summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog59
-rw-r--r--changes/bastet_v64
-rw-r--r--changes/bug18329-minimal6
-rw-r--r--changes/bug232913
-rw-r--r--changes/bug243135
-rw-r--r--changes/geoip-2017-11-064
-rw-r--r--changes/trove-2017-00910
-rw-r--r--changes/trove-2017-0118
-rw-r--r--changes/trove-2017-012-part16
9 files changed, 59 insertions, 46 deletions
diff --git a/ChangeLog b/ChangeLog
index 60eaf80170..a31c70a868 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,62 @@
+Changes in version 0.2.8.17 - 2017-12-01
+ Tor 0.2.8.17 backports important security and stability bugfixes from
+ later Tor releases. All Tor users should upgrade to this release, or
+ to another of the releases coming out today.
+
+ Note: the Tor 0.2.8 series will no longer be supported after 1 Jan
+ 2018. If you need a release with long-term support, please stick with
+ the 0.2.9 series. Otherwise, please upgrade to 0.3.1 or later.
+
+ o Major bugfixes (security, backport from 0.3.2.6-alpha):
+ - Fix a denial of service bug where an attacker could use a
+ malformed directory object to cause a Tor instance to pause while
+ OpenSSL would try to read a passphrase from the terminal. (Tor
+ instances run without a terminal, which is the case for most Tor
+ packages, are not impacted.) Fixes bug 24246; bugfix on every
+ version of Tor. Also tracked as TROVE-2017-011 and CVE-2017-8821.
+ Found by OSS-Fuzz as testcase 6360145429790720.
+ - When checking for replays in the INTRODUCE1 cell data for a
+ (legacy) onion service, correctly detect replays in the RSA-
+ encrypted part of the cell. We were previously checking for
+ replays on the entire cell, but those can be circumvented due to
+ the malleability of Tor's legacy hybrid encryption. This fix helps
+ prevent a traffic confirmation attack. Fixes bug 24244; bugfix on
+ 0.2.4.1-alpha. This issue is also tracked as TROVE-2017-009
+ and CVE-2017-8819.
+
+ o Major bugfixes (security, onion service v2, backport from 0.3.2.6-alpha):
+ - Fix a use-after-free error that could crash v2 Tor onion services
+ when they failed to open circuits while expiring introduction
+ points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This issue is
+ also tracked as TROVE-2017-013 and CVE-2017-8823.
+
+ o Major bugfixes (security, relay, backport from 0.3.2.6-alpha):
+ - When running as a relay, make sure that we never build a path through
+ ourselves, even in the case where we have somehow lost the version of
+ our descriptor appearing in the consensus. Fixes part of bug 21534;
+ bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
+ and CVE-2017-8822.
+
+ o Minor features (bridge, backport from 0.3.1.9):
+ - Bridges now include notice in their descriptors that they are
+ bridges, and notice of their distribution status, based on their
+ publication settings. Implements ticket 18329. For more fine-
+ grained control of how a bridge is distributed, upgrade to 0.3.2.x
+ or later.
+
+ o Minor features (directory authority, backport from 0.3.2.6-alpha):
+ - Add an IPv6 address for the "bastet" directory authority. Closes
+ ticket 24394.
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
+ Country database.
+
+ o Minor bugfixes (testing, backport from 0.3.1.6-rc):
+ - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291;
+ bugfix on 0.2.7.2-alpha. Found and patched by Ties Stuij.
+
+
Changes in version 0.2.8.16 - 2017-10-25
Tor 0.2.8.16 backports a collection of bugfixes from later Tor release
series, including a bugfix for a crash issue that had affected relays
diff --git a/changes/bastet_v6 b/changes/bastet_v6
deleted file mode 100644
index ee4e2c8094..0000000000
--- a/changes/bastet_v6
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (directory authority):
- - Add an IPv6 address for the "bastet" directory authority.
- Closes ticket 24394.
-
diff --git a/changes/bug18329-minimal b/changes/bug18329-minimal
deleted file mode 100644
index 804c4e8dd1..0000000000
--- a/changes/bug18329-minimal
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor features (bridge):
- - Bridges now include notice in their descriptors that they are bridges,
- and notice of their distribution status, based on their publication
- settings. Implements ticket 18329. For more fine-grained control of
- how a bridge is distributed, upgrade to 0.3.2.x or later.
-
diff --git a/changes/bug23291 b/changes/bug23291
deleted file mode 100644
index a5b0efda0a..0000000000
--- a/changes/bug23291
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (testing):
- - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
- 0.2.7.2-alpha. Found and patched by Ties Stuij.
diff --git a/changes/bug24313 b/changes/bug24313
deleted file mode 100644
index b927ec3ba6..0000000000
--- a/changes/bug24313
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (security, hidden service v2):
- - Fix a use-after-free error that could crash v2 Tor hidden services
- when it failed to open circuits while expiring introductions
- points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This
- issue is also tracked as TROVE-2017-013 and CVE-2017-8823.
diff --git a/changes/geoip-2017-11-06 b/changes/geoip-2017-11-06
deleted file mode 100644
index f034be9006..0000000000
--- a/changes/geoip-2017-11-06
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (geoip):
- - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2
- Country database.
-
diff --git a/changes/trove-2017-009 b/changes/trove-2017-009
deleted file mode 100644
index 166a5faec6..0000000000
--- a/changes/trove-2017-009
+++ /dev/null
@@ -1,10 +0,0 @@
- o Major bugfixes (security):
- - When checking for replays in the INTRODUCE1 cell data for a (legacy)
- hiddden service, correctly detect replays in the RSA-encrypted part of
- the cell. We were previously checking for replays on the entire cell,
- but those can be circumvented due to the malleability of Tor's legacy
- hybrid encryption. This fix helps prevent a traffic confirmation
- attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also
- tracked as TROVE-2017-009 and CVE-2017-8819.
-
-
diff --git a/changes/trove-2017-011 b/changes/trove-2017-011
deleted file mode 100644
index 82d20d9e78..0000000000
--- a/changes/trove-2017-011
+++ /dev/null
@@ -1,8 +0,0 @@
- o Major bugfixes (security):
- - Fix a denial of service bug where an attacker could use a malformed
- directory object to cause a Tor instance to pause while OpenSSL would
- try to read a passphrase from the terminal. (If the terminal was not
- available, tor would continue running.) Fixes bug 24246; bugfix on
- every version of Tor. Also tracked as TROVE-2017-011 and
- CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720.
-
diff --git a/changes/trove-2017-012-part1 b/changes/trove-2017-012-part1
deleted file mode 100644
index 9fccc2cf65..0000000000
--- a/changes/trove-2017-012-part1
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes (security, relay):
- - When running as a relay, make sure that we never build a path through
- ourselves, even in the case where we have somehow lost the version of
- our descriptor appearing in the consensus. Fixes part of bug 21534;
- bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012
- and CVE-2017-8822.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion