diff options
| -rw-r--r-- | ChangeLog | 62 | ||||
| -rw-r--r-- | changes/bug34400 | 5 | ||||
| -rw-r--r-- | changes/bug40080 | 6 | ||||
| -rw-r--r-- | changes/bug40113 | 3 | ||||
| -rw-r--r-- | changes/bug40129 | 4 | ||||
| -rw-r--r-- | changes/ticket40073 | 3 | ||||
| -rw-r--r-- | changes/ticket40125 | 4 | ||||
| -rw-r--r-- | changes/ticket40126 | 4 | ||||
| -rw-r--r-- | changes/ticket40133 | 5 | ||||
| -rw-r--r-- | changes/ticket40135 | 3 | ||||
| -rw-r--r-- | changes/ticket40162 | 7 | ||||
| -rw-r--r-- | changes/ticket40164 | 6 |
12 files changed, 62 insertions, 50 deletions
@@ -1,3 +1,65 @@ +Changes in version 0.4.4.6 - 2020-11-12 Tor 0.4.4.6 is the second stable + release in the 0.4.4.x series. It backports fixes from later releases, + including a fix for TROVE-2020-005, a security issue that could be used, + under certain cases, by an adversary to observe traffic patterns on a + limited number of circuits intended for a different relay. + + o Minor features (directory authorities, backport from 0.4.5.1-alpha): + - Authorities now list a different set of protocols as required and + recommended. These lists have been chosen so that only truly + recommended and/or required protocols are included, and so that + clients using 0.2.9 or later will continue to work (even though + they are not supported), whereas only relays running 0.3.5 or + later will meet the requirements. Closes ticket 40162. + - Make it possible to specify multiple ConsensusParams torrc lines. + Now directory authority operators can for example put the main + ConsensusParams config in one torrc file and then add to it from a + different torrc file. Closes ticket 40164. + + o Minor features (subprotocol versions, backport from 0.4.5.1-alpha): + - Tor no longer allows subprotocol versions larger than 63. + Previously version numbers up to UINT32_MAX were allowed, which + significantly complicated our code. Implements proposal 318; + closes ticket 40133. + + o Minor bugfixes (logging, backport from 0.4.5.1-alpha): + - Remove a debug logging statement that uselessly spammed the logs. + Fixes bug 40135; bugfix on 0.3.5.0-alpha. + + o Minor bugfixes (compilation, backport from 0.4.5.1-alpha): + - Fix compiler warnings that would occur when building with + "--enable-all-bugs-are-fatal" and "--disable-module-relay" at the + same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha. + - Resolve a compilation warning that could occur in + test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha): + - Avoid a fatal assert() when failing to create a listener + connection for an address that was in use. Fixes bug 40073; bugfix + on 0.3.5.1-alpha. + + o Major bugfixes (security, backport from 0.4.5.1-alpha): + - When completing a channel, relays now check more thoroughly to + make sure that it matches any pending circuits before attaching + those circuits. Previously, address correctness and Ed25519 + identities were not checked in this case, but only when extending + circuits on an existing channel. Fixes bug 40080; bugfix on + 0.2.7.2-alpha. Resolves TROVE-2020-005. + + o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha): + - For HSFETCH commands on v2 onion services addresses, check the + length of bytes decoded, not the base32 length. Fixes bug 34400; + bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan. + + o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha): + - Fix a rendezvous cache unit test that was triggering an underflow + on the global rend cache allocation. Fixes bug 40125; bugfix + on 0.2.8.1-alpha. + - Fix another rendezvous cache unit test that was triggering an + underflow on the global rend cache allocation. Fixes bug 40126; + bugfix on 0.2.8.1-alpha. + + Changes in version 0.4.4.5 - 2020-09-15 Tor 0.4.4.5 is the first stable release in the 0.4.4.x series. This series improves our guard selection algorithms, adds v3 onion balance diff --git a/changes/bug34400 b/changes/bug34400 deleted file mode 100644 index e2b56688b9..0000000000 --- a/changes/bug34400 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (v2 onion services): - - For HSFETCH commands on v2 onion services addresses, check the length of - bytes decoded, not the base32 length. This takes the behavior introduced - in commit a517daa56f5848d25ba79617a1a7b82ed2b0a7c0 into consideration. - Fixes bug 34400; bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan. diff --git a/changes/bug40080 b/changes/bug40080 deleted file mode 100644 index 8162466354..0000000000 --- a/changes/bug40080 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (security): - - When completing a channel, relays now check more thoroughly to make - sure that it matches any pending circuits before attaching those - circuits. Previously, address correctness and Ed25519 identities were not - checked in this case, but only when extending circuits on an existing - channel. Fixes bug 40080; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug40113 b/changes/bug40113 deleted file mode 100644 index adf4634097..0000000000 --- a/changes/bug40113 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Resolve a compilation warning that could occur in test_connection.c. - Fixes bug 40113; bugfix on 0.2.9.3-alpha. diff --git a/changes/bug40129 b/changes/bug40129 deleted file mode 100644 index 80de5ef355..0000000000 --- a/changes/bug40129 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Fix compiler warnings that would occur when building with - "--enable-all-bugs-are-fatal" and "--disable-module-relay" - at the same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha. diff --git a/changes/ticket40073 b/changes/ticket40073 deleted file mode 100644 index 30b028c042..0000000000 --- a/changes/ticket40073 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay configuration, crash): - - Avoid a fatal assert() when failing to create a listener connection for an - address that was in use. Fixes bug 40073; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40125 b/changes/ticket40125 deleted file mode 100644 index c68e3ce7b3..0000000000 --- a/changes/ticket40125 +++ /dev/null @@ -1,4 +0,0 @@ - o Testing (onion service v2): - - Fix a rendezvous cache unit test that was triggering an underflow on the - global rend cache allocation. Fixes bug 40125; bugfix on - 0.2.8.1-alpha. diff --git a/changes/ticket40126 b/changes/ticket40126 deleted file mode 100644 index 1f5806e6cb..0000000000 --- a/changes/ticket40126 +++ /dev/null @@ -1,4 +0,0 @@ - o Testing (onion service v2): - - Fix another rendezvous cache unit test that was triggering an underflow on the - global rend cache allocation. Fixes bug 40126; bugfix on - 0.2.8.1-alpha. diff --git a/changes/ticket40133 b/changes/ticket40133 deleted file mode 100644 index 8bbe00b6b2..0000000000 --- a/changes/ticket40133 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (protocol simplification): - - Tor no longer allows subprotocol versions larger than 63. Previously - versions up to UINT32_MAX were allowed, which significantly complicated - our code. - Implements proposal 318; closes ticket 40133. diff --git a/changes/ticket40135 b/changes/ticket40135 deleted file mode 100644 index 9b60b4f655..0000000000 --- a/changes/ticket40135 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfix (logging): - - Remove a debug logging statement that uselessly spam the logs. Fixes bug - 40135; bugfix on 0.3.5.0-alpha. diff --git a/changes/ticket40162 b/changes/ticket40162 deleted file mode 100644 index 093042f9af..0000000000 --- a/changes/ticket40162 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor features (authorities): - - Authorities now list a different set of protocols as required and - recommended. These lists are chosen so that only truly recommended - and/or required protocols are included, and so that clients using 0.2.9 - or later will continue to work (even though they are not supported), - whereas only relays running 0.3.5 or later will meet the requirements. - Closes ticket 40162. diff --git a/changes/ticket40164 b/changes/ticket40164 deleted file mode 100644 index c96118d0a4..0000000000 --- a/changes/ticket40164 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory authority): - - Make it possible to specify multiple ConsensusParams torrc lines. - Now directory authority operators can for example put the main - ConsensusParams config in one torrc file and then add to it from - a different torrc file. Closes ticket 40164. - |