add TROVE-2018-005 to changelog and releasenotes
This commit is contained in:
parent
f177ec2142
commit
b6a88173bb
|
@ -1,4 +1,4 @@
|
|||
Changes in version 0.3.3.6 - 2018-05-??
|
||||
Changes in version 0.3.3.6 - 2018-05-22
|
||||
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
||||
backports several important fixes from the 0.3.4.1-alpha.
|
||||
|
||||
|
@ -13,6 +13,13 @@ Changes in version 0.3.3.6 - 2018-05-??
|
|||
Below are the changes since 0.3.3.5-rc. For a list of all changes
|
||||
since 0.3.2, see the ReleaseNotes file.
|
||||
|
||||
o Major bugfixes (security, directory authority, denial-of-service):
|
||||
- Fix a bug that could have allowed an attacker to force a
|
||||
directory authority to use up all its RAM by passing it a
|
||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||
TROVE-2018-005.
|
||||
|
||||
o Major bugfixes (directory authorities, security, backport from 0.3.4.1-alpha):
|
||||
- When directory authorities read a zero-byte bandwidth file, they
|
||||
would previously log a warning with the contents of an
|
||||
|
|
|
@ -2,7 +2,7 @@ This document summarizes new features and bugfixes in each stable release
|
|||
of Tor. If you want to see more detailed descriptions of the changes in
|
||||
each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.3.3.6 - 2018-05-??
|
||||
Changes in version 0.3.3.6 - 2018-05-22
|
||||
Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It
|
||||
backports several important fixes from the 0.3.4.1-alpha.
|
||||
|
||||
|
@ -21,6 +21,13 @@ Changes in version 0.3.3.6 - 2018-05-??
|
|||
- When built with Rust, Tor now depends on version 0.2.39 of the
|
||||
libc crate. Closes tickets 25310 and 25664.
|
||||
|
||||
o Major bugfixes (security, directory authority, denial-of-service):
|
||||
- Fix a bug that could have allowed an attacker to force a
|
||||
directory authority to use up all its RAM by passing it a
|
||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||
TROVE-2018-005.
|
||||
|
||||
o Major features (denial-of-service mitigation):
|
||||
- Give relays some defenses against the recent network overload. We
|
||||
start with three defenses (default parameters in parentheses).
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (security, directory authority, denial-of-service):
|
||||
- Fix a bug that could have allowed an attacker to force a
|
||||
directory authority to use up all its RAM by passing it a
|
||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||
TROVE-2018-005.
|
Loading…
Reference in New Issue