Adjust 0.2.9.10 changelog entries from 0.3.0.4-rc to match
This commit is contained in:
Nick Mathewson
parent
4cdb7bf450
commit
5d018fc26a
28
ChangeLog
28
ChangeLog
|
|
@ -1,5 +1,5 @@
|
||||||
Changes in version 0.2.9.10 - 2017-03-??
|
Changes in version 0.2.9.10 - 2017-03-??
|
||||||
Tor 0.2.9.10 backports a security fix from later Tor releass.
|
Tor 0.2.9.10 backports a security fix from later Tor release.
|
||||||
|
|
||||||
Tor 0.2.9.10 also includes fixes for some major issues affecting
|
Tor 0.2.9.10 also includes fixes for some major issues affecting
|
||||||
directory authorities, LibreSSL compatibility, and IPv6 correctness.
|
directory authorities, LibreSSL compatibility, and IPv6 correctness.
|
||||||
|
|
@ -23,17 +23,20 @@ Changes in version 0.2.9.10 - 2017-03-??
|
||||||
21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
||||||
|
|
||||||
o Major bugfixes (parsing, also in 0.3.0.4-rc):
|
o Major bugfixes (parsing, also in 0.3.0.4-rc):
|
||||||
- Fix an integer underflow bug when comparing malformed Tor versions.
|
- Fix an integer underflow bug when comparing malformed Tor
|
||||||
This bug is harmless, except when Tor has been built with
|
versions. This bug could crash Tor when built with
|
||||||
--enable-expensive-hardening, which would turn it into a crash;
|
--enable-expensive-hardening, or on Tor 0.2.9.1-alpha through Tor
|
||||||
or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
|
0.2.9.8, which were built with -ftrapv by default. In other cases
|
||||||
-ftrapv by default.
|
it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix
|
||||||
Part of TROVE-2017-001. Fixes bug 21278; bugfix on
|
on 0.0.8pre1. Found by OSS-Fuzz.
|
||||||
0.0.8pre1. Found by OSS-Fuzz.
|
|
||||||
|
|
||||||
o Minor features (directory authority, also in 0.3.0.4-rc):
|
o Minor features (directory authorities, also in 0.3.0.4-rc):
|
||||||
- Directory authorities now reject descriptors that claim to be
|
- Directory authorities now reject descriptors that claim to be
|
||||||
malformed versions of Tor. Helps prevent exploitation of bug 21278.
|
malformed versions of Tor. Helps prevent exploitation of
|
||||||
|
bug 21278.
|
||||||
|
- Reject version numbers with components that exceed INT32_MAX.
|
||||||
|
Otherwise 32-bit and 64-bit platforms would behave inconsistently.
|
||||||
|
Fixes bug 21450; bugfix on 0.0.8pre1.
|
||||||
|
|
||||||
o Minor features (portability, compilation, backport from 0.3.0.3-alpha):
|
o Minor features (portability, compilation, backport from 0.3.0.3-alpha):
|
||||||
- Autoconf now checks to determine if OpenSSL structures are opaque,
|
- Autoconf now checks to determine if OpenSSL structures are opaque,
|
||||||
|
|
@ -56,11 +59,6 @@ Changes in version 0.2.9.10 - 2017-03-??
|
||||||
which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
|
which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
|
||||||
Patch by "junglefowl".
|
Patch by "junglefowl".
|
||||||
|
|
||||||
o Minor bugfixes (voting consistency, also in 0.3.0.4-rc):
|
|
||||||
- Reject version numbers with components that exceed INT32_MAX.
|
|
||||||
Otherwise 32-bit and 64-bit platforms would behave inconsistently.
|
|
||||||
Fixes bug 21450; bugfix on 0.0.8pre1.
|
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.2.9.9 - 2017-01-23
|
Changes in version 0.2.9.9 - 2017-01-23
|
||||||
Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could
|
Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue