repeat overlapping changelog entries
This commit is contained in:
Roger Dingledine
parent
7454fe3d98
commit
34d457ea7d
65
ChangeLog
65
ChangeLog
|
|
@ -1,3 +1,68 @@
|
|||
Changes in version 0.2.2.21-alpha - 2011-01-15
|
||||
o Major bugfixes (security):
|
||||
- Fix a heap overflow bug where an adversary could cause heap
|
||||
corruption. This bug probably allows remote code execution
|
||||
attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on
|
||||
0.1.2.10-rc.
|
||||
- Prevent a denial-of-service attack by disallowing any
|
||||
zlib-compressed data whose compression factor is implausibly
|
||||
high. Fixes part of bug 2324; reported by "doors".
|
||||
- Zero out a few more keys in memory before freeing them. Fixes bug
|
||||
2384 and part of bug 2385. These key instances found by
|
||||
"cypherpunks". Bugfix on 0.0.2pre9.
|
||||
|
||||
o Major bugfixes (crashes):
|
||||
- Prevent calls to Libevent from inside Libevent log handlers.
|
||||
This had potential to cause a nasty set of crashes, especially
|
||||
if running Libevent with debug logging enabled, and running
|
||||
Tor with a controller watching for low-severity log messages.
|
||||
Bugfix on 0.1.0.2-rc. Fixes bug 2190.
|
||||
- Add a check for SIZE_T_MAX to tor_realloc() to try to avoid
|
||||
underflow errors there too. Fixes the other part of bug 2324.
|
||||
- Fix a bug where we would assert if we ever had a
|
||||
cached-descriptors.new file (or another file read directly into
|
||||
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
|
||||
bug 2326; bugfix on 0.2.1.25.
|
||||
- Fix some potential asserts and parsing issues with grossly
|
||||
malformed router caches. Fixes bug 2352. Found by doorss. Bugfix
|
||||
on Tor 0.2.1.27.
|
||||
|
||||
o Minor bugfixes (other):
|
||||
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a
|
||||
bug reported by doorss.
|
||||
- Fix compilation on mingw when a pthreads compatibility library
|
||||
has been installed. (We don't want to use it, so we shouldn't
|
||||
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
|
||||
- Fix a bug where we would declare that we had run out of virtual
|
||||
addresses when the address space was only half-exhausted. Bugfix
|
||||
on 0.1.2.1-alpha.
|
||||
- Correctly handle the case where AutomapHostsOnResolve is set but no
|
||||
virtual addresses are available. Fixes bug2328, bugfix on
|
||||
0.1.2.1-alpha. Bug found by doorss.
|
||||
- Correctly handle wrapping around to when we run out of virtual
|
||||
address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
||||
- The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c
|
||||
because we built it with a too-old version of automake. Thus that
|
||||
release broke ./configure --enable-openbsd-malloc, which is popular
|
||||
among really fast exit relays on Linux.
|
||||
|
||||
o Minor features:
|
||||
- Update to the January 1 2011 Maxmind GeoLite Country database.
|
||||
- Introduce output size checks on all of our decryption functions.
|
||||
|
||||
o Build changes:
|
||||
- Tor does not build packages correctly with Automake 1.6 and earlier;
|
||||
added a check to Makefile.am to make sure that we're building with
|
||||
Automake 1.7 or later.
|
||||
|
||||
o Minor bugfixes
|
||||
- Make Libevent log messages get delievered to controllers later,
|
||||
and not from inside the Libevent log handler. This prevents
|
||||
unsafe reentrant Libevent calls while still letting the log
|
||||
messages get through.
|
||||
|
||||
|
||||
Changes in version 0.2.2.20-alpha - 2010-12-17
|
||||
Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely
|
||||
exploitable bugs. We also fix a variety of other significant bugs,
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Prevent calls from Libevent from inside Libevent log handlers.
|
||||
This had potential to cause a nasty set of crashes, especially if
|
||||
running Libevent with debug logging enabled, and running Tor
|
||||
with a controller watching for low-severity log messages.
|
||||
Bugfix on 0.1.0.2-rc. Fixes bug 2190.
|
||||
- Make Libevent log messages get delievered to controllers later,
|
||||
and not from inside the Libevent log handler. This prevents
|
||||
unsafe reentrant Libevent calls while still letting the log
|
||||
messages get through.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Build changes
|
||||
- Tor does not build packages correctly with Automake 1.6 and earlier;
|
||||
added a check to Makefile.am to make sure that we're building with
|
||||
Automake 1.7 or later.
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix compilation on mingw when a pthreads compatibility library
|
||||
has been installed. (We don't want to use it, so we shouldn't
|
||||
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Add a check for SIZE_T_MAX to tor_realloc to try to avoid
|
||||
underflow errors there too. Fixes bug 2324.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes (security):
|
||||
- Prevent a DoS attack by disallowing any zlib-compressed data
|
||||
whose compression factor is implausibly high. Fixes the
|
||||
second part of bug2324; found by doors.
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would assert if we ever had a
|
||||
cached-descriptors.new file (or another file read directly into
|
||||
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
|
||||
bug 2326; bugfix on 0.2.1.25.
|
||||
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would declare that we had run out of virtual
|
||||
addresses when the address space was only half-exhausted. Bugfix
|
||||
on 0.1.2.1-alpha.
|
||||
- Correctly handle the case where AutomapHostsOnResolve is set but no
|
||||
virtual addresses are available. Fixes bug2328, bugfix on
|
||||
0.1.2.1-alpha. Bug found by doorss.
|
||||
- Correctly handle wrapping around to when we run out of virtual address
|
||||
space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug
|
||||
reported by doorss.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix some potential asserts and partsing issues with grossly
|
||||
malformed router caches. Fixes bug 2352. Found by doorss.
|
||||
Bugfix on Tor 0.2.1.27.
|
||||
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Zero out a few more keys in memory before freeing them. Fixes bug
|
||||
2384 and part of bug 2385. These key instances found by
|
||||
"cypherpunks". Bugfix on 0.0.2pre9.
|
||||
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the January 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
o Major bugfixes (security)
|
||||
- Fix a heap overflow bug where an adversary could cause heap
|
||||
corruption. This bug potentially allows remote code execution
|
||||
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
|
||||
0.1.2.10-rc.
|
||||
o Defensive programming
|
||||
- Introduce output size checks on all of our decryption functions.
|
||||
|
||||
Loading…
Reference in New Issue