diff options
39 files changed, 230 insertions, 201 deletions
@@ -1,3 +1,208 @@ +Changes in version 0.2.3.21-rc - 2012-09-05 + Tor 0.2.3.21-rc is the fourth release candidate for the Tor 0.2.3.x + series. It fixes a trio of potential security bugs, fixes a bug where + we were leaving some of the fast relays out of the microdescriptor + consensus, resumes interpreting "ORPort 0" and "DirPort 0" correctly, + and cleans up other smaller issues. + + o Major bugfixes (security): + - Tear down the circuit if we get an unexpected SENDME cell. Clients + could use this trick to make their circuits receive cells faster + than our flow control would have allowed, or to gum up the network, + or possibly to do targeted memory denial-of-service attacks on + entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor -- + from July 2002, before the release of Tor 0.0.0. We had committed + this patch previously, but we had to revert it because of bug 6271. + Now that 6271 is fixed, this patch appears to work. + - Reject any attempt to extend to an internal address. Without + this fix, a router could be used to probe addresses on an internal + network to see whether they were accepting connections. Fixes bug + 6710; bugfix on 0.0.8pre1. + - Do not crash when comparing an address with port value 0 to an + address policy. This bug could have been used to cause a remote + assertion failure by or against directory authorities, or to + allow some applications to crash clients. Fixes bug 6690; bugfix + on 0.2.1.10-alpha. + + o Major bugfixes: + - Remove the upper bound on microdescriptor length. We were hitting + the limit for routers with complex exit policies or family + declarations, causing clients to not use them. Fixes the first + piece of bug 6404; fix on 0.2.2.6-alpha. + - Detect "ORPort 0" as meaning, uniformly, that we're not running + as a relay. Previously, some of our code would treat the presence + of any ORPort line as meaning that we should act like a relay, + even though our new listener code would correctly not open any + ORPorts for ORPort 0. Similar bugs in other Port options are also + fixed. Fixes the first half of bug 6507; bugfix on 0.2.3.3-alpha. + + o Minor bugfixes: + - Avoid a pair of double-free and use-after-mark bugs that can + occur with certain timings in canceled and re-received DNS + requests. Fixes bug 6472; bugfix on 0.0.7rc1. + - Fix build and 64-bit compile warnings from --enable-openbsd-malloc. + Fixes bug 6379. Bugfix on 0.2.0.20-rc. + - Allow one-hop directory fetching circuits the full "circuit build + timeout" period, rather than just half of it, before failing them + and marking the relay down. This fix should help reduce cases where + clients declare relays (or worse, bridges) unreachable because + the TLS handshake takes a few seconds to complete. Fixes bug 6743; + bugfix on 0.2.2.2-alpha, where we changed the timeout from a static + 30 seconds. + - Authorities no longer include any router in their microdescriptor + consensuses for which they couldn't generate or agree on a + microdescriptor. Fixes the second piece of bug 6404; fix on + 0.2.2.6-alpha. + - Detect and reject attempts to specify both "FooPort" and + "FooPort 0" in the same configuration domain. (It's still okay + to have a FooPort in your configuration file, and use "FooPort 0" + on the command line to disable it.) Fixes the second half of bug + 6507; bugfix on 0.2.3.3-alpha. + - Make wildcarded addresses (that is, ones beginning with "*.") work + when provided via the controller's MapAddress command. Previously, + they were accepted, but we never actually noticed that they were + wildcards. Fixes bug 6244; bugfix on 0.2.3.9-alpha. + - Add a (probably redundant) memory clear between iterations of + the router status voting loop, to prevent future coding errors + where data might leak between iterations of the loop. Resolves + ticket 6514. + + o Minor bugfixes (log messages): + - Downgrade "set buildtimeout to low value" messages to "info" + severity; they were never an actual problem, there was never + anything reasonable to do about them, and they tended to spam logs + from time to time. Fixes bug 6251; bugfix on 0.2.2.2-alpha. + - Downgrade path-bias warning messages to "info". We'll try to get + them working better in 0.2.4. Add internal circuit construction + state to protect against the noisy warn message "Unexpectedly high + circuit_successes". Also add some additional rate-limited notice + messages to help determine the root cause of the warn. Fixes bug + 6475. Bugfix against 0.2.3.17-beta. + - Move log message when unable to find a microdesc in a routerstatus + entry to parse time. Previously we'd spam this warning every time + we tried to figure out which microdescriptors to download. Fixes + the third piece of bug 6404; fix on 0.2.3.18-rc. + + o Minor features: + - Consider new, removed or changed IPv6 OR ports a non-cosmetic + change when the authority is deciding whether to accept a newly + uploaded descriptor. Implements ticket 6423. + - Add missing documentation for consensus and microdesc files. + Resolves ticket 6732. + + +Changes in version 0.2.2.38 - 2012-08-12 + Tor 0.2.2.38 fixes a remotely triggerable crash bug, and fixes a timing + attack that could in theory leak path information. + + o Security fixes: + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha. + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. Previously, a Tor client would + stop iterating through the list of available relays as soon as it + had chosen one, thus finishing a little earlier when it picked + a router earlier in the list. If an attacker can recover this + timing information (nontrivial but not proven to be impossible), + they could learn some coarse-grained information about which relays + a client was picking (middle nodes in particular are likelier to + be affected than exits). The timing attack might be mitigated by + other factors (see bug 6537 for some discussion), but it's best + not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1. + + +Changes in version 0.2.3.20-rc - 2012-08-05 + Tor 0.2.3.20-rc is the third release candidate for the Tor 0.2.3.x + series. It fixes a pair of code security bugs and a potential anonymity + issue, updates our RPM spec files, and cleans up other smaller issues. + + o Security fixes: + - Avoid read-from-freed-memory and double-free bugs that could occur + when a DNS request fails while launching it. Fixes bug 6480; + bugfix on 0.2.0.1-alpha. + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha. + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. Previously, a Tor client would + stop iterating through the list of available relays as soon as it + had chosen one, thus finishing a little earlier when it picked + a router earlier in the list. If an attacker can recover this + timing information (nontrivial but not proven to be impossible), + they could learn some coarse-grained information about which relays + a client was picking (middle nodes in particular are likelier to + be affected than exits). The timing attack might be mitigated by + other factors (see bug 6537 for some discussion), but it's best + not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1. + + o Minor features: + - Try to make the warning when giving an obsolete SOCKSListenAddress + a little more useful. + - Terminate active server managed proxies if Tor stops being a + relay. Addresses parts of bug 6274; bugfix on 0.2.3.6-alpha. + - Provide a better error message about possible OSX Asciidoc failure + reasons. Fixes bug 6436. + - Warn when Tor is configured to use accounting in a way that can + link a hidden service to some other hidden service or public + address. Resolves ticket 6490. + + o Minor bugfixes: + - Check return value of fputs() when writing authority certificate + file. Fixes Coverity issue 709056; bugfix on 0.2.0.1-alpha. + - Ignore ServerTransportPlugin lines when Tor is not configured as + a relay. Fixes bug 6274; bugfix on 0.2.3.6-alpha. + - When disabling guards for having too high a proportion of failed + circuits, make sure to look at each guard. Fixes bug 6397; bugfix + on 0.2.3.17-beta. + + o Packaging (RPM): + - Update our default RPM spec files to work with mock and rpmbuild + on RHEL/Fedora. They have an updated set of dependencies and + conflicts, a fix for an ancient typo when creating the "_tor" + user, and better instructions. Thanks to Ondrej Mikle for the + patch series. Fixes bug 6043. + + o Testing: + - Make it possible to set the TestingTorNetwork configuration + option using AlternateDirAuthority and AlternateBridgeAuthority + as an alternative to setting DirServer. Addresses ticket 6377. + + o Documentation: + - Clarify the documentation for the Alternate*Authority options. + Fixes bug 6387. + - Fix some typos in the manpages. Patch from A. Costa. Fixes bug 6500. + + o Code simplification and refactoring: + - Do not use SMARTLIST_FOREACH for any loop whose body exceeds + 10 lines. Also, don't nest them. Doing so in the past has + led to hard-to-debug code. The new style is to use the + SMARTLIST_FOREACH_{BEGIN,END} pair. Addresses issue 6400. + + +Changes in version 0.2.3.19-rc - 2012-07-06 + Tor 0.2.3.19-rc is the second release candidate for the Tor 0.2.3.x + series. It fixes the compile on Windows, reverts to a GeoIP database + that isn't as broken, and fixes a flow control bug that has been around + since the beginning of Tor. + + o Major bugfixes: + - Fix a bug handling SENDME cells on nonexistent streams that could + result in bizarre window values. Report and patch contributed + pseudonymously. Fixes part of bug 6271. This bug was introduced + before the first Tor release, in svn commit r152. + - Revert to the May 1 2012 Maxmind GeoLite Country database. In the + June 2012 database, Maxmind marked many Tor relays as country "A1", + which will cause risky behavior for clients that set EntryNodes + or ExitNodes. Addresses bug 6334; bugfix on 0.2.3.17-beta. + - Instead of ENOBUFS on Windows, say WSAENOBUFS. Fixes compilation + on Windows. Fixes bug 6296; bugfix on 0.2.3.18-rc. + + o Minor bugfixes: + - Fix wrong TCP port range in parse_port_range(). Fixes bug 6218; + bugfix on 0.2.1.10-alpha. + + Changes in version 0.2.3.18-rc - 2012-06-28 Tor 0.2.3.18-rc is the first release candidate for the Tor 0.2.3.x series. It fixes a few smaller bugs, but generally appears stable. @@ -225,7 +430,7 @@ Changes in version 0.2.3.16-alpha - 2012-06-05 indefinitely. Fixes bug 5380; bugfix on 0.2.1.14-rc. - When fetching a bridge descriptor from a bridge authority, always do so anonymously, whether we have been able to open - circuits or not. Partial fix for bug 1938; bugfix on 2.0.7-alpha. + circuits or not. Partial fix for bug 1938; bugfix on 0.2.0.7-alpha. This behavior makes it *safer* to use UpdateBridgesFromAuthority, but we'll need to wait for bug 6010 before it's actually usable. diff --git a/ReleaseNotes b/ReleaseNotes index 93e38faf3f..0d710d9c42 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -3,6 +3,27 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.2.2.38 - 2012-08-12 + Tor 0.2.2.38 fixes a remotely triggerable crash bug, and fixes a timing + attack that could in theory leak path information. + + o Security fixes: + - Avoid an uninitialized memory read when reading a vote or consensus + document that has an unrecognized flavor name. This read could + lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha. + - Try to leak less information about what relays a client is + choosing to a side-channel attacker. Previously, a Tor client would + stop iterating through the list of available relays as soon as it + had chosen one, thus finishing a little earlier when it picked + a router earlier in the list. If an attacker can recover this + timing information (nontrivial but not proven to be impossible), + they could learn some coarse-grained information about which relays + a client was picking (middle nodes in particular are likelier to + be affected than exits). The timing attack might be mitigated by + other factors (see bug 6537 for some discussion), but it's best + not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1. + + Changes in version 0.2.2.37 - 2012-06-06 Tor 0.2.2.37 introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself diff --git a/changes/bug6043 b/changes/bug6043 deleted file mode 100644 index b88bafb788..0000000000 --- a/changes/bug6043 +++ /dev/null @@ -1,6 +0,0 @@ - o Packaging (RPM): - - Our default RPM spec files have been updated to work with mock - and rpmbuild on RHEL/Fedora. They have an updated set of - dependencies and conflicts, a fix for an ancient typo when creating - the "_tor" user, and better instructions. Thanks to Ondrej - Mikle for the patch series; fix for bug 6043. diff --git a/changes/bug6218 b/changes/bug6218 deleted file mode 100644 index 5d5d108b00..0000000000 --- a/changes/bug6218 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Fix wrong TCP port range in parse_port_range(). Fixes bug 6218; - bugfix on 0.2.1.10-alpha. diff --git a/changes/bug6244_part_c b/changes/bug6244_part_c deleted file mode 100644 index dea6e7b69e..0000000000 --- a/changes/bug6244_part_c +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (controller): - - Make wildcarded addresses (that is, ones beginning with *.) work when - provided via the controller's MapAddress command. Previously, they - were accepted, but we never actually noticed that they were wildcards. - Fix for bug 6244; bugfix on 0.2.3.9-alpha. - diff --git a/changes/bug6251 b/changes/bug6251 deleted file mode 100644 index c782a93e49..0000000000 --- a/changes/bug6251 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Downgrade "set buildtimeout to low value" messages to INFO - severity; they were never an actual problem, there was never - anything reasonable to do about them, and they tended to spam - logs from time to time. Fix for bug 6251; bugfix on - 0.2.2.2-alpha.
\ No newline at end of file diff --git a/changes/bug6252_again b/changes/bug6252_again deleted file mode 100644 index f7fd00cb38..0000000000 --- a/changes/bug6252_again +++ /dev/null @@ -1,11 +0,0 @@ - o Security fixes: - - Tear down the circuit if we get an unexpected SENDME cell. Clients - could use this trick to make their circuits receive cells faster - than our flow control would have allowed, or to gum up the network, - or possibly to do targeted memory denial-of-service attacks on - entry nodes. Fixes bug 6252. Bugfix on the 54th commit on Tor -- - from July 2002, before the release of Tor 0.0.0. We had committed - this patch previously, but we had to revert it because of bug 6271. - Now that 6271 is fixed, this appears to work. - - diff --git a/changes/bug6271 b/changes/bug6271 deleted file mode 100644 index 06b129f73f..0000000000 --- a/changes/bug6271 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes - - - Fix a bug handling SENDME cells on nonexistent streams that - could result in bizarre window values. Report and patch - contributed pseudymously. Fixes part of bug 6271. This bug - was introduced before the first Tor release, in svn commit - r152. diff --git a/changes/bug6274 b/changes/bug6274 deleted file mode 100644 index ad1abcde54..0000000000 --- a/changes/bug6274 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes: - - Ignore ServerTransportPlugin lines when Tor is not configured as - a relay. Fixes bug 6274; bugfix on 0.2.3.6-alpha. diff --git a/changes/bug6274_2 b/changes/bug6274_2 deleted file mode 100644 index 89576f9328..0000000000 --- a/changes/bug6274_2 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Terminate active server managed proxies if Tor stops being a - relay. Addresses parts of bug 6274; bugfix on 0.2.3.6-alpha. diff --git a/changes/bug6296 b/changes/bug6296 deleted file mode 100644 index b452b1745d..0000000000 --- a/changes/bug6296 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - - Instead of ENOBUFS on Windows, say WSAENOBUFS. Fixes - compilation on Windows. Fixes bug 6296; bugfix on 0.2.3.18-rc. diff --git a/changes/bug6377 b/changes/bug6377 deleted file mode 100644 index a3a3672783..0000000000 --- a/changes/bug6377 +++ /dev/null @@ -1,4 +0,0 @@ - o Testing: - - Make it possible to set the TestingTorNetwork configuration - option using AlternateDirAuthority and AlternateBridgeAuthority - as an alternative to setting DirServer. diff --git a/changes/bug6379 b/changes/bug6379 deleted file mode 100644 index 1f2b6941cd..0000000000 --- a/changes/bug6379 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Fix build warnings from --enable-openbsd-malloc with gcc warnings - enabled. Fixes bug 6379. - - Fix 64-bit warnings from --enable-openbsd-malloc. Fixes bug 6379. - Bugfix on 0.2.0.20-rc. - diff --git a/changes/bug6387 b/changes/bug6387 deleted file mode 100644 index 73fc4f7cfe..0000000000 --- a/changes/bug6387 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Clarify the documentation for the Alternate*Authority options. - Fixes bug 6387. diff --git a/changes/bug6397 b/changes/bug6397 deleted file mode 100644 index 23d8359bd2..0000000000 --- a/changes/bug6397 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - When disabling guards for having too high a proportion of failed - circuits, make sure to look at each guard. Fix for bug 6397; bugfix - on 0.2.3.17-beta. diff --git a/changes/bug6404 b/changes/bug6404 deleted file mode 100644 index 948f00b92e..0000000000 --- a/changes/bug6404 +++ /dev/null @@ -1,16 +0,0 @@ - o Minor bugfixes: - - - Remove the maximum length of microdescriptor we are willing to - generate. Occasionally this is needed for routers - with complex policies or family declarations. Partial fix for - bug 6404; fix on 0.2.2.6-alpha. - - - Authorities no longer include any router in their - microdescriptor consensuses for which they couldn't generate or - agree on a microdescriptor. Partial fix for bug 6404; fix on - 0.2.2.6-alpha. - - - Move log message when unable to find a microdesc in a - routerstatus entry to parse time. Previously we'd spam this - warning every time we tried to figure out which microdescriptors - to download. Partial fix for bug 6404; fix on 0.2.3.18-rc. diff --git a/changes/bug6423 b/changes/bug6423 deleted file mode 100644 index 2ea4f1410d..0000000000 --- a/changes/bug6423 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Consider new, removed or changed IPv6 OR ports a non cosmetic - change. diff --git a/changes/bug6436 b/changes/bug6436 deleted file mode 100644 index 2c163df105..0000000000 --- a/changes/bug6436 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Provide a better error message about possible OSX Asciidoc failure - reasons. Fix for bug 6436. diff --git a/changes/bug6472 b/changes/bug6472 deleted file mode 100644 index dcd42ebe68..0000000000 --- a/changes/bug6472 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Avoid a pair of double-free and use-after-mark bugs that can - occur with certain timings in canceled and re-received DNS - requests. Fix for bug 6472; bugfix on 0.0.7rc1. diff --git a/changes/bug6475 b/changes/bug6475 deleted file mode 100644 index 67bab99622..0000000000 --- a/changes/bug6475 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Add internal circuit construction state to protect against - the noisy warn message "Unexpectedly high circuit_successes". - Also add some additional rate-limited notice messages to help - determine the root cause of the warn. Fixes bug 6475. - Bugfix against 0.2.3.17-beta. diff --git a/changes/bug6480 b/changes/bug6480 deleted file mode 100644 index 83ae00b251..0000000000 --- a/changes/bug6480 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Avoid read-from-freed-RAM bug and related double-free bug that - could occur when a DNS request fails while launching it. Fixes - bug 6480; bugfix on 0.2.0.1-alpha. - diff --git a/changes/bug6490 b/changes/bug6490 deleted file mode 100644 index c92daad8f4..0000000000 --- a/changes/bug6490 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Warn when Tor is configured to use accounting in a way that will - link a hidden service to some other hidden service or public - address. Fix for bug 6490. diff --git a/changes/bug6500 b/changes/bug6500 deleted file mode 100644 index cac2054a3a..0000000000 --- a/changes/bug6500 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor bugfixes: - - Fix some typos in the manpages. Patch from A. Costa. Fixes bug 6500. diff --git a/changes/bug6507 b/changes/bug6507 deleted file mode 100644 index 89940cbf7b..0000000000 --- a/changes/bug6507 +++ /dev/null @@ -1,15 +0,0 @@ - o Major bugfixes: - - Detect 'ORPort 0' as meaning, uniformly, that we're not running - as a server. Previously, some of our code would treat the - presence of any ORPort line as meaning that we should act like a - server, even though our new listener code would correctly not - open any ORPorts for ORPort 0. Similar bugs in other Port - options are also fixed. Fixes bug 6507; bugfix on 0.2.3.3-alpha. - - o Minor features: - - - Detect and reject attempts to specify both 'FooPort' and - 'FooPort 0' in the same configuration domain. (It's still okay - to have a FooPort in your configuration file,and use 'FooPort 0' - on the command line to disable it.) Fixes another case of - bug6507; bugfix on 0.2.3.3-alpha. diff --git a/changes/bug6514 b/changes/bug6514 deleted file mode 100644 index 84633bd279..0000000000 --- a/changes/bug6514 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Add a (probably redundant) memory clear between iterations of - the router status voting loop, to prevent future coding errors - where data might leak between iterations of the loop. Resolves - ticket 6514. diff --git a/changes/bug6530 b/changes/bug6530 deleted file mode 100644 index 825bbb752a..0000000000 --- a/changes/bug6530 +++ /dev/null @@ -1,5 +0,0 @@ - o Major security fixes: - - Avoid a read of uninitializd RAM when reading a vote or consensus - document with an unrecognized flavor name. This could lead to a - remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha. - diff --git a/changes/bug6690 b/changes/bug6690 deleted file mode 100644 index 99d42976ed..0000000000 --- a/changes/bug6690 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (security): - - Do not crash when comparing an address with port value 0 to an - address policy. This bug could have been used to cause a remote - assertion failure by or against directory authorities, or to - allow some applications to crash clients. Fixes bug 6690; bugfix - on 0.2.1.10-alpha. - diff --git a/changes/bug6710 b/changes/bug6710 deleted file mode 100644 index 2c89346114..0000000000 --- a/changes/bug6710 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security): - - Reject any attempt to extend to an internal address. Without - this fix, a router could be used to probe addresses on an - internal network to see whether they were accepting - connections. Fix for bug 6710; bugfix on 0.0.8pre1. - diff --git a/changes/bug6732 b/changes/bug6732 deleted file mode 100644 index 7a744e014a..0000000000 --- a/changes/bug6732 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Add missing documentation for consensus and microdesc files. Fix for - bug 6732. diff --git a/changes/bug6743 b/changes/bug6743 deleted file mode 100644 index 6ec78f853a..0000000000 --- a/changes/bug6743 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Allow one-hop directory fetching circuits the full "circuit build - timeout" period, rather than just half of it, before failing them - and marking the relay down. This fix should help reduce cases where - clients declare relays (or worse, bridges) unreachable because - the TLS handshake takes a few seconds to complete. Fixes bug 6743; - bugfix on 0.2.2.2-alpha, where we changed the timeout from a static - 30 seconds. - diff --git a/changes/cov709056 b/changes/cov709056 deleted file mode 100644 index 64a75ad8a2..0000000000 --- a/changes/cov709056 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Check return value of fputs() when writing authority certificate - file. Fixes Coverity issue 709056; bugfix on 0.2.0.1-alpha. - diff --git a/changes/disable_pathbias_messages b/changes/disable_pathbias_messages deleted file mode 100644 index 3bc996347b..0000000000 --- a/changes/disable_pathbias_messages +++ /dev/null @@ -1,3 +0,0 @@ - o Disabeled features - - Downgrade path-bias warning messages to INFO. We'll try to get them - working better in 0.2.4. Fixes bug 6475; bugfix on 0.2.3.17-beta. diff --git a/changes/pathsel-BUGGY-a b/changes/pathsel-BUGGY-a deleted file mode 100644 index 2e642c7953..0000000000 --- a/changes/pathsel-BUGGY-a +++ /dev/null @@ -1,14 +0,0 @@ - o Security fixes: - - - Try to leak less information about what relays a client is - choosing to a side-channel attacker. Previously, a Tor client - would stop iterating through the list of available relays as - soon as it had chosen one, thus finishing a little earlier - when it picked a router earlier in the list. If an attacker - can recover this timing information (nontrivial but not - proven to be impossible), they could learn some coarse- - grained information about which relays a client was picking - (middle nodes in particular are likelier to be affected than - exits). The timing attack might be mitigated by other factors - (see bug #6537 for some discussion), but it's best not to - take chances. Fixes bug 6537; bugfix on 0.0.8rc1. diff --git a/changes/port_doc b/changes/port_doc deleted file mode 100644 index 0e8662f0ab..0000000000 --- a/changes/port_doc +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (usability): - - Try to make the warning when giving an obsolete SOCKSListenAddress - a littel more useful. diff --git a/changes/revert-geoip-may2012 b/changes/revert-geoip-may2012 deleted file mode 100644 index e420947a34..0000000000 --- a/changes/revert-geoip-may2012 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Revert to the May 1 2012 Maxmind GeoLite Country database. In the - June 2012 database, Maxmind marked many Tor relays as country "A1", - which will cause risky behavior for clients that set EntryNodes - or ExitNodes. Addresses bug 6334; bugfix on 0.2.3.17-beta. - diff --git a/changes/smartlist_foreach b/changes/smartlist_foreach deleted file mode 100644 index 2fd3a1a85c..0000000000 --- a/changes/smartlist_foreach +++ /dev/null @@ -1,8 +0,0 @@ - o Code simplification and refactoring: - - Do not use SMARTLIST_FOREACH for any loop whose body exceeds - 10 lines. Doing so in the past has led to hard-to-debug code. - The new style is to use the SMARTLIST_FOREACH_{BEGIN,END} pair. - Issue 6400. - - Do not nest SMARTLIST_FOREACH blocks within one another. Any - nested block ought to be using SMARTLIST_FOREACH_{BEGIN,END}. - Issue 6400. diff --git a/configure.in b/configure.in index 8aa90f6414..47a84bba77 100644 --- a/configure.in +++ b/configure.in @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2012, The Tor Project, Inc. dnl See LICENSE for licensing information AC_INIT -AM_INIT_AUTOMAKE(tor, 0.2.3.18-rc-dev) +AM_INIT_AUTOMAKE(tor, 0.2.3.21-rc) AM_CONFIG_HEADER(orconfig.h) AC_CANONICAL_HOST diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in index 2133a471b3..4b7bac3293 100644 --- a/contrib/tor-mingw.nsi.in +++ b/contrib/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.3.18-rc-dev" +!define VERSION "0.2.3.21-rc" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index d780d5d73d..46a33e6046 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -232,7 +232,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.3.18-rc-dev" +#define VERSION "0.2.3.21-rc" |