diff options
Diffstat (limited to 'changes')
118 files changed, 0 insertions, 606 deletions
diff --git a/changes/19974 b/changes/19974 deleted file mode 100644 index 5496143ddf..0000000000 --- a/changes/19974 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (unit tests): - - Fix tolerances in unit tests for monotonic time comparisons between - nanoseconds and microseconds. Previously, we accepted a 10 us - difference only, which is not realistic on every platform's - clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha. diff --git a/changes/20460 b/changes/20460 deleted file mode 100644 index 9fbb4a7986..0000000000 --- a/changes/20460 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has - removed the ECDH ciphers which caused the tests to fail on - platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha. diff --git a/changes/20492 b/changes/20492 deleted file mode 100644 index fdcd4d0b4b..0000000000 --- a/changes/20492 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfix (build): - - The current Git revision when building from a local repository is now - detected correctly when using git worktrees. Fixes bug 20492; bugfix on - 0.2.3.9-alpha. diff --git a/changes/21359 b/changes/21359 deleted file mode 100644 index cc9b377d52..0000000000 --- a/changes/21359 +++ /dev/null @@ -1,8 +0,0 @@ - - o Minor features (portability, compilationc) - - Support building with recent LibreSSL code that uses opaque - structures. Closes ticket 21359. - - Autoconf now check to determine if OpenSSL - structures are opaque, instead of explicitly checking for - OpenSSL version numbers. - Part of ticket 21359. diff --git a/changes/bastet_v6 b/changes/bastet_v6 deleted file mode 100644 index ee4e2c8094..0000000000 --- a/changes/bastet_v6 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Add an IPv6 address for the "bastet" directory authority. - Closes ticket 24394. - diff --git a/changes/bug15582 b/changes/bug15582 deleted file mode 100644 index 5ea6431cf8..0000000000 --- a/changes/bug15582 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Avoid compiler warnings in the unit tests for running tor_sscanf() - with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha. - diff --git a/changes/bug18100 b/changes/bug18100 deleted file mode 100644 index cd3ba2c977..0000000000 --- a/changes/bug18100 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (linux TPROXY support): - - Fix a typo that had prevented TPROXY-based transparent proxying from - working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha. - Patch from "d4fq0fQAgoJ". - diff --git a/changes/bug18329-minimal b/changes/bug18329-minimal deleted file mode 100644 index 804c4e8dd1..0000000000 --- a/changes/bug18329-minimal +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (bridge): - - Bridges now include notice in their descriptors that they are bridges, - and notice of their distribution status, based on their publication - settings. Implements ticket 18329. For more fine-grained control of - how a bridge is distributed, upgrade to 0.3.2.x or later. - diff --git a/changes/bug19025 b/changes/bug19025 deleted file mode 100644 index 0f365f52ba..0000000000 --- a/changes/bug19025 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (DNS): - - Fix a bug that prevented exit nodes from caching DNS records for more - than 60 seconds. - Fixes bug 19025; bugfix on 0.2.4.7-alpha. diff --git a/changes/bug19869 b/changes/bug19869 deleted file mode 100644 index 430048f161..0000000000 --- a/changes/bug19869 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (DNSPort): - - On DNSPort, stop logging a BUG warning on a failed hostname lookup. - Fixes bug 19869; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug19926_029_info b/changes/bug19926_029_info deleted file mode 100644 index 93fd81b6cb..0000000000 --- a/changes/bug19926_029_info +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (logging): - - Downgrade a harmless log message about the pending_entry_connections - list from "warn" to "info". Mitigates bug 19926. diff --git a/changes/bug19960 b/changes/bug19960 deleted file mode 100644 index 5d655859a6..0000000000 --- a/changes/bug19960 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (netbsd, unit tests): - - Stop expecting NetBSD unit tests to report success for ipfw; - on NetBSD, it's only pf that's supported. - Part of a fix for bug 19960; bugfix on 0.2.9.5-alpha. diff --git a/changes/bug19968 b/changes/bug19968 deleted file mode 100644 index b285706e70..0000000000 --- a/changes/bug19968 +++ /dev/null @@ -1,11 +0,0 @@ - o Minor bugfixes (relay): - - Do not try to parallelize workers more than 16x without the - user explicitly configuring us to do so, even if we do detect more than - 16 CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. - - - o Minor bugfixes (testing): - - Avoid a unit test failure on systems with over 16 detectable - CPU cores. Fixes bug 19968; bugfix on - 0.2.3.1-alpha. diff --git a/changes/bug19969 b/changes/bug19969 deleted file mode 100644 index c760c6de03..0000000000 --- a/changes/bug19969 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (client performance): - - Clients now respond to new application stream requests when - they arrive, rather than waiting up to one second before starting - to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha. - - o Major bugfixes (clients on flaky network connections): - - When Tor leaves standby because of a new application request, open - circuits as needed to serve that request. Previously, we would - potentially wait a very long time. Fixes part of bug 19969; bugfix - on 0.2.8.1-alpha. diff --git a/changes/bug20059 b/changes/bug20059 deleted file mode 100644 index 091fab06d1..0000000000 --- a/changes/bug20059 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a double-marked-circuit warning that can happen when we receive - DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc. diff --git a/changes/bug20085 b/changes/bug20085 deleted file mode 100644 index fd10e7eeeb..0000000000 --- a/changes/bug20085 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Correct the minimum bandwidth value in torrc.sample, and queue a - corresponding change for torrc.minimal. Closes ticket 20085. - diff --git a/changes/bug20235 b/changes/bug20235 deleted file mode 100644 index 54026a8943..0000000000 --- a/changes/bug20235 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (compatibility): - - Work around a bug in the OSX 10.12 SDK that would prevent us - from successfully targetting earlier versions of OSX. - Resolves ticket 20235. diff --git a/changes/bug20247 b/changes/bug20247 deleted file mode 100644 index 731cf0046f..0000000000 --- a/changes/bug20247 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Avoid a sandbox failure when trying to re-bind to a socket and mark - it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha. - diff --git a/changes/bug20306_029 b/changes/bug20306_029 deleted file mode 100644 index ada2676b2b..0000000000 --- a/changes/bug20306_029 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (fascistfirewall): - - Avoid spurious warnings when ReachableAddresses or FascistFirewall - is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha. - diff --git a/changes/bug20307 b/changes/bug20307 deleted file mode 100644 index 9112c9c78d..0000000000 --- a/changes/bug20307 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (circuit, hidden service) - - When closing a circuit, the reason for doing so was assigned from an int - value to a uint16_t which is quite a problem for negative values that are - our internal reasons (ex: END_CIRC_REASON_IP_NOW_REDUNDANT). On the HS - side, this was causing introduction points to be flagged as unusable - because the reason wasn't the right one due to the bad conversion. - Partially fixes bug 21056 and fixes bug 20307; Bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20401 b/changes/bug20401 deleted file mode 100644 index 85ab3c7322..0000000000 --- a/changes/bug20401 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Avoid a small memory leak when informing worker threads about rotated - onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug20423 b/changes/bug20423 deleted file mode 100644 index 32bdc3f081..0000000000 --- a/changes/bug20423 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - For relays that don't know their own address, avoid attempting - a local hostname resolve for each descriptor we download. Also cut - down on the number of "Success: chose address 'x.x.x.x'" log lines. - Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20472 b/changes/bug20472 deleted file mode 100644 index 4d90c39f5b..0000000000 --- a/changes/bug20472 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (circuits): - - Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume - all nodes support EXTEND2. Use ntor whenever a key is available. - Fixes bug 20472; bugfix on 0.2.9.3-alpha. - diff --git a/changes/bug20484 b/changes/bug20484 deleted file mode 100644 index 9a0b95cb39..0000000000 --- a/changes/bug20484 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (single onion services): - - Start correctly when creating a single onion service in a - directory that did not previously exist. Fixes bug 20484; bugfix on - 0.2.9.3-alpha. - diff --git a/changes/bug20487 b/changes/bug20487 deleted file mode 100644 index 4435f14a95..0000000000 --- a/changes/bug20487 +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Clarify that setting HiddenServiceNonAnonymousMode requires - you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on - 0.2.9.3-alpha. diff --git a/changes/bug20509 b/changes/bug20509 deleted file mode 100644 index a39ca9f60b..0000000000 --- a/changes/bug20509 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Directory authorities now reject relays running versions - 0.2.9.1-alpha through 0.2.9.4-alpha, because those relays - suffer from bug 20499 and don't keep their consensus cache - up-to-date. Resolves ticket 20509. diff --git a/changes/bug20529 b/changes/bug20529 deleted file mode 100644 index 276be5b2b6..0000000000 --- a/changes/bug20529 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (hidden services): - - When configuring hidden services, check every hidden service directory's - permissions. Previously, we only checked the last hidden service. - Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha. diff --git a/changes/bug20533 b/changes/bug20533 deleted file mode 100644 index 7d1a456328..0000000000 --- a/changes/bug20533 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (consensus downloads): - - If a consensus expires while we are waiting for certificates to download, - stop waiting for certificates. - - If we stop waiting for certificates less than a minute after we started - downloading them, do not consider the certificate download failure a - separate failure. - Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha. diff --git a/changes/bug20534 b/changes/bug20534 deleted file mode 100644 index 49db433a01..0000000000 --- a/changes/bug20534 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (directory download scheduling): - - Remove the maximum delay on exponential-backoff scheduling. - Since we now allow an infinite number of failures (see ticket - 20536), we must now allow the time to grow longer on each failure. - Fixes part of bug 20534; bugfix on 0.2.9.1-alpha. - - Use initial delays and decrements in download scheduling closer to - those from 0.2.8. Fixes another part of bug 20534; bugfix on - 0.2.9.1-alpha. diff --git a/changes/bug20536 b/changes/bug20536 deleted file mode 100644 index 9e0dd164bb..0000000000 --- a/changes/bug20536 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (download scheduling): - - When using an exponential backoff schedule, do not give up on - dowloading just because we have failed a bunch of times. Since - each delay is longer than the last, retrying indefinitely won't - hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug20551 b/changes/bug20551 deleted file mode 100644 index b7ec4ca7cc..0000000000 --- a/changes/bug20551 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix implicit conversion warnings under OpenSSL 1.1. - Fixes bug 20551; bugfix on 0.2.1.1-alpha. diff --git a/changes/bug20553 b/changes/bug20553 deleted file mode 100644 index 12a2780303..0000000000 --- a/changes/bug20553 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leak): - - Work around a memory leak in OpenSSL 1.1 when encoding public keys. - Fixes bug 20553; bugfix on 0.0.2pre8. diff --git a/changes/bug20560 b/changes/bug20560 deleted file mode 100644 index 43d605b296..0000000000 --- a/changes/bug20560 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (portability): - - Run correctly when built on Windows build environments that require - _vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha. - diff --git a/changes/bug20587 b/changes/bug20587 deleted file mode 100644 index 341b001363..0000000000 --- a/changes/bug20587 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (download timing): - - When determining when to download a directory object, handle times - after 2038 if the operating system supports that. (Someday this will be - important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug20588 b/changes/bug20588 deleted file mode 100644 index 832ef81336..0000000000 --- a/changes/bug20588 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (portability): - - Fix compilation with OpenSSL 1.1 and less commonly-used - CPU architectures. Closes ticket 20588. diff --git a/changes/bug20591 b/changes/bug20591 deleted file mode 100644 index deaa738f5e..0000000000 --- a/changes/bug20591 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay bootstrap): - - Ensure relays don't make multiple connections during bootstrap. - Fixes bug 20591; bugfix on 0.2.8.1-alpha. diff --git a/changes/bug20593 b/changes/bug20593 deleted file mode 100644 index e9f54d317a..0000000000 --- a/changes/bug20593 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (client directory scheduling): - - Treat "relay too busy to answer request" as a failed request and a - reason to back off on our retry frequency. This is safe now that - exponential backups retry indefinitely, and avoids a bug where we would - reset our download schedule erroneously. - Fixes bug 20593; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug20597 b/changes/bug20597 deleted file mode 100644 index f199b63933..0000000000 --- a/changes/bug20597 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (test networks, exponential backoff): - - When using exponential backoff in test networks, use a lower exponent, - so the delays do not vary as much. This helps test networks bootstrap - consistently. Fixes bug 20597; bugfix on 20499; not in any released - version of tor. diff --git a/changes/bug20613 b/changes/bug20613 deleted file mode 100644 index 19bb61f4e0..0000000000 --- a/changes/bug20613 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (single onion services, Tor2web): - - Stop logging long-term one-hop circuits deliberately created by single - onion services and Tor2web. These log messages are intended to diagnose - issue 8387, which relates to circuits hanging around forever for no - reason. - Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly". diff --git a/changes/bug20634 b/changes/bug20634 deleted file mode 100644 index 62fc9f4787..0000000000 --- a/changes/bug20634 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (unit tests): - - Stop spurious failures in the local interface address discovery unit - tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan. diff --git a/changes/bug20638 b/changes/bug20638 deleted file mode 100644 index 260d7d0a75..0000000000 --- a/changes/bug20638 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (hidden services): - - Stop ignoring hidden service key anonymity when first starting tor. - Instead, refuse to start tor if any hidden service key has been used in - a different hidden service anonymity mode. - Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. diff --git a/changes/bug20710_025 b/changes/bug20710_025 deleted file mode 100644 index 12bd07536c..0000000000 --- a/changes/bug20710_025 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox): - - Fix a memory leak and use-after-free error when removing entries - from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on - 0.2.5.5-alpha. Patch from "cypherpunks". diff --git a/changes/bug20715 b/changes/bug20715 deleted file mode 100644 index 737a560cec..0000000000 --- a/changes/bug20715 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory leak) - - When moving a signed descriptor object from a source to an existing - destination, free the allocated memory inside that destination object. - Bugfix on tor-0.2.8.3-alpha; Closes #20715. diff --git a/changes/bug20716 b/changes/bug20716 deleted file mode 100644 index 37fd6feecf..0000000000 --- a/changes/bug20716 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client, memory leak): - - Fix a small memory leak when receiving AF_UNIX connections on - a SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha. diff --git a/changes/bug20810 b/changes/bug20810 deleted file mode 100644 index 5420a73175..0000000000 --- a/changes/bug20810 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay) - - When computing old Tor protocol line version in protover, we were - looking at 0.2.7.5 twice instead of a specific case for 0.2.9.1-alpha. - Bugfix on tor-0.2.9.4-alpha. diff --git a/changes/bug20864 b/changes/bug20864 deleted file mode 100644 index 7b8c70fad6..0000000000 --- a/changes/bug20864 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (unit tests, hidden services): - - Remove a double-free in the single onion service unit test. Stop - ignoring a return value. Make future changes less error-prone. - Fixes bug 20864; bugfix on 0.2.9.6-rc. diff --git a/changes/bug20875 b/changes/bug20875 deleted file mode 100644 index 6bba2cbc12..0000000000 --- a/changes/bug20875 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (download scheduling) - - Resolve a "bug" warning when considering a download schedule whose - delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha. - diff --git a/changes/bug20935 b/changes/bug20935 deleted file mode 100644 index 78068c7c06..0000000000 --- a/changes/bug20935 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (portability): - - Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac - Fixes bug 20935; bugfix on 0.2.9.6-rc. diff --git a/changes/bug21018 b/changes/bug21018 deleted file mode 100644 index 49a8b47a25..0000000000 --- a/changes/bug21018 +++ /dev/null @@ -1,11 +0,0 @@ - o Major bugfixes (parsing, security): - - - Fix a bug in parsing that could cause clients to read a single - byte past the end of an allocated region. This bug could be - used to cause hardened clients (built with - --enable-expensive-hardening) to crash if they tried to visit - a hostile hidden service. Non-hardened clients are only - affected depending on the details of their platform's memory - allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by - using libFuzzer. Also tracked as TROVE-2016-12-002 and as - CVE-2016-1254. diff --git a/changes/bug21035 b/changes/bug21035 deleted file mode 100644 index bbf3340787..0000000000 --- a/changes/bug21035 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (portability): - - Avoid crashing when Tor is built using headers that contain - CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel - without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on - 0.2.9.1-alpha. - diff --git a/changes/bug21051 b/changes/bug21051 deleted file mode 100644 index 8bb4f80c8e..0000000000 --- a/changes/bug21051 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix Libevent detection on platforms without Libevent 1 headers - installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha. diff --git a/changes/bug21108_029 b/changes/bug21108_029 deleted file mode 100644 index 3a3f004fc6..0000000000 --- a/changes/bug21108_029 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (directory authority): - - During voting, when marking a node as a probable sybil, do not - clear its BadExit flag: sybils can still be bad in other ways - too. (We still clear the other flags.) Fixes bug 21108; bugfix - on 0.2.0.13-alpha. - diff --git a/changes/bug21278_extras b/changes/bug21278_extras deleted file mode 100644 index ffdf4a047b..0000000000 --- a/changes/bug21278_extras +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (code correctness): - - Repair a couple of (unreachable or harmless) cases of the risky - comparison-by-subtraction pattern that caused bug 21278. diff --git a/changes/bug21278_prevention b/changes/bug21278_prevention deleted file mode 100644 index e07f0a670c..0000000000 --- a/changes/bug21278_prevention +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Directory authorities now reject descriptors that claim to be - malformed versions of Tor. Helps prevent exploitation of bug 21278. - diff --git a/changes/bug21280 b/changes/bug21280 deleted file mode 100644 index e9f0bc174c..0000000000 --- a/changes/bug21280 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (tor-resolve): - - The tor-resolve command line tool now rejects hostnames over 255 - characters in length. Previously, it would silently truncate - them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5. - Patch by "junglefowl". diff --git a/changes/bug21357 b/changes/bug21357 deleted file mode 100644 index a1cb43a78a..0000000000 --- a/changes/bug21357 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (IPv6 Exits): - - Stop rejecting all IPv6 traffic on Exits whose exit policy rejects IPv6 - addresses. Instead, only reject a port over IPv6 if the exit policy - rejects that port on more than an IPv6 /16 of addresses. This bug was - made worse by 17027 in 0.2.8.1-alpha, which rejects a relay's own IPv6 - address by default. - Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha. diff --git a/changes/bug21394 b/changes/bug21394 deleted file mode 100644 index e5452e20ba..0000000000 --- a/changes/bug21394 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (Exit nodes): - - Fix an issue causing high-bandwidth exit nodes to fail a majority - or all of their DNS requests, making them basically unsuitable for - regular usage in Tor circuits. The problem is related to - libevent's DNS handling, but we can work around it in Tor. Fixes - bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced - eventdns. Credit goes to Dhalgren for identifying and finding a - workaround to this bug and to gamambel, arthuredelstein and - arma in helping to track it down and analyze it. diff --git a/changes/bug21450 b/changes/bug21450 deleted file mode 100644 index a1cf89ab41..0000000000 --- a/changes/bug21450 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (voting consistency): - - Reject version numbers with components that exceed INT32_MAX. - Otherwise 32-bit and 64-bit platforms would behave inconsistently. - Fixes bug 21450; bugfix on 0.0.8pre1. diff --git a/changes/bug21507 b/changes/bug21507 deleted file mode 100644 index f83e291b63..0000000000 --- a/changes/bug21507 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (voting consistency): - - Reject version numbers with non-numeric prefixes (such as +, -, and - whitespace). Disallowing whitespace prevents differential version - parsing between POSIX-based and Windows platforms. - Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1. diff --git a/changes/bug21576 b/changes/bug21576 deleted file mode 100644 index 68d8471192..0000000000 --- a/changes/bug21576 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (crash, directory connections): - - Fix a rare crash when sending a begin cell on a circuit whose linked - directory connection has already been closed. Fixes bug 21576; - bugfix on Tor 0.2.9.3-alpha. Reported by alecmuffett. diff --git a/changes/bug21943 b/changes/bug21943 deleted file mode 100644 index dbe2c726d9..0000000000 --- a/changes/bug21943 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - The getpid() system call is now permitted under the Linux seccomp2 - sandbox, to avoid crashing with versions of OpenSSL (and other - libraries) that attempt to learn the process's PID by using the - syscall rather than the VDSO code. Fixes bug 21943; bugfix on - 0.2.5.1-alpha. diff --git a/changes/bug22034 b/changes/bug22034 deleted file mode 100644 index 6d9e188740..0000000000 --- a/changes/bug22034 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (control port, regression): - - The GETINFO extra-info/digest/<digest> command was broken because of a - wrong base16 decode return value check. In was introduced in a refactor - of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha. diff --git a/changes/bug22245 b/changes/bug22245 deleted file mode 100644 index 6ae18593ea..0000000000 --- a/changes/bug22245 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (bandwidth accounting): - - Roll over monthly accounting at the configured hour and minute, - rather than always at 00:00. - Fixes bug 22245; bugfix on 0.0.9rc1. - Found by Andrey Karpov with PVS-Studio. diff --git a/changes/bug22349 b/changes/bug22349 deleted file mode 100644 index bb43404bfe..0000000000 --- a/changes/bug22349 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes (directory authority): - - When a directory authority rejects a descriptor or extrainfo with - a given digest, mark that digest as undownloadable, so that we - do not attempt to download it again over and over. We previously - tried to avoid downloading such descriptors by other means, but - we didn't notice if we accidentally downloaded one anyway. This - behavior became problematic in 0.2.7.2-alpha, when authorities - began pinning Ed25519 keys. Fixes ticket - 22349; bugfix on 0.2.1.19-alpha. diff --git a/changes/bug22370 b/changes/bug22370 deleted file mode 100644 index e0e87e3339..0000000000 --- a/changes/bug22370 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (memory handling): - - When directory authorities reject a router descriptor due to keypinning, - free the router descriptor rather than leaking the memory. - Fixes bug 22370; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug22446 b/changes/bug22446 deleted file mode 100644 index eab65aac00..0000000000 --- a/changes/bug22446 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (code style, backport from 0.3.1.3-alpha): - - Add "Falls through" comments to our codebase, in order to silence - GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas - Stieger. Closes ticket 22446. diff --git a/changes/bug22460_case2 b/changes/bug22460_case2 deleted file mode 100644 index 0a11759832..0000000000 --- a/changes/bug22460_case2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (relay, link handshake): - - - When performing the v3 link handshake on a TLS connection, report that - we have the x509 certificate that we actually used on that connection, - even if we have changed certificates since that connection was first - opened. Previously, we would claim to have used our most recent x509 - link certificate, which would sometimes make the link handshake fail. - Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha. diff --git a/changes/bug22490 b/changes/bug22490 deleted file mode 100644 index 244dd50b36..0000000000 --- a/changes/bug22490 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (correctness): - - Avoid undefined behavior when parsing IPv6 entries from the geoip6 - file. Fixes bug 22490; bugfix on 0.2.4.6-alpha. diff --git a/changes/bug22516 b/changes/bug22516 deleted file mode 100644 index f024a3c470..0000000000 --- a/changes/bug22516 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (linux seccomp2 sandbox): - - Permit the fchmod system call, to avoid crashing on startup when - starting with the seccomp2 sandbox and an unexpected set of permissions - on the data directory or its contents. Fixes bug 22516; bugfix on - 0.2.5.4-alpha. diff --git a/changes/bug22636 b/changes/bug22636 deleted file mode 100644 index 770cac72e9..0000000000 --- a/changes/bug22636 +++ /dev/null @@ -1,8 +0,0 @@ - o Build features: - - Tor's repository now includes a Travis Continuous Integration (CI) - configuration file (.travis.yml). This is meant to help new developers and - contributors who fork Tor to a Github repository be better able to test - their changes, and understand what we expect to pass. To use this new build - feature, you must fork Tor to your Github account, then go into the - "Integrations" menu in the repository settings for your fork and enable - Travis, then push your changes. diff --git a/changes/bug22644 b/changes/bug22644 deleted file mode 100644 index 9b8742edaf..0000000000 --- a/changes/bug22644 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (controller): - - Do not crash when receiving a POSTDESCRIPTOR command with an - empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha. - - Do not crash when receiving a HSPOST command with an empty body. - Fixes part of bug 22644; bugfix on 0.2.7.1-alpha. diff --git a/changes/bug22737 b/changes/bug22737 deleted file mode 100644 index f0de8e6c41..0000000000 --- a/changes/bug22737 +++ /dev/null @@ -1,12 +0,0 @@ - o Minor bugfixes (defensive programming, undefined behavior): - - - Fix a memset() off the end of an array when packing cells. This - bug should be harmless in practice, since the corrupted bytes - are still in the same structure, and are always padding bytes, - ignored, or immediately overwritten, depending on compiler - behavior. Nevertheless, because the memset()'s purpose is to - make sure that any other cell-handling bugs can't expose bytes - to the network, we need to fix it. Fixes bug 22737; bugfix on - 0.2.4.11-alpha. Fixes CID 1401591. - - diff --git a/changes/bug22789 b/changes/bug22789 deleted file mode 100644 index a653592848..0000000000 --- a/changes/bug22789 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (openbsd, denial-of-service): - - Avoid an assertion failure bug affecting our implementation of - inet_pton(AF_INET6) on certain OpenBSD systems whose strtol() - handling of "0xfoo" differs from what we had expected. - Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as - TROVE-2017-007. - diff --git a/changes/bug22797 b/changes/bug22797 deleted file mode 100644 index 619baaa409..0000000000 --- a/changes/bug22797 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (file limits): - - When setting the maximum number of connections allowed by the OS, - always allow some extra file descriptors for other files. - Fixes bug 22797; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug22801 b/changes/bug22801 deleted file mode 100644 index 7edc79bc84..0000000000 --- a/changes/bug22801 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation): - - When building with certain versions the mingw C header files, avoid - float-conversion warnings when calling the C functions isfinite(), - isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha. - diff --git a/changes/bug22838_028 b/changes/bug22838_028 deleted file mode 100644 index 1d0a4fbfd1..0000000000 --- a/changes/bug22838_028 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha): - - Backport a fix for an "unused variable" warning that appeared - in some versions of mingw. Fixes bug 22838; bugfix on - 0.2.8.1-alpha. - diff --git a/changes/bug22915 b/changes/bug22915 deleted file mode 100644 index 17a9c6018f..0000000000 --- a/changes/bug22915 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation warnings): - - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915; - bugfix on 0.2.8.1-alpha. diff --git a/changes/bug22916_027 b/changes/bug22916_027 deleted file mode 100644 index 5cf99c7d15..0000000000 --- a/changes/bug22916_027 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (Compilation): - - Fix warnings when building with libscrypt and openssl scrypt support - on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug23030_029 b/changes/bug23030_029 deleted file mode 100644 index 89a1b507d7..0000000000 --- a/changes/bug23030_029 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (coverity builds): - - Avoid Coverity build warnings related to our BUG() macro. By - default, Coverity treats BUG() as the Linux kernel does: an - instant abort(). We need to override that so our BUG() macro - doesn't prevent Coverity from analyzing functions that use it. - Fixes bug 23030; bugfix on 0.2.9.1-alpha. - diff --git a/changes/bug23081 b/changes/bug23081 deleted file mode 100644 index 76c4e30971..0000000000 --- a/changes/bug23081 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (Windows service): - - When running as a Windows service, set the ID of the main thread - correctly. Failure to do so made us fail to send log messages - to the controller in 0.2.1.16-rc, slowed down controller - event delivery in 0.2.7.3-rc and later, and crash with an assertion - failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha. - Patch and diagnosis from "Vort". - diff --git a/changes/bug23291 b/changes/bug23291 deleted file mode 100644 index a5b0efda0a..0000000000 --- a/changes/bug23291 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): - - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on - 0.2.7.2-alpha. Found and patched by Ties Stuij. diff --git a/changes/bug23470 b/changes/bug23470 deleted file mode 100644 index 33367b3a30..0000000000 --- a/changes/bug23470 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfix (relay address resolution): - - Avoid unnecessary calls to directory_fetches_from_authorities() - on relays. This avoids spurious address resolutions and - descriptor rebuilds. This is a mitigation for 21789. The original - bug was introduced in commit 35bbf2e as part of prop210. - Fixes 23470 in 0.2.8.1-alpha. diff --git a/changes/bug23690 b/changes/bug23690 deleted file mode 100644 index 36ff32e499..0000000000 --- a/changes/bug23690 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (relay, crash, assertion failure): - - Fix a timing-based assertion failure that could occur when the - circuit out-of-memory handler freed a connection's output buffer. - Fixes bug 23690; bugfix on 0.2.6.1-alpha. - diff --git a/changes/bug23693 b/changes/bug23693 deleted file mode 100644 index 796398be51..0000000000 --- a/changes/bug23693 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (relay, crash): - - Avoid a crash when transitioning from client mode to bridge mode. - Previously, we would launch the worker threads whenever our "public - server" mode changed, but not when our "server" mode changed. - Fixes bug 23693; bugfix on 0.2.6.3-alpha. - diff --git a/changes/bug23874 b/changes/bug23874 deleted file mode 100644 index bf6620553d..0000000000 --- a/changes/bug23874 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory safety): - - Clear the address when node_get_prim_orport() returns early. - Fixes bug 23874; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug24313 b/changes/bug24313 deleted file mode 100644 index b927ec3ba6..0000000000 --- a/changes/bug24313 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden service v2): - - Fix a use-after-free error that could crash v2 Tor hidden services - when it failed to open circuits while expiring introductions - points. Fixes bug 24313; bugfix on 0.2.7.2-alpha. This - issue is also tracked as TROVE-2017-013 and CVE-2017-8823. diff --git a/changes/bug8185_025 b/changes/bug8185_025 deleted file mode 100644 index 1bfc12b1e4..0000000000 --- a/changes/bug8185_025 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes (logging, relay shutdown, annoyance): - - When a circuit is marked for close, do not attempt to package any cells - for channels on that circuit. Previously, we would detect this - condition lower in the call stack, when we noticed that the circuit had - no attached channel, and log an annoying message. Fixes bug 8185; - bugfix on 0.2.5.4-alpha. diff --git a/changes/geoip-2017-11-06 b/changes/geoip-2017-11-06 deleted file mode 100644 index f034be9006..0000000000 --- a/changes/geoip-2017-11-06 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the November 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-april2017 b/changes/geoip-april2017 deleted file mode 100644 index b489eaf016..0000000000 --- a/changes/geoip-april2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-august2017 b/changes/geoip-august2017 deleted file mode 100644 index 2dab18a63f..0000000000 --- a/changes/geoip-august2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-december2016 b/changes/geoip-december2016 deleted file mode 100644 index 60754ea21d..0000000000 --- a/changes/geoip-december2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-february2017 b/changes/geoip-february2017 deleted file mode 100644 index ec54b6122a..0000000000 --- a/changes/geoip-february2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-january2017 b/changes/geoip-january2017 deleted file mode 100644 index 77bc9a5991..0000000000 --- a/changes/geoip-january2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-july2017 b/changes/geoip-july2017 deleted file mode 100644 index ed10369f1b..0000000000 --- a/changes/geoip-july2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-june2017 b/changes/geoip-june2017 deleted file mode 100644 index 2ea7bf105e..0000000000 --- a/changes/geoip-june2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-march2017 b/changes/geoip-march2017 deleted file mode 100644 index 6dc92baa2f..0000000000 --- a/changes/geoip-march2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-may2017 b/changes/geoip-may2017 deleted file mode 100644 index 4e504d7a0a..0000000000 --- a/changes/geoip-may2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-november2016 b/changes/geoip-november2016 deleted file mode 100644 index b3f9913bb1..0000000000 --- a/changes/geoip-november2016 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (ge0oip): - - Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-october2017 b/changes/geoip-october2017 deleted file mode 100644 index 11f623e85f..0000000000 --- a/changes/geoip-october2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/geoip-september2017 b/changes/geoip-september2017 deleted file mode 100644 index be01ff9521..0000000000 --- a/changes/geoip-september2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features: - - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/longclaw-ipv6 b/changes/longclaw-ipv6 deleted file mode 100644 index 75899c9d07..0000000000 --- a/changes/longclaw-ipv6 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory authorities): - - Remove longclaw's IPv6 address, as it will soon change. - Authority IPv6 addresses were originally added in 0.2.8.1-alpha. - This leaves 3/8 directory authorities with IPv6 addresses, but there - are also 52 fallback directory mirrors with IPv6 addresses. - Resolves 19760. diff --git a/changes/longclaw_23592 b/changes/longclaw_23592 deleted file mode 100644 index 91e2da8972..0000000000 --- a/changes/longclaw_23592 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - The directory authority "Longclaw" has changed its IP address. - Closes ticket 23592. diff --git a/changes/more_module_docs b/changes/more_module_docs deleted file mode 100644 index 0066ddfcf0..0000000000 --- a/changes/more_module_docs +++ /dev/null @@ -1,4 +0,0 @@ - o Documentation: - - Module-level documentation for several more modules. Closes tickets - 19287 and - 19290. diff --git a/changes/prop275-minimal b/changes/prop275-minimal deleted file mode 100644 index 83d42f850b..0000000000 --- a/changes/prop275-minimal +++ /dev/null @@ -1,9 +0,0 @@ - o Minor features (future-proofing): - - - Tor no longer refuses to download microdescriptors or descriptors if - they are listed as "published in the future". This change will - eventually allow us to stop listing meaningful "published" dates - in microdescriptor consensuses, and thereby allow us to reduce the - resources required to download consensus diffs by over 50%. - Implements part of ticket 21642; implements part of proposal 275. - diff --git a/changes/ticket19769 b/changes/ticket19769 deleted file mode 100644 index 9fc05c3e9e..0000000000 --- a/changes/ticket19769 +++ /dev/null @@ -1,7 +0,0 @@ - o Major features (security): - - Change the algorithm used to decide DNS TTLs on client and server side, - to better resist DNS-based correlation attacks like the DefecTor attack - of Greschbach, Pulls, Roberts, Winter, and Feamster). Now - relays only return one of two possible DNS TTL values, and clients - are willing to believe DNS TTL values up to 3 hours long. - Closes ticket 19769. diff --git a/changes/ticket20170-v3 b/changes/ticket20170-v3 deleted file mode 100644 index d634e72053..0000000000 --- a/changes/ticket20170-v3 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 81 remaining fallbacks of the 100 originally introduced - in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks - (123 new, 54 existing, 27 removed) generated in December 2016. - Resolves ticket 20170. diff --git a/changes/ticket21564 b/changes/ticket21564 deleted file mode 100644 index 7e01f41f8f..0000000000 --- a/changes/ticket21564 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (fallback directory list): - - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in - December 2016 (of which ~126 were still functional), with a list of - 151 fallbacks (32 new, 119 existing, 58 removed) generated in - May 2017. - Resolves ticket 21564. diff --git a/changes/ticket21953 b/changes/ticket21953 deleted file mode 100644 index 7cc84f506d..0000000000 --- a/changes/ticket21953 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features: - - Enable a couple of pieces of Windows hardening: one - (HeapEnableTerminationOnCorruption) that has been on-by-default since - Windows 8, and unavailable before Windows 7, and one - (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't - affect us, but shouldn't do any harm. Closes ticket 21953. diff --git a/changes/ticket22895 b/changes/ticket22895 deleted file mode 100644 index a3f7b86019..0000000000 --- a/changes/ticket22895 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): - - Fix unused variable warnings in donna's Curve25519 SSE2 code. - Fixes bug 22895; bugfix on 0.2.7.2-alpha. diff --git a/changes/ticket23910 b/changes/ticket23910 deleted file mode 100644 index eb38fcf32f..0000000000 --- a/changes/ticket23910 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Add bastet as a ninth directory authority to the default list. Closes - ticket 23910. diff --git a/changes/trove-2017-001 b/changes/trove-2017-001 deleted file mode 100644 index 5187e6d5f1..0000000000 --- a/changes/trove-2017-001 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security): - - Downgrade the "-ftrapv" option from "always on" to "only on when - --enable-expensive-hardening is provided." This hardening option, like - others, can turn survivable bugs into crashes--and having it on by - default made a (relatively harmless) integer overflow bug into a - denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on - 0.2.9.1-alpha. - diff --git a/changes/trove-2017-001.2 b/changes/trove-2017-001.2 deleted file mode 100644 index 3ef073cf9f..0000000000 --- a/changes/trove-2017-001.2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (parsing): - - Fix an integer underflow bug when comparing malformed Tor versions. - This bug is harmless, except when Tor has been built with - --enable-expensive-hardening, which would turn it into a crash; - or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with - -ftrapv by default. - Part of TROVE-2017-001. Fixes bug 21278; bugfix on - 0.0.8pre1. Found by OSS-Fuzz. diff --git a/changes/trove-2017-005 b/changes/trove-2017-005 deleted file mode 100644 index cebb013f86..0000000000 --- a/changes/trove-2017-005 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (hidden service, relay, security): - - Fix an assertion failure caused by receiving a BEGIN_DIR cell on - a hidden service rendezvous circuit. Fixes bug 22494, tracked as - TROVE-2017-005 and CVE-2017-0376; bugfix on 0.2.2.1-alpha. Found - by armadev. - - diff --git a/changes/trove-2017-008 b/changes/trove-2017-008 deleted file mode 100644 index 4b9c5b0a12..0000000000 --- a/changes/trove-2017-008 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security, hidden services, loggging): - - Fix a bug where we could log uninitialized stack when a certain - hidden service error occurred while SafeLogging was disabled. - Fixes bug #23490; bugfix on 0.2.7.2-alpha. - This is also tracked as TROVE-2017-008 and CVE-2017-0380. diff --git a/changes/trove-2017-009 b/changes/trove-2017-009 deleted file mode 100644 index 166a5faec6..0000000000 --- a/changes/trove-2017-009 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (security): - - When checking for replays in the INTRODUCE1 cell data for a (legacy) - hiddden service, correctly detect replays in the RSA-encrypted part of - the cell. We were previously checking for replays on the entire cell, - but those can be circumvented due to the malleability of Tor's legacy - hybrid encryption. This fix helps prevent a traffic confirmation - attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also - tracked as TROVE-2017-009 and CVE-2017-8819. - - diff --git a/changes/trove-2017-010 b/changes/trove-2017-010 deleted file mode 100644 index d5bf9333da..0000000000 --- a/changes/trove-2017-010 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security): - - Fix a denial-of-service issue where an attacker could crash - a directory authority using a malformed router descriptor. - Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked - as TROVE-2017-010 and CVE-2017-8820. - diff --git a/changes/trove-2017-011 b/changes/trove-2017-011 deleted file mode 100644 index 82d20d9e78..0000000000 --- a/changes/trove-2017-011 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security): - - Fix a denial of service bug where an attacker could use a malformed - directory object to cause a Tor instance to pause while OpenSSL would - try to read a passphrase from the terminal. (If the terminal was not - available, tor would continue running.) Fixes bug 24246; bugfix on - every version of Tor. Also tracked as TROVE-2017-011 and - CVE-2017-8821. Found by OSS-Fuzz as testcase 6360145429790720. - diff --git a/changes/trove-2017-012-part1 b/changes/trove-2017-012-part1 deleted file mode 100644 index 9fccc2cf65..0000000000 --- a/changes/trove-2017-012-part1 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security, relay): - - When running as a relay, make sure that we never build a path through - ourselves, even in the case where we have somehow lost the version of - our descriptor appearing in the consensus. Fixes part of bug 21534; - bugfix on 0.2.0.1-alpha. This issue is also tracked as TROVE-2017-012 - and CVE-2017-8822. |