|
@@ -1,9 +1,20 @@
|
|
|
Changes in version 0.2.4.5-alpha - 2012-10-2?
|
|
Changes in version 0.2.4.5-alpha - 2012-10-2?
|
|
|
- o Major bugfixes (also in 0.2.3.24-rc):
|
|
|
|
|
|
|
+ Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two
|
|
|
|
|
+ important security vulnerabilities that could lead to remotely
|
|
|
|
|
+ triggerable relay crashes, fixes a major bug that was preventing
|
|
|
|
|
+ clients from choosing good exit nodes, and refactor some of our code.
|
|
|
|
|
+
|
|
|
|
|
+ o Major bugfixes (security, also in 0.2.3.24-rc):
|
|
|
|
|
+ - Fix a group of remotely triggerable assertion failures related to
|
|
|
|
|
+ incorrect link protocol negotiation. Found, diagnosed, and fixed
|
|
|
|
|
+ by "some guy from France." Fix for CVE-2012-2250; bugfix on
|
|
|
|
|
+ 0.2.3.6-alpha.
|
|
|
- Fix a denial of service attack by which any directory authority
|
|
- Fix a denial of service attack by which any directory authority
|
|
|
could crash all the others, or by which a single v2 directory
|
|
could crash all the others, or by which a single v2 directory
|
|
|
authority could crash everybody downloading v2 directory
|
|
authority could crash everybody downloading v2 directory
|
|
|
information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
|
|
information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
|
|
|
|
|
+
|
|
|
|
|
+ o Major bugfixes (also in 0.2.3.24-rc):
|
|
|
- When parsing exit policy summaries from microdescriptors, we had
|
|
- When parsing exit policy summaries from microdescriptors, we had
|
|
|
previously been ignoring the last character in each one, so that
|
|
previously been ignoring the last character in each one, so that
|
|
|
"accept 80,443,8080" would be treated by clients as indicating
|
|
"accept 80,443,8080" would be treated by clients as indicating
|
|
@@ -19,18 +30,17 @@ Changes in version 0.2.4.5-alpha - 2012-10-2?
|
|
|
an exit relay would allow exiting to an internal address. Fixes
|
|
an exit relay would allow exiting to an internal address. Fixes
|
|
|
bug 7190; bugfix on 0.2.3.1-alpha.
|
|
bug 7190; bugfix on 0.2.3.1-alpha.
|
|
|
|
|
|
|
|
- o Code simplification and refactoring:
|
|
|
|
|
- - Start using OpenBSD's implementation of queue.h (originally by Niels
|
|
|
|
|
- Provos).
|
|
|
|
|
- - Move the entry node code from circuitbuild.c to its own file.
|
|
|
|
|
- - Move the circuit build timeout tracking code from circuitbuild.c
|
|
|
|
|
- to its own file.
|
|
|
|
|
-
|
|
|
|
|
o Minor bugfixes:
|
|
o Minor bugfixes:
|
|
|
- Only disable TLS session ticket support when running as a TLS
|
|
- Only disable TLS session ticket support when running as a TLS
|
|
|
server. This keeps clients harder to distinguish from regular firefox
|
|
server. This keeps clients harder to distinguish from regular firefox
|
|
|
connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
|
|
connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
|
|
|
|
|
|
|
|
|
|
+ o Code simplification and refactoring:
|
|
|
|
|
+ - Start using OpenBSD's implementation of queue.h (originally by
|
|
|
|
|
+ Niels Provos).
|
|
|
|
|
+ - Move the entry node code from circuitbuild.c to its own file.
|
|
|
|
|
+ - Move the circuit build timeout tracking code from circuitbuild.c
|
|
|
|
|
+ to its own file.
|
|
|
|
|
|
|
|
|
|
|
|
|
Changes in version 0.2.4.4-alpha - 2012-10-20
|
|
Changes in version 0.2.4.4-alpha - 2012-10-20
|
Nick Mathewson