Loading ChangeLog +29 −0 Original line number Diff line number Diff line Changes in version 0.4.5.16 - 2023-01-12 This version has one major bugfix for relay and a security fix, TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our 0.4.7.x stable series. As a reminder, this series is EOL on February 15th, 2023. o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks". o Major bugfixes (TROVE-2022-002, client): - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12. Changes in version 0.4.5.15 - 2022-12-06 This version has several major changes for directory authorities. And a major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x ReleaseNotes +29 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,35 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. Changes in version 0.4.5.16 - 2023-01-12 This version has one major bugfix for relay and a security fix, TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our 0.4.7.x stable series. As a reminder, this series is EOL on February 15th, 2023. o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks". o Major bugfixes (TROVE-2022-002, client): - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12. Changes in version 0.4.5.15 - 2022-12-06 This version has several major changes for directory authorities. And a major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x changes/bug40563deleted 100644 → 0 +0 −8 Original line number Diff line number Diff line o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks". changes/fallbackdirs-2023-01-12deleted 100644 → 0 +0 −2 Original line number Diff line number Diff line o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023. changes/geoip-2023-01-12deleted 100644 → 0 +0 −3 Original line number Diff line number Diff line o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12. Loading
ChangeLog +29 −0 Original line number Diff line number Diff line Changes in version 0.4.5.16 - 2023-01-12 This version has one major bugfix for relay and a security fix, TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our 0.4.7.x stable series. As a reminder, this series is EOL on February 15th, 2023. o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks". o Major bugfixes (TROVE-2022-002, client): - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12. Changes in version 0.4.5.15 - 2022-12-06 This version has several major changes for directory authorities. And a major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
ReleaseNotes +29 −0 Original line number Diff line number Diff line Loading @@ -2,6 +2,35 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. Changes in version 0.4.5.16 - 2023-01-12 This version has one major bugfix for relay and a security fix, TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our 0.4.7.x stable series. As a reminder, this series is EOL on February 15th, 2023. o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks". o Major bugfixes (TROVE-2022-002, client): - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12. Changes in version 0.4.5.15 - 2022-12-06 This version has several major changes for directory authorities. And a major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
changes/bug40563deleted 100644 → 0 +0 −8 Original line number Diff line number Diff line o Major bugfixes (relay): - When opening a channel because of a circuit request that did not include an Ed25519 identity, record the Ed25519 identity that we actually received, so that we can use the channel for other circuit requests that _do_ list an Ed25519 identity. (Previously we had code to record this identity, but a logic bug caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch from "cypherpunks".
changes/fallbackdirs-2023-01-12deleted 100644 → 0 +0 −2 Original line number Diff line number Diff line o Minor features (fallbackdir): - Regenerate fallback directories generated on January 12, 2023.
changes/geoip-2023-01-12deleted 100644 → 0 +0 −3 Original line number Diff line number Diff line o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/01/12.
