start on the 0.2.9.11 changelog

2017-06-08 09:03:38 -04:00 · 2017-06-08 09:03:38 -04:00 · 5d34df50f8
parent 8dd9d631c9
commit 5d34df50f8
12 changed files with 66 additions and 57 deletions
--- a/66
+++ b/66
@ -1,3 +1,69 @@
+Changes in version 0.2.9.11 - 2017-06-08
+  Tor 0.2.9.11 fixes a pair of bugs that would allow an attacker to
+  remotely crash a hidden service with an assertion failure. Anyone
+  running a hidden service should upgrade to this version, or to some
+  other version with fixes for TROVE-2017-004 and TROVE-2017-005.
+
+  Tor 0.2.9.11 also backports fixes for several key management bugs
+  that sometimes made relays unreliable, as well as several other
+  bugfixes described below.
+
+  o Major bugfixes (relay, link handshake, backport from 0.3.1.3-alpha):
+    - When performing the v3 link handshake on a TLS connection, report
+      that we have the x509 certificate that we actually used on that
+      connection, even if we have changed certificates since that
+      connection was first opened. Previously, we would claim to have
+      used our most recent x509 link certificate, which would sometimes
+      make the link handshake fail. Fixes one case of bug 22460; bugfix
+      on 0.2.3.6-alpha.
+
+  o Minor features (fallback directory list, backport from 0.3.1.3-alpha):
+    - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
+      December 2016 (of which ~126 were still functional) with a list of
+      151 fallbacks (32 new, 119 unchanged, 58 removed) generated in May
+      2017. Resolves ticket 21564.
+
+  o Minor features (future-proofing, backport from 0.3.0.7):
+    - Tor no longer refuses to download microdescriptors or descriptors if
+      they are listed as "published in the future".  This change will
+      eventually allow us to stop listing meaningful "published" dates
+      in microdescriptor consensuses, and thereby allow us to reduce the
+      resources required to download consensus diffs by over 50%.
+      Implements part of ticket 21642; implements part of proposal 275.
+
+  o Minor features (directory authorities, backport from 0.3.0.4-rc)
+    - Directory authorities now reject relays running versions
+      0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
+      suffer from bug 20499 and don't keep their consensus cache
+      up-to-date. Resolves ticket 20509.
+
+  o Minor features (geoip):
+    - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
+      Country database.
+
+  o Minor bugfixes (control port, backport from 0.3.0.6):
+    - The GETINFO extra-info/digest/<digest> command was broken because
+      of a wrong base16 decode return value check, introduced when
+      refactoring that API. Fixes bug 22034; bugfix on 0.2.9.1-alpha.
+
+  o Minor bugfixes (correctness, backport from 0.3.1.3-alpha):
+    - Avoid undefined behavior when parsing IPv6 entries from the geoip6
+      file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
+
+  o Minor bugfixes (Linux seccomp2 sandbox, backport from 0.3.0.7):
+    - The getpid() system call is now permitted under the Linux seccomp2
+      sandbox, to avoid crashing with versions of OpenSSL (and other
+      libraries) that attempt to learn the process's PID by using the
+      syscall rather than the VDSO code. Fixes bug 21943; bugfix
+      on 0.2.5.1-alpha.
+
+  o Minor bugfixes (memory leak, directory authority, backport
+    from 0.3.1.2-alpha):
+    - When directory authorities reject a router descriptor due to
+      keypinning, free the router descriptor rather than leaking the
+      memory. Fixes bug 22370; bugfix on 0.2.7.2-alpha.
+
+
 Changes in version 0.2.9.10 - 2017-03-01
  Tor 0.2.9.10 backports a security fix for users who build Tor with
  the --enable-expensive-hardening option. It also includes fixes for
--- a/changes/bug20509
+++ b/changes/bug20509
@ -1,5 +0,0 @@
-  o Minor features:
-    - Directory authorities now reject relays running versions
-      0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
-      suffer from bug 20499 and don't keep their consensus cache
-      up-to-date. Resolves ticket 20509.
--- a/changes/bug21943
+++ b/changes/bug21943
@ -1,6 +0,0 @@
-  o Minor bugfixes (Linux seccomp2 sandbox):
-    - The getpid() system call is now permitted under the Linux seccomp2
-      sandbox, to avoid crashing with versions of OpenSSL (and other
-      libraries) that attempt to learn the process's PID by using the
-      syscall rather than the VDSO code. Fixes bug 21943; bugfix on
-      0.2.5.1-alpha.
--- a/changes/bug22034
+++ b/changes/bug22034
@ -1,4 +0,0 @@
-  o Minor bugfixes (control port, regression):
-    - The GETINFO extra-info/digest/<digest> command was broken because of a
-      wrong base16 decode return value check. In was introduced in a refactor
-      of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha.
--- a/changes/bug22370
+++ b/changes/bug22370
@ -1,4 +0,0 @@
-  o Minor bugfixes (memory handling):
-    - When directory authorities reject a router descriptor due to keypinning,
-      free the router descriptor rather than leaking the memory.
-      Fixes bug 22370; bugfix on 0.2.7.2-alpha.
--- a/changes/bug22460_case2
+++ b/changes/bug22460_case2
@ -1,8 +0,0 @@
-  o Major bugfixes (relay, link handshake):
-
-    - When performing the v3 link handshake on a TLS connection, report that
-      we have the x509 certificate that we actually used on that connection,
-      even if we have changed certificates since that connection was first
-      opened. Previously, we would claim to have used our most recent x509
-      link certificate, which would sometimes make the link handshake fail.
-      Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
--- a/changes/bug22490
+++ b/changes/bug22490
@ -1,3 +0,0 @@
-  o Minor bugfixes (correctness):
-    - Avoid undefined behavior when parsing IPv6 entries from the geoip6
-      file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
--- a/changes/geoip-april2017
+++ b/changes/geoip-april2017
@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the April 4 2017 Maxmind GeoLite2
-      Country database.
-
--- a/changes/geoip-march2017
+++ b/changes/geoip-march2017
@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the March 7 2017 Maxmind GeoLite2
-      Country database.
-
--- a/changes/geoip-may2017
+++ b/changes/geoip-may2017
@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2
-      Country database.
-
--- a/changes/prop275-minimal
+++ b/changes/prop275-minimal
@ -1,9 +0,0 @@
-  o Minor features (future-proofing):
-
-    - Tor no longer refuses to download microdescriptors or descriptors if
-      they are listed as "published in the future".  This change will
-      eventually allow us to stop listing meaningful "published" dates
-      in microdescriptor consensuses, and thereby allow us to reduce the
-      resources required to download consensus diffs by over 50%.
-      Implements part of ticket 21642; implements part of proposal 275.
-
--- a/changes/ticket21564
+++ b/changes/ticket21564
@ -1,6 +0,0 @@
-  o Minor features (fallback directory list):
-    - Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
-      December 2016 (of which ~126 were still functional), with a list of
-      151 fallbacks (32 new, 119 existing, 58 removed) generated in
-      May 2017.
-      Resolves ticket 21564.