changelog 17 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512
  1. tor (0.1.1.5-alpha-1) UNRELEASED; urgency=low
  2. * Experimental upstream version.
  3. * Allow test suite to fail, it's broken in this version.
  4. * Update list of files from doc/ that should be installed.
  5. * Forward port debian/ patches.
  6. -- Peter Palfrader <weasel@debian.org> Fri, 12 Aug 2005 17:02:23 +0200
  7. tor (0.1.0.14-1) unstable; urgency=high
  8. * New upstream version - changes, among others:
  9. - Fixes the other half of the bug with crypto handshakes.
  10. * Since gs-gpl on s390 is broken (#321435) and unable to
  11. build PDFs of our images for the design paper this version
  12. ships them in the source and uses them on s390, should building
  13. them from source really fail.
  14. * Increase standards-version from 3.6.1 to 3.6.2. No changes
  15. necessary.
  16. -- Peter Palfrader <weasel@debian.org> Mon, 8 Aug 2005 23:55:05 +0200
  17. tor (0.1.0.13-1) unstable; urgency=high
  18. * New upstream version:
  19. - Explicitly set no-unaligned-access for sparc in configure.in.
  20. it turns out the new gcc's let you compile broken code, but
  21. that doesn't make it not-broken (closes: #320140).
  22. - Fix a critical bug in the security of our crypto handshakes.
  23. (Therefore set urgency to high).
  24. and more (see upstream changelog).
  25. * Slightly improve init script to give you proper error messages when
  26. you do not run it as root.
  27. -- Peter Palfrader <weasel@debian.org> Fri, 5 Aug 2005 01:27:49 +0200
  28. tor (0.1.0.12-1) unstable; urgency=medium
  29. * New upstream version:
  30. - New IP for tor26 directory server,
  31. - fix a possible double-free in tor_gzip_uncompress,
  32. - and more (see upstream changelog).
  33. -- Peter Palfrader <weasel@debian.org> Tue, 19 Jul 2005 17:36:24 +0200
  34. tor (0.1.0.11-1) unstable; urgency=high
  35. * New upstream version (closes: #316753):
  36. - Fixes a serious bug: servers now honor their exit policies -
  37. In 0.1.0.x only clients enforced them so far. 0.0.9.x is
  38. not affected.
  39. * Build depend on libevent-dev >= 1.1.
  40. * Urgency high because 0.0.9.10-1 did not make it into testing after
  41. like 3 weeks because of an impending ftp-master move. So I might
  42. just as well upload this one.
  43. -- Peter Palfrader <weasel@debian.org> Mon, 4 Jul 2005 17:53:48 +0200
  44. tor (0.1.0.10-0.pre.1) UNRELEASED; urgency=low
  45. * New upstream version.
  46. * Add a watch file.
  47. * Forward port 03_tor_manpage_in_section_8.
  48. * Forward port 06_add_compile_time_defaults.
  49. * Add libevent-dev to build-depends.
  50. * Update URL to tor in debian/control and debian/copyright.
  51. * Add a snippet to disable epoll in etc/default/tor, commented out.
  52. * Add a snippet to set nice level in etc/default/tor.
  53. * Wait for 60 seconds in init stop. 35 is too little.
  54. * Don't depend on python anymore - tor-resolve is C now.
  55. * If "with-dmalloc" is in DEB_BUILD_OPTIONS we build against libdmalloc4.
  56. Of course the -dev package needs to be installed.
  57. * Update README.Debian to say that upstream now does have a default
  58. for DataDirectory.
  59. * Don't fail in the init script when we cannot raise the ulimit.
  60. Instead just warn a bit (closes: #312882).
  61. -- Peter Palfrader <weasel@debian.org> Wed, 15 Jun 2005 16:38:06 +0200
  62. tor (0.0.9.10-1) unstable; urgency=high
  63. * While we're waiting for a newer libevent to enter sid, make another
  64. upload of the 0.0.9.x tree:
  65. - Refuse relay cells that claim to have a length larger than the
  66. maximum allowed. This prevents a potential attack that could read
  67. arbitrary memory (e.g. keys) from an exit server's process.
  68. -- Peter Palfrader <weasel@debian.org> Thu, 16 Jun 2005 22:56:11 +0200
  69. tor (0.0.9.9-1) unstable; urgency=low
  70. * New upstream version.
  71. -- Peter Palfrader <weasel@debian.org> Sat, 23 Apr 2005 23:58:47 +0200
  72. tor (0.0.9.8-1) unstable; urgency=low
  73. * New upstream version.
  74. -- Peter Palfrader <weasel@debian.org> Fri, 8 Apr 2005 09:11:34 +0200
  75. tor (0.0.9.7-1) unstable; urgency=low
  76. * New upstream version.
  77. -- Peter Palfrader <weasel@debian.org> Fri, 1 Apr 2005 09:52:12 +0200
  78. tor (0.0.9.6-1) unstable; urgency=low
  79. * New upstream version.
  80. * Upstream used newer auto* tools, so hopefully the new config.sub
  81. and config.guess files (2003-08-18) are good enough to build
  82. tor on ppc64 (closes: #300376: FTBFS on ppc64).
  83. -- Peter Palfrader <weasel@debian.org> Fri, 25 Mar 2005 01:34:28 +0100
  84. tor (0.0.9.5-1) unstable; urgency=low
  85. * New upstream version.
  86. -- Peter Palfrader <weasel@debian.org> Thu, 24 Feb 2005 09:45:52 +0100
  87. tor (0.0.9.4-1) unstable; urgency=low
  88. * New upstream version.
  89. * Set ulimit for file descriptors to 4096 in our init
  90. script.
  91. * Use SIGINT to shutdown tor. That way - if you are a server -
  92. tor will stop accepting new connections immediately, and
  93. give existing connections a grace period of 30 seconds in
  94. which they might complete their task. If you just run a
  95. client it should make no difference.
  96. -- Peter Palfrader <weasel@debian.org> Fri, 4 Feb 2005 00:20:25 +0100
  97. tor (0.0.9.3-1) unstable; urgency=low
  98. * New upstream version.
  99. * Forward port 07_log_to_file_by_default.
  100. -- Peter Palfrader <weasel@debian.org> Sun, 23 Jan 2005 16:01:58 +0100
  101. tor (0.0.9.2-1) unstable; urgency=low
  102. * New upstream version.
  103. * Update debian/copyright (it's 2005).
  104. * Add sharedscripts tor logrotate.d/tor.
  105. -- Peter Palfrader <weasel@debian.org> Tue, 4 Jan 2005 11:14:03 +0100
  106. tor (0.0.9.1-1) unstable; urgency=low
  107. * New upstream version.
  108. -- Peter Palfrader <weasel@debian.org> Thu, 16 Dec 2004 00:16:47 +0100
  109. tor (0.0.8+0.0.9rc7-1) unstable; urgency=medium
  110. * New upstream release (candidate).
  111. For real this time. Looks like our rc6 orig.tar.gz
  112. was in fact the rc5 one.
  113. * forward port patches/07_log_to_file_by_default
  114. -- Peter Palfrader <weasel@debian.org> Wed, 8 Dec 2004 15:22:44 +0100
  115. tor (0.0.8+0.0.9rc6-1) unstable; urgency=medium
  116. * New upstream release (candidate).
  117. - cleans up more integer underflows that don't look exploitable.
  118. But one never knows (-> medium).
  119. * Remove those 'date' calls in debian/rules again that were
  120. added in rc5-1.
  121. -- Peter Palfrader <weasel@debian.org> Mon, 6 Dec 2004 11:11:23 +0100
  122. tor (0.0.8+0.0.9rc5-1) unstable; urgency=medium
  123. * New upstream release (candidate).
  124. - medium because it fixes an integer overflow that might
  125. be exploitable, but doesn't seem to be currently.
  126. * Add a few 'date' calls in debian/rules, so I can see how long
  127. building the docs take on autobuilders.
  128. -- Peter Palfrader <weasel@debian.org> Wed, 1 Dec 2004 10:02:08 +0100
  129. tor (0.0.8+0.0.9rc3-1) unstable; urgency=low
  130. * New upstream release (candidate).
  131. -- Peter Palfrader <weasel@debian.org> Thu, 25 Nov 2004 10:33:42 +0100
  132. tor (0.0.8+0.0.9rc2-1) unstable; urgency=low
  133. * New upstream release (candidate).
  134. * Nick's patch is now part of upstream, remove it from
  135. the debian diff.
  136. -- Peter Palfrader <weasel@debian.org> Wed, 24 Nov 2004 09:03:13 +0100
  137. tor (0.0.8+0.0.9rc1-1) unstable; urgency=low
  138. * New upstream release (candidate).
  139. * Apply nick's patch against config.c (1.267) to handle
  140. absense of units in BandwidthRate.
  141. -- Peter Palfrader <weasel@debian.org> Tue, 23 Nov 2004 11:57:49 +0100
  142. tor (0.0.8+0.0.9pre6-1) unstable; urgency=low
  143. * New upstream (pre)release.
  144. * Install control-spec.txt into usr/share/doc/tor/.
  145. -- Peter Palfrader <weasel@debian.org> Tue, 16 Nov 2004 04:49:32 +0100
  146. tor (0.0.8+0.0.9pre5-2) unstable; urgency=low
  147. * Symlink tor(8) manpage to torrc(5).
  148. * Make logs readable by the system administrators (group adm).
  149. * Point to /var/log/tor (the directory) instead of a single
  150. file (/var/log/tor/log) in the debian patch of the manpage.
  151. * Do not patch the default torrc to include settings we really want.
  152. Instead modify the compiled in default options. Those settings are
  153. - RunAsDaemon is enabled by default.
  154. - PidFile is set to /var/run/tor/tor.pid. No default upstream.
  155. - default logging goes to /var/log/tor/log instead of stdout.
  156. - DataDirectory is set to /var/lib/tor by default. No default upstream.
  157. This is also documented in the new debian/README.Debian.
  158. * Remove /usr/bin/tor-control.py from the binary package, it is
  159. not really useful yet, and wasn't meant to be installed by
  160. default.
  161. * Change init startup script to properly deal with tor
  162. printing stuff on startup.
  163. -- Peter Palfrader <weasel@debian.org> Fri, 12 Nov 2004 18:30:50 +0100
  164. tor (0.0.8+0.0.9pre5-1) unstable; urgency=low
  165. * New upstream (pre)release.
  166. * 04_fix_test can be backed out again.
  167. * Make sure all patches apply cleanly.
  168. * No longer use --pidfile, --logfile, and --runasdaemon
  169. command line options. Set them in the configfile instead.
  170. * Change the description slightly, to say "don't rely on the current Tor
  171. network if you really need strong anonymity", instead of "Tor will not
  172. provide anonymity currently".
  173. -- Peter Palfrader <weasel@debian.org> Wed, 10 Nov 2004 04:43:10 +0100
  174. tor (0.0.8+0.0.9pre4-1) unstable; urgency=low
  175. * New upstream (pre)release.
  176. * Apply patch from cvs to fix a segfault in src/or/test
  177. (test.c, 1.131).
  178. -- Peter Palfrader <weasel@debian.org> Sun, 17 Oct 2004 19:04:31 +0200
  179. tor (0.0.8+0.0.9pre3-1) unstable; urgency=high
  180. * New upstream (pre)release.
  181. * Fixes at least one segfault that can be triggered remotely,
  182. a format string vulnerability which probably is not exploitable,
  183. and several assert bugs.
  184. -- Peter Palfrader <weasel@debian.org> Thu, 14 Oct 2004 13:36:45 +0200
  185. tor (0.0.8+0.0.9pre2-1) unstable; urgency=low
  186. * New upstream (pre)release.
  187. -- Peter Palfrader <weasel@debian.org> Sun, 3 Oct 2004 01:29:13 +0200
  188. tor (0.0.8+0.0.9pre1-1) unstable; urgency=low
  189. * New upstream (pre)release.
  190. * Built depend on zlib1g-dev.
  191. -- Peter Palfrader <weasel@debian.org> Fri, 1 Oct 2004 21:28:49 +0200
  192. tor (0.0.8-1) unstable; urgency=low
  193. * New upstream release.
  194. -- Peter Palfrader <weasel@debian.org> Fri, 27 Aug 2004 14:08:10 +0200
  195. tor (0.0.7.2+0.0.8rc1-1) unstable; urgency=low
  196. * New upstream release candidate.
  197. * Install design paper in usr/share/doc/tor, not usr/share/doc. Ooops.
  198. -- Peter Palfrader <weasel@debian.org> Wed, 18 Aug 2004 09:59:13 +0200
  199. tor (0.0.7.2+0.0.8pre3-1) unstable; urgency=low
  200. * New upstream (pre)release.
  201. * Ship AUTHORS, doc/CLIENTS, doc/FAQ, doc/HACKING, doc/TODO,
  202. doc/tor-doc.{css,html}, doc/{rend,tor}-spec.txt with the binary package.
  203. * Build tor-design.{pdf,ps}, wich adds new build-dependencies:
  204. tetex-{bin,extra}, transfig, and gs.
  205. * Support DEB_BUILD_OPTIONS option 'nodoc' to skip building tor-design.
  206. With nodoc the build will not need tetex-{bin,extra}, transfig, and gs.
  207. * Support DEB_BUILD_OPTIONS option 'nocheck' to skip unittests
  208. ('notest' is an alias')
  209. * Enable coredumps by default, this is still development code.
  210. * Modify 02_add_debian_files_in_manpage to still apply.
  211. -- Peter Palfrader <weasel@debian.org> Sun, 8 Aug 2004 15:03:32 +0200
  212. tor (0.0.7.2+0.0.8pre2-1) unstable; urgency=low
  213. * New upstream (pre)release.
  214. * Depend on python as we now have a python script: tor_resolve
  215. -- Peter Palfrader <weasel@debian.org> Wed, 4 Aug 2004 20:09:26 +0200
  216. tor (0.0.7.2-1) unstable; urgency=medium
  217. * New upstream release.
  218. Fixes another instance of that remote crash bug.
  219. * Mention another reason why stop/reload may fail in the init script.
  220. -- Peter Palfrader <weasel@debian.org> Thu, 8 Jul 2004 03:21:32 +0200
  221. tor (0.0.7.1-1) unstable; urgency=medium
  222. * New upstream release.
  223. Fixes a bug that allows a remote crash on exit nodes.
  224. * Logrotate var/log/tor/*log instead of just var/log/tor/log, in
  225. case the admin wants several logs.
  226. -- Peter Palfrader <weasel@debian.org> Mon, 5 Jul 2004 19:18:12 +0200
  227. tor (0.0.7-1) unstable; urgency=low
  228. * New upstream version
  229. closes: #249893: FTBFS on ia64
  230. -- Peter Palfrader <weasel@debian.org> Mon, 7 Jun 2004 21:46:08 +0200
  231. tor (0.0.6.2-1) unstable; urgency=medium
  232. * New upstream release (breaks backwards compatibility yet again).
  233. * Recommend socat.
  234. * Since tor is in /usr/sbin, the manpage should be in section 8, not
  235. in section 1. Move it there, including updating the section in
  236. the manpage itself and the reference in torify(1).
  237. * Update debian/copyright file.
  238. -- Peter Palfrader <weasel@debian.org> Sun, 16 May 2004 10:47:20 +0200
  239. tor (0.0.6.1-1) unstable; urgency=medium
  240. * New upstream release (breaks backwards compatibility).
  241. -- Peter Palfrader <weasel@debian.org> Fri, 7 May 2004 00:24:49 +0200
  242. tor (0.0.6-1) unstable; urgency=low
  243. * New upstream release (breaks backwards compatibility).
  244. -- Peter Palfrader <weasel@debian.org> Sun, 2 May 2004 23:58:36 +0200
  245. tor (0.0.5+0.0.6rc4-1) unstable; urgency=low
  246. * New upstream release candidate.
  247. -- Peter Palfrader <weasel@debian.org> Sun, 2 May 2004 14:36:59 +0200
  248. tor (0.0.5+0.0.6rc3-1) unstable; urgency=low
  249. * New upstream release candidate.
  250. -- Peter Palfrader <weasel@debian.org> Thu, 29 Apr 2004 11:52:07 +0200
  251. tor (0.0.5+0.0.6rc2-1) unstable; urgency=low
  252. * New upstream release candidate.
  253. * Mention upstream website and mailinglist archives in long
  254. description.
  255. -- Peter Palfrader <weasel@debian.org> Mon, 26 Apr 2004 12:23:20 +0200
  256. tor (0.0.5-1) unstable; urgency=low
  257. * New upstream release.
  258. * Upstream installs a torrc.sample file now, rather than torrc.
  259. Keep using torrc as dpkg handles conffile upgrades.
  260. -- Peter Palfrader <weasel@debian.org> Tue, 30 Mar 2004 20:54:00 +0200
  261. tor (0.0.4-1) unstable; urgency=low
  262. * New upstream release (how the version numbers fly by :).
  263. -- Peter Palfrader <weasel@debian.org> Fri, 26 Mar 2004 23:46:09 +0100
  264. tor (0.0.3-1) unstable; urgency=low
  265. * New upstream release.
  266. * Also mention that tree.h is by Niels Provos in debian/copyright.
  267. -- Peter Palfrader <weasel@debian.org> Fri, 26 Mar 2004 20:36:08 +0100
  268. tor (0.0.2-1) unstable; urgency=low
  269. * New upstream release.
  270. * Uses strlcpy and strlcat by Todd C. Miller, mention him in
  271. debian/copyright.
  272. -- Peter Palfrader <weasel@debian.org> Fri, 19 Mar 2004 12:37:17 +0100
  273. tor (0.0.1+0.0.2pre27-1) unstable; urgency=low
  274. * New upstream release.
  275. -- Peter Palfrader <weasel@debian.org> Mon, 15 Mar 2004 05:19:16 +0100
  276. tor (0.0.1+0.0.2pre26-1) unstable; urgency=low
  277. * New upstream release.
  278. * Mention log and pidfile location in tor.1.
  279. -- Peter Palfrader <weasel@debian.org> Mon, 15 Mar 2004 02:21:29 +0100
  280. tor (0.0.1+0.0.2pre25-1) unstable; urgency=low
  281. * New upstream release.
  282. -- Peter Palfrader <weasel@debian.org> Thu, 4 Mar 2004 23:05:38 +0100
  283. tor (0.0.1+0.0.2pre24-1) unstable; urgency=low
  284. * New upstream release.
  285. * Do not strip binaries for now.
  286. * Add "# ulimit -c unlimited" to tor.default
  287. * Always enable DataDirectory.
  288. * Actually use dpatch now (to modify upstream torrc.in)
  289. * Wait for tor to die in init stop. Let the user know if it doesn't.
  290. -- Peter Palfrader <weasel@debian.org> Wed, 3 Mar 2004 14:10:25 +0100
  291. tor (0.0.1+0.0.2pre23-1) unstable; urgency=low
  292. * New upstream release.
  293. * The one test that always failed has been fixed: removed comment from
  294. rules file.
  295. -- Peter Palfrader <weasel@debian.org> Sun, 29 Feb 2004 12:36:33 +0100
  296. tor (0.0.1+0.0.2pre22-1) unstable; urgency=low
  297. * New upstream release.
  298. * Upstream has moved tor back to usr/bin, but we will keep it in
  299. usr/sbin. That's the right place and it doesn't break my tab
  300. completion there.
  301. -- Peter Palfrader <weasel@debian.org> Fri, 27 Feb 2004 01:59:09 +0100
  302. tor (0.0.1+0.0.2pre21-1) unstable; urgency=low
  303. * New upstream release.
  304. * 0.0.2pre20-2 removed the Recommends: on privoxy rather
  305. than tsocks (which is now required) by mistake. Fix that.
  306. * package description: Mention that the package starts the OP by default and
  307. that OR can be enabled in the config.
  308. * tor moved to sbin, updating init script.
  309. -- Peter Palfrader <weasel@debian.org> Wed, 18 Feb 2004 10:08:12 +0100
  310. tor (0.0.1+0.0.2pre20-2) unstable; urgency=low
  311. * Add torify script, documentation, and config file. Means we also
  312. depend on tsocks now rather than just recommending it. Right now
  313. we install it in debian/rules, but upcoming versions might install
  314. it in upstream's make install target.
  315. * There's an upstream ChangeLog file now. Enjoy!
  316. * Add a README.privoxy file that explains how to setup privoxy to
  317. go over tor.
  318. * As is the case too often, the INSTALL file not only covers
  319. installation, but also basic usage and configuration. Therefore
  320. include it in the docs dir.
  321. * Add a lintian override for the INSTALL file.
  322. -- Peter Palfrader <weasel@debian.org> Tue, 17 Feb 2004 02:32:00 +0100
  323. tor (0.0.1+0.0.2pre20-1) unstable; urgency=low
  324. * New upstream version.
  325. - various design paper updates
  326. - resolve cygwin warnings
  327. - split the token bucket into "rate" and "burst" params
  328. - try to resolve discrepency between bytes transmitted over TLS and actual
  329. bandwidth use
  330. - setuid to user _before_ complaining about running as root
  331. - fix several memleaks and double frees
  332. - minor logging fixes
  333. - add more debugging for logs.
  334. - various documentation fixes and improvements
  335. - for perforcmance testing, paths are always 3 hops, not "3 or more"
  336. (this will go away at a later date again)
  337. * Add dependency on adduser which was previously missing.
  338. * Change short description to a nicer one.
  339. -- Peter Palfrader <weasel@debian.org> Sat, 31 Jan 2004 10:10:45 +0100
  340. tor (0.0.1+0.0.2pre19-1) unstable; urgency=low
  341. * Initial Release (closes: #216611).
  342. -- Peter Palfrader <weasel@debian.org> Sat, 10 Jan 2004 11:20:06 +0100