add TROVE-2018-005 to changelog and releasenotes
This commit is contained in:
parent
f177ec2142
commit
b6a88173bb
|
@ -1,4 +1,4 @@
|
||||||
Changes in version 0.3.3.6 - 2018-05-??
|
Changes in version 0.3.3.6 - 2018-05-22
|
||||||
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
||||||
backports several important fixes from the 0.3.4.1-alpha.
|
backports several important fixes from the 0.3.4.1-alpha.
|
||||||
|
|
||||||
|
@ -13,6 +13,13 @@ Changes in version 0.3.3.6 - 2018-05-??
|
||||||
Below are the changes since 0.3.3.5-rc. For a list of all changes
|
Below are the changes since 0.3.3.5-rc. For a list of all changes
|
||||||
since 0.3.2, see the ReleaseNotes file.
|
since 0.3.2, see the ReleaseNotes file.
|
||||||
|
|
||||||
|
o Major bugfixes (security, directory authority, denial-of-service):
|
||||||
|
- Fix a bug that could have allowed an attacker to force a
|
||||||
|
directory authority to use up all its RAM by passing it a
|
||||||
|
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||||
|
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||||
|
TROVE-2018-005.
|
||||||
|
|
||||||
o Major bugfixes (directory authorities, security, backport from 0.3.4.1-alpha):
|
o Major bugfixes (directory authorities, security, backport from 0.3.4.1-alpha):
|
||||||
- When directory authorities read a zero-byte bandwidth file, they
|
- When directory authorities read a zero-byte bandwidth file, they
|
||||||
would previously log a warning with the contents of an
|
would previously log a warning with the contents of an
|
||||||
|
|
|
@ -2,7 +2,7 @@ This document summarizes new features and bugfixes in each stable release
|
||||||
of Tor. If you want to see more detailed descriptions of the changes in
|
of Tor. If you want to see more detailed descriptions of the changes in
|
||||||
each development snapshot, see the ChangeLog file.
|
each development snapshot, see the ChangeLog file.
|
||||||
|
|
||||||
Changes in version 0.3.3.6 - 2018-05-??
|
Changes in version 0.3.3.6 - 2018-05-22
|
||||||
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
||||||
backports several important fixes from the 0.3.4.1-alpha.
|
backports several important fixes from the 0.3.4.1-alpha.
|
||||||
|
|
||||||
|
@ -21,6 +21,13 @@ Changes in version 0.3.3.6 - 2018-05-??
|
||||||
- When built with Rust, Tor now depends on version 0.2.39 of the
|
- When built with Rust, Tor now depends on version 0.2.39 of the
|
||||||
libc crate. Closes tickets 25310 and 25664.
|
libc crate. Closes tickets 25310 and 25664.
|
||||||
|
|
||||||
|
o Major bugfixes (security, directory authority, denial-of-service):
|
||||||
|
- Fix a bug that could have allowed an attacker to force a
|
||||||
|
directory authority to use up all its RAM by passing it a
|
||||||
|
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||||
|
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||||
|
TROVE-2018-005.
|
||||||
|
|
||||||
o Major features (denial-of-service mitigation):
|
o Major features (denial-of-service mitigation):
|
||||||
- Give relays some defenses against the recent network overload. We
|
- Give relays some defenses against the recent network overload. We
|
||||||
start with three defenses (default parameters in parentheses).
|
start with three defenses (default parameters in parentheses).
|
||||||
|
|
|
@ -1,6 +0,0 @@
|
||||||
o Major bugfixes (security, directory authority, denial-of-service):
|
|
||||||
- Fix a bug that could have allowed an attacker to force a
|
|
||||||
directory authority to use up all its RAM by passing it a
|
|
||||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
|
||||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
|
||||||
TROVE-2018-005.
|
|
Loading…
Reference in New Issue