write the release blurb for 0.2.4.20, and give it a date
This commit is contained in:
parent
00285acca3
commit
8eb617dca3
12
ChangeLog
12
ChangeLog
|
@ -1,4 +1,14 @@
|
|||
Changes in version 0.2.4.20 - 201?-??-??
|
||||
Changes in version 0.2.4.20 - 2013-12-22
|
||||
Tor 0.2.4.20 fixes potentially poor random number generation for users
|
||||
who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
|
||||
torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
|
||||
and 4) have no state file in their DataDirectory (as would happen on
|
||||
first start). Users who generated relay or hidden service identity
|
||||
keys in such a situation should discard them and generate new ones.
|
||||
|
||||
This release also fixes a logic error that caused Tor clients to build
|
||||
many more preemptive circuits than they actually need.
|
||||
|
||||
o Major bugfixes:
|
||||
- Do not allow OpenSSL engines to replace the PRNG, even when
|
||||
HardwareAccel is set. The only default builtin PRNG engine uses
|
||||
|
|
34
ReleaseNotes
34
ReleaseNotes
|
@ -3,6 +3,40 @@ This document summarizes new features and bugfixes in each stable release
|
|||
of Tor. If you want to see more detailed descriptions of the changes in
|
||||
each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.2.4.20 - 2013-12-22
|
||||
Tor 0.2.4.20 fixes potentially poor random number generation for users
|
||||
who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
|
||||
torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
|
||||
and 4) have no state file in their DataDirectory (as would happen on
|
||||
first start). Users who generated relay or hidden service identity
|
||||
keys in such a situation should discard them and generate new ones.
|
||||
|
||||
This release also fixes a logic error that caused Tor clients to build
|
||||
many more preemptive circuits than they actually need.
|
||||
|
||||
o Major bugfixes:
|
||||
- Do not allow OpenSSL engines to replace the PRNG, even when
|
||||
HardwareAccel is set. The only default builtin PRNG engine uses
|
||||
the Intel RDRAND instruction to replace the entire PRNG, and
|
||||
ignores all attempts to seed it with more entropy. That's
|
||||
cryptographically stupid: the right response to a new alleged
|
||||
entropy source is never to discard all previously used entropy
|
||||
sources. Fixes bug 10402; works around behavior introduced in
|
||||
OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
|
||||
and "rl1987".
|
||||
- Avoid launching spurious extra circuits when a stream is pending.
|
||||
This fixes a bug where any circuit that _wasn't_ unusable for new
|
||||
streams would be treated as if it were, causing extra circuits to
|
||||
be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Avoid a crash bug when starting with a corrupted microdescriptor
|
||||
cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
|
||||
- If we fail to dump a previously cached microdescriptor to disk, avoid
|
||||
freeing duplicate data later on. Fixes bug 10423; bugfix on
|
||||
0.2.4.13-alpha. Spotted by "bobnomnom".
|
||||
|
||||
|
||||
Changes in version 0.2.4.19 - 2013-12-11
|
||||
The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz
|
||||
(1986-2013). Aaron worked on diverse projects including helping to guide
|
||||
|
|
Loading…
Reference in New Issue