sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

two small fixes, and downgrade a severity

This commit is contained in:
Roger Dingledine 2014-05-14 15:48:57 -04:00
parent 0fed6ad45b
commit ca085ba341
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ChangeLog
View File

@ -9,16 +9,9 @@ Changes in version 0.2.4.22 - 2014-05-1?
o Major bugfixes (security, OOM):
- Fix a memory leak that could occur if a microdescriptor parse
fails during the tokenizing step. This bug could enable a memory
exhaustion attack by directory servers. Fixes bug #11649; bugfix
exhaustion attack by directory servers. Fixes bug 11649; bugfix
on 0.2.2.6-alpha.
o Major bugfixes (configuration, security):
- When running a hidden service, do not allow TunneledDirConns 0:
trying to set that option together with a hidden service would
otherwise prevent the hidden service from running, and also make
it publish its descriptors directly over HTTP. Fixes bug 10849;
bugfix on 0.2.1.1-alpha.
o Major features (security, backport from 0.2.5.4-alpha):
- Block authority signing keys that were used on authorities
vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We
@ -45,6 +38,13 @@ Changes in version 0.2.4.22 - 2014-05-1?
advertising the ECDH (not to be confused with ECDHE) ciphersuites.
Resolves ticket 11438.
o Minor bugfixes (configuration, security):
- When running a hidden service, do not allow TunneledDirConns 0:
trying to set that option together with a hidden service would
otherwise prevent the hidden service from running, and also make
it publish its descriptors directly over HTTP. Fixes bug 10849;
bugfix on 0.2.1.1-alpha.
o Minor bugfixes (controller, backport from 0.2.5.4-alpha):
- Avoid sending an garbage value to the controller when a circuit is
cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
@ -78,7 +78,7 @@ Changes in version 0.2.4.22 - 2014-05-1?
users. Fixes bug 9686; bugfix on 0.2.4.14-alpha.
o Minor bugfixes (compilation):
- Fix a compilation error when compiling with --disable-cuve25519.
- Fix a compilation error when compiling with --disable-curve25519.
Fixes bug 9700; bugfix on 0.2.4.17-rc.
o Minor bugfixes: