changelog edits for 0.2.4.22
This commit is contained in:
parent
3dfd8dd97b
commit
6932f87ae1
46
ChangeLog
46
ChangeLog
|
@ -1,16 +1,23 @@
|
|||
Changes in version 0.2.4.22 - 2014-05-??
|
||||
Write a paragraph here.
|
||||
Changes in version 0.2.4.22 - 2014-05-1?
|
||||
Tor 0.2.4.22 backports numerous high-priority fixes from the Tor 0.2.5
|
||||
alpha release series. These include blocking all authority signing keys
|
||||
that may have been affected by the OpenSSL "heartbleed" bug, choosing
|
||||
a far more secure set of TLS ciphersuites by default, closing a couple of
|
||||
memory leaks that could be used to run a target relay out of RAM, and
|
||||
|
||||
o Major bugfixes:
|
||||
- When running a hidden service, do not allow TunneledDirConns 0;
|
||||
this will keep the hidden service from running, and also
|
||||
o Major bugfixes (security, OOM)
|
||||
- Fix a memory leak that could occur if a microdescriptor parse
|
||||
fails during the tokenizing step. This bug could enable a memory
|
||||
exhaustion attack by directory servers. Fixes bug #11649; bugfix
|
||||
on 0.2.2.6-alpha.
|
||||
|
||||
o Major bugfixes (configuration, security):
|
||||
- When running a hidden service, do not allow TunneledDirConns 0:
|
||||
trying to set that option together with a hidden service would
|
||||
otherwise prevent the hidden service from running, and also
|
||||
make it publish its descriptors directly over HTTP. Fixes bug 10849;
|
||||
bugfix on 0.2.1.1-alpha.
|
||||
|
||||
o Minor bugfixes (exit relay, backport from 0.2.5.4-alpha):
|
||||
- Stop leaking memory when we successfully resolve a PTR record.
|
||||
Fixes bug 11437; bugfix on 0.2.4.7-alpha.
|
||||
|
||||
o Major features (security, backport from 0.2.5.4-alpha):
|
||||
- Block authority signing keys that were used on authorities
|
||||
vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We
|
||||
|
@ -41,17 +48,15 @@ Changes in version 0.2.4.22 - 2014-05-??
|
|||
- Avoid sending an garbage value to the controller when a circuit is
|
||||
cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
|
||||
|
||||
o Minor bugfixes (exit relay, backport from 0.2.5.4-alpha):
|
||||
- Stop leaking memory when we successfully resolve a PTR record.
|
||||
Fixes bug 11437; bugfix on 0.2.4.7-alpha.
|
||||
|
||||
o Minor features (log verbosity, backport from 0.2.5.4-alpha):
|
||||
- When we run out of usable circuit IDs on a channel, log only one
|
||||
warning for the whole channel, and describe how many circuits
|
||||
there were on the channel. Fixes part of ticket 11553.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Downgrade the warning severity for the the "md was still referenced 1
|
||||
node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
|
||||
diagnose this bug, and the current warning in earlier versions of
|
||||
tor achieves nothing useful. Addresses warning from bug 7164.
|
||||
|
||||
o Documentation (backport from 0.2.5.4-alpha):
|
||||
- Correctly document that we search for a system torrc file before
|
||||
looking in ~/.torrc. Fixes documentation side of 9213; bugfix on
|
||||
|
@ -75,12 +80,11 @@ Changes in version 0.2.4.22 - 2014-05-??
|
|||
- Fix a compilation error when compiling with --disable-cuve25519.
|
||||
Fixes bug 9700; bugfix on 0.2.4.17-rc.
|
||||
|
||||
o Major bugfixes (security, OOM)
|
||||
- Fix a memory leak that could occur if a microdescriptor parse
|
||||
fails during the tokenizing step. This could enable a memory
|
||||
exhaustion attack by directory servers. Fixes bug #11649; bugfix
|
||||
on 0.2.2.6-alpha.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Downgrade the warning severity for the the "md was still referenced 1
|
||||
node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
|
||||
diagnose this bug, and the current warning in earlier versions of
|
||||
tor achieves nothing useful. Addresses warning from bug 7164.
|
||||
|
||||
|
||||
Changes in version 0.2.4.21 - 2014-02-28
|
||||
|
|
Loading…
Reference in New Issue