Start an 0.2.8.13 changelog

2017-02-23 16:08:09 -05:00 · 2017-02-23 16:08:09 -05:00 · c159617c0c
parent a33d9f9b2b
commit c159617c0c
4 changed files with 26 additions and 16 deletions
--- a/26
+++ b/26
@ -1,3 +1,29 @@
+Changes in version 0.2.8.13 - 2017-03-??
+  Tor 0.2.8.13 backports a security fixes from later Tor
+  releases.  Anybody running Tor 0.2.8.12 or earlier should upgrade to this
+  this release, if for some reason they cannot upgrade to a later
+  release series, and if they build Tor with the --enable-expensive-hardening
+  option.
+
+  Note that support for Tor 0.2.8.x is ending this year: we will not issue
+  any fixes for the Tor 0.2.8.x series after 1 August 2017.  If you need
+  a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
+
+
+  o Major bugfixes (parsing, also in 0.3.0.4-rc):
+    - Fix an integer underflow bug when comparing malformed Tor versions.
+      This bug is harmless, except when Tor has been built with
+      --enable-expensive-hardening, which would turn it into a crash;
+      or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
+      -ftrapv by default.
+      Part of TROVE-2017-001. Fixes bug 21278; bugfix on
+      0.0.8pre1. Found by OSS-Fuzz.
+
+  o Minor features (geoip):
+    - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
+      Country database.
+
+
 Changes in version 0.2.8.12 - 2016-12-19
  Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
  below) where Tor clients could crash when attempting to visit a
--- a/changes/geoip-february2017
+++ b/changes/geoip-february2017
@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
-      Country database.
-
--- a/changes/geoip-january2017
+++ b/changes/geoip-january2017
@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
-      Country database.
-
--- a/changes/trove-2017-001.2
+++ b/changes/trove-2017-001.2
@ -1,8 +0,0 @@
-  o Major bugfixes (parsing):
-    - Fix an integer underflow bug when comparing malformed Tor versions.
-      This bug is harmless, except when Tor has been built with
-      --enable-expensive-hardening, which would turn it into a crash;
-      or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
-      -ftrapv by default.
-      Part of TROVE-2017-001. Fixes bug 21278; bugfix on
-      0.0.8pre1. Found by OSS-Fuzz.