Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
T
tor
Manage
Activity
Members
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Terraform modules
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
jarl
tor
Commits
52b2b2c8
Commit
52b2b2c8
authored
8 years ago
by
Nick Mathewson
Browse files
Options
Downloads
Patches
Plain Diff
Fold 20384 into changelog
parent
66ecdcdd
Branches
Branches containing commit
Tags
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
ChangeLog
+23
-7
23 additions, 7 deletions
ChangeLog
changes/buf-sentinel
+0
-11
0 additions, 11 deletions
changes/buf-sentinel
with
23 additions
and
18 deletions
ChangeLog
+
23
−
7
View file @
52b2b2c8
Changes in version 0.2.9.4-alpha - 2016-10-17
Tor 0.2.9.4-alpha adds numerous small features and fix-ups to previous
versions of Tor, including the implementation of a feature to future-
proof the Tor ecosystem against protocol changes, some bug fixes
necessary for Tor Browser to use unix domain sockets correctly, and
several portability improvements. We anticipate that this will be the
last alpha in the Tor 0.2.9 series, and that the next release will be
a release candidate.
Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor
that would allow a remote attacker to crash a Tor client, hidden
service, relay, or authority. All Tor users should upgrade to this
version, or to 0.2.8.9. Patches will be released for older versions
of Tor.
Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to
previous versions of Tor, including the implementation of a feature to
future- proof the Tor ecosystem against protocol changes, some bug
fixes necessary for Tor Browser to use unix domain sockets correctly,
and several portability improvements. We anticipate that this will be
the last alpha in the Tor 0.2.9 series, and that the next release will
be a release candidate.
o Major features (security fixes):
- Prevent a class of security bugs caused by treating the contents
of a buffer chunk as if they were a NUL-terminated string. At
least one such bug seems to be present in all currently used
versions of Tor, and would allow an attacker to remotely crash
most Tor instances, especially those compiled with extra compiler
hardening. With this defense in place, such bugs can't crash Tor,
though we should still fix them as they occur. Closes ticket
20384 (TROVE-2016-10-001).
o Major features (subprotocol versions):
- Tor directory authorities now vote on a set of recommended
This diff is collapsed.
Click to expand it.
changes/buf-sentinel
deleted
100644 → 0
+
0
−
11
View file @
66ecdcdd
o Major features (security fixes):
- Prevent a class of security bugs caused by treating the contents
of a buffer chunk as if they were a NUL-terminated string. At
least one such bug seems to be present in all currently used
versions of Tor, and would allow an attacker to remotely crash
most Tor instances, especially those compiled with extra compiler
hardening. With this defense in place, such bugs can't crash Tor,
though we should still fix them as they occur. Closes ticket 20384
(TROVE-2016-10-001).
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
