221 files changed, 199 insertions, 938 deletions

diff --git a/changes/10777_netunreach b/changes/10777_netunreach
deleted file mode 100644
index 899181423f..0000000000
--- a/changes/10777_netunreach
+++ /dev/null
@@ -1,7 +0,0 @@
-  - Minor bugfixes:
-
-    - Treat ENETUNREACH, EACCES, and EPERM at an exit node as a
-      NOROUTE error, not an INTERNAL error, since they can apparently
-      happen when trying to connect to the wrong sort of
-      netblocks. Fixes a part of bug 10777; bugfix on 0.1.0.1-rc.
-
diff --git a/changes/13295 b/changes/13295
new file mode 100644
index 0000000000..433432595f
--- /dev/null
+++ b/changes/13295
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Disable sandbox name resolver cache when running tor-resolve:
+      tor-resolve doesn't use the sandbox code, and turning it on was
+      breaking attempts to do tor-resolve on a non-default server on
+      Linux. Fixes bug 13295; bugfix on 0.2.5.3-alpha.
diff --git a/changes/6783_big_hammer b/changes/6783_big_hammer
deleted file mode 100644
index 2ff3249b33..0000000000
--- a/changes/6783_big_hammer
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major features (deprecation):
-    - There's now a "DisableV2DirectoryInfo_" option that prevents us
-      from serving any directory requests for v2 directory information.
-      This is for us to test disabling the old deprecated V2 directory
-      format, so that we can see whether doing so has any effect on
-      network load. Part of a fix for bug 6783.
diff --git a/changes/9854 b/changes/9854
deleted file mode 100644
index 30105cb731..0000000000
--- a/changes/9854
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Clarify the usage and risks of ContactInfo. Resolves ticket 9854.
-
diff --git a/changes/bufferevent_compilation b/changes/bufferevent_compilation
new file mode 100644
index 0000000000..3a328731fe
--- /dev/null
+++ b/changes/bufferevent_compilation
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - Fix compilation when building with bufferevents enabled. (This
+      configuration is still not expected to work, however.)
+      Fixes bugs 12438, 12474, 11578; bugfixes on 0.2.5.1-alpha and
+      0.2.5.3-alpha. Patches from Anthony G. Basile and Sathyanarayanan
+      Gunasekaran.
diff --git a/changes/bug10124 b/changes/bug10124
deleted file mode 100644
index 95b0838839..0000000000
--- a/changes/bug10124
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation:
-    - Replace remaining references to DirServer in man page and
-      log entries. Resolves ticket 10124.
diff --git a/changes/bug10402 b/changes/bug10402
deleted file mode 100644
index eac00bdc6d..0000000000
--- a/changes/bug10402
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Major bugfixes:
-    - Do not allow OpenSSL engines to replace the PRNG, even when
-      HardwareAccel is set. The only default builtin PRNG engine uses
-      the Intel RDRAND instruction to replace the entire PRNG, and
-      ignores all attempts to seed it with more entropy. That's
-      cryptographically stupid: the right response to a new alleged
-      entropy source is never to discard all previously used entropy
-      sources. Fixes bug 10402; works around behavior introduced in
-      OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
-      and "rl1987".
-
diff --git a/changes/bug10409 b/changes/bug10409
deleted file mode 100644
index 5ef5ae29de..0000000000
--- a/changes/bug10409
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a crash bug when starting with a corrupted microdescriptor
-      cache file. Fix for bug 10406; bugfix on 0.2.2.6-alpha.
diff --git a/changes/bug10423 b/changes/bug10423
deleted file mode 100644
index 493b7b15e3..0000000000
--- a/changes/bug10423
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - If we fail to dump a previously cached microdescriptor to disk, avoid
-      freeing duplicate data later on. Fix for bug 10423; bugfix on
-      0.2.4.13-alpha. Spotted by "bobnomnom".
diff --git a/changes/bug10456 b/changes/bug10456
deleted file mode 100644
index fb3b92fcd8..0000000000
--- a/changes/bug10456
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Avoid launching spurious extra circuits when a stream is pending.
-      This fixes a bug where any circuit that _wasn't_ unusable for new
-      streams would be treated as if it were, causing extra circuits to
-      be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
-
diff --git a/changes/bug10465 b/changes/bug10465
deleted file mode 100644
index 330f969416..0000000000
--- a/changes/bug10465
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Major bugfixes:
-    - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
-      address. Fixes bug 10465; bugfix on 0.2.4.7-alpha.
diff --git a/changes/bug10470 b/changes/bug10470
deleted file mode 100644
index 2b753436d9..0000000000
--- a/changes/bug10470
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Documentation fixes:
-    - Note that all but one DirPort entry must have the NoAdvertise flag
-      set. Fix for #10470.
-
diff --git a/changes/bug10485 b/changes/bug10485
deleted file mode 100644
index 7e5fa530e8..0000000000
--- a/changes/bug10485
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Move message about circuit handshake counts into the heartbeat
-      message where it belongs, instead of logging it once per hour
-      unconditionally. Fixes bug 10485; bugfix on 0.2.4.17-rc.
diff --git a/changes/bug10777_internal_024 b/changes/bug10777_internal_024
deleted file mode 100644
index 4544147f6e..0000000000
--- a/changes/bug10777_internal_024
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Do not treat END_STREAM_REASON_INTERNAL as indicating a definite
-      circuit failure, since it could also indicate an ENETUNREACH
-      error. Fixes part of bug 10777; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug10793 b/changes/bug10793
deleted file mode 100644
index 24c4025dde..0000000000
--- a/changes/bug10793
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (security):
-    - Always clear OpenSSL bignums before freeing them--even bignums
-      that don't contain secrets. Resolves ticket 10793. Patch by
-      Florent Daigniere.
diff --git a/changes/bug10835 b/changes/bug10835
deleted file mode 100644
index 9df7bdd279..0000000000
--- a/changes/bug10835
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (testing):
-    - Fix a segmentation fault in our benchmark code when running with
-      Fedora's OpenSSL package, or any other OpenSSL that provides
-      ECDH but not P224. Fixes bug 10835; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug10849_023 b/changes/bug10849_023
deleted file mode 100644
index 480dea3de0..0000000000
--- a/changes/bug10849_023
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - When running a hidden service, do not allow TunneledDirConns 0;
-      this will keep the hidden service from running, and also
-      make it publish its descriptors directly over HTTP. Fixes bug 10849;
-      bugfix on 0.2.1.1-alpha.
-
diff --git a/changes/bug10870 b/changes/bug10870
deleted file mode 100644
index d8a00f4029..0000000000
--- a/changes/bug10870
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Code simplification and refactoring:
-    - Remove data structures which were introduced to implement the
-      CellStatistics option: they are now redundant with the addition
-      of timestamp to the regular packed_cell_t data structure, which
-      we did in 0.2.4.18-rc in order to resolve #9093. Fixes bug
-      10870.
\ No newline at end of file
diff --git a/changes/bug10904 b/changes/bug10904
deleted file mode 100644
index 6f551ea412..0000000000
--- a/changes/bug10904
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (compilation):
-    - Build without warnings under clang 3.4. (We have some macros that
-      define static functions only some of which will get used later in
-      the module. Starting with clang 3.4, these give a warning unless the
-      unused attribute is set on them.)
diff --git a/changes/bug10929 b/changes/bug10929
deleted file mode 100644
index acf3960471..0000000000
--- a/changes/bug10929
+++ /dev/null
@@ -1,6 +0,0 @@
-  - Minor bugfixes:
-    - Fix build warnings about missing "a2x" comment when building the
-      manpages from scratch on OpenBSD; OpenBSD calls it "a2x.py".
-      Fixes bug 10929; bugfix on tor-0.2.2.9-alpha. Patch from
-      Dana Koch.
-
diff --git a/changes/bug11200-caching b/changes/bug11200-caching
new file mode 100644
index 0000000000..e3fbaeca73
--- /dev/null
+++ b/changes/bug11200-caching
@@ -0,0 +1,7 @@
+  o Major bugfixes:
+    - When Tor starts with DisabledNetwork set, it would correctly
+      conclude that it shouldn't try making circuits, but it would
+      mistakenly cache this conclusion and continue believing it even
+      when DisableNetwork is set to 0. Fixes the bug introduced by the
+      fix for bug 11200; bugfix on 0.2.5.4-alpha.
+
diff --git a/changes/bug11437 b/changes/bug11437
deleted file mode 100644
index f5117cae99..0000000000
--- a/changes/bug11437
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Stop leaking memory when we successfully resolve a PTR record.
-      Fixes bug 11437; bugfix on 0.2.4.7-alpha.
diff --git a/changes/bug11464_023 b/changes/bug11464_023
deleted file mode 100644
index 80c04b21e6..0000000000
--- a/changes/bug11464_023
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major features (security):
-    - Block authority signing keys that were used on an authorities
-      vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
-      (We don't have any evidence that these keys _were_ compromised;
-      we're doing this to be prudent.) Resolves ticket 11464.
diff --git a/changes/bug11513 b/changes/bug11513
deleted file mode 100644
index 820c02605f..0000000000
--- a/changes/bug11513
+++ /dev/null
@@ -1,12 +0,0 @@
-  o Major bugfixes:
-    - Generate the server's preference list for ciphersuites
-      automatically based on uniform criteria, and considering all
-      OpenSSL ciphersuites with acceptable strength and forward
-      secrecy. (The sort order is: prefer AES to 3DES; break ties by
-      preferring ECDHE to DHE; break ties by preferring GCM to CBC;
-      break ties by preferring SHA384 to SHA256 to SHA1; and finally,
-      break ties by preferring AES256 to AES128.) This resolves bugs
-      #11513, #11492, #11498, #11499. Bugs reported by 'cypherpunks'.
-      Bugfix on 0.2.4.8-alpha.
-
-
diff --git a/changes/bug11519 b/changes/bug11519
deleted file mode 100644
index 5c1e6af7e4..0000000000
--- a/changes/bug11519
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Avoid sending an garbage value to the controller when a circuit is
-      cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
diff --git a/changes/bug11553 b/changes/bug11553
deleted file mode 100644
index 1540f4642f..0000000000
--- a/changes/bug11553
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features:
-    - When we run out of usable circuit IDs on a channel, log only one
-      warning for the whole channel, and include a description of
-      how many circuits there were on the channel. Fix for part of ticket
-      #11553.
diff --git a/changes/bug12160 b/changes/bug12160
new file mode 100644
index 0000000000..2a7ace3410
--- /dev/null
+++ b/changes/bug12160
@@ -0,0 +1,4 @@
+ o Bugfixes
+   - Correctly update the local mark on the controlling channel when changing
+     the address of an or_connection_t after the handshake.  Fixes bug #12160;
+     bugfix on 0.2.4.4-alpha.
diff --git a/changes/bug12227 b/changes/bug12227
deleted file mode 100644
index d8b5d08a55..0000000000
--- a/changes/bug12227
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid an illegal read from stack when initializing the TLS
-      module using a version of OpenSSL without all of the ciphers
-      used by the v2 link handshake. Fixes bug 12227; bugfix on
-      0.2.4.8-alpha.  Found by "starlight".
diff --git a/changes/bug12602 b/changes/bug12602
new file mode 100644
index 0000000000..29fa49ac45
--- /dev/null
+++ b/changes/bug12602
@@ -0,0 +1,5 @@
+  o Minor bugfixes (portability):
+    - Compile correctly with builds and forks of OpenSSL (such as
+      LibreSSL) that disable compression. Fixes bug 12602; bugfix on
+      0.2.1.1-alpha. Patch from "dhill".
+
diff --git a/changes/bug12700 b/changes/bug12700
new file mode 100644
index 0000000000..1d8caeb8bd
--- /dev/null
+++ b/changes/bug12700
@@ -0,0 +1,10 @@
+  o Minor bugfixes:
+    - When logging information about an EXTEND2 or EXTENDED2 cell, log
+      their names correctly. Fixes part of bug 12700; bugfix on
+      0.2.4.8-alpha.
+
+  o Minor bugfixes:
+    - When logging information about a relay cell whose command we
+      don't recognize, log its command as an integer. Fixes part of
+      bug 12700; bugfix on 0.2.1.10-alpha.
+
diff --git a/changes/bug12730-systemd-verify-config b/changes/bug12730-systemd-verify-config
new file mode 100644
index 0000000000..221633c78e
--- /dev/null
+++ b/changes/bug12730-systemd-verify-config
@@ -0,0 +1,3 @@
+  o Distribution:
+    - Verify configuration file via ExecStartPre in the systemd unit file.
+      Patch from intrigeri; resolves ticket 12730.
diff --git a/changes/bug12731-systemd-no-run-as-daemon b/changes/bug12731-systemd-no-run-as-daemon
new file mode 100644
index 0000000000..f92e5aff00
--- /dev/null
+++ b/changes/bug12731-systemd-no-run-as-daemon
@@ -0,0 +1,9 @@
+  o Distribution:
+    - Explicitly disable RunAsDaemon in the systemd unit file.
+      Our current systemd unit uses "Type = simple", so systemd does
+      not expect tor to fork. If the user has "RunAsDaemon 1" in their
+      torrc, then things won't work as expected. This is e.g. the case
+      on Debian (and derivatives), since there we pass
+      "--defaults-torrc /usr/share/tor/tor-service-defaults-torrc"
+      (that contains "RunAsDaemon 1") by default.
+      Patch by intrigeri; resolves ticket 12731.
diff --git a/changes/bug12830 b/changes/bug12830
new file mode 100644
index 0000000000..835ebe2fa7
--- /dev/null
+++ b/changes/bug12830
@@ -0,0 +1,4 @@
+  o Documentation:
+    - Adjust the URLs in the README to refer to the new locations of
+      several documents on the website. Patch from Matt Pagan. Fixes
+      bug 12830.
diff --git a/changes/bug12848 b/changes/bug12848
new file mode 100644
index 0000000000..7aa79c395e
--- /dev/null
+++ b/changes/bug12848
@@ -0,0 +1,4 @@
+  o Major bugfixes (relay):
+    - Avoid queuing or sending destroy cells for circuit ID zero when
+      we fail to send a CREATE cell. Fixes bug 12848; bugfix on
+      0.0.8pre1. Found and fixed by "cypherpunks".
diff --git a/changes/bug12864 b/changes/bug12864
new file mode 100644
index 0000000000..79e751f427
--- /dev/null
+++ b/changes/bug12864
@@ -0,0 +1,7 @@
+  o Minor bugfixes:
+    - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug
+      12864; bugfix on 0.2.5.1-alpha.
+
+  o Minor features:
+    - Add an ExtORPortCookieAuthFileGroupReadable option to make the
+      cookie file for the ExtORPort g+r by default.
diff --git a/changes/bug12878 b/changes/bug12878
new file mode 100644
index 0000000000..a05fc446b9
--- /dev/null
+++ b/changes/bug12878
@@ -0,0 +1,3 @@
+  o Documentation:
+    - Document 'reject6' and 'accept6' ExitPolicy entries. Resolves 
+      ticket 12878.
diff --git a/changes/bug12908 b/changes/bug12908
new file mode 100644
index 0000000000..bd6784cbd2
--- /dev/null
+++ b/changes/bug12908
@@ -0,0 +1,4 @@
+  o Minor features:
+    - Warn about attempts to run hidden services and relays in the
+      same process: that's probably not a good idea. Closes ticket
+      12908.
diff --git a/changes/bug12948 b/changes/bug12948
new file mode 100644
index 0000000000..431c0a1019
--- /dev/null
+++ b/changes/bug12948
@@ -0,0 +1,8 @@
+  o Major bugfixes:
+    - Resume expanding abbreviations for command-line options. The fix
+      for bug 4647 accidentally removed our hack from bug 586 that rewrote
+      HashedControlPassword to __HashedControlSessionPassword when it
+      appears on the commandline (which allowed the user to set her
+      own HashedControlPassword in the torrc file while the controller
+      generates a fresh session password for each run). Fixes bug 12948;
+      bugfix on 0.2.5.1-alpha.
diff --git a/changes/bug12996 b/changes/bug12996
new file mode 100644
index 0000000000..4b4fb0dceb
--- /dev/null
+++ b/changes/bug12996
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Downgrade "Unexpected onionskin length after decryption" warning
+      to a protocol-warn, since there's nothing relay operators can do
+      about a client that sends them a malformed create cell. Resolves
+      bug 12996; bugfix on 0.0.6rc1.
diff --git a/changes/bug12997 b/changes/bug12997
new file mode 100644
index 0000000000..fb6e7a8459
--- /dev/null
+++ b/changes/bug12997
@@ -0,0 +1,3 @@
+  o Minor features:
+    - Log more specific warnings when we get an ESTABLISH_RENDEZVOUS cell
+      on a cannibalized or non-OR circuit. Resolves ticket 12997.
diff --git a/changes/bug13071 b/changes/bug13071
new file mode 100644
index 0000000000..8212b6c049
--- /dev/null
+++ b/changes/bug13071
@@ -0,0 +1,3 @@
+  o Minor bugfixes (relay):
+    - Escape all strings from the directory connection before logging them.
+      Fixes bug 13071; bugfix on 0.1.1.15. Patch from "teor".
diff --git a/changes/bug13081 b/changes/bug13081
new file mode 100644
index 0000000000..154f73fb0a
--- /dev/null
+++ b/changes/bug13081
@@ -0,0 +1,3 @@
+  o Compilation fixes:
+    - Make the nmake make files work again. Fixes bug 13081. Bugfix on 0.2.5.1-alpha. Patch
+      from "NewEraCracker".
diff --git a/changes/bug13085 b/changes/bug13085
new file mode 100644
index 0000000000..a46457c797
--- /dev/null
+++ b/changes/bug13085
@@ -0,0 +1,3 @@
+  o Minor bugfixes (controller):
+    - Actually send TRANSPORT_LAUNCHED and HS_DESC events to controllers.
+      Fixes bug 13085; bugfix on 0.2.5.1-alpha. Patch by "teor".
diff --git a/changes/bug13096 b/changes/bug13096
new file mode 100644
index 0000000000..521faaf143
--- /dev/null
+++ b/changes/bug13096
@@ -0,0 +1,4 @@
+  o Minor bugfixes (conformance):
+    - In routerlist_assert_ok(), don't take the address of a routerinfo's
+      cache_info member unless that routerinfo is non-NULL. Fixes bug
+      13096; bugfix on 0.1.1.9-alpha. Patch by "teor".
diff --git a/changes/bug13124 b/changes/bug13124
new file mode 100644
index 0000000000..be7df70347
--- /dev/null
+++ b/changes/bug13124
@@ -0,0 +1,8 @@
+  o Minor bugfixes:
+    - Reduce the log severity of the "Pluggable transport proxy does
+      not provide any needed transports and will not be launched."
+      message, since Tor Browser includes several ClientTransportPlugin
+      lines in its torrc-defaults file, leading every Tor Browser user
+      who looks at her logs to see these notices and wonder if they're
+      dangerous. Resolves bug 13124; bugfix on 0.2.5.3-alpha.
+
diff --git a/changes/bug13325 b/changes/bug13325
new file mode 100644
index 0000000000..b1da4d0bd5
--- /dev/null
+++ b/changes/bug13325
@@ -0,0 +1,4 @@
+  o Compilation fixes:
+    - Build and run correctly on systems like OpenBSD-current that
+      have patched OpenSSL to remove get_cipher_by_char and/or its
+      implementations. Fixes issue 13325.
diff --git a/changes/bug13988 b/changes/bug13988
new file mode 100644
index 0000000000..e816335a3b
--- /dev/null
+++ b/changes/bug13988
@@ -0,0 +1,3 @@
+  o Minor bugfixes (statistics):
+    - Increase period over which bandwidth observations are aggregated
+      from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
diff --git a/changes/bug14013 b/changes/bug14013
new file mode 100644
index 0000000000..640cf859f5
--- /dev/null
+++ b/changes/bug14013
@@ -0,0 +1,6 @@
+  o Major bugfixes:
+    - When reading a hexadecimal, base-32, or base-64 encoded value
+      from a string, always overwrite the complete output buffer. This
+      prevents some bugs where we would look at (but fortunately, not
+      reveal) uninitialized memory on the stack. Fixes bug 14013;
+      bugfix on all versions of Tor.
diff --git a/changes/bug14125 b/changes/bug14125
new file mode 100644
index 0000000000..fe6821a332
--- /dev/null
+++ b/changes/bug14125
@@ -0,0 +1,5 @@
+  o Minor bugfixes (dirauth):
+    - Enlarge the buffer to read bw-auth generated files to avoid an
+      issue when parsing the file in dirserv_read_measured_bandwidths().
+      Bugfix on 0.2.2.1-alpha, fixes #14125.
+
diff --git a/changes/bug14142-parse-virtual-addr b/changes/bug14142-parse-virtual-addr
new file mode 100644
index 0000000000..f78b7c7d81
--- /dev/null
+++ b/changes/bug14142-parse-virtual-addr
@@ -0,0 +1,7 @@
+  o Minor bugfixes (client):
+    - Check for a missing option value in parse_virtual_addr_network
+      before asserting on the NULL in tor_addr_parse_mask_ports.
+      This avoids crashing on torrc lines like
+      Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option.
+      Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142.
+      Patch by "teor".
diff --git a/changes/bug14195 b/changes/bug14195
new file mode 100644
index 0000000000..d2b82f31b0
--- /dev/null
+++ b/changes/bug14195
@@ -0,0 +1,3 @@
+  o Minor bugfixes (client):
+    - Fix a memory leak when using AutomapHostsOnResolve.
+      Fixes bug 14195; bugfix on 0.1.0.1-rc.
diff --git a/changes/bug14220 b/changes/bug14220
new file mode 100644
index 0000000000..51cfa502bc
--- /dev/null
+++ b/changes/bug14220
@@ -0,0 +1,4 @@
+  o Minor bugfixes (compilation):
+    - Build without warnings with the stock OpenSSL srtp.h header,
+      which has a duplicate declaration of SSL_get_selected_srtp_profile().
+      Fixes bug 14220; this is OpenSSL's bug, not ours.
diff --git a/changes/bug14261 b/changes/bug14261
new file mode 100644
index 0000000000..1260ccba1e
--- /dev/null
+++ b/changes/bug14261
@@ -0,0 +1,5 @@
+  O Minor bugfixes (directory authority):
+    - Allow directory authorities to fetch more data from one
+      another if they find themselves missing lots of votes.
+      Previously, they had been bumping against the 10 MB queued
+      data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha.
diff --git a/changes/bug15088 b/changes/bug15088
new file mode 100644
index 0000000000..95878bdb39
--- /dev/null
+++ b/changes/bug15088
@@ -0,0 +1,4 @@
+  o Minor bugfixes (Linux seccomp2 sandbox):
+    - Upon receiving sighup, do not crash during attempts to call
+      wait4. Fixes bug 15088; bugfix on 0.2.5.1-alpha. Patch from
+      "sanic".
diff --git a/changes/bug15205 b/changes/bug15205
new file mode 100644
index 0000000000..0cb9f3f4bc
--- /dev/null
+++ b/changes/bug15205
@@ -0,0 +1,5 @@
+  o Major bugfixes (crash, OSX, security):
+    - Fix a remote denial-of-service opportunity caused by a bug
+      in OSX's _strlcat_chk() function. Fixes bug 15205; bug first
+      appeared in OSX 10.9. 
+      
diff --git a/changes/bug16360-failed-crypto-early-init b/changes/bug16360-failed-crypto-early-init
new file mode 100644
index 0000000000..21972bce52
--- /dev/null
+++ b/changes/bug16360-failed-crypto-early-init
@@ -0,0 +1,7 @@
+  o Minor bugfixes (crypto error-handling):
+    - If crypto_early_init fails, a typo in a return value from tor_init
+      means that tor_main continues running, rather than returning
+      an error value.
+      Fixes bug 16360; bugfix on d3fb846d8c98 in 0.2.5.2-alpha,
+      introduced when implementing #4900.
+      Patch by "teor".
diff --git a/changes/bug1992 b/changes/bug1992
deleted file mode 100644
index 6a751dc7e6..0000000000
--- a/changes/bug1992
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Minor bugfixes:
-    - Stop trying to resolve our hostname so often (e.g. every time we
-      think about doing a directory fetch). Now we reuse the cached
-      answer in some cases. Fixes bugs 1992 (bugfix on 0.2.0.20-rc)
-      and 2410 (bugfix on 0.1.2.2-alpha).
-
-  o Minor features:
-    - Make bridge relays check once a minute for whether their IP
-      address has changed, rather than only every 15 minutes. Resolves
-      bugs 1913 and 1992.
-
diff --git a/changes/bug2286 b/changes/bug2286
deleted file mode 100644
index 4f8dfbbf68..0000000000
--- a/changes/bug2286
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major features (directory authority):
-    - Directory authorities now support a new consensus method (17)
-      where they cap the published bandwidth of servers for which
-      insufficient bandwidth measurements exist. Fixes part of bug
-      2286.
diff --git a/changes/bug5595 b/changes/bug5595
deleted file mode 100644
index 31f4b84b03..0000000000
--- a/changes/bug5595
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Critical bugfixes:
-    - Distinguish downloading an authority certificate by identity digest from
-      downloading one by identity digest/signing key digest pair; formerly we
-      always request them only by identity digest and get the newest one even
-      when we wanted one with a different signing key.  Then we would complain
-      about being given a certificate we already had, and never get the one we
-      really wanted.  Now we use the "fp-sk/" resource as well as the "fp/"
-      resource to request the one we want.  Fixes bug 5595.
diff --git a/changes/bug5650 b/changes/bug5650
deleted file mode 100644
index 401e317074..0000000000
--- a/changes/bug5650
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Avoid a bug where our response to TLS renegotation under certain
-      network conditions could lead to a busy-loop, with 100% CPU
-      consumption. Fixes bug 5650; bugfix on 0.2.0.16-alpha.
-
diff --git a/changes/bug6026 b/changes/bug6026
deleted file mode 100644
index de5d6ead01..0000000000
--- a/changes/bug6026
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Relays now treat a changed IPv6 ORPort as sufficient reason to
-      publish an updated descriptor. Fix for bug 6026; bugfix for
-      0.2.4.1-alpha.
diff --git a/changes/bug6055 b/changes/bug6055
deleted file mode 100644
index 00730073a8..0000000000
--- a/changes/bug6055
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major enhancements:
-    - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later.
-      (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1
-      through 1.0.1d had bugs that prevented renegotiation from working
-      with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for
-      issue #6055.
diff --git a/changes/bug6174 b/changes/bug6174
deleted file mode 100644
index 79d2930ec3..0000000000
--- a/changes/bug6174
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - When we mark a circuit as unusable for new circuits, have it
-      continue to be unusable for new circuits even if MaxCircuitDirtiness
-      is increased too much at the wrong time, or the system clock jumped
-      backwards. Fix for bug 6174; bugfix on 0.0.2pre26.
-     
diff --git a/changes/bug6206 b/changes/bug6206
deleted file mode 100644
index 61a16d291a..0000000000
--- a/changes/bug6206
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Always check the return values of functions fcntl() and
-      setsockopt(). We don't believe these are ever actually failing in
-      practice, but better safe than sorry. Also, checking these return
-      values should please some analysis tools (like Coverity). Patch
-      from 'flupzor'. Fix for bug 8206; bugfix on all versions of Tor.
diff --git a/changes/bug6304 b/changes/bug6304
deleted file mode 100644
index 445560a8e1..0000000000
--- a/changes/bug6304
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Behave correctly when the user disables LearnCircuitBuildTimeout
-      but doesn't tell us what they would like the timeout to be. Fixes
-      bug 6304; bugfix on 0.2.2.14-alpha. 
diff --git a/changes/bug6572 b/changes/bug6572
deleted file mode 100644
index 6508d1bcb5..0000000000
--- a/changes/bug6572
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (log messages)
-   - Use circuit creation time for network liveness evaluation. This
-     should eliminate warning log messages about liveness caused by
-     changes in timeout evaluation. Fixes bug 6572; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug6673 b/changes/bug6673
deleted file mode 100644
index 506b449892..0000000000
--- a/changes/bug6673
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (build):
-    - Detect and reject attempts to build Tor with threading support
-      when OpenSSL have been compiled with threading support disabled.
-      Fixes bug 6673.
diff --git a/changes/bug6979 b/changes/bug6979
deleted file mode 100644
index 55572ecbac..0000000000
--- a/changes/bug6979
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix an assertion failure that would occur when disabling the
-      ORPort setting on a running Tor process while accounting was
-      enabled. Fixes bug 6979; bugfix on 0.2.2.18-alpha.
diff --git a/changes/bug7054 b/changes/bug7054
deleted file mode 100644
index 15680d72ce..0000000000
--- a/changes/bug7054
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (man page):
-    - Say "KBytes" rather than "KB" in the man page (for various values
-      of K), to further reduce confusion about whether Tor counts in
-      units of memory or fractions of units of memory. Fixes bug 7054.
diff --git a/changes/bug7065 b/changes/bug7065
deleted file mode 100644
index 1ca6841021..0000000000
--- a/changes/bug7065
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfix (log cleanups):
-   - Eliminate several instances where we use Nickname=ID to refer to
-     nodes in logs. Use Nickname (ID) instead. (Elsewhere, we still use
-     $ID=Nickname, which is also acceptable.) Fixes bug #7065. Bugfix
-     on 0.2.3.21-rc, 0.2.4.5-alpha, 0.2.4.8-alpha, and 0.2.4.10-alpha.
diff --git a/changes/bug7143 b/changes/bug7143
deleted file mode 100644
index d26135ae65..0000000000
--- a/changes/bug7143
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (build):
-    - Add the old src/or/micro-revision.i filename to CLEANFILES.
-      On the off chance that somebody has one, it will go away as soon
-      as they run "make clean". Fix for bug 7143; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug7164_diagnostic b/changes/bug7164_diagnostic
deleted file mode 100644
index 8bedfc4bd5..0000000000
--- a/changes/bug7164_diagnostic
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (bug diagnostic):
-    - If we fail to free a microdescriptor because of bug #7164, log
-      the filename and line number from which we tried to free it.
-      This should help us finally fix #7164.
diff --git a/changes/bug7164_downgrade b/changes/bug7164_downgrade
deleted file mode 100644
index 4d75586bb1..0000000000
--- a/changes/bug7164_downgrade
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Downgrade the warning severity for the the "md was still referenced 1
-      node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
-      diagnose this bug, and the current warning in earlier versions of
-      tor achieves nothing useful. Addresses warning from bug 7164.
-
diff --git a/changes/bug7280 b/changes/bug7280
deleted file mode 100644
index ef5d36a802..0000000000
--- a/changes/bug7280
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix some bugs in tor-fw-helper-natpmp when trying to build and
-      run it on Windows. More bugs likely remain. Patch from Gisle Vanem.
-      Fixes bug 7280; bugfix on 0.2.3.1-alpha.
diff --git a/changes/bug7302 b/changes/bug7302
deleted file mode 100644
index fec615ff90..0000000000
--- a/changes/bug7302
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Minor bugfixes:
-    - Don't log inappropriate heartbeat messages when hibernating: a
-      hibernating node is _expected_ to drop out of the consensus,
-      decide it isn't bootstrapped, and so forth.  Fixes part of bug
-      7302; bugfix on 0.2.3.1-alpha.
-
-    - Don't complain about bootstrapping problems while hibernating.
-      These complaints reflect a general code problems, but not one
-      with any problematic effects. (No connections are actually
-      opened.) Fixes part of bug 7302; bugfix on 0.2.3.2-alpha.
-
diff --git a/changes/bug7350 b/changes/bug7350
deleted file mode 100644
index b0ee9d0919..0000000000
--- a/changes/bug7350
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Avoid an assertion when we discover that we'd like to write a cell
-      onto a closing connection: just discard the cell. Fixes another
-      case of bug 7350; bugfix on 0.2.4.4-alpha.
diff --git a/changes/bug7582 b/changes/bug7582
deleted file mode 100644
index f3b0635765..0000000000
--- a/changes/bug7582
+++ /dev/null
@@ -1,9 +0,0 @@
-  o Major bugfixes:
-
-    - When an exit node tells us that it is rejecting because of its
-      exit policy a stream we expected it to accept (because of its exit
-      policy), do not mark the node as useless for exiting if our
-      expectation was only based on an exit policy summary.  Instead,
-      mark the circuit as unsuitable for that particular address. Fixes
-      part of bug 7582; bugfix on 0.2.3.2-alpha.
-
diff --git a/changes/bug7707_diagnostic b/changes/bug7707_diagnostic
deleted file mode 100644
index 0c3138e785..0000000000
--- a/changes/bug7707_diagnostic
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features:
-    - Add another diagnostic to the heartbeat message: track and log
-      overhead that TLS is adding to the data we write.  If this is
-      high, we are sending too little data to SSL_write at a time.
-      Diagnostic for bug 7707.
diff --git a/changes/bug7768 b/changes/bug7768
deleted file mode 100644
index e3f9600afb..0000000000
--- a/changes/bug7768
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation fixes:
-    - Update tor-fw-helper.1.txt and tor-fw-helper.c to make option
-      names match. Fixes bug 7768.
diff --git a/changes/bug7799 b/changes/bug7799
deleted file mode 100644
index ed4570129c..0000000000
--- a/changes/bug7799
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor changes (log clarification)
-   - Add more detail to a log message about relaxed timeouts. Hopefully
-     this additional detail will allow us to diagnose the cause of bug 7799.
- o Minor bugfixes
-   - Don't attempt to relax the timeout of already opened 1-hop circuits.
-     They might never timeout. This should eliminate some/all cases of
-     the relaxed timeout log message.
diff --git a/changes/bug7801 b/changes/bug7801
deleted file mode 100644
index 1d6d021f3f..0000000000
--- a/changes/bug7801
+++ /dev/null
@@ -1,13 +0,0 @@
-  o Minor bugfixes:
-    - When choosing which stream on a formerly stalled circuit to wake
-      first, make better use of the platform's weak RNG.  Previously, we
-      had been using the % ("modulo") operator to try to generate a 1/N
-      chance of picking each stream, but this behaves badly with many
-      platforms' choice of weak RNG. Fix for bug 7801; bugfix on
-      0.2.2.20-alpha.
-    - Use our own weak RNG when we need a weak RNG. Windows's rand()
-      and Irix's random() only return 15 bits; Solaris's random()
-      returns more bits but its RAND_MAX says it only returns 15, and
-      so on.  Fixes another aspect of bug 7801; bugfix on
-      0.2.2.20-alpha.
-
diff --git a/changes/bug7816.024 b/changes/bug7816.024
deleted file mode 100644
index b5d55f5d6d..0000000000
--- a/changes/bug7816.024
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Avoid leaking IPv6 policy content if we fail to format it into
-      a router descriptor. Spotted by Coverity. Fixes part of 7816;
-      bugfix on 0.2.4.7-alpha.
-
-    - Avoid leaking memory if we fail to compute a consensus signature
-      or we generated a consensus we couldn't parse. Spotted by Coverity.
-      Fixes part of 7816; bugfix on 0.2.0.5-alpha.
diff --git a/changes/bug7816_023 b/changes/bug7816_023
deleted file mode 100644
index a4530292cc..0000000000
--- a/changes/bug7816_023
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (memory leak, controller):
-    - Fix a memory leak during safe-cookie controller authentication.
-      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.3.13-alpha.
-
-  o Minor bugfixes (memory leak, HTTPS proxy support):
-    - Fix a memory leak when receiving headers from an HTTPS proxy.
-      Spotted by Coverity. Fixes part of bug 7816; bugfix on 0.2.1.1-alpha.
diff --git a/changes/bug7816_023_small b/changes/bug7816_023_small
deleted file mode 100644
index cd90f035f1..0000000000
--- a/changes/bug7816_023_small
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Fix various places where we leak file descriptors or memory on
-      error cases. Spotted by coverity. Fixes parts of bug 7816.
diff --git a/changes/bug7902 b/changes/bug7902
deleted file mode 100644
index 051759dc0a..0000000000
--- a/changes/bug7902
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-    - When we receive a RELAY_END cell with the reason DONE, or with no
-      reason, before receiving a RELAY_CONNECTED cell, report the SOCKS
-      status as "connection refused."  Previously we reporting these
-      cases as success but then immediately closing the connection.
-      Fixes bug 7902; bugfix on 0.1.0.1-rc. Reported by "oftc_must_
-      be_destroyed."
diff --git a/changes/bug7947 b/changes/bug7947
deleted file mode 100644
index 6200ba2d8a..0000000000
--- a/changes/bug7947
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix the handling of a TRUNCATE cell when it arrives while the circuit
-      extension is in progress. Fixes bug 7947; bugfix on 0.0.7.1.
-
diff --git a/changes/bug7950 b/changes/bug7950
deleted file mode 100644
index e62cca07a1..0000000000
--- a/changes/bug7950
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When rejecting a configuration because we were unable to parse a
-      quoted string, log an actual error message. Fix for bug 7950;
-      bugfix on 0.2.0.16-alpha.
diff --git a/changes/bug7982 b/changes/bug7982
deleted file mode 100644
index 46aa53249c..0000000000
--- a/changes/bug7982
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-     - Copy-paste description for PathBias params from man page into or.h
-       comment.  Fixes bug 7982.
diff --git a/changes/bug8002 b/changes/bug8002
deleted file mode 100644
index d6e2ff2492..0000000000
--- a/changes/bug8002
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - When autodetecting the number of CPUs, use the number of available
-      CPUs in preferernce to the number of configured CPUs. Inform the
-      user if this reduces the number of avialable CPUs. Fix for bug 8002.
-      Bugfix on 0.2.3.1-alpha.
diff --git a/changes/bug8014 b/changes/bug8014
deleted file mode 100644
index c09a86098c..0000000000
--- a/changes/bug8014
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor usability improvements (build):
-    - Clarify that when autconf is checking for nacl, it is checking
-      specifically for nacl with a fast curve25519 implementation.
-      Fixes bug 8014.
-
diff --git a/changes/bug8031 b/changes/bug8031
deleted file mode 100644
index 17329ec5b5..0000000000
--- a/changes/bug8031
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-    - Use direct writes rather than stdio when building microdescriptor
-      caches, in an attempt to mitigate bug 8031, or at least make it
-      less common.
-    - Warn more aggressively when flushing microdescriptors to a
-      microdescriptor cache fails, in an attempt to mitegate bug 8031,
-      or at least make it more diagnosable.
diff --git a/changes/bug8037 b/changes/bug8037
deleted file mode 100644
index 989745fc39..0000000000
--- a/changes/bug8037
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-    - Correctly store microdescriptors and extrainfo descriptors with
-      an internal NUL byte. Fixes bug 8037; bugfix on 0.2.0.1-alpha.
-      Bug reported by "cypherpunks".
-
-  o Minor features:
-    - Reject as invalid most directory objects containing a
-      NUL. Belt-and-suspender fix for bug 8037.
diff --git a/changes/bug8059 b/changes/bug8059
deleted file mode 100644
index 47273ed0ac..0000000000
--- a/changes/bug8059
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes (protocol conformance):
-    - Fix a misframing issue when reading the version numbers in a
-      VERSIONS cell. Previously we would recognize [00 01 00 02] as
-      'version 1, version 2, and version 0x100', when it should have
-      only included versions 1 and 2. Fixes bug 8059; bugfix on
-      0.2.0.10-alpha. Reported pseudonymously.
diff --git a/changes/bug8062 b/changes/bug8062
deleted file mode 100644
index 805e51ed41..0000000000
--- a/changes/bug8062
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Increase the width of the field used to remember a connection's
-      link protocol version to two bytes. Harmless for now, since the
-      only currently recognized versions are one byte long.  Reported
-      pseudynmously.  Fixes bug 8062, bugfix on 0.2.0.10-alpha.
diff --git a/changes/bug8065 b/changes/bug8065
deleted file mode 100644
index 06dbae8cd7..0000000000
--- a/changes/bug8065
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Downgrade an assertion in connection_ap_expire_beginning to
-      an LD_BUG message. The fix for bug 8024 should prevent this
-      message from displaying, but just in case a warn that we can
-      diagnose is better than more assert crashes. Fix for bug 8065;
-      bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8093 b/changes/bug8093
new file mode 100644
index 0000000000..f0fbc618c2
--- /dev/null
+++ b/changes/bug8093
@@ -0,0 +1,3 @@
+  o Downgraded warnings:
+    - Downgrade the severity of the 'unexpected sendme cell from client' from
+      'warn' to 'protocol warning'. Closes ticket 8093.
diff --git a/changes/bug8093.part1 b/changes/bug8093.part1
deleted file mode 100644
index 2450794dd7..0000000000
--- a/changes/bug8093.part1
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4,
-      for bug 8093.
diff --git a/changes/bug8117 b/changes/bug8117
deleted file mode 100644
index 910e8056f4..0000000000
--- a/changes/bug8117
+++ /dev/null
@@ -1,13 +0,0 @@
-  o Major bugfixes:
-
-    - Many SOCKS5 clients, when configured to offer a username/password,
-      offer both username/password authentication and "no authentication".
-      Tor had previously preferred no authentication, but this was
-      problematic when trying to make applications get proper stream
-      isolation with IsolateSOCKSAuth. Now, on any SOCKS port with
-      IsolateSOCKSAuth turned on (which is the default), Tor selects
-      username/password authentication if it's offered. If this confuses your
-      application, you can disable it on a per-SOCKSPort basis via
-      PreferSOCKSNoAuth. Fixes bug 8117; bugfix on 0.2.3.3-alpha.
-
-
diff --git a/changes/bug8121 b/changes/bug8121
deleted file mode 100644
index 60cba72848..0000000000
--- a/changes/bug8121
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor features:
-    - Clear the high bit on curve25519 public keys before passing them to
-      our backend, in case we ever wind up using a backend that doesn't do
-      so itself. If we used such a backend, and *didn't* clear the high bit,
-      we could wind up in a situation where users with such backends would
-      be distinguishable from users without. Fix for bug 8121; bugfix on
-      0.2.4.8-alpha.
diff --git a/changes/bug8151 b/changes/bug8151
deleted file mode 100644
index e20fa3c31a..0000000000
--- a/changes/bug8151
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features (directory authority):
-    - Include inside each vote a statement of the performance
-      thresholds that made the authority vote for its flags. Implements
-      ticket 8151.
- 
\ No newline at end of file
diff --git a/changes/bug8158 b/changes/bug8158
deleted file mode 100644
index 65b21c2a26..0000000000
--- a/changes/bug8158
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Use less space when formatting identical microdescriptor lines in
-      directory votes. Fixes bug 8158; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug8161 b/changes/bug8161
deleted file mode 100644
index ab7b9c0cad..0000000000
--- a/changes/bug8161
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor changes:
-   - Lower path use bias thresholds to .80 for notice and .60 for warn.
-     Fixes bug #8161; bugfix on 0.2.4.10-alpa.
-   - Make the rate limiting flags for the path use bias log messages
-     independent from the original path bias flags. Fixes bug #8161;
-     bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug8180 b/changes/bug8180
deleted file mode 100644
index 39e6ce7f9a..0000000000
--- a/changes/bug8180
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (security usability):
-    - Elevate the severity of the warning message when setting
-      EntryNodes but disabling UseGuardNodes to an error. The outcome
-      of letting Tor procede with those options enabled (which causes
-      EntryNodes to get ignored) is sufficiently different from what
-      was expected that it's best to just refuse to proceed. Fixes bug
-      8180; bugfix on 0.2.3.11-alpha.
diff --git a/changes/bug8185_diagnostic b/changes/bug8185_diagnostic
deleted file mode 100644
index b0f8884758..0000000000
--- a/changes/bug8185_diagnostic
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Improve debugging output to attempt to diagnose the underlying
-      cause of bug 8185.
diff --git a/changes/bug8200 b/changes/bug8200
deleted file mode 100644
index 65fc9dd03a..0000000000
--- a/changes/bug8200
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfix:
-    - Stop sending a stray "(null)" in some cases for the server status
-      "EXTERNAL_ADDRESS" controller event. Resolves bug 8200; bugfix
-      on 0.1.2.6-alpha.
-
diff --git a/changes/bug8203 b/changes/bug8203
deleted file mode 100644
index d26dc0fccf..0000000000
--- a/changes/bug8203
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Make the format and order of STREAM events for DNS lookups consistent
-      among the various ways to launch DNS lookups. Fix for bug 8203;
-      bugfix on 0.2.0.24-rc. Patch by "Desoxy."
diff --git a/changes/bug8207 b/changes/bug8207
deleted file mode 100644
index 0028d3380f..0000000000
--- a/changes/bug8207
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major bugfixes (hidden services):
-    - Allow hidden service authentication to succeed again. When we
-      refactored the hidden service introduction code back in 0.2.4.1-alpha,
-      we didn't update the code that checks whether authentication
-      information is present, causing all authentication checks to
-      return "false". Fix for bug 8207; bugfix on 0.2.4.1-alpha. Found by
-      Coverity; this is CID 718615. 
diff --git a/changes/bug8208 b/changes/bug8208
deleted file mode 100644
index c85db90b52..0000000000
--- a/changes/bug8208
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Avoid a crash if we fail to generate an extrinfo descriptor.
-      Fixes bug 8208; bugfix on 0.2.3.16-alpha. Found by Coverity;
-      this is CID 718634.
diff --git a/changes/bug8209 b/changes/bug8209
deleted file mode 100644
index c58923540b..0000000000
--- a/changes/bug8209
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - When detecting the largest possible file descriptor (in order to close
-      all file descriptors when launching a new program), actually use
-      _SC_OPEN_MAX. The old code for doing this was very, very broken.
-      Fix for bug 8209; bugfix on 0.2.3.1-alpha. Found by Coverity; this
-      is CID 743383.
diff --git a/changes/bug8210 b/changes/bug8210
deleted file mode 100644
index 85d41b844a..0000000000
--- a/changes/bug8210
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Fix an impossible-to-trigger integer overflow when
-      estimating how long out onionskin queue would take.  (This overflow
-      would require us to accept 4 million onionskins before processing
-      100 of them.) Fixes bug 8210; bugfix on 0.2.4.10-alpha.
-       
diff --git a/changes/bug8218 b/changes/bug8218
deleted file mode 100644
index ce8d53ba62..0000000000
--- a/changes/bug8218
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Stop marking every relay as having been down for one hour every
-      time we restart a directory authority. These artificial downtimes
-      were messing with our Stable and Guard flag calculations. Fixes
-      bug 8218 (introduced by the fix for 1035). Bugfix on 0.2.2.23-alpha.
-
diff --git a/changes/bug8231 b/changes/bug8231
deleted file mode 100644
index fd87a1daec..0000000000
--- a/changes/bug8231
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - When unable to find any working directory nodes to use as a
-      directory guard, give up rather than adding the same non-working
-      nodes to the list over and over. Fixes bug 8231; bugfix on
-      0.2.4.8-alpha.
diff --git a/changes/bug8235-diagnosing b/changes/bug8235-diagnosing
deleted file mode 100644
index b760035cfc..0000000000
--- a/changes/bug8235-diagnosing
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (diagnostic)
-   - If the state file's path bias counts are invalid (presumably from a
-     buggy tor prior to 0.2.4.10-alpha), make them correct.
-   - Add additional checks and log messages to the scaling of Path Bias
-     counts, in case there still are remaining issues with scaling.
diff --git a/changes/bug8253-fix b/changes/bug8253-fix
deleted file mode 100644
index 3d36d06c88..0000000000
--- a/changes/bug8253-fix
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (log messages)
-   - Fix a scaling issue in the path bias accounting code that resulted in
-     "Bug:" log messages from either pathbias_scale_close_rates() or
-     pathbias_count_build_success(). This represents a bugfix on a previous
-     bugfix: The original fix attempted in 0.2.4.10-alpha was incomplete.
-     Fixes bug 8235; bugfix on 0.2.4.1-alpha.
diff --git a/changes/bug8273 b/changes/bug8273
deleted file mode 100644
index 257f57e7ab..0000000000
--- a/changes/bug8273
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Critical bugfixes:
-    - When dirserv.c computes flags and thresholds, use measured bandwidths
-      in preference to advertised ones.
diff --git a/changes/bug8290 b/changes/bug8290
deleted file mode 100644
index d1fce7d8b5..0000000000
--- a/changes/bug8290
+++ /dev/null
@@ -1,9 +0,0 @@
-  o Removed files:
-    - The tor-tsocks.conf is no longer distributed or installed. We
-      recommend that tsocks users use torsocks instead. Resolves
-      ticket 8290.
-
-  o Documentation fixes:
-    - The torify manpage no longer refers to tsocks; torify hasn't
-      supported tsocks since 0.2.3.14-alpha.
-    - The manpages no longer reference tsocks.
diff --git a/changes/bug8377 b/changes/bug8377
deleted file mode 100644
index c9ad151bc9..0000000000
--- a/changes/bug8377
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Correctly recognize that [::1] is a loopback address. Fixes bug #8377;
-      bugfix on 0.2.1.3-alpha.
diff --git a/changes/bug8387 b/changes/bug8387
new file mode 100644
index 0000000000..2ec0487bf8
--- /dev/null
+++ b/changes/bug8387
@@ -0,0 +1,11 @@
+  o Major bugfixes (client):
+
+    - Perform circuit cleanup operations even when circuit
+      construction operations are disabled (because the network is
+      disabled, or because there isn't enough directory information).
+      Previously, when we were not building predictive circuits, we
+      were not closing expired circuits either.
+
+      Fixes bug 8387; bugfix on 0.1.1.11-alpha. This bug became visible
+      in 0.2.4.10-alpha when we became more strict about when we have
+      "enough directory information to build circuits".
diff --git a/changes/bug8408 b/changes/bug8408
deleted file mode 100644
index ae9cf172e1..0000000000
--- a/changes/bug8408
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Allow TestingTorNetworks to override the 4096-byte minimum for the Fast
-      threshold. Otherwise they can't bootstrap until they've observed more
-      traffic. Fixes bug 8508; bugfix on 0.2.4.10-alpha.
diff --git a/changes/bug8427 b/changes/bug8427
deleted file mode 100644
index 22b003fc38..0000000000
--- a/changes/bug8427
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - If we encounter a write failure on a SOCKS connection before we
-      finish our SOCKS handshake, don't warn that we closed the
-      connection before we could send a SOCKS reply. Fixes bug 8427;
-      bugfix on 0.1.0.1-rc.
diff --git a/changes/bug8435 b/changes/bug8435
deleted file mode 100644
index da7ca7c1f8..0000000000
--- a/changes/bug8435
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - When dirserv.c computes flags and thresholds, ignore advertised
-      bandwidths if we have more than a threshold number of routers with
-      measured bandwidths.
diff --git a/changes/bug8464 b/changes/bug8464
deleted file mode 100644
index 74ff2e39ff..0000000000
--- a/changes/bug8464
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Correct our check for which versions of Tor support the EXTEND2
-      cell.  We had been willing to send it to Tor 0.2.4.7-alpha and
-      later, when support was really added in version 0.2.4.8-alpha.
-      Fixes bug 8464; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug8475 b/changes/bug8475
deleted file mode 100644
index eb8debedba..0000000000
--- a/changes/bug8475
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - If configured via ClientDNSRejectInternalAddresses not to report
-      DNS queries which have resolved to internal addresses, apply that
-      rule to IPv6 as well. Fixes bug 8475; bugfix on 0.2.0.7-alpha.
diff --git a/changes/bug8477-easypart b/changes/bug8477-easypart
deleted file mode 100644
index 0f8f1031c5..0000000000
--- a/changes/bug8477-easypart
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes:
-    - Log the purpose of a path-bias testing circuit correctly.
-      Improves a log message from bug 8477; bugfix on 0.2.4.8-alpha.  
diff --git a/changes/bug8587 b/changes/bug8587
deleted file mode 100644
index 84d2f1ec0d..0000000000
--- a/changes/bug8587
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (build):
-    - Build Tor correctly on 32-bit platforms where the compiler can build
-      but not run code using the "uint128_t" construction. Fixes bug 8587;
-      bugfix on 0.2.4.8-alpha.
-
diff --git a/changes/bug8596 b/changes/bug8596
deleted file mode 100644
index dd36bad855..0000000000
--- a/changes/bug8596
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Add CACHED keyword to ADDRMAP events in the control protocol to indicate
-      whether a DNS result will be cached or not.
diff --git a/changes/bug8598 b/changes/bug8598
deleted file mode 100644
index e31c8f3c74..0000000000
--- a/changes/bug8598
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Bugfixes:
-    - Fix compilation warning with some versions of clang that would prefer
-      the -Wswitch-enum compiler flag to warn about switch statements with
-      missing enum values, even if those switch statements have a default:
-      statement. Fixes bug 8598; bugfix on 0.2.4.10-alpha.
-
diff --git a/changes/bug8599 b/changes/bug8599
deleted file mode 100644
index 204ef58c3f..0000000000
--- a/changes/bug8599
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix some logic errors when the user manually overrides the
-      PathsNeededToBuildCircuits option in torrc. Fixes bug 8599; bugfix
-      on 0.2.4.10-alpha.
diff --git a/changes/bug8638 b/changes/bug8638
deleted file mode 100644
index 3a790e567d..0000000000
--- a/changes/bug8638
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features
-   In our testsuite, create temporary directories with a bit more entropy
-   in their name to make name collissions less likely.  Fixes bug 8638.
diff --git a/changes/bug8639 b/changes/bug8639
deleted file mode 100644
index 0db5c91429..0000000000
--- a/changes/bug8639
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Normal bugfixes:
-     - When launching a resolve request on behalf of an AF_UNIX control
-       socket, omit the address field of the new entry connection, used in
-       subsequent controller events, rather than letting tor_dup_addr() set
-       it to "<unknown address type>".  Fixes bug 8639.
diff --git a/changes/bug8711 b/changes/bug8711
deleted file mode 100644
index 28a1daa454..0000000000
--- a/changes/bug8711
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor features (authority):
-    - Add a "ignoring-advertised-bws" boolean to our flag-thresholds
-      lines to describe whether we have enough measured bandwidths to
-      ignore advertised bandwidth claims. Closes ticket 8711.
-      
-    
diff --git a/changes/bug8716 b/changes/bug8716
deleted file mode 100644
index 74c74f82a6..0000000000
--- a/changes/bug8716
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (memory leak):
-    - Fix a memory leak that would occur whenever a configuration
-      option changed. Fixes bug #8718; bugfix on 0.2.3.3-alpha.
diff --git a/changes/bug8719 b/changes/bug8719
deleted file mode 100644
index c05b79ddec..0000000000
--- a/changes/bug8719
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes (memory leak):
-    - Avoid a memory leak where we would leak a consensus body when we find
-      that a consensus which we couldn't previously verify due to missing
-      certificates is now verifiable. Fixes bug 8719; bugfix on
-      0.2.0.10-alpha.
-
diff --git a/changes/bug8822 b/changes/bug8822
deleted file mode 100644
index c6787afe06..0000000000
--- a/changes/bug8822
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (windows):
-    - Prevent failures on Windows Vista and later when rebuilding the
-      microdescriptor cache. Diagnosed by Robert Ransom. Fixes bug 8822;
-      bugfix on 0.2.4.12-alpha.
-
diff --git a/changes/bug8833 b/changes/bug8833
deleted file mode 100644
index 681a86191f..0000000000
--- a/changes/bug8833
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Major bugfixes (directory authority):
-    - Fix a crash bug when building a consensus using an older consensus as
-      its basis. Fixes bug 8833. Bugfix on 0.2.4.12-alpha.
diff --git a/changes/bug8844 b/changes/bug8844
deleted file mode 100644
index 320e5f2845..0000000000
--- a/changes/bug8844
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Prevent the get_freelists() function from running off the end of
-      the list of freelists if it somehow gets an unrecognized
-      allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by
-      eugenis.
-
diff --git a/changes/bug8845 b/changes/bug8845
deleted file mode 100644
index ace043ab9b..0000000000
--- a/changes/bug8845
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (test):
-    - Fix an impossible buffer overrun in the AES unit tests. Fixes bug 8845;
-      bugfix on 0.2.0.7-alpha. Found by eugenis.
diff --git a/changes/bug8846 b/changes/bug8846
deleted file mode 100644
index 377cc3708a..0000000000
--- a/changes/bug8846
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Give a less useless error message when the user asks for an IPv4
-      address on an IPv6-only port, or vice versa.  Fixes bug 8846; bugfix
-      on 0.2.4.7-alpha.
diff --git a/changes/bug8879 b/changes/bug8879
deleted file mode 100644
index 0d2a70086c..0000000000
--- a/changes/bug8879
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Follow the socks5 protocol when offering username/password
-      authentication. The fix for bug 8117 exposed this bug, and it
-      turns out real-world applications like Pidgin do care. Bugfix on
-      0.2.3.2-alpha; fixes bug 8879.
diff --git a/changes/bug8965 b/changes/bug8965
deleted file mode 100644
index b5af279632..0000000000
--- a/changes/bug8965
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Removed documentation:
-    - Remove some of the older contents of doc/ as obsolete; move others
-      to torspec.git. Fixes bug 8965.
diff --git a/changes/bug9002 b/changes/bug9002
deleted file mode 100644
index c41ace394a..0000000000
--- a/changes/bug9002
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Limit hidden service descriptors to at most ten introduction
-      points, to slow one kind of guard enumeration. Fixes bug 9002;
-      bugfix on 0.1.1.11-alpha.
diff --git a/changes/bug9017 b/changes/bug9017
deleted file mode 100644
index 359c526b00..0000000000
--- a/changes/bug9017
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Avoid an assertion failure on OpenBSD (and perhaps other BSDs)
-      when an exit connection with optimistic data succeeds immediately
-      rather than returning EINPROGRESS. Fixes bug 9017; bugfix on
-      0.2.3.1-alpha.
-
diff --git a/changes/bug9047 b/changes/bug9047
deleted file mode 100644
index 497f0d3372..0000000000
--- a/changes/bug9047
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - If for some reason we fail to write a microdescriptor while
-      rebuilding the cache, do not let the annotations from that
-      microdescriptor linger in the cache file, and do not let the
-      microdescriptor stay recorded as present in its old location.
-      Fixes bug 9047; bugfix on 0.2.2.6-alpha.
diff --git a/changes/bug9063 b/changes/bug9063
deleted file mode 100644
index dcbecf6179..0000000000
--- a/changes/bug9063
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Normal bugfixes:
-    - Close any circuit that has more cells queued than the spec permits.
-      Fixes bug #9063; bugfix on 0.2.4.12.
diff --git a/changes/bug9063_redux b/changes/bug9063_redux
deleted file mode 100644
index e6fae72efc..0000000000
--- a/changes/bug9063_redux
+++ /dev/null
@@ -1,15 +0,0 @@
-  o Major bugfixes:
-    - When we have too much memory queued in circuits (according to a new
-      MaxMemInCellQueues option), close the circuits consuming the most
-      memory.  This prevents us from running out of memory as a relay if
-      circuits fill up faster than they can be drained.  Fixes
-      bug 9063; bugfix on the 54th commit of Tor. This bug is a further
-      fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc.
-
-      Also fixes an earlier approach taken in 0.2.4.13-alpha, where we
-      tried to solve this issue simply by imposing an upper limit on the
-      number of queued cells for a single circuit.  That approach proved to
-      be problematic, since there are ways to provoke clients to send a
-      number of cells in excess of any such reasonable limit.
-      Fixes bug 9072; bugfix on 0.2.4.13-alpha.
-
diff --git a/changes/bug9072 b/changes/bug9072
deleted file mode 100644
index e594a38335..0000000000
--- a/changes/bug9072
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Critical bugfixes:
-    - Disable middle relay queue overfill detection code due to possible
-      guard discovery attack, pending further analysis.  Fixes bug #9072.
diff --git a/changes/bug9093 b/changes/bug9093
deleted file mode 100644
index 06b6cb926a..0000000000
--- a/changes/bug9093
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor features:
-    - Improve the circuit queue out-of-memory handler. Previously, when
-      we ran low on memory, we'd close whichever circuits had the most
-      queued cells. Now, we close those that have the *oldest* queued
-      cells, on the theory that those are most responsible for us
-      running low on memory. Based on analysis from a forthcoming paper
-      by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
\ No newline at end of file
diff --git a/changes/bug9122 b/changes/bug9122
deleted file mode 100644
index 5009da6126..0000000000
--- a/changes/bug9122
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - When receiving a new configuration file via the control port's
-      LOADCONF command, do not treat the defaults file as absent.
-      Fixes bug 9122; bugfix on 0.2.3.9-alpha.
diff --git a/changes/bug9147 b/changes/bug9147
deleted file mode 100644
index e6064ea0e5..0000000000
--- a/changes/bug9147
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Issue a warning when running with the bufferevents backend enabled.
-      It's still not stable, and people should know that they're likely
-      to hit unexpected problems. Closes ticket 9147.
diff --git a/changes/bug9200 b/changes/bug9200
deleted file mode 100644
index 7b64dd1744..0000000000
--- a/changes/bug9200
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - Fix a bug in the voting algorithm that could yield incorrect results
-      when a non-naming authority declared too many flags. Fixes bug 9200;
-      bugfix on 0.2.0.3-alpha.
-
diff --git a/changes/bug9213_doc b/changes/bug9213_doc
deleted file mode 100644
index 2f959dd831..0000000000
--- a/changes/bug9213_doc
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Documentation:
-    - Correctly document that we search for a system torrc file before
-      looking in ~/.torrc. Fixes documentation side of 9213; bugfix
-      on 0.2.3.18-rc.
-
diff --git a/changes/bug9229 b/changes/bug9229
deleted file mode 100644
index ad7fd22c28..0000000000
--- a/changes/bug9229
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Avoid 60-second delays in the bootstrapping process when Tor
-      is launching for a second time while using bridges. Fixes bug 9229;
-      bugfix on 0.2.0.3-alpha.
-
diff --git a/changes/bug9254 b/changes/bug9254
deleted file mode 100644
index 5179bdc523..0000000000
--- a/changes/bug9254
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a spurious compilation warning with some older versions of
-      GCC on FreeBSD. Fixes bug 9254; bugfix on 0.2.4.14-alpha.
-
diff --git a/changes/bug9288 b/changes/bug9288
deleted file mode 100644
index 59bf414ea1..0000000000
--- a/changes/bug9288
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix an invalid memory read that occured when a pluggable
-      transport proxy failed its configuration protocol.
-      Fixes bug 9288.
diff --git a/changes/bug9295 b/changes/bug9295
deleted file mode 100644
index 2c113616c3..0000000000
--- a/changes/bug9295
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes:
-    - Avoid a crash when using --hash-password. Fixes bug 9295; bugfix on
-      0.2.4.15-rc. Found by stem integration tests.
-
diff --git a/changes/bug9309 b/changes/bug9309
deleted file mode 100644
index 38c462bc0f..0000000000
--- a/changes/bug9309
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - When evaluating whether to use a connection that we haven't
-      decided is canonical using a recent link protocol version,
-      decide that it's canonical only if it used address _does_
-      match the desired address. Fixes bug 9309; bugfix on
-      0.2.4.4-alpha. Reported by skruffy.
diff --git a/changes/bug9337 b/changes/bug9337
deleted file mode 100644
index ce99bc8184..0000000000
--- a/changes/bug9337
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes (DNS):
-    - Avoid an assertion failure when processing DNS replies without the
-      answer types we expected. Fixes bug 9337; bugfix on 0.2.4.7-alpha.
-
diff --git a/changes/bug9354 b/changes/bug9354
deleted file mode 100644
index 68fc81a595..0000000000
--- a/changes/bug9354
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - Make the default behavior of NumDirectoryGuards be to track
-      NumEntryGuards. Now a user who changes only NumEntryGuards will get
-      the behavior she expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
-
diff --git a/changes/bug9366 b/changes/bug9366
deleted file mode 100644
index acc919e77f..0000000000
--- a/changes/bug9366
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (usability):
-    - Warn and fail if a server is configured not to advertise any
-      ORPorts at all. (We need *something* to put in our descriptor, or
-      we just won't work.)
diff --git a/changes/bug9393 b/changes/bug9393
deleted file mode 100644
index 9aedd1260b..0000000000
--- a/changes/bug9393
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Give the correct URL in the warning message that we present
-      when the user is trying to run a Tor relay on an ancient version
-      of Windows. Fixes bug 9393.
diff --git a/changes/bug9400 b/changes/bug9400
deleted file mode 100644
index 974224068a..0000000000
--- a/changes/bug9400
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes:
-
-    - Avoid double-closing the listener socket in our socketpair replacement
-      (used on Windows) in the case where the addresses on our opened
-      sockets don't match what we expected. Fixes bug 9400; bugfix on
-      every released Tor version. Found by Coverity.
-
diff --git a/changes/bug9543 b/changes/bug9543
deleted file mode 100644
index 753947f6fd..0000000000
--- a/changes/bug9543
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Avoid overflows when the user sets MaxCircuitDirtiness to a
-      ridiculously high value, by imposing a (ridiculously high) 30-day
-      maximum on MaxCircuitDirtiness.
diff --git a/changes/bug9546 b/changes/bug9546
deleted file mode 100644
index 2145e35d8f..0000000000
--- a/changes/bug9546
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Major bugfixes:
-
-    - When a relay is extending a circuit to a bridge, it needs to send a
-      NETINFO cell, even when the bridge hasn't sent an AUTH_CHALLENGE
-      cell. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
-
-    - Bridges send AUTH_CHALLENGE cells during their handshakes; previously
-      they did not, which prevented relays from successfully connecting
-      to a bridge for self-test or bandwidth testing. Fixes bug 9546;
-      bugfix on 0.2.3.6-alpha.
-
diff --git a/changes/bug9564 b/changes/bug9564
deleted file mode 100644
index 0df00e3698..0000000000
--- a/changes/bug9564
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - If the time to download the next old-style networkstatus is in
-      the future, do not decline to consider whether to download the
-      next microdescriptor networkstatus. Fixes bug 9564. Bugfix on
-      0.2.3.14-alpha.
diff --git a/changes/bug9596 b/changes/bug9596
deleted file mode 100644
index b3d138ecdc..0000000000
--- a/changes/bug9596
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Correctly log long IPv6 exit policy, instead of truncating them
-      or reporting an error. Fixes bug 9596; bugfix on 0.2.4.7-alpha.
-
diff --git a/changes/bug9602 b/changes/bug9602
deleted file mode 100644
index 2dc13c4c02..0000000000
--- a/changes/bug9602
+++ /dev/null
@@ -1,5 +0,0 @@
- o Bugfixes
-   - Null out orconn->chan->conn when closing orconn in case orconn is freed
-     before channel_run_cleanup() gets to orconn->chan, and handle the null
-     conn edge case correctly in channel_tls_t methods.  Fixes bug #9602;
-     bugfix on 0.2.4.4-alpha.
diff --git a/changes/bug9644 b/changes/bug9644
deleted file mode 100644
index 51c58a5fff..0000000000
--- a/changes/bug9644
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a small memory leak on exit. (We weren't freeing directory
-      authority certificate download statuses.) Fixes bug 9644; bugfix
-      on 0.2.4.13-alpha.
diff --git a/changes/bug9645a b/changes/bug9645a
deleted file mode 100644
index 2daba65a00..0000000000
--- a/changes/bug9645a
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes:
-    - If we are unable to save a microdescriptor to the journal, do not
-      drop it from memory and then reattempt downloading it. Fixes bug
-      9645; bugfix on 0.2.2.6-alpha.
-
diff --git a/changes/bug9671_023 b/changes/bug9671_023
deleted file mode 100644
index 035ca5cdea..0000000000
--- a/changes/bug9671_023
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes:
-    - If the circuit build timeout logic is disabled (via the consensus,
-      or because we are an authority), then don't build testing circuits.
-      Fixes bug 9657; bugfix on 0.2.2.14-alpha.
-
diff --git a/changes/bug9686_024 b/changes/bug9686_024
deleted file mode 100644
index 8705379d32..0000000000
--- a/changes/bug9686_024
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor features (security):
-    - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave
-      the default at 8GBytes), to better support Raspberry Pi users. Fixes
-      bug 9686; bugfix on 0.2.4.14-alpha.
-
diff --git a/changes/bug9700 b/changes/bug9700
deleted file mode 100644
index f59f54cb01..0000000000
--- a/changes/bug9700
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (compilation):
-    - Fix a compilation error when compiling with --disable-cuve25519.
-      Fixes bug 9700; bugfix on 0.2.4.17-rc.
diff --git a/changes/bug9716 b/changes/bug9716
deleted file mode 100644
index 5e39077173..0000000000
--- a/changes/bug9716
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Bugfixes (performance):
-    - Set the listen() backlog limit to the largest actually supported
-      on the system, not to the value in a header file. Fixes bug 9716;
-      bugfix on every released Tor.
diff --git a/changes/bug9731 b/changes/bug9731
deleted file mode 100644
index 828496af3f..0000000000
--- a/changes/bug9731
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Major bugfixes:
-    - Do not apply connection_consider_empty_read/write_buckets to
-      cpuworker connections.
diff --git a/changes/bug9776 b/changes/bug9776
deleted file mode 100644
index ea3a96abb3..0000000000
--- a/changes/bug9776
+++ /dev/null
@@ -1,5 +0,0 @@
-   o Normal bugfixes:
-     - Always call circuit_n_chan_done(chan, 0) from channel_closed(), so we
-       can't leak pending circuits in some cases where
-       run_connection_housekeeping() calls connection_or_close_normally().
-       Fixes bug #9776; bugfix on 0.2.4.17.
diff --git a/changes/bug9780 b/changes/bug9780
deleted file mode 100644
index 3cb51bd528..0000000000
--- a/changes/bug9780
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor bugfixes (performance, fingerprinting):
-    - Our default TLS ecdhe groups were backwards: we meant to be using
-      P224 for relays (for performance win) and P256 for bridges (since
-      it is more common in the wild). Instead we had it backwards. After
-      reconsideration, we decided that the default should be P256 on all
-      hosts, since its security is probably better, and since P224 is
-      reportedly used quite little in the wild.  Found by "skruffy" on
-      IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha.
diff --git a/changes/bug9880 b/changes/bug9880
deleted file mode 100644
index a7dda8f82f..0000000000
--- a/changes/bug9880
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor bugfixes:
-
-    - When closing a channel that has already been open, do not close
-      pending circuits that were waiting to connect to the same relay.
-      Fixes bug 9880; bugfix on 0.2.5.1-alpha. Thanks to skruffy for
-      finding this bug.  (Bug was merged to 0.2.4 branch but not released
-      in any 0.2.4 version)
-
diff --git a/changes/bug9904 b/changes/bug9904
deleted file mode 100644
index eec4144cce..0000000000
--- a/changes/bug9904
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - When examining list of network interfaces to find our address, do
-      not consider non-running or disabled network interfaces. Fixes bug
-      9904; bugfix on 0.2.3.11-alpha. Patch from "hantwister".
diff --git a/changes/bug9927 b/changes/bug9927
deleted file mode 100644
index e66280c3c4..0000000000
--- a/changes/bug9927
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Generate bootstrapping status update events correctly for fetching
-      microdescriptors. Fixes bug 9927.
-
diff --git a/changes/bug9928 b/changes/bug9928
deleted file mode 100644
index b72cea3d87..0000000000
--- a/changes/bug9928
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Avoid an off-by-one error when checking buffer boundaries when
-      formatting the exit status of a pluggable transport helper.
-      This is probably not an exploitable bug, but better safe than
-      sorry. Fixes bug 9928; bugfix on 0.2.3.18-rc. Bug found by
-      Pedro Ribeiro.
diff --git a/changes/bug9946 b/changes/bug9946
deleted file mode 100644
index 5d1c888743..0000000000
--- a/changes/bug9946
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Minor bugfixes:
-    - If the guard we choose first doesn't answer, we would try the
-      second guard, but once we connected to the second guard we would
-      abandon it and retry the first one, slowing down bootstrapping.
-      The fix is to treat all our initially chosen guards as acceptable
-      to use. Fixes bug 9946; bugfix on 0.1.1.11-alpha.
-
-  o Major bugfixes:
-    - Stop trying to fetch all our directory information from our first
-      guard. Discovered while fixing bug 9946; bugfix on 0.2.4.8-alpha.
-
diff --git a/changes/cov980650 b/changes/cov980650
deleted file mode 100644
index cbbada2e66..0000000000
--- a/changes/cov980650
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes:
-    - Fix a copy-and-paste error when adding a missing A1 to a routerset
-      because of GeoIPExcludeUnknown. Fix for coverity CID 980650.
-      Bugfix on 0.2.4.10-alpha.
diff --git a/changes/doc-heartbeat-loglevel b/changes/doc-heartbeat-loglevel
deleted file mode 100644
index 91f40ad260..0000000000
--- a/changes/doc-heartbeat-loglevel
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor documentation fixes:
-    - Fix the documentation of HeartbeatPeriod to say that the heartbeat
-      message is logged at notice, not at info.
diff --git a/changes/easy.ratelim b/changes/easy.ratelim
deleted file mode 100644
index cadd1e4f5e..0000000000
--- a/changes/easy.ratelim
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Code simplification and refactoring:
-    - Add a wrapper function for the common "log a message with a rate-limit"
-      case.
diff --git a/changes/feature4994 b/changes/feature4994
deleted file mode 100644
index 4fa0e037b7..0000000000
--- a/changes/feature4994
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor features:
-    - Teach bridge-using clients to avoid 0.2.2 bridges when making
-      microdescriptor-related dir requests, and only fall back to normal
-      descriptors if none of their bridges can handle microdescriptors
-      (as opposed to the fix in ticket 4013, which caused them to fall
-      back to normal descriptors if *any* of their bridges preferred
-      them). Resolves ticket 4994.
diff --git a/changes/feature9574 b/changes/feature9574
deleted file mode 100644
index 723606e396..0000000000
--- a/changes/feature9574
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major features:
-    - Relays now process the new "NTor" circuit-level handshake requests
-      with higher priority than the old "TAP" circuit-level handshake
-      requests. We still process some TAP requests to not totally starve
-      0.2.3 clients when NTor becomes popular. A new consensus parameter
-      "NumNTorsPerTAP" lets us tune the balance later if we need to.
-      Implements ticket 9574.
diff --git a/changes/feature9777 b/changes/feature9777
deleted file mode 100644
index 312b5e034e..0000000000
--- a/changes/feature9777
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Avoid using circuit paths if no node in the path supports the ntor
-      circuit extension handshake. Implements ticket 9777.
diff --git a/changes/ff28_ciphers b/changes/ff28_ciphers
deleted file mode 100644
index 05eb4e9bcc..0000000000
--- a/changes/ff28_ciphers
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor features (performance, compatibility):
-    - Update the list of TLS cipehrsuites that a client advertises
-      to match those advertised by Firefox 28. This enables selection of
-      (fast) GCM ciphersuites, disables some strange old ciphers, and
-      disables the ECDH (not to be confused with ECDHE) ciphersuites.
-      Resolves ticket 11438.
diff --git a/changes/fix-geoipexclude-doc b/changes/fix-geoipexclude-doc
deleted file mode 100644
index 63b544ef29..0000000000
--- a/changes/fix-geoipexclude-doc
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Documentation fixes:
-    - Fix the GeoIPExcludeUnknown documentation to refer to ExcludeExitNodes
-      rather than the currently nonexistent ExcludeEntryNodes. Spotted by
-      "hamahangi" on tor-talk.
diff --git a/changes/further-12184-diagnostic b/changes/further-12184-diagnostic
new file mode 100644
index 0000000000..89e9f4612f
--- /dev/null
+++ b/changes/further-12184-diagnostic
@@ -0,0 +1,2 @@
+  o Minor features (diagnostic):
+    - Slightly enhance the diagnostic message for bug 12184.
diff --git a/changes/geoip-apr2013 b/changes/geoip-apr2013
deleted file mode 100644
index 74d9c63b79..0000000000
--- a/changes/geoip-apr2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the April 3 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-august2013 b/changes/geoip-august2013
deleted file mode 100644
index bd15177a0c..0000000000
--- a/changes/geoip-august2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the August 7 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-feb2013 b/changes/geoip-feb2013
deleted file mode 100644
index b5d794258f..0000000000
--- a/changes/geoip-feb2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the February 6 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-february2014 b/changes/geoip-february2014
deleted file mode 100644
index f8657b468e..0000000000
--- a/changes/geoip-february2014
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the February 7 2014 Maxmind GeoLite2 Country database.
-
diff --git a/changes/geoip-february2014-regcountry b/changes/geoip-february2014-regcountry
deleted file mode 100644
index c2ddf092aa..0000000000
--- a/changes/geoip-february2014-regcountry
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Fix our version of the February 7 2014 Maxmind GeoLite2 Country database.
-
diff --git a/changes/geoip-july2013 b/changes/geoip-july2013
deleted file mode 100644
index 097819dd7c..0000000000
--- a/changes/geoip-july2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the July 3 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-june2013 b/changes/geoip-june2013
deleted file mode 100644
index f8e00a62c6..0000000000
--- a/changes/geoip-june2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the June 5 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-mar2013 b/changes/geoip-mar2013
deleted file mode 100644
index e9cc3981b3..0000000000
--- a/changes/geoip-mar2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the March 6 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-may2013 b/changes/geoip-may2013
deleted file mode 100644
index ff4b98f22b..0000000000
--- a/changes/geoip-may2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the May 9 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-october2013 b/changes/geoip-october2013
deleted file mode 100644
index bc72850725..0000000000
--- a/changes/geoip-october2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the October 2 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip-september2013 b/changes/geoip-september2013
deleted file mode 100644
index 0173f4cfe3..0000000000
--- a/changes/geoip-september2013
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update to the September 4 2013 Maxmind GeoLite Country database.
-
diff --git a/changes/geoip6-february2014 b/changes/geoip6-february2014
deleted file mode 100644
index af30be00b1..0000000000
--- a/changes/geoip6-february2014
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features:
-    - Update geoip6 to the February 7 2014 Maxmind GeoLite2 Country
-      database.
diff --git a/changes/geoip6-june2014 b/changes/geoip6-june2014
deleted file mode 100644
index 1a33e6fb45..0000000000
--- a/changes/geoip6-june2014
+++ /dev/null
@@ -1,2 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the June 4 2014 Maxmind GeoLite2 Country database.
diff --git a/changes/integers_donna b/changes/integers_donna
deleted file mode 100644
index e9c69e8e1c..0000000000
--- a/changes/integers_donna
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (portability)
-    - Tweak the curve25519-donna*.c implementations to tolerate systems
-      that lack stdint.h. Fixes bug 3894; bugfix on 0.2.4.8-alpha.
diff --git a/changes/less_charbuf_usage b/changes/less_charbuf_usage
deleted file mode 100644
index 2ec42b544a..0000000000
--- a/changes/less_charbuf_usage
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Code simplification and refactoring:
-    - Avoid using character buffers when constructing most directory
-      objects: this approach was unweildy and error-prone.  Instead,
-      build smartlists of strings, and concatenate them when done.
-
diff --git a/changes/log-noise b/changes/log-noise
deleted file mode 100644
index bbbf0d2c0c..0000000000
--- a/changes/log-noise
+++ /dev/null
@@ -1,11 +0,0 @@
- o Minor bugfixes (log message reduction)
-   - Fix a path state issue that triggered a notice during relay startup.
-     Fixes bug #8320; bugfix on 0.2.4.10-alpha.
-   - Reduce occurrences of warns about circuit purpose in
-     connection_ap_expire_building(). Fixes bug #8477; bugfix on
-     0.2.4.11-alpha.
-   - Fix a directory authority warn caused when we have a large amount
-     of badexit bandwidth.  Fixes bug #8419; bugfix on 0.2.2.10-alpha.
-   - Reduce a path bias length check notice log to info. The notice
-     is triggered when creating controller circuits. Fixes bug #8196;
-     bugfix on 0.2.4.8-alpha.
diff --git a/changes/md_leak_bug b/changes/md_leak_bug
deleted file mode 100644
index 26270aacc3..0000000000
--- a/changes/md_leak_bug
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (security, OOM)
-    - Fix a memory leak that could occur if a microdescriptor parse
-      fails during the tokenizing step. This could enable a memory
-      exhaustion attack by directory servers. Fixes bug #11649; bugfix
-      on 0.2.2.6-alpha.
diff --git a/changes/no_client_timestamps_024 b/changes/no_client_timestamps_024
deleted file mode 100644
index 41dea2f1a6..0000000000
--- a/changes/no_client_timestamps_024
+++ /dev/null
@@ -1,14 +0,0 @@
-  o Minor features (security, timestamp avoidance, proposal 222):
-    - Clients no longer send timestamps in their NETINFO cells.  These were
-      not used for anything, and they provided one small way for clients
-      to be distinguished from each other as they moved from network to
-      network or behind NAT. Implements part of proposal 222.
-    - Clients now round timestamps in INTRODUCE cells down to the nearest
-      10 minutes.  If a new Support022HiddenServices option is set to 0,
-      or if it's set to "auto" and the feature is disabled in the consensus,
-      the timestamp is sent as 0 instead. Implements part of proposal 222.
-    - Stop sending timestamps in AUTHENTICATE cells. This is not such
-      a big deal from a security point of view, but it achieves no actual
-      good purpose, and isn't needed. Implements part of proposal 222.
-    - Reduce down accuracy of timestamps in hidden service descriptors.
-      Implements part of proposal 222.
diff --git a/changes/prop221 b/changes/prop221
deleted file mode 100644
index b2bf44bc37..0000000000
--- a/changes/prop221
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor features:
-    - Stop sending the CREATE_FAST cells by default; instead, use a
-      parameter in the consensus to decide whether to use
-      CREATE_FAST. This can improve security on connections where
-      Tor's circuit handshake is stronger than the available TLS
-      connection security levels. Implements proposal 221.
diff --git a/changes/signof_enum b/changes/signof_enum
deleted file mode 100644
index ba4fb597d7..0000000000
--- a/changes/signof_enum
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Code simplifications and refactoring:
-    - Use Ville Laurikari's implementation of AX_CHECK_SIGN() to determine
-      the signs of types during autoconf. This is better than our old
-      approach, which didn't work when cross-compiling.
-    - Detect the sign of enum values, rather than assuming that MSC is the
-      only compiler where enum types are all signed. Fix for bug 7727;
-      bugfix on 0.2.4.10-alpha.
diff --git a/changes/test.h_msvc b/changes/test.h_msvc
new file mode 100644
index 0000000000..3afbc13aaa
--- /dev/null
+++ b/changes/test.h_msvc
@@ -0,0 +1,3 @@
+  o Minor bugfixes (compilation):
+    - Fix compilation of test.h with MSVC. Patch from Gisle Vanem;
+      bugfix on 0.2.5.5-alpha.
diff --git a/changes/ticket11528 b/changes/ticket11528
deleted file mode 100644
index 15daad9950..0000000000
--- a/changes/ticket11528
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor features:
-    - Servers now trust themselves to have a better view than clients of
-      which TLS ciphersuites to choose. (Thanks to #11513, the server
-      list is now well-considered, whereas the client list has been
-      chosen mainly for anti-fingerprinting purposes.) Resolves ticket
-      11528.
diff --git a/changes/ticket12690 b/changes/ticket12690
new file mode 100644
index 0000000000..5091883602
--- /dev/null
+++ b/changes/ticket12690
@@ -0,0 +1,9 @@
+  o Minor features:
+    - Authorities now assign the Guard flag to the fastest 25% of the
+      network (it used to be the fastest 50%). Also raise the consensus
+      weight that guarantees the Guard flag from 250 to 2000. For the
+      current network, this results in about 1100 guards, down from 2500.
+      This step paves the way for moving the number of entry guards
+      down to 1 (proposal 236) while still providing reasonable expected
+      performance for most users. Implements ticket 12690.
+
diff --git a/changes/ticket13036 b/changes/ticket13036
new file mode 100644
index 0000000000..1b4784358a
--- /dev/null
+++ b/changes/ticket13036
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Fix a large number of false positive warnings from the clang
+      analyzer static analysis tool. This should make real warnings
+      easier for clang analyzer to find. Patch from "teor". Closes
+      ticket 13036.
diff --git a/changes/ticket14128 b/changes/ticket14128
new file mode 100644
index 0000000000..38b25fa7dc
--- /dev/null
+++ b/changes/ticket14128
@@ -0,0 +1,5 @@
+  o Minor features (controller):
+    - New "GETINFO bw-event-cache" to get information about recent bandwidth
+      events. Closes ticket 14128. Useful for controllers to get recent
+      bandwidth history after the fix for 13988.
+
diff --git a/changes/ticket2267 b/changes/ticket2267
deleted file mode 100644
index b589b5721f..0000000000
--- a/changes/ticket2267
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor features:
-    - Refactor resolve_my_address() so it returns the method by which we
-      decided our public IP address (explicitly configured, resolved from
-      explicit hostname, guessed from interfaces, learned by gethostname).
-      Now we can provide more helpful log messages when a relay guesses
-      its IP address incorrectly (e.g. due to unexpected lines in
-      /etc/hosts). Resolves ticket 2267.
-
diff --git a/changes/ticket8240 b/changes/ticket8240
deleted file mode 100644
index 91e6f8c14a..0000000000
--- a/changes/ticket8240
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major security fixes:
-    - Make the default guard lifetime controllable via a new
-      GuardLifetime torrc option and a GuardLifetime consensus
-      parameter. Start of a fix for bug 8240; bugfix on 0.1.1.11-alpha.
diff --git a/changes/ticket8443 b/changes/ticket8443
deleted file mode 100644
index ca6fb2f471..0000000000
--- a/changes/ticket8443
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Randomize the lifetime of our SSL link certificate, so censors can't
-      use the static value for filtering Tor flows. Resolves ticket 8443;
-      related to ticket 4014 which was included in 0.2.2.33.
diff --git a/changes/ticket9658 b/changes/ticket9658
deleted file mode 100644
index a8db2efba8..0000000000
--- a/changes/ticket9658
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Track how many "TAP" and "NTor" circuit handshake requests we get,
-      and how many we complete, and log it every hour to help relay
-      operators follow trends in network load. Addresses ticket 9658.
diff --git a/changes/ticket9866 b/changes/ticket9866
deleted file mode 100644
index 6cbb1110db..0000000000
--- a/changes/ticket9866
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation:
-    - Add anchors to the manpage so we can link to the documentation for 
-      specific options. Resolves ticket 9866.
diff --git a/changes/v3_intro_len b/changes/v3_intro_len
deleted file mode 100644
index fbe39bce3b..0000000000
--- a/changes/v3_intro_len
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Major bugfixes:
-
-    - Fix an uninitialized read that could (in some cases) lead to a remote
-      crash while parsing INTRODUCE 1 cells. (This is, so far as we know,
-      unrelated to the recent news.)  Fixes bug XXX; bugfix on
-      0.2.4.1-alpha. Anybody running a hidden service on the experimental
-      0.2.4.x branch should upgrade.
-
diff --git a/changes/warn-unsigned-time_t b/changes/warn-unsigned-time_t
deleted file mode 100644
index 5f0c36d099..0000000000
--- a/changes/warn-unsigned-time_t
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Build improvements:
-    - Warn if building on a platform with an unsigned time_t: there
-      are too many places where Tor currently assumes that time_t can
-      hold negative values. We'd like to fix them all, but probably
-      some will remain.