Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts: changes/bug2190 changes/forget-rend-descs-on-newnym
This commit is contained in:
Nick Mathewson
commit
952ae0ea69
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes (bridge authority)
|
||||
- Do not allow encrypte requests for "all" bridges to return all
|
||||
bridges.
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes:
|
||||
- Stop sending a CLOCK_SKEW controller status event whenever
|
||||
we fetch directory information from a relay that has a wrong clock.
|
||||
Instead, only inform the controller when it's a trusted authority
|
||||
that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha;
|
||||
fixes the other half of bug 1074.
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- When we restart our relay, we might get a successful connection
|
||||
from the outside before we've started our reachability tests,
|
||||
triggering a warning: "ORPort found reachable, but I have no
|
||||
routerinfo yet. Failing to inform controller of success." This
|
||||
bug was harmless unless Tor is running under a controller
|
||||
like Vidalia, in which case the controller would never get a
|
||||
REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha;
|
||||
fixes bug 1172.
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Prevent calls from Libevent from inside Libevent log handlers.
|
||||
This had potential to cause a nasty set of crashes, especially if
|
||||
running Libevent with debug logging enabled, and running Tor
|
||||
with a controller watching for low-severity log messages.
|
||||
Bugfix on 0.1.0.2-rc. Fixes bug 2190.
|
||||
- Make Libevent log messages get delievered to controllers later,
|
||||
and not from inside the Libevent log handler. This prevents
|
||||
unsafe reentrant Libevent calls while still letting the log
|
||||
messages get through.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Build changes
|
||||
- Tor does not build packages correctly with Automake 1.6 and earlier;
|
||||
added a check to Makefile.am to make sure that we're building with
|
||||
Automake 1.7 or later.
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix compilation on mingw when a pthreads compatibility library
|
||||
has been installed. (We don't want to use it, so we shouldn't
|
||||
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Add a check for SIZE_T_MAX to tor_realloc to try to avoid
|
||||
underflow errors there too. Fixes bug 2324.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes (security):
|
||||
- Prevent a DoS attack by disallowing any zlib-compressed data
|
||||
whose compression factor is implausibly high. Fixes the
|
||||
second part of bug2324; found by doors.
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would assert if we ever had a
|
||||
cached-descriptors.new file (or another file read directly into
|
||||
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
|
||||
bug 2326; bugfix on 0.2.1.25.
|
||||
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would declare that we had run out of virtual
|
||||
addresses when the address space was only half-exhausted. Bugfix
|
||||
on 0.1.2.1-alpha.
|
||||
- Correctly handle the case where AutomapHostsOnResolve is set but no
|
||||
virtual addresses are available. Fixes bug2328, bugfix on
|
||||
0.1.2.1-alpha. Bug found by doorss.
|
||||
- Correctly handle wrapping around to when we run out of virtual address
|
||||
space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug
|
||||
reported by doorss.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix some potential asserts and partsing issues with grossly
|
||||
malformed router caches. Fixes bug 2352. Found by doorss.
|
||||
Bugfix on Tor 0.2.1.27.
|
||||
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Zero out a few more keys in memory before freeing them. Fixes bug
|
||||
2384 and part of bug 2385. These key instances found by
|
||||
"cypherpunks". Bugfix on 0.0.2pre9.
|
||||
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes
|
||||
- Ignore and warn about "PublishServerDescriptor hidserv" torrc
|
||||
options. The 'hidserv' argument never controlled publication
|
||||
of hidden service descriptors. Bugfix on 0.2.0.1-alpha.
|
||||
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes:
|
||||
- If relays set RelayBandwidthBurst but not RelayBandwidthRate,
|
||||
Tor would ignore their RelayBandwidthBurst setting,
|
||||
potentially using more bandwidth than expected. Bugfix on
|
||||
0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes:
|
||||
- Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned.
|
||||
(None of the cases where we did this before were wrong, but by making
|
||||
this change we can avoid warnings.) Fixes bug2475; bugfix on
|
||||
Tor 0.2.1.28.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix a crash bug that could occur occasionally when a client was
|
||||
configured with a large number of bridges. Fixes bug 2629; bugfix
|
||||
on 0.2.1.2-alpha. Bugfix by trac user "shitlei".
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Correct the warning displayed when a rendezvous descriptor exceeds
|
||||
the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found
|
||||
by John Brooks.
|
||||
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Fix an uncommon assertion failure when running with DNSPort under
|
||||
heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha.
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features
|
||||
- Adjust our TLS Diffie-Hellman parameters to match those used by
|
||||
Apache's mod_ssl.
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
o Security fixes:
|
||||
- Forget all hidden service descriptors cached as a client when
|
||||
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
|
||||
0.0.6.
|
||||
o Major bugfixes:
|
||||
- When we find that we have extended a hidden service's introduction
|
||||
circuit to a relay which isn't listed as an introduction point in
|
||||
the HS descriptor we currently have for the service, we now retry
|
||||
one of the introduction points in the current HS descriptor.
|
||||
Previously we would just give up. Bugfix on 0.2.0.10-alpha; fixes
|
||||
bugs 1024 and 1930.
|
||||
o Minor bugfixes:
|
||||
- Don't allow v0 hidden service authorities to act as clients.
|
||||
Required by fix for bug 3000.
|
||||
- Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
|
||||
Required by fix for bug 3000.
|
||||
o Code simplifications and refactoring:
|
||||
- Allow rend_client_send_introduction to fail without closing the
|
||||
AP connection permanently.
|
||||
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Directory authority changes:
|
||||
- Change IP address and ports for gabelmoo (v3 directory authority).
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the April 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the December 1 2010 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the February 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the January 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features:
|
||||
- Update to the March 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Major bugfixes:
|
||||
- Fix a crash in parsing router descriptors containing IPv6
|
||||
addresses. This one crashed the directory authorities when somebody
|
||||
fired up some experimental code. Bugfix on 0.2.1.3-alpha.
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor features
|
||||
- Build correctly on mingw with more recent version of OpenSSL 0.9.8.
|
||||
Patch from mingw-san.
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (security)
|
||||
- Fix a bounds-checking error that could allow an attacker to
|
||||
remotely crash a directory authority. Found by piebeer.
|
||||
Bugfix on 0.2.1.5-alpha.
|
||||
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Removed files:
|
||||
- Stop shipping the old doc/website/ directory in the tarball. We
|
||||
changed the website format in late 2010, and what we shipped in
|
||||
0.2.1.26 really wasn't that useful anyway.
|
||||
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- Check for and reject overly long directory certificates and
|
||||
directory tokens before they have a chance to hit any
|
||||
assertions. Bugfix on 0.2.1.28. Found by doorss.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Major bugfixes:
|
||||
- Fix a remotely exploitable bug that could be used to crash instances
|
||||
of Tor remotely by overflowing on the heap. Remove-code execution
|
||||
hasn't been confirmed, but can't be ruled out. Obviously, everyone
|
||||
should upgrade. Bugfix on the 0.1.1 series and later.
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
o Major bugfixes (security)
|
||||
- Fix a heap overflow bug where an adversary could cause heap
|
||||
corruption. This bug potentially allows remote code execution
|
||||
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
|
||||
0.1.2.10-rc.
|
||||
o Defensive programming
|
||||
- Introduce output size checks on all of our decryption functions.
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
o Packaging changes:
|
||||
- Stop shipping the Tor specs files and development proposal documents
|
||||
in the tarball. They are now in a separate git repository at
|
||||
git://git.torproject.org/torspec.git
|
||||
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
o Minor bugfixes
|
||||
- When warning about missing zlib development packages, give the
|
||||
correct package names. Bugfix on 0.2.0.1-alpha.
|
||||
Loading…
Reference in New Issue