Start an 0.2.8.13 changelog
This commit is contained in:
parent
a33d9f9b2b
commit
c159617c0c
26
ChangeLog
26
ChangeLog
|
@ -1,3 +1,29 @@
|
|||
Changes in version 0.2.8.13 - 2017-03-??
|
||||
Tor 0.2.8.13 backports a security fixes from later Tor
|
||||
releases. Anybody running Tor 0.2.8.12 or earlier should upgrade to this
|
||||
this release, if for some reason they cannot upgrade to a later
|
||||
release series, and if they build Tor with the --enable-expensive-hardening
|
||||
option.
|
||||
|
||||
Note that support for Tor 0.2.8.x is ending this year: we will not issue
|
||||
any fixes for the Tor 0.2.8.x series after 1 August 2017. If you need
|
||||
a Tor release series with longer-term support, we recommend Tor 0.2.9.x.
|
||||
|
||||
|
||||
o Major bugfixes (parsing, also in 0.3.0.4-rc):
|
||||
- Fix an integer underflow bug when comparing malformed Tor versions.
|
||||
This bug is harmless, except when Tor has been built with
|
||||
--enable-expensive-hardening, which would turn it into a crash;
|
||||
or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
|
||||
-ftrapv by default.
|
||||
Part of TROVE-2017-001. Fixes bug 21278; bugfix on
|
||||
0.0.8pre1. Found by OSS-Fuzz.
|
||||
|
||||
o Minor features (geoip):
|
||||
- Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
||||
|
||||
Changes in version 0.2.8.12 - 2016-12-19
|
||||
Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
|
||||
below) where Tor clients could crash when attempting to visit a
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
o Minor features:
|
||||
- Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2
|
||||
Country database.
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
o Major bugfixes (parsing):
|
||||
- Fix an integer underflow bug when comparing malformed Tor versions.
|
||||
This bug is harmless, except when Tor has been built with
|
||||
--enable-expensive-hardening, which would turn it into a crash;
|
||||
or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
|
||||
-ftrapv by default.
|
||||
Part of TROVE-2017-001. Fixes bug 21278; bugfix on
|
||||
0.0.8pre1. Found by OSS-Fuzz.
|
Loading…
Reference in New Issue