| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-12-08 | Merge branch 'maint-0.4.8' into release-0.4.8tor-0.4.8.10 | David Goulet | |
| 2023-12-08 | version: Bump version to 0.4.8.10 | Tor CI Release | |
| 2023-12-08 | release: ChangeLog and ReleaseNotes for 0.4.8.10 | Tor CI Release | |
| 2023-12-08 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-12-08 | fallbackdir: Update list generated on December 08, 2023 | Tor CI Release | |
| 2023-12-08 | Update geoip files to match ipfire location db, 2023/12/08. | Tor CI Release | |
| 2023-12-08 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-12-08 | Merge remote-tracking branch 'mikeperry-private/bug40897' into maint-0.4.8 | David Goulet | |
| 2023-12-07 | Merge branch 'maint-0.4.8' into release-0.4.8 | Alexander Færøy | |
| 2023-12-07 | Merge remote-tracking branch 'origin/merge-requests/776' into maint-0.4.8 | Alexander Færøy | |
| 2023-12-07 | Bug 40897: Changes file | Mike Perry | |
| 2023-12-07 | Bug 40897 Bug Bounty: Double the number of max conflux circs | Mike Perry | |
| We strongly suspect that bug 40897 was caused by a custom Tor client that tried to use more than the default number of conflux circuits, for either performance or traffic analysis defense gains, or both. This entity hit a safety check on the exit side, which caused a UAF. Our "belt and suspenders" snapped off, and hit us in the face... again... Since there are good reasons to try more than 2 conflux legs, and research has found some traffic analysis benefits with as many as 5, we're going to raise and parameterize this limit as a form of bug bounty for finding this UAF, so that this entity can try out a little more confluxing. This should also make it easier for researchers to try things like gathering traces with larger amounts of confluxing than normal, to measure real-world traffic analysis impacts of conflux. Shine on, you yoloing anonymous diamond. Let us know if you find out anything interesting! | |||
| 2023-12-07 | Bug 40897: Add more checks to free paths | Mike Perry | |
| Similar double-frees would be caught earlier by these, so long as the pointers remain nulled out. | |||
| 2023-12-07 | Bug 40897: Move safety check to proper location and give it error handling. | Mike Perry | |
| 2023-12-06 | update changes file with correct introduced version | trinity-1686a | |
| 2023-11-09 | version: Bump version to 0.4.8.9-dev | Tor CI Release | |
| 2023-11-09 | Merge branch 'maint-0.4.8' into release-0.4.8tor-0.4.8.9 | David Goulet | |
| 2023-11-09 | version: Bump version to 0.4.8.9 | Tor CI Release | |
| 2023-11-09 | release: ChangeLog and ReleaseNotes for 0.4.8.9 | Tor CI Release | |
| 2023-11-09 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-09 | fallbackdir: Update list generated on November 09, 2023 | Tor CI Release | |
| 2023-11-09 | Update geoip files to match ipfire location db, 2023/11/09. | Tor CI Release | |
| 2023-11-09 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-09 | Merge branch 'ticket40883_048_01' into maint-0.4.8 | David Goulet | |
| 2023-11-09 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-09 | Merge branch 'tor-gitlab/mr/778' into maint-0.4.8 | David Goulet | |
| 2023-11-08 | hs: Always check if the hs_ident is available when processing a cell | David Goulet | |
| Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2023-11-07 | hs: Fix assert in hs_metrics_update_by_ident() | David Goulet | |
| The hs_metrics_failed_rdv() macro could pass a NULL value for the identity key when a building circuit would end up in a failure path *before* the "hs_ident" was able to be set which leading to this assert. This was introduced in 0.4.8.1-alpha with the addition of rendezvous circuit failure metrics for the MetricsPort. This fixes TROVE-2023-006 for which its severity is considered high. Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2023-11-03 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-03 | version: Bump version to 0.4.8.8-dev | Tor CI Release | |
| 2023-11-03 | Merge branch 'maint-0.4.7' into maint-0.4.8 | David Goulet | |
| 2023-11-03 | version: Bump version to 0.4.7.16-devmaint-0.4.7 | Tor CI Release | |
| 2023-11-03 | release: ChangeLog and ReleaseNotes for 0.4.8.8 | Tor CI Release | |
| 2023-11-03 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-03 | Update geoip files to match ipfire location db, 2023/11/03. | Tor CI Release | |
| 2023-11-03 | fallbackdir: Update list generated on November 03, 2023 | Tor CI Release | |
| 2023-11-03 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-03 | Merge branch 'maint-0.4.7' into maint-0.4.8 | David Goulet | |
| 2023-11-03 | version: Bump version to 0.4.8.8tor-0.4.8.8 | Tor CI Release | |
| 2023-11-03 | version: Bump version to 0.4.7.16tor-0.4.7.16 | Tor CI Release | |
| 2023-11-03 | fallbackdir: Update list generated on November 03, 2023 | Tor CI Release | |
| 2023-11-03 | Update geoip files to match ipfire location db, 2023/11/03. | Tor CI Release | |
| 2023-11-03 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-03 | Merge branch 'maint-0.4.7' into maint-0.4.8 | David Goulet | |
| 2023-11-03 | Sync geoip and fallbackdir from maint 048 before release | David Goulet | |
| Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2023-11-03 | Merge branch 'maint-0.4.8' into release-0.4.8 | David Goulet | |
| 2023-11-03 | Merge branch 'maint-0.4.7' into maint-0.4.8 | David Goulet | |
| 2023-11-03 | Fix TROVE-2023-004: Remote crash when compiled against OpenSSL | Alexander Færøy | |
| Fixes #40874 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2023-11-01 | Bug 40876 changes file | Mike Perry | |
| 2023-11-01 | Bug 40876: Extra logging | Mike Perry | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |