From 2f962b9309cade8ddf793d9aa5c900f381b97173 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 9 Mar 2015 15:42:39 -0400 Subject: [PATCH] Copy changelog entries from the 0.2.6 changelog into the 0.2.5.11 changelog --- ChangeLog | 74 +++++++++++++++++++++++++++++ changes/bug13296 | 5 -- changes/bug13988 | 3 -- changes/bug14013 | 6 --- changes/bug14125 | 5 -- changes/bug14129 | 7 --- changes/bug14142-parse-virtual-addr | 7 --- changes/bug14195 | 3 -- changes/bug14220 | 4 -- changes/bug14261 | 5 -- changes/bug15083 | 10 ---- changes/bug15088 | 4 -- changes/geoip-january2015 | 3 -- changes/geoip-november2014 | 3 -- changes/geoip6-january2015 | 2 - changes/geoip6-november2014 | 3 -- changes/ticket14128 | 5 -- changes/ticket14487 | 3 -- 18 files changed, 74 insertions(+), 78 deletions(-) delete mode 100644 changes/bug13296 delete mode 100644 changes/bug13988 delete mode 100644 changes/bug14013 delete mode 100644 changes/bug14125 delete mode 100644 changes/bug14129 delete mode 100644 changes/bug14142-parse-virtual-addr delete mode 100644 changes/bug14195 delete mode 100644 changes/bug14220 delete mode 100644 changes/bug14261 delete mode 100644 changes/bug15083 delete mode 100644 changes/bug15088 delete mode 100644 changes/geoip-january2015 delete mode 100644 changes/geoip-november2014 delete mode 100644 changes/geoip6-january2015 delete mode 100644 changes/geoip6-november2014 delete mode 100644 changes/ticket14128 delete mode 100644 changes/ticket14487 diff --git a/ChangeLog b/ChangeLog index 3daba3e7e..46014ac98 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,77 @@ +Changes in version 0.2.5.11 - 2015-03-?? + Tor 0.2.5.11 is the second stable release in the 0.2.5 series. + + It backports several bugfixes from the 0.2.6 branch, including a + couple of medium-level security fixes for relays and exit nodes. + + o Directory authority changes: + - Remove turtles as a directory authority. + - Add longclaw as a new (v3) directory authority. This implements + ticket 13296. This keeps the directory authority count at 9. + - The directory authority Faravahar has a new IP address. This + closes ticket 14487. + + o Major bugfixes (relay, stability, possible security): + - Fix a bug that could lead to a relay crashing with an assertion + failure if a buffer of exactly the wrong layout was passed to + buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on + 0.2.0.10-alpha. Patch from 'cypherpunks'. + - Do not assert if the 'data' pointer on a buffer is advanced to the + very end of the buffer; log a BUG message instead. Only assert if + it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha. + + o Major bugfixes (exit node stability): + - Fix an assertion failure that could occur under high DNS load. + Fixes bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; + diagnosed and fixed by "cypherpunks". + + o Major bugfixes (Linux seccomp2 sandbox): + - Upon receiving sighup with the seccomp2 sandbox enabled, do not + crash during attempts to call wait4. Fixes bug 15088; bugfix on + 0.2.5.1-alpha. Patch from "sanic". + + o Minor features (controller): + - New "GETINFO bw-event-cache" to get information about recent + bandwidth events. Closes ticket 14128. Useful for controllers to + get recent bandwidth history after the fix for ticket 13988. + + o Minor features (geoip): + - Update geoip and geoip6 files to the January 7 2015 Maxmind + GeoLite2 Country database. + + o Minor bugfixes (client, automapping): + - Avoid crashing on torrc lines for VirtualAddrNetworkIPv[4|6] when + no value follows the option. Fixes bug 14142; bugfix on + 0.2.4.7-alpha. Patch by "teor". + - Fix a memory leak when using AutomapHostsOnResolve. Fixes bug + 14195; bugfix on 0.1.0.1-rc. + + o Minor bugfixes (compilation): + - Build without warnings with the stock OpenSSL srtp.h header, which + has a duplicate declaration of SSL_get_selected_srtp_profile(). + Fixes bug 14220; this is OpenSSL's bug, not ours. + + o Minor bugfixes (directory authority): + - Allow directory authorities to fetch more data from one another if + they find themselves missing lots of votes. Previously, they had + been bumping against the 10 MB queued data limit. Fixes bug 14261; + bugfix on 0.1.2.5-alpha. + - Enlarge the buffer to read bwauth generated files to avoid an + issue when parsing the file in dirserv_read_measured_bandwidths(). + Fixes bug 14125; bugfix on 0.2.2.1-alpha. + + o Minor bugfixes (statistics): + - Increase period over which bandwidth observations are aggregated + from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. + + o Minor bugfixes (preventative security, C safety): + - When reading a hexadecimal, base-32, or base-64 encoded value from + a string, always overwrite the whole output buffer. This prevents + some bugs where we would look at (but fortunately, not reveal) + uninitialized memory on the stack. Fixes bug 14013; bugfix on all + versions of Tor. + + Changes in version 0.2.5.10 - 2014-10-24 Tor 0.2.5.10 is the first stable release in the 0.2.5 series. diff --git a/changes/bug13296 b/changes/bug13296 deleted file mode 100644 index d6fe038c3..000000000 --- a/changes/bug13296 +++ /dev/null @@ -1,5 +0,0 @@ - o Directory authority changes: - - Remove turtles as a directory authority. - - Add longclaw as a new (v3) directory authority. This implements - ticket 13296. This keeps the directory authority count at 9. - diff --git a/changes/bug13988 b/changes/bug13988 deleted file mode 100644 index e816335a3..000000000 --- a/changes/bug13988 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (statistics): - - Increase period over which bandwidth observations are aggregated - from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1. diff --git a/changes/bug14013 b/changes/bug14013 deleted file mode 100644 index 640cf859f..000000000 --- a/changes/bug14013 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - When reading a hexadecimal, base-32, or base-64 encoded value - from a string, always overwrite the complete output buffer. This - prevents some bugs where we would look at (but fortunately, not - reveal) uninitialized memory on the stack. Fixes bug 14013; - bugfix on all versions of Tor. diff --git a/changes/bug14125 b/changes/bug14125 deleted file mode 100644 index fe6821a33..000000000 --- a/changes/bug14125 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (dirauth): - - Enlarge the buffer to read bw-auth generated files to avoid an - issue when parsing the file in dirserv_read_measured_bandwidths(). - Bugfix on 0.2.2.1-alpha, fixes #14125. - diff --git a/changes/bug14129 b/changes/bug14129 deleted file mode 100644 index 6153cd84f..000000000 --- a/changes/bug14129 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (exit node stability): - - - Fix an assertion failure that could occur under high DNS load. Fixes - bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed - by "cypherpunks". - - diff --git a/changes/bug14142-parse-virtual-addr b/changes/bug14142-parse-virtual-addr deleted file mode 100644 index f78b7c7d8..000000000 --- a/changes/bug14142-parse-virtual-addr +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (client): - - Check for a missing option value in parse_virtual_addr_network - before asserting on the NULL in tor_addr_parse_mask_ports. - This avoids crashing on torrc lines like - Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option. - Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142. - Patch by "teor". diff --git a/changes/bug14195 b/changes/bug14195 deleted file mode 100644 index d2b82f31b..000000000 --- a/changes/bug14195 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (client): - - Fix a memory leak when using AutomapHostsOnResolve. - Fixes bug 14195; bugfix on 0.1.0.1-rc. diff --git a/changes/bug14220 b/changes/bug14220 deleted file mode 100644 index 51cfa502b..000000000 --- a/changes/bug14220 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Build without warnings with the stock OpenSSL srtp.h header, - which has a duplicate declaration of SSL_get_selected_srtp_profile(). - Fixes bug 14220; this is OpenSSL's bug, not ours. diff --git a/changes/bug14261 b/changes/bug14261 deleted file mode 100644 index 1260ccba1..000000000 --- a/changes/bug14261 +++ /dev/null @@ -1,5 +0,0 @@ - O Minor bugfixes (directory authority): - - Allow directory authorities to fetch more data from one - another if they find themselves missing lots of votes. - Previously, they had been bumping against the 10 MB queued - data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha. diff --git a/changes/bug15083 b/changes/bug15083 deleted file mode 100644 index 5cc79b5ba..000000000 --- a/changes/bug15083 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes (relay, stability, possible security): - - Fix a bug that could lead to a relay crashing with an assertion - failure if a buffer of exactly the wrong layout was passed - to buf_pullup() at exactly the wrong time. Fixes bug 15083; - bugfix on 0.2.0.10-alpha. Patch from 'cypherpunks'. - - - Do not assert if the 'data' pointer on a buffer is advanced to the very - end of the buffer; log a BUG message instead. Only assert if it is - past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha. - diff --git a/changes/bug15088 b/changes/bug15088 deleted file mode 100644 index 95878bdb3..000000000 --- a/changes/bug15088 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Upon receiving sighup, do not crash during attempts to call - wait4. Fixes bug 15088; bugfix on 0.2.5.1-alpha. Patch from - "sanic". diff --git a/changes/geoip-january2015 b/changes/geoip-january2015 deleted file mode 100644 index 67324f27f..000000000 --- a/changes/geoip-january2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the January 7 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip-november2014 b/changes/geoip-november2014 deleted file mode 100644 index 52cbeb3e4..000000000 --- a/changes/geoip-november2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the November 15 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-january2015 b/changes/geoip6-january2015 deleted file mode 100644 index b86fe2be5..000000000 --- a/changes/geoip6-january2015 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features: - - Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database. diff --git a/changes/geoip6-november2014 b/changes/geoip6-november2014 deleted file mode 100644 index e91fcc0d3..000000000 --- a/changes/geoip6-november2014 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the November 15 2014 Maxmind GeoLite2 Country database. - diff --git a/changes/ticket14128 b/changes/ticket14128 deleted file mode 100644 index 38b25fa7d..000000000 --- a/changes/ticket14128 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (controller): - - New "GETINFO bw-event-cache" to get information about recent bandwidth - events. Closes ticket 14128. Useful for controllers to get recent - bandwidth history after the fix for 13988. - diff --git a/changes/ticket14487 b/changes/ticket14487 deleted file mode 100644 index 577337ff2..000000000 --- a/changes/ticket14487 +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority IP change: - - The directory authority Faravahar has a new IP address. Closes - ticket 14487.