Changelog for 0.2.4.25
This commit is contained in:
parent
d1c6b2cf11
commit
0c8acf1198
17
ChangeLog
17
ChangeLog
|
@ -1,3 +1,20 @@
|
||||||
|
Changes in version 0.2.4.25 - 2014-10-20
|
||||||
|
Tor 0.2.4.25 contains a response to the recent "POODLE" attack against
|
||||||
|
SSL3 (which doesn't affect Tor), and a response to a crash bug caused
|
||||||
|
by some operating systems' response to the "POODLE" attack (which does
|
||||||
|
affect Tor).
|
||||||
|
|
||||||
|
o Major security fixes (also in 0.2.5.9-rc):
|
||||||
|
- Disable support for SSLv3. All versions of OpenSSL in use with Tor
|
||||||
|
today support TLS 1.0 or later, so we can safely turn off support
|
||||||
|
for this old (and insecure) protocol. Fixes bug 13426.
|
||||||
|
|
||||||
|
o Major bugfixes (openssl bug workaround, also in 0.2.5.9-rc):
|
||||||
|
- Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
|
||||||
|
1.0.1j, built with the 'no-ssl3' configuration option. Fixes bug
|
||||||
|
13471. This is a workaround for an OpenSSL bug.
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.2.4.24 - 2014-09-22
|
Changes in version 0.2.4.24 - 2014-09-22
|
||||||
Tor 0.2.4.24 fixes a bug that affects consistency and speed when
|
Tor 0.2.4.24 fixes a bug that affects consistency and speed when
|
||||||
connecting to hidden services, and it updates the location of one of
|
connecting to hidden services, and it updates the location of one of
|
||||||
|
|
Loading…
Reference in New Issue