| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-02-17 | Merge branch 'maint-0.2.6' into maint-0.2.7-redux | Nick Mathewson | |
| 2017-02-15 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-15 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-14 | Avoid integer underflow in tor_version_compare. | Nick Mathewson | |
| Fix for TROVE-2017-001 and bug 21278. (Note: Instead of handling signed ints "correctly", we keep the old behavior, except for the part where we would crash with -ftrapv.) | |||
| 2017-02-13 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-13 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-12 | Update geoip and geoip6 to the February 8 2017 database. | Karsten Loesing | |
| 2017-02-07 | Merge branch 'maint-0.2.6' into maint-0.2.7-redux | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-07 | Merge remote-tracking branch 'public/bug18710_025' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Revert "Revert "Add hidserv-stats filname to our sandbox filter"" | Nick Mathewson | |
| This reverts commit 5446cb8d3d536e9bc737de6d9286bd4b4b185661. The underlying revert was done in 0.2.6, since we aren't backporting seccomp2 loosening fixes to 0.2.6. But the fix (for 17354) already went out in 0.2.7.4-rc, so we shouldn't revert it in 0.2.7. | |||
| 2017-02-07 | Bump the version to 0.2.7.6-dev again | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.6' into maint-0.2.7-redux | Nick Mathewson | |
| maint-0.2.7-redux is an attempt to try to re-create a plausible maint-0.2.7 branch. I've started from the tor-0.2.7.6, and then I merged maint-0.2.6 into the branch. This has produced 2 conflicts: one related to the rendcommon->rendcache move, and one to the authority refactoring. | |||
| 2017-02-07 | Disable a log_backtrace (which 0.2.4 does not have) in 16248 fix | Nick Mathewson | |
| 2017-02-07 | Add comments to connection_check_event(). | Nick Mathewson | |
| 2017-02-07 | Change behavior on missing/present event to warn instead of asserting. | Nick Mathewson | |
| Add a changes file. | |||
| 2017-02-07 | If we start/stop reading on a dnsserv connection, don't assert. | Nick Mathewson | |
| Fixes bug 16248. Patch from cypherpunks. Bugfix on 0.2.0.1-alpha. | |||
| 2017-02-07 | Revert "Add hidserv-stats filname to our sandbox filter" | Nick Mathewson | |
| Reverting this in 0.2.6 only -- we're no backporting seccomp2-loosening fixes to 0.2.6. This reverts commit 2ec5e24c58a08816ed2f09c8bd6301599bc2f2f7. | |||
| 2017-02-07 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Backport the tonga->bifroest move to 0.2.4. | Nick Mathewson | |
| This is a backport of 19728 and 19690 | |||
| 2017-02-07 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Merge remote-tracking branch 'public/bug19152_024_v2' into maint-0.2.4 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.4 | Nick Mathewson | |
| 2017-02-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-02-07 | Refine the memwipe() arguments check for 18089 a little more. | Nick Mathewson | |
| We still silently ignore memwipe(NULL, ch, 0); and memwipe(ptr, ch, 0); /* for ptr != NULL */ But we now assert on: memwipe(NULL, ch, 30); | |||
| 2017-02-07 | Make memwipe() do nothing when passed a NULL pointer or zero size | teor (Tim Wilson-Brown) | |
| Check size argument to memwipe() for underflow. Closes bug #18089. Reported by "gk", patch by "teor". Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352), commit 49dd5ef3 on 7 Nov 2012. | |||
| 2017-02-07 | Fix out-of-bounds read in INTRODUCE2 client auth | John Brooks | |
| The length of auth_data from an INTRODUCE2 cell is checked when the auth_type is recognized (1 or 2), but not for any other non-zero auth_type. Later, auth_data is assumed to have at least REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds read. Fixed by checking auth_len before comparing the descriptor cookie against known clients. Fixes #15823; bugfix on 0.2.1.6-alpha. | |||
| 2017-01-11 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2017-01-11 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2017-01-04 | Update geoip and geoip6 to the January 4 2017 database. | Karsten Loesing | |
| 2016-12-20 | Add a one-word sentinel value of 0x0 at the end of each buf_t chunk | Nick Mathewson | |
| This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input. It also closes TROVE-2016-10-001 (aka bug 20384). | |||
| 2016-12-20 | Add a one-word sentinel value of 0x0 at the end of each buf_t chunk | Nick Mathewson | |
| This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input. | |||
| 2016-12-20 | Add a one-word sentinel value of 0x0 at the end of each buf_t chunk | Nick Mathewson | |
| This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input. | |||
| 2016-12-20 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2016-12-20 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2016-12-18 | Make log message warn about detected attempts to exploit 21018. | Nick Mathewson | |
| 2016-12-18 | Fix parsing bug with unecognized token at EOS | Nick Mathewson | |
| In get_token(), we could read one byte past the end of the region. This is only a big problem in the case where the region itself is (a) potentially hostile, and (b) not explicitly nul-terminated. This patch fixes the underlying bug, and also makes sure that the one remaining case of not-NUL-terminated potentially hostile data gets NUL-terminated. Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254 | |||
| 2016-12-09 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2016-12-09 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2016-12-09 | Update geoip and geoip6 to the December 7 2016 database. | Karsten Loesing | |
| 2016-11-07 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2016-11-07 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2016-11-07 | Update geoip and geoip6 to the November 3 2016 database. | Karsten Loesing | |
| 2016-10-06 | Merge branch 'maint-0.2.5' into maint-0.2.6 | Nick Mathewson | |
| 2016-10-06 | Merge branch 'maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |