diff --git a/changes/bug20711 b/changes/bug20711 deleted file mode 100644 index 0bc0d94fb..000000000 --- a/changes/bug20711 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (directory mirrors): - - Allow relays to use directory mirrors without a DirPort: these relays - need to be contacted over their ORPorts using a begindir connection. - Fixes bug 20711; bugfix on 0.2.8.2-alpha. - - Clarify the message logged when a remote relay is unexpectedly missing - an ORPort or DirPort: users were confusing this with a local port. - Fixes bug 20711; bugfix on 0.2.8.2-alpha. diff --git a/changes/bug20894 b/changes/bug20894 deleted file mode 100644 index 2dbf9b9aa..000000000 --- a/changes/bug20894 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (HTTP, parsing): - - When parsing a malformed content-length field from an HTTP message, - do not read off the end of the buffer. This bug was a potential - remote denial-of-service attack against Tor clients and relays. - A workaround was released in October 2016, which prevents this - bug from crashing Tor. This is a fix for the underlying issue, - which should no longer matter (if you applied the earlier patch). - Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing - using AFL (http://lcamtuf.coredump.cx/afl/). diff --git a/changes/bug21007_case2 b/changes/bug21007_case2 deleted file mode 100644 index 43344449e..000000000 --- a/changes/bug21007_case2 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (guards): - - Don't warn about a missing guard state on timeout-measurement - circuits: they aren't supposed to be using guards. Fixes an - instance of bug 21007; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug21027 b/changes/bug21027 deleted file mode 100644 index d20df876f..000000000 --- a/changes/bug21027 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (bridges): - - - When the same bridge is configured multiple times at different - address:port combinations (but with the same identity), treat - those bridge instances as separate guards. This allows clients to - configure the same bridge with multiple pluggable transports, once - again. Fixes bug 21027; bugfix on 0.3.0.1-alpha. - diff --git a/changes/bug21116 b/changes/bug21116 deleted file mode 100644 index 6c94f8ff9..000000000 --- a/changes/bug21116 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (test): - - Fix Raspbian build missing socket errno in test util. Fixes bug 21116; - bugfix on tor-0.2.8.2. Patch by "hein". diff --git a/changes/bug21278_extras b/changes/bug21278_extras deleted file mode 100644 index 73eac67e4..000000000 --- a/changes/bug21278_extras +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (code correctness): - - Repair a couple of (unreachable or harmless) cases of the risky - comparison-by-subtraction pattern that caused bug 21278. - diff --git a/changes/bug21278_prevention b/changes/bug21278_prevention deleted file mode 100644 index 37f84cbdc..000000000 --- a/changes/bug21278_prevention +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authority): - - Directory authorities now reject descriptors that claim to be - malformed versions of Tor. Helps prevent exploitation of bug 21278. - diff --git a/changes/bug21369_check b/changes/bug21369_check deleted file mode 100644 index 2cd808c9b..000000000 --- a/changes/bug21369_check +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (reliability, crash): - - Try better to detect problems in buffers where they might grow (or - think they have grown) over 2 GB in size. Diagnostic for bug 21369. diff --git a/changes/bug21420 b/changes/bug21420 deleted file mode 100644 index 014404466..000000000 --- a/changes/bug21420 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (certificate expiration time): - - Avoid using link certificates that don't become valid till - some time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha diff --git a/changes/bug21447 b/changes/bug21447 deleted file mode 100644 index c025b9231..000000000 --- a/changes/bug21447 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Rename "make fuzz" to "make test-fuzz-corpora", since it doesn't - actually fuzz anything. Fixes bug 21447; bugfix on 0.3.0.3-alpha. - diff --git a/changes/bug21450 b/changes/bug21450 deleted file mode 100644 index a1cf89ab4..000000000 --- a/changes/bug21450 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (voting consistency): - - Reject version numbers with components that exceed INT32_MAX. - Otherwise 32-bit and 64-bit platforms would behave inconsistently. - Fixes bug 21450; bugfix on 0.0.8pre1. diff --git a/changes/bug21471 b/changes/bug21471 deleted file mode 100644 index 677e21b0e..000000000 --- a/changes/bug21471 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (hidden service directory v3): - - When a descriptor lookup was done and it was not found in the directory - cache, it would crash on a NULL pointer instead of returning the 404 - code back to the client like it was suppose to. Fixes bug 21471; - bugfixes on tor-0.3.0.1-alpha. diff --git a/changes/bug21472 b/changes/bug21472 deleted file mode 100644 index f31ec9157..000000000 --- a/changes/bug21472 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: - - Small fixes to the fuzzing documentation. Closes ticket - 21472. diff --git a/changes/bug21492 b/changes/bug21492 deleted file mode 100644 index 2ed794777..000000000 --- a/changes/bug21492 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (correctness): - - Remove a redundant check for the UseEntryGuards option from the - options_transition_affects_guards() function. Fixes bug 21492; - bugfix on 0.3.0.1-alpha. - diff --git a/changes/bug21553 b/changes/bug21553 deleted file mode 100644 index 2da167e04..000000000 --- a/changes/bug21553 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (hidden service): - - When encoding a legacy ESTABLISH_INTRO cell, we were using the sizeof() - on a pointer instead of real size of the destination buffer leading to - an overflow passing an enormous value to the signing digest function. - Fortunately, that value was only used to make sure the destination - buffer length was big enough for the key size and in this case it was. - Fixes bug 21553; bugfix on 0.3.0.1-alpha. diff --git a/changes/bug21562 b/changes/bug21562 deleted file mode 100644 index 930d991e8..000000000 --- a/changes/bug21562 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (testing): - - Use bash in src/test/test-network.sh. This ensures we reliably call - chutney's newer tools/test-network.sh when available. - Fixes bug 21562; bugfix on 0.2.9.1-alpha. diff --git a/changes/feature21570 b/changes/feature21570 deleted file mode 100644 index 40555eefa..000000000 --- a/changes/feature21570 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (testing): - - During 'make test-network-all', if tor logs any warnings, ask chutney - to output them. Requires a recent version of chutney with the 21572 - patch. - Implements 21570. diff --git a/changes/geoip-february2017 b/changes/geoip-february2017 deleted file mode 100644 index f8a490916..000000000 --- a/changes/geoip-february2017 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (geoip): - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - diff --git a/changes/ticket20656 b/changes/ticket20656 deleted file mode 100644 index 28192e897..000000000 --- a/changes/ticket20656 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (protover): - - Add new protocol version for proposal 224. HSIntro now advertises - version "3-4" and HSDir version "1-2". Fixes ticket 20656. diff --git a/changes/trove-2017-001.2 b/changes/trove-2017-001.2 deleted file mode 100644 index 3ef073cf9..000000000 --- a/changes/trove-2017-001.2 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (parsing): - - Fix an integer underflow bug when comparing malformed Tor versions. - This bug is harmless, except when Tor has been built with - --enable-expensive-hardening, which would turn it into a crash; - or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with - -ftrapv by default. - Part of TROVE-2017-001. Fixes bug 21278; bugfix on - 0.0.8pre1. Found by OSS-Fuzz.