diff --git a/ChangeLog b/ChangeLog index fe5403ff2..85202e1ae 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,58 @@ +Changes in version 0.2.2.23-alpha - 2011-02-?? + o Major bugfixes: + - Stop sending a CLOCK_SKEW controller status event whenever + we fetch directory information from a relay that has a wrong clock. + Instead, only inform the controller when it's a trusted authority + that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes + the rest of bug 1074. + - If relays set RelayBandwidthBurst but not RelayBandwidthRate, + Tor would ignore their RelayBandwidthBurst setting, + potentially using more bandwidth than expected. Bugfix on + 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. + - Ignore and warn if the user mistakenly sets "PublishServerDescriptor + hidserv" in her torrc. The 'hidserv' argument never controlled + publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha. + + o Major features: + - Enable Address Space Layout Randomization (ASLR) and Data Execution + Prevention (DEP) by default on Windows to make it harder for + attackers to exploit vulnerabilities. Patch from John Brooks. + + o Minor bugfixes: + - Clients should not weight BadExit nodes as Exits in their node + selection. Similarly, directory authorities should not count BadExit + bandwidth as Exit bandwidth when computing bandwidth-weights. + Bugfix on 0.2.2.10-alpha; fixes bug 2203. + - Avoid a double mark-for-free warning when failing to attach a + transparent proxy connection. Bugfix on 0.1.2.1-alpha. Fixes + bug 2279. + - Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378; + found by "cypherpunks". This bug was introduced before the first + Tor release, in svn commit r110. + - Resolve a bug in verifying signatures of directory objects + with digests longer than SHA1. Bugfix on 0.2.2.20-alpha. + Fixes bug 2409. Found by "piebeer". + - Country codes aren't supported in EntryNodes until 0.2.3.x, so + don't mention them in the manpage. Fixes bug 2450; issue + spotted by keb and G-Lo. + + o Minor features: + - Log less aggressively about circuit timeout changes, and improve + some other circuit timeout messages. Resolves bug 2004. + - Log a little more clearly about the times at which we're no longer + accepting new connections. Resolves bug 2181. + - Detect attempts at the client side to open connections to private + IP addresses (like 127.0.0.1, 10.0.0.1, and so on) with + a randomly chosen exit node. Attempts to do so are always + ill-defined, generally prevented by exit policies, and usually + in error. This will also help to detect loops in transparent + proxy configurations. You can disable this feature by setting + "ClientRejectInternalAddresses 0" in your torrc. + - Always treat failure to allocate an RSA key as an unrecoverable + allocation error. + - Update to the February 1 2011 Maxmind GeoLite Country database. + + Changes in version 0.2.2.22-alpha - 2011-01-25 Tor 0.2.2.22-alpha fixes a few more less-critical security issues. The main other change is a slight tweak to Tor's TLS handshake that makes diff --git a/changes/bug1074-part2 b/changes/bug1074-part2 deleted file mode 100644 index 6644f496d..000000000 --- a/changes/bug1074-part2 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Stop sending a CLOCK_SKEW controller status event whenever - we fetch directory information from a relay that has a wrong clock. - Instead, only inform the controller when it's a trusted authority - that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha; - fixes the other half of bug 1074. diff --git a/changes/bug2004 b/changes/bug2004 deleted file mode 100644 index 4fd6c91a0..000000000 --- a/changes/bug2004 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Log less aggressively about circuit timeout changes, and improve some - other circuit timeout messages. Resolves bug 2004. - diff --git a/changes/bug2181 b/changes/bug2181 deleted file mode 100644 index 0a095488e..000000000 --- a/changes/bug2181 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features - - Log a little more clearly about the times at which we're no longer - accepting new connections. Resolves bug 2181. - diff --git a/changes/bug2203 b/changes/bug2203 deleted file mode 100644 index 9cfbedf14..000000000 --- a/changes/bug2203 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Clients should not weight BadExit nodes as Exits in their node - selection. Similarly, directory authorities should not count - BadExit bandwidth as Exit bandwidth when computing bandwidth-weights. - Bugfix on 0.2.2.10-alpha; fixes bug 2203. - diff --git a/changes/bug2279 b/changes/bug2279 deleted file mode 100644 index d31300978..000000000 --- a/changes/bug2279 +++ /dev/null @@ -1,15 +0,0 @@ - o Minor bugfixes - - Avoid a double mark-for-free warning when failing to attach a - transparent proxy connection. Fixes bug 2279. Bugfix on - Tor 0.1.2.1 alpha. - - o Minor features - - Detect attempts at the client side to open connections to private - IP addresses (like 127.0.0.1, 10.0.0.1, and so on) with a randomly - chosen exit node. Attempts to do so are always ill-defined, generally - prevented by exit policies, and usually in error. This will also - help to detect loops in transparent proxy configurations. You can - disable this feature by setting "ClientRejectInternalAddresses 0" - in your torrc. - - diff --git a/changes/bug2358 b/changes/bug2358 deleted file mode 100644 index 5e44bb9f8..000000000 --- a/changes/bug2358 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features - - Enable Address Space Layout Randomization (ASLR) and Data Execution - Prevention (DEP) by default on Windows to make it harder for - attackers to exploit vulnerabilities. Patch from John Brooks. - diff --git a/changes/bug2378 b/changes/bug2378 deleted file mode 100644 index 227968869..000000000 --- a/changes/bug2378 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes - - Correctly detect failure to allocate an OpenSSL BIO. Fixes bug 2378; - found by "cypherpunks". This bug was introduced before the - first Tor release, in svn commit r110. - - o Minor code simplifications and refactorings - - Always treat failure to allocate an RSA key as an unrecoverable - allocation error. diff --git a/changes/bug2408 b/changes/bug2408 deleted file mode 100644 index 1d2dbf1ad..000000000 --- a/changes/bug2408 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes - - Ignore and warn about "PublishServerDescriptor hidserv" torrc - options. The 'hidserv' argument never controlled publication - of hidden service descriptors. Bugfix on 0.2.0.1-alpha. - - diff --git a/changes/bug2409 b/changes/bug2409 deleted file mode 100644 index 5523458b6..000000000 --- a/changes/bug2409 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Resolve a bug in verifying signatures of directory objects - with digests longer than SHA1. Bugfix on 0.2.2.20-alpha; - fixes bug 2409; found by "piebeer". diff --git a/changes/bug2450 b/changes/bug2450 deleted file mode 100644 index b3b50ddb0..000000000 --- a/changes/bug2450 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Country codes aren't supported in EntryNodes until 0.2.3.x. - Don't mention them in the manpage. Fixes bug 2450, issue - spotted by keb and G-Lo. - diff --git a/changes/bug2470 b/changes/bug2470 deleted file mode 100644 index 8ff97b7bc..000000000 --- a/changes/bug2470 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If relays set RelayBandwidthBurst but not RelayBandwidthRate, - Tor would ignore their RelayBandwidthBurst setting, - potentially using more bandwidth than expected. Bugfix on - 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. diff --git a/changes/geoip-feb2011 b/changes/geoip-feb2011 deleted file mode 100644 index 12eb0ac4b..000000000 --- a/changes/geoip-feb2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the February 1 2011 Maxmind GeoLite Country database. -