final changelog cleanup. it'll do.
This commit is contained in:
parent
9be473b82f
commit
2cb9ed2cd3
26
ChangeLog
26
ChangeLog
|
@ -1,8 +1,8 @@
|
||||||
Changes in version 0.2.1.29 - 2011-01-15
|
Changes in version 0.2.1.29 - 2011-01-15
|
||||||
Tor 0.2.1.29 continues our recent code security audit work. The main
|
Tor 0.2.1.29 continues our recent code security audit work. The main
|
||||||
fix resolves a remote heap overflow vulnerability that can allow remote
|
fix resolves a remote heap overflow vulnerability that can allow remote
|
||||||
code execution (CVE-2011-0427). Other fixes address a variety of assert
|
code execution. Other fixes address a variety of assert and crash bugs,
|
||||||
and crash bugs, most of which we think are hard to exploit remotely.
|
most of which we think are hard to exploit remotely.
|
||||||
|
|
||||||
o Major bugfixes (security):
|
o Major bugfixes (security):
|
||||||
- Fix a heap overflow bug where an adversary could cause heap
|
- Fix a heap overflow bug where an adversary could cause heap
|
||||||
|
@ -11,10 +11,12 @@ Changes in version 0.2.1.29 - 2011-01-15
|
||||||
0.1.2.10-rc.
|
0.1.2.10-rc.
|
||||||
- Prevent a denial-of-service attack by disallowing any
|
- Prevent a denial-of-service attack by disallowing any
|
||||||
zlib-compressed data whose compression factor is implausibly
|
zlib-compressed data whose compression factor is implausibly
|
||||||
high. Fixes part of bug 2324; reported by "doors".
|
high. Fixes part of bug 2324; reported by "doorss".
|
||||||
- Zero out a few more keys in memory before freeing them. Fixes bug
|
- Zero out a few more keys in memory before freeing them. Fixes
|
||||||
2384 and part of bug 2385. These key instances found by
|
bug 2384 and part of bug 2385. These key instances found by
|
||||||
"cypherpunks". Bugfix on 0.0.2pre9.
|
"cypherpunks", based on Andrew Case's report about being able
|
||||||
|
to find sensitive data in Tor's memory space if you have enough
|
||||||
|
permissions. Bugfix on 0.0.2pre9.
|
||||||
|
|
||||||
o Major bugfixes (crashes):
|
o Major bugfixes (crashes):
|
||||||
- Prevent calls to Libevent from inside Libevent log handlers.
|
- Prevent calls to Libevent from inside Libevent log handlers.
|
||||||
|
@ -26,11 +28,11 @@ Changes in version 0.2.1.29 - 2011-01-15
|
||||||
underflow errors there too. Fixes the other part of bug 2324.
|
underflow errors there too. Fixes the other part of bug 2324.
|
||||||
- Fix a bug where we would assert if we ever had a
|
- Fix a bug where we would assert if we ever had a
|
||||||
cached-descriptors.new file (or another file read directly into
|
cached-descriptors.new file (or another file read directly into
|
||||||
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
|
memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix
|
||||||
bug 2326; bugfix on 0.2.1.25.
|
on 0.2.1.25. Found by doorss.
|
||||||
- Fix some potential asserts and parsing issues with grossly
|
- Fix some potential asserts and parsing issues with grossly
|
||||||
malformed router caches. Fixes bug 2352. Found by doorss. Bugfix
|
malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27.
|
||||||
on Tor 0.2.1.27.
|
Found by doorss.
|
||||||
|
|
||||||
o Minor bugfixes (other):
|
o Minor bugfixes (other):
|
||||||
- Fix a bug with handling misformed replies to reverse DNS lookup
|
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||||
|
@ -42,8 +44,8 @@ Changes in version 0.2.1.29 - 2011-01-15
|
||||||
- Fix a bug where we would declare that we had run out of virtual
|
- Fix a bug where we would declare that we had run out of virtual
|
||||||
addresses when the address space was only half-exhausted. Bugfix
|
addresses when the address space was only half-exhausted. Bugfix
|
||||||
on 0.1.2.1-alpha.
|
on 0.1.2.1-alpha.
|
||||||
- Correctly handle the case where AutomapHostsOnResolve is set but no
|
- Correctly handle the case where AutomapHostsOnResolve is set but
|
||||||
virtual addresses are available. Fixes bug2328, bugfix on
|
no virtual addresses are available. Fixes bug 2328; bugfix on
|
||||||
0.1.2.1-alpha. Bug found by doorss.
|
0.1.2.1-alpha. Bug found by doorss.
|
||||||
- Correctly handle wrapping around to when we run out of virtual
|
- Correctly handle wrapping around to when we run out of virtual
|
||||||
address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
||||||
|
|
Loading…
Reference in New Issue