|
|
@@ -1,15 +1,15 @@
|
|
|
Changes in version 0.2.7.4-rc - 2015-10-21
|
|
|
- Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series.
|
|
|
- It fixes some important memory leaks, and a scary-looking (but mostly
|
|
|
- harmless in practice) invalid-read bug. It also has a few small
|
|
|
+ Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
|
|
|
+ fixes some important memory leaks, and a scary-looking (but mostly
|
|
|
+ harmless in practice) invalid-read bug. It also has a few small
|
|
|
bugfixes, notably fixes for compilation and portability on different
|
|
|
platforms. If no further significant bounds are found, the next
|
|
|
release will the the official stable release.
|
|
|
|
|
|
o Major bugfixes (security, correctness):
|
|
|
- - Fix an error that could cause us to read 4 bytes before
|
|
|
- the beginning of an openssl string. This bug could be used to
|
|
|
- cause Tor to crash on systems with unusual malloc implementations, or
|
|
|
+ - Fix an error that could cause us to read 4 bytes before the
|
|
|
+ beginning of an openssl string. This bug could be used to cause
|
|
|
+ Tor to crash on systems with unusual malloc implementations, or
|
|
|
systems with unusual hardening installed. Fixes bug 17404; bugfix
|
|
|
on 0.2.3.6-alpha.
|
|
|
|
Nick Mathewson