Finish changelog and release notes for 0.3.1.7

ChangeLog

@@ -9,11 +9,10 @@ Changes in version 0.3.1.7 - 2017-09-18
   small features, bugfixes on earlier release series, and groundwork for
   the hidden services revamp of 0.3.2.
 
-  Per our stable release policy, we plan to support the Tor 0.3.0
-  release series for at least the next nine months, or for three months
-  after the first stable release of the 0.3.1 series: whichever is
-  longer. If you need a release with long-term support, we recommend
-  that you stay with the 0.2.9 series.
+  This release also includes a fix for TROVE-2017-008, a security bug
+  that affects hidden services running with the SafeLogging option
+  disabled. For more information, see
+  https://trac.torproject.org/projects/tor/ticket/23490
 
   Per our stable release policy, we plan to support each stable release
   series for at least the next nine months, or for three months after
@@ -24,6 +23,12 @@ Changes in version 0.3.1.7 - 2017-09-18
   Below is a list of the changes since 0.3.1.6-rc. For a list of all
   changes since 0.3.0, see the ReleaseNotes file.
 
+  o Major bugfixes (security, hidden services, loggging):
+    - Fix a bug where we could log uninitialized stack when a certain
+      hidden service error occurred while SafeLogging was disabled.
+      Fixes bug #23490; bugfix on 0.2.7.2-alpha. This is also tracked as
+      TROVE-2017-008 and CVE-2017-0380.
+
   o Minor features (defensive programming):
     - Create a pair of consensus parameters, nf_pad_tor2web and
       nf_pad_single_onion, to disable netflow padding in the consensus
@@ -49,6 +54,11 @@ Changes in version 0.3.1.7 - 2017-09-18
     - Do not crash when receiving a POSTDESCRIPTOR command with an empty
       body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
 
+  o Minor bugfixes (relay):
+    - Inform the geoip and rephist modules about all requests, even on
+      relays that are only fetching microdescriptors. Fixes a bug
+      related to 21585; bugfix on 0.3.0.1-alpha.
+
   o Minor bugfixes (unit tests):
     - Fix a channelpadding unit test failure on slow systems by using
       mocked time instead of actual time. Fixes bug 23077; bugfix

ReleaseNotes

@@ -13,11 +13,10 @@ Changes in version 0.3.1.7 - 2017-09-18
   small features, bugfixes on earlier release series, and groundwork for
   the hidden services revamp of 0.3.2.
 
-  Per our stable release policy, we plan to support the Tor 0.3.0
-  release series for at least the next nine months, or for three months
-  after the first stable release of the 0.3.1 series: whichever is
-  longer. If you need a release with long-term support, we recommend
-  that you stay with the 0.2.9 series.
+  This release also includes a fix for TROVE-2017-008, a security bug
+  that affects hidden services running with the SafeLogging option
+  disabled. For more information, see
+  https://trac.torproject.org/projects/tor/ticket/23490
 
   Per our stable release policy, we plan to support each stable release
   series for at least the next nine months, or for three months after
@@ -32,6 +31,12 @@ Changes in version 0.3.1.7 - 2017-09-18
     - To build with zstd and lzma support, Tor now requires the
       pkg-config tool at build time.
 
+  o Major bugfixes (security, hidden services, loggging):
+    - Fix a bug where we could log uninitialized stack when a certain
+      hidden service error occurred while SafeLogging was disabled.
+      Fixes bug #23490; bugfix on 0.2.7.2-alpha.
+      This is also tracked as TROVE-2017-008 and CVE-2017-0380.
+
   o Major features (build system, continuous integration):
     - Tor's repository now includes a Travis Continuous Integration (CI)
       configuration file (.travis.yml). This is meant to help new
@@ -515,6 +520,11 @@ Changes in version 0.3.1.7 - 2017-09-18
       and are not relevant to the operator. Fixes bug 23078; bugfix on
       0.3.0.1-alpha and 0.3.0.2-alpha.
 
+  o Minor bugfixes (relay):
+    - Inform the geoip and rephist modules about all requests, even on
+      relays that are only fetching microdescriptors. Fixes a bug
+      related to 21585; bugfix on 0.3.0.1-alpha.
+
   o Minor bugfixes (memory leaks):
     - Fix a small memory leak at exit from the backtrace handler code.
       Fixes bug 21788; bugfix on 0.2.5.2-alpha. Patch from Daniel Pinto.

changes/bug23533

@@ -1,4 +0,0 @@
-  o Minor bugfixes (relay):
-    - Inform the geoip and rephist modules about all requests, even
-      on relays that are only fetching microdescriptors. Fixes a bug related
-      to 21585; bugfix on 0.3.0.1-alpha.

changes/trove-2017-008

@@ -1,5 +0,0 @@
-  o Major bugfixes (security, hidden services, loggging):
-    - Fix a bug where we could log uninitialized stack when a certain
-      hidden service error occurred while SafeLogging was disabled.
-      Fixes bug #23490; bugfix on 0.2.7.2-alpha.
-      This is also tracked as TROVE-2017-008 and CVE-2017-0380.