Loading ChangeLog +12 −1 Original line number Diff line number Diff line Changes in version 0.2.1.32 - 201?-??-?? Changes in version 0.2.1.32 - 2011-12-16 Tor 0.2.1.32 backports important security and privacy fixes for oldstable. This release is intended only for package maintainers and others who cannot use the 0.2.2 stable series. All others should be using Tor 0.2.2.x or newer. The Tor 0.2.1.x series will reach formal end-of-life some time in early 2012, when we will stop releasing patches for it. o Major bugfixes (also included in 0.2.2.x): - Correctly sanity-check that we don't underflow on a memory allocation (and then assert) for hidden service introduction point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; bugfix on 0.2.1.5-alpha. - Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor". o Minor features: - Update to the December 6 2011 Maxmind GeoLite Country database. Loading changes/buffer_bugdeleted 100644 → 0 +0 −7 Original line number Diff line number Diff line o Major bugfixes: - Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor". Loading
ChangeLog +12 −1 Original line number Diff line number Diff line Changes in version 0.2.1.32 - 201?-??-?? Changes in version 0.2.1.32 - 2011-12-16 Tor 0.2.1.32 backports important security and privacy fixes for oldstable. This release is intended only for package maintainers and others who cannot use the 0.2.2 stable series. All others should be using Tor 0.2.2.x or newer. The Tor 0.2.1.x series will reach formal end-of-life some time in early 2012, when we will stop releasing patches for it. o Major bugfixes (also included in 0.2.2.x): - Correctly sanity-check that we don't underflow on a memory allocation (and then assert) for hidden service introduction point decryption. Bug discovered by Dan Rosenberg. Fixes bug 4410; bugfix on 0.2.1.5-alpha. - Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor". o Minor features: - Update to the December 6 2011 Maxmind GeoLite Country database. Loading
changes/buffer_bugdeleted 100644 → 0 +0 −7 Original line number Diff line number Diff line o Major bugfixes: - Fix a heap overflow bug that could occur when trying to pull data into the first chunk of a buffer, when that chunk had already had some data drained from it. Fixes CVE-2011-2778; bugfix on 0.2.0.16-alpha. Reported by "Vektor".
