, 62 deletions
@@ -1,3 +1,132 @@ +Changes in version 0.2.2.20-alpha - 2010-12-17 + Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely + exploitable bugs. We also fix a variety of other significant bugs, + change the IP address for one of our directory authorities, and update + the minimum version that Tor relays must run to join the network. + + o Major bugfixes: + - Fix a remotely exploitable bug that could be used to crash instances + of Tor remotely by overflowing on the heap. Remote-code execution + hasn't been confirmed, but can't be ruled out. Everyone should + upgrade. Bugfix on the 0.1.1 series and later. + - Fix a bug that could break accounting on 64-bit systems with large + time_t values, making them hibernate for impossibly long intervals. + Fixes bug 2146. Bugfix on 0.0.9pre6; fix by boboper. + - Fix a logic error in directory_fetches_from_authorities() that + would cause all _non_-exits refusing single-hop-like circuits + to fetch from authorities, when we wanted to have _exits_ fetch + from authorities. Fixes more of 2097. Bugfix on 0.2.2.16-alpha; + fix by boboper. + - Fix a stream fairness bug that would cause newer streams on a given + circuit to get preference when reading bytes from the origin or + destination. Fixes bug 2210. Fix by Mashael AlSabah. This bug was + introduced before the first Tor release, in svn revision r152. + + o Directory authority changes: + - Change IP address and ports for gabelmoo (v3 directory authority). + + o Minor bugfixes: + - Avoid crashes when AccountingMax is set on clients. Fixes bug 2235. + Bugfix on 0.2.2.18-alpha. Diagnosed by boboper. + - Fix an off-by-one error in calculating some controller command + argument lengths. Fortunately, this mistake is harmless since + the controller code does redundant NUL termination too. Found by + boboper. Bugfix on 0.1.1.1-alpha. + - Do not dereference NULL if a bridge fails to build its + extra-info descriptor. Found by an anonymous commenter on + Trac. Bugfix on 0.2.2.19-alpha. + + o Minor features: + - Update to the December 1 2010 Maxmind GeoLite Country database. + - Directory authorities now reject relays running any versions of + Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have + known bugs that keep RELAY_EARLY cells from working on rendezvous + circuits. Followup to fix for bug 2081. + - Directory authorities now reject relays running any version of Tor + older than 0.2.0.26-rc. That version is the earliest that fetches + current directory information correctly. Fixes bug 2156. + - Report only the top 10 ports in exit-port stats in order not to + exceed the maximum extra-info descriptor length of 50 KB. Implements + task 2196. + - Build correctly on mingw with more recent version of OpenSSL 0.9.8. + Patch from mingw-san. + + +Changes in version 0.2.1.27 - 2010-11-23 + Yet another OpenSSL security patch broke its compatibility with Tor: + Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We + also took this opportunity to fix several crash bugs, integrate a new + directory authority, and update the bundled GeoIP database. + + o Major bugfixes: + - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b: + No longer set the tlsext_host_name extension on server SSL objects; + but continue to set it on client SSL objects. Our goal in setting + it was to imitate a browser, not a vhosting server. Fixes bug 2204; + bugfix on 0.2.1.1-alpha. + - Do not log messages to the controller while shrinking buffer + freelists. Doing so would sometimes make the controller connection + try to allocate a buffer chunk, which would mess up the internals + of the freelist and cause an assertion failure. Fixes bug 1125; + fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha. + - Learn our external IP address when we're a relay or bridge, even if + we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, + where we introduced bridge relays that don't need to publish to + be useful. Fixes bug 2050. + - Do even more to reject (and not just ignore) annotations on + router descriptors received anywhere but from the cache. Previously + we would ignore such annotations at first, but cache them to disk + anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer. + - When you're using bridges and your network goes away and your + bridges get marked as down, recover when you attempt a new socks + connection (if the network is back), rather than waiting up to an + hour to try fetching new descriptors for your bridges. Bugfix on + 0.2.0.3-alpha; fixes bug 1981. + + o Major features: + - Move to the November 2010 Maxmind GeoLite country db (rather + than the June 2009 ip-to-country GeoIP db) for our statistics that + count how many users relays are seeing from each country. Now we'll + have more accurate data, especially for many African countries. + + o New directory authorities: + - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory + authority. + + o Minor bugfixes: + - Fix an assertion failure that could occur in directory caches or + bridge users when using a very short voting interval on a testing + network. Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on + 0.2.0.8-alpha. + - Enforce multiplicity rules when parsing annotations. Bugfix on + 0.2.0.8-alpha. Found by piebeer. + - Allow handshaking OR connections to take a full KeepalivePeriod + seconds to handshake. Previously, we would close them after + IDLE_OR_CONN_TIMEOUT (180) seconds, the same timeout as if they + were open. Bugfix on 0.2.1.26; fixes bug 1840. Thanks to mingw-san + for analysis help. + - When building with --enable-gcc-warnings on OpenBSD, disable + warnings in system headers. This makes --enable-gcc-warnings + pass on OpenBSD 4.8. + + o Minor features: + - Exit nodes didn't recognize EHOSTUNREACH as a plausible error code, + and so sent back END_STREAM_REASON_MISC. Clients now recognize a new + stream ending reason for this case: END_STREAM_REASON_NOROUTE. + Servers can start sending this code when enough clients recognize + it. Bugfix on 0.1.0.1-rc; fixes part of bug 1793. + - Build correctly on mingw with more recent versions of OpenSSL 0.9.8. + Patch from mingw-san. + + o Removed files: + - Remove the old debian/ directory from the main Tor distribution. + The official Tor-for-debian git repository lives at the URL + https://git.torproject.org/debian/tor.git + - Stop shipping the old doc/website/ directory in the tarball. We + changed the website format in late 2010, and what we shipped in + 0.2.1.26 really wasn't that useful anyway. + + Changes in version 0.2.2.19-alpha - 2010-11-22 Yet another OpenSSL security patch broke its compatibility with Tor: Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b. diff --git a/changes/bug2081_followup b/changes/bug2081_followup deleted file mode 100644 index a53227c38e..0000000000 --- a/changes/bug2081_followup +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (authorities) - - Directory authorities now reject relays running any versions of - Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have - known bugs that keep RELAY_EARLY cells from working on rendezvous - circuits. Followup to fix for bug 2081. - - Directory authorities now reject relays running any version of Tor - older than 0.2.0.26-rc. That is the earliest version that fetches - current directory information correctly. Fix for bug 2156. - diff --git a/changes/bug2097-more b/changes/bug2097-more deleted file mode 100644 index 52351cc019..0000000000 --- a/changes/bug2097-more +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Fix a logic error in directory_fetches_from_authorities that - would cause all _non_-exits refusing single-hop-like circuits to - fetch from authorities, when we wanted to have _exits_ fetch - from authorities. Fix by boboper; fixes more of 2097; bugfix on - 0.2.2.16-alpha. diff --git a/changes/bug2146.1 b/changes/bug2146.1 deleted file mode 100644 index 5b91c59a68..0000000000 --- a/changes/bug2146.1 +++ /dev/null @@ -1,4 +0,0 @@ - - Major bugfixes: - o Fix a bug that could break accounting on 64-bit systems with large - time_t values, making them hibernate for impossibly long intervals. - Bugfix on 0.0.9pre6; fix for bug 2146; fix by boboper. diff --git a/changes/bug2210 b/changes/bug2210 deleted file mode 100644 index fe1c049fcd..0000000000 --- a/changes/bug2210 +++ /dev/null @@ -1,5 +0,0 @@ - o ?? bugfixes: - - Fix a bug that would cause newer streams on a given circuit to - get preference when reading bytes from the network. Fixes bug - 2210. Fix by Mashael AlSabah. This bug was introduced before - the first Tor release, in svn revision r152. diff --git a/changes/bug2235 b/changes/bug2235 deleted file mode 100644 index 0c3bafa44f..0000000000 --- a/changes/bug2235 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - Avoid crashes when AccountingMax is set on clients. Fixes bug 2235; - Bugfix on 0.2.2.18-alpha. Diagnosed by boboper. diff --git a/changes/bytecount b/changes/bytecount deleted file mode 100644 index 50c4d6b35e..0000000000 --- a/changes/bytecount +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes - - Fix a off-by-one error in calculating some controller command argument - lengths. Fortunately, this is harmless, the controller code does - redundant NUL termination too. Found by boboper. Bugfix on - 0.1.1.1-alpha. diff --git a/changes/fix2195-fix b/changes/fix2195-fix deleted file mode 100644 index 9f03c2465e..0000000000 --- a/changes/fix2195-fix +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Do not dereference NULL if a bridge fails to build its - extra-info descriptor. Previously, we would have dereferenced - NULL. Found by an anonymous commenter on Trac. Bugfix on - 0.2.2.19-alpha. - diff --git a/changes/gabelmoo-newip b/changes/gabelmoo-newip deleted file mode 100644 index 8e9a19c657..0000000000 --- a/changes/gabelmoo-newip +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address and ports for gabelmoo (v3 directory authority). - diff --git a/changes/geoip-dec2010 b/changes/geoip-dec2010 deleted file mode 100644 index d6247cee6b..0000000000 --- a/changes/geoip-dec2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the December 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/mingw-openssl098m b/changes/mingw-openssl098m deleted file mode 100644 index b4199760b7..0000000000 --- a/changes/mingw-openssl098m +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Build correctly on mingw with more recent version of OpenSSL 0.9.8. - Patch from mingw-san. diff --git a/changes/remove-website b/changes/remove-website deleted file mode 100644 index ecbfbf9bc2..0000000000 --- a/changes/remove-website +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Stop shipping the old doc/website/ directory in the tarball. We - changed the website format in late 2010, and what we shipped in - 0.2.1.26 really wasn't that useful anyway. - diff --git a/changes/security_bug b/changes/security_bug deleted file mode 100644 index 990beee506..0000000000 --- a/changes/security_bug +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a remotely exploitable bug that could be used to crash instances - of Tor remotely by overflowing on the heap. Remove-code execution - hasn't been confirmed, but can't be ruled out. Obviously, everyone - should upgrade. Bugfix on the 0.1.1 series and later. diff --git a/changes/task2196 b/changes/task2196 deleted file mode 100644 index e629fccac2..0000000000 --- a/changes/task2196 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Report only the top 10 ports in exit-port stats in order not to - exceed the maximum extra-info descriptor length of 50 KB. Implements - task 2196. - |