Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

find all those stanzas in master too

Roger Dingledine 13 years ago
parent
425e4236c6
commit
6258013e41
2 changed files with 22 additions and 22 deletions
Split View Show Diff Stats
  1. 13 13
      ChangeLog
  2. 9 9
      ReleaseNotes

+ 13 - 13
ChangeLog
View File 

@@ -16,10 +16,10 @@ Changes in version 0.2.3.6-alpha - 2011-10-26
 
 
   o Privacy/anonymity fixes (clients):
 
     - Clients and bridges no longer send TLS certificate chains on
 
-      outgoing OR connections. Previously, each client or bridge
 
-      would use the same cert chain for all outgoing OR connections
 
-      for up to 24 hours, which allowed any relay that the client or
 
-      bridge contacted to determine which entry guards it is using.
 
+      outgoing OR connections. Previously, each client or bridge would
 
+      use the same cert chain for all outgoing OR connections until
 
+      its IP address changes, which allowed any relay that the client
 
+      or bridge contacted to determine which entry guards it is using.
 
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
 
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
 
       no longer considers that connection as suitable for satisfying a
 
@@ -160,10 +160,10 @@ Changes in version 0.2.2.34 - 2011-10-26
 
 
   o Privacy/anonymity fixes (clients):
 
     - Clients and bridges no longer send TLS certificate chains on
 
-      outgoing OR connections. Previously, each client or bridge
 
-      would use the same cert chain for all outgoing OR connections
 
-      for up to 24 hours, which allowed any relay that the client or
 
-      bridge contacted to determine which entry guards it is using.
 
+      outgoing OR connections. Previously, each client or bridge would
 
+      use the same cert chain for all outgoing OR connections until
 
+      its IP address changes, which allowed any relay that the client
 
+      or bridge contacted to determine which entry guards it is using.
 
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
 
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
 
       no longer considers that connection as suitable for satisfying a
 
@@ -264,11 +264,11 @@ Changes in version 0.2.1.31 - 2011-10-26
 
 
   o Privacy/anonymity fixes (also included in 0.2.2.x):
 
     - Clients and bridges no longer send TLS certificate chains on
 
-      outgoing OR connections. Previously, each client or bridge
 
-      would use the same cert chain for all outgoing OR connections
 
-      for up to 24 hours, which allowed any relay that the client or
 
-      bridge contacted to determine which entry guards it is using.
 
-      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
 
+      outgoing OR connections. Previously, each client or bridge would
 
+      use the same cert chain for all outgoing OR connections until
 
+      its IP address changes, which allowed any relay that the client
 
+      or bridge contacted to determine which entry guards it is using.
 
+      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
 
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
 
       no longer considers that connection as suitable for satisfying a
 
       circuit EXTEND request. Now relays can protect clients from the

+ 9 - 9
ReleaseNotes
View File 

@@ -32,10 +32,10 @@ Changes in version 0.2.2.34 - 2011-10-26
 
 
   o Privacy/anonymity fixes (clients):
 
     - Clients and bridges no longer send TLS certificate chains on
 
-      outgoing OR connections. Previously, each client or bridge
 
-      would use the same cert chain for all outgoing OR connections
 
-      for up to 24 hours, which allowed any relay that the client or
 
-      bridge contacted to determine which entry guards it is using.
 
+      outgoing OR connections. Previously, each client or bridge would
 
+      use the same cert chain for all outgoing OR connections until
 
+      its IP address changes, which allowed any relay that the client
 
+      or bridge contacted to determine which entry guards it is using.
 
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
 
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
 
       no longer considers that connection as suitable for satisfying a
 
@@ -136,11 +136,11 @@ Changes in version 0.2.1.31 - 2011-10-26
 
 
   o Privacy/anonymity fixes (also included in 0.2.2.x):
 
     - Clients and bridges no longer send TLS certificate chains on
 
-      outgoing OR connections. Previously, each client or bridge
 
-      would use the same cert chain for all outgoing OR connections
 
-      for up to 24 hours, which allowed any relay that the client or
 
-      bridge contacted to determine which entry guards it is using.
 
-      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
 
+      outgoing OR connections. Previously, each client or bridge would
 
+      use the same cert chain for all outgoing OR connections until
 
+      its IP address changes, which allowed any relay that the client
 
+      or bridge contacted to determine which entry guards it is using.
 
+      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
 
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
 
       no longer considers that connection as suitable for satisfying a
 
       circuit EXTEND request. Now relays can protect clients from the