sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Copy changelog entries from the 0.2.6 changelog into the 0.2.5.11 changelog

This commit is contained in:
Nick Mathewson 2015-03-09 15:42:39 -04:00
parent b0fff2a9c5
commit 2f962b9309
18 changed files with 74 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
ChangeLog
View File

@ -1,3 +1,77 @@
Changes in version 0.2.5.11 - 2015-03-??
Tor 0.2.5.11 is the second stable release in the 0.2.5 series.
It backports several bugfixes from the 0.2.6 branch, including a
couple of medium-level security fixes for relays and exit nodes.
o Directory authority changes:
- Remove turtles as a directory authority.
- Add longclaw as a new (v3) directory authority. This implements
ticket 13296. This keeps the directory authority count at 9.
- The directory authority Faravahar has a new IP address. This
closes ticket 14487.
o Major bugfixes (relay, stability, possible security):
- Fix a bug that could lead to a relay crashing with an assertion
failure if a buffer of exactly the wrong layout was passed to
buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
0.2.0.10-alpha. Patch from 'cypherpunks'.
- Do not assert if the 'data' pointer on a buffer is advanced to the
very end of the buffer; log a BUG message instead. Only assert if
it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
o Major bugfixes (exit node stability):
- Fix an assertion failure that could occur under high DNS load.
Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr";
diagnosed and fixed by "cypherpunks".
o Major bugfixes (Linux seccomp2 sandbox):
- Upon receiving sighup with the seccomp2 sandbox enabled, do not
crash during attempts to call wait4. Fixes bug 15088; bugfix on
0.2.5.1-alpha. Patch from "sanic".
o Minor features (controller):
- New "GETINFO bw-event-cache" to get information about recent
bandwidth events. Closes ticket 14128. Useful for controllers to
get recent bandwidth history after the fix for ticket 13988.
o Minor features (geoip):
- Update geoip and geoip6 files to the January 7 2015 Maxmind
GeoLite2 Country database.
o Minor bugfixes (client, automapping):
- Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when
no value follows the option. Fixes bug 14142; bugfix on
0.2.4.7-alpha. Patch by "teor".
- Fix a memory leak when using AutomapHostsOnResolve. Fixes bug
14195; bugfix on 0.1.0.1-rc.
o Minor bugfixes (compilation):
- Build without warnings with the stock OpenSSL srtp.h header, which
has a duplicate declaration of SSL_get_selected_srtp_profile().
Fixes bug 14220; this is OpenSSL's bug, not ours.
o Minor bugfixes (directory authority):
- Allow directory authorities to fetch more data from one another if
they find themselves missing lots of votes. Previously, they had
been bumping against the 10 MB queued data limit. Fixes bug 14261;
bugfix on 0.1.2.5-alpha.
- Enlarge the buffer to read bwauth generated files to avoid an
issue when parsing the file in dirserv_read_measured_bandwidths().
Fixes bug 14125; bugfix on 0.2.2.1-alpha.
o Minor bugfixes (statistics):
- Increase period over which bandwidth observations are aggregated
from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
o Minor bugfixes (preventative security, C safety):
- When reading a hexadecimal, base-32, or base-64 encoded value from
a string, always overwrite the whole output buffer. This prevents
some bugs where we would look at (but fortunately, not reveal)
uninitialized memory on the stack. Fixes bug 14013; bugfix on all
versions of Tor.
Changes in version 0.2.5.10 - 2014-10-24
Tor 0.2.5.10 is the first stable release in the 0.2.5 series.

5
changes/bug13296
View File

@ -1,5 +0,0 @@
o Directory authority changes:
- Remove turtles as a directory authority.
- Add longclaw as a new (v3) directory authority. This implements
ticket 13296. This keeps the directory authority count at 9.

3
changes/bug13988
View File

@ -1,3 +0,0 @@
o Minor bugfixes (statistics):
- Increase period over which bandwidth observations are aggregated
from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.

6
changes/bug14013
View File

@ -1,6 +0,0 @@
o Major bugfixes:
- When reading a hexadecimal, base-32, or base-64 encoded value
from a string, always overwrite the complete output buffer. This
prevents some bugs where we would look at (but fortunately, not
reveal) uninitialized memory on the stack. Fixes bug 14013;
bugfix on all versions of Tor.

5
changes/bug14125
View File

@ -1,5 +0,0 @@
o Minor bugfixes (dirauth):
- Enlarge the buffer to read bw-auth generated files to avoid an
issue when parsing the file in dirserv_read_measured_bandwidths().
Bugfix on 0.2.2.1-alpha, fixes #14125.

7
changes/bug14129
View File

@ -1,7 +0,0 @@
o Major bugfixes (exit node stability):
- Fix an assertion failure that could occur under high DNS load. Fixes
bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed
by "cypherpunks".

7
changes/bug14142-parse-virtual-addr
View File

@ -1,7 +0,0 @@
o Minor bugfixes (client):
- Check for a missing option value in parse_virtual_addr_network
before asserting on the NULL in tor_addr_parse_mask_ports.
This avoids crashing on torrc lines like
Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option.
Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142.
Patch by "teor".

3
changes/bug14195
View File

@ -1,3 +0,0 @@
o Minor bugfixes (client):
- Fix a memory leak when using AutomapHostsOnResolve.
Fixes bug 14195; bugfix on 0.1.0.1-rc.

4
changes/bug14220
View File

@ -1,4 +0,0 @@
o Minor bugfixes (compilation):
- Build without warnings with the stock OpenSSL srtp.h header,
which has a duplicate declaration of SSL_get_selected_srtp_profile().
Fixes bug 14220; this is OpenSSL's bug, not ours.

5
changes/bug14261
View File

@ -1,5 +0,0 @@
O Minor bugfixes (directory authority):
- Allow directory authorities to fetch more data from one
another if they find themselves missing lots of votes.
Previously, they had been bumping against the 10 MB queued
data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha.

10
changes/bug15083
View File

@ -1,10 +0,0 @@
o Major bugfixes (relay, stability, possible security):
- Fix a bug that could lead to a relay crashing with an assertion
failure if a buffer of exactly the wrong layout was passed
to buf_pullup() at exactly the wrong time. Fixes bug 15083;
bugfix on 0.2.0.10-alpha. Patch from 'cypherpunks'.
- Do not assert if the 'data' pointer on a buffer is advanced to the very
end of the buffer; log a BUG message instead. Only assert if it is
past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.

4
changes/bug15088
View File

@ -1,4 +0,0 @@
o Minor bugfixes (Linux seccomp2 sandbox):
- Upon receiving sighup, do not crash during attempts to call
wait4. Fixes bug 15088; bugfix on 0.2.5.1-alpha. Patch from
"sanic".

3
changes/geoip-january2015
View File

@ -1,3 +0,0 @@
o Minor features:
- Update geoip to the January 7 2015 Maxmind GeoLite2 Country database.

3
changes/geoip-november2014
View File

@ -1,3 +0,0 @@
o Minor features:
- Update geoip to the November 15 2014 Maxmind GeoLite2 Country database.

2
changes/geoip6-january2015
View File

@ -1,2 +0,0 @@
o Minor features:
- Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database.

3
changes/geoip6-november2014
View File

@ -1,3 +0,0 @@
o Minor features:
- Update geoip6 to the November 15 2014 Maxmind GeoLite2 Country database.

5
changes/ticket14128
View File

@ -1,5 +0,0 @@
o Minor features (controller):
- New "GETINFO bw-event-cache" to get information about recent bandwidth
events. Closes ticket 14128. Useful for controllers to get recent
bandwidth history after the fix for 13988.

3
changes/ticket14487
View File

@ -1,3 +0,0 @@
o Directory authority IP change:
- The directory authority Faravahar has a new IP address. Closes
ticket 14487.