Loading ChangeLog +21 −21 Original line number Diff line number Diff line Loading @@ -6,18 +6,18 @@ Changes in version 0.2.4.22 - 2014-05-1? a couple of memory leaks that could be used to run a target relay out of RAM, and several others. o Major bugfixes (security, OOM): - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. This bug could enable a memory exhaustion attack by directory servers. Fixes bug 11649; bugfix on 0.2.2.6-alpha. o Major features (security, backport from 0.2.5.4-alpha): - Block authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We don't have any evidence that these keys _were_ compromised; we're doing this to be prudent.) Resolves ticket 11464. o Major bugfixes (security, OOM): - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. This bug could enable a memory exhaustion attack by directory servers. Fixes bug 11649; bugfix on 0.2.2.6-alpha. o Major bugfixes (TLS cipher selection, backport from 0.2.5.4-alpha): - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with Loading Loading @@ -53,16 +53,6 @@ Changes in version 0.2.4.22 - 2014-05-1? - Stop leaking memory when we successfully resolve a PTR record. Fixes bug 11437; bugfix on 0.2.4.7-alpha. o Minor features (log verbosity, backport from 0.2.5.4-alpha): - When we run out of usable circuit IDs on a channel, log only one warning for the whole channel, and describe how many circuits there were on the channel. Fixes part of ticket 11553. o Documentation (backport from 0.2.5.4-alpha): - Correctly document that we search for a system torrc file before looking in ~/.torrc. Fixes documentation side of 9213; bugfix on 0.2.3.18-rc. o Minor bugfixes (bridge client, backport from 0.2.5.4-alpha): - Avoid 60-second delays in the bootstrapping process when Tor is launching for a second time while using bridges. Fixes bug 9229; Loading @@ -72,11 +62,6 @@ Changes in version 0.2.4.22 - 2014-05-1? - Give the correct URL in the warning message when trying to run a relay on an ancient version of Windows. Fixes bug 9393. o Minor features (security, backport from 0.2.5.4-alpha): - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave the default at 8GBytes), to better support Raspberry Pi users. Fixes bug 9686; bugfix on 0.2.4.14-alpha. o Minor bugfixes (compilation): - Fix a compilation error when compiling with --disable-curve25519. Fixes bug 9700; bugfix on 0.2.4.17-rc. Loading @@ -88,6 +73,21 @@ Changes in version 0.2.4.22 - 2014-05-1? earlier versions of tor achieves nothing useful. Addresses warning from bug 7164. o Minor features (log verbosity, backport from 0.2.5.4-alpha): - When we run out of usable circuit IDs on a channel, log only one warning for the whole channel, and describe how many circuits there were on the channel. Fixes part of ticket 11553. o Minor features (security, backport from 0.2.5.4-alpha): - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave the default at 8GBytes), to better support Raspberry Pi users. Fixes bug 9686; bugfix on 0.2.4.14-alpha. o Documentation (backport from 0.2.5.4-alpha): - Correctly document that we search for a system torrc file before looking in ~/.torrc. Fixes documentation side of 9213; bugfix on 0.2.3.18-rc. Changes in version 0.2.4.21 - 2014-02-28 Tor 0.2.4.21 further improves security against potential adversaries who Loading Loading
ChangeLog +21 −21 Original line number Diff line number Diff line Loading @@ -6,18 +6,18 @@ Changes in version 0.2.4.22 - 2014-05-1? a couple of memory leaks that could be used to run a target relay out of RAM, and several others. o Major bugfixes (security, OOM): - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. This bug could enable a memory exhaustion attack by directory servers. Fixes bug 11649; bugfix on 0.2.2.6-alpha. o Major features (security, backport from 0.2.5.4-alpha): - Block authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We don't have any evidence that these keys _were_ compromised; we're doing this to be prudent.) Resolves ticket 11464. o Major bugfixes (security, OOM): - Fix a memory leak that could occur if a microdescriptor parse fails during the tokenizing step. This bug could enable a memory exhaustion attack by directory servers. Fixes bug 11649; bugfix on 0.2.2.6-alpha. o Major bugfixes (TLS cipher selection, backport from 0.2.5.4-alpha): - The relay ciphersuite list is now generated automatically based on uniform criteria, and includes all OpenSSL ciphersuites with Loading Loading @@ -53,16 +53,6 @@ Changes in version 0.2.4.22 - 2014-05-1? - Stop leaking memory when we successfully resolve a PTR record. Fixes bug 11437; bugfix on 0.2.4.7-alpha. o Minor features (log verbosity, backport from 0.2.5.4-alpha): - When we run out of usable circuit IDs on a channel, log only one warning for the whole channel, and describe how many circuits there were on the channel. Fixes part of ticket 11553. o Documentation (backport from 0.2.5.4-alpha): - Correctly document that we search for a system torrc file before looking in ~/.torrc. Fixes documentation side of 9213; bugfix on 0.2.3.18-rc. o Minor bugfixes (bridge client, backport from 0.2.5.4-alpha): - Avoid 60-second delays in the bootstrapping process when Tor is launching for a second time while using bridges. Fixes bug 9229; Loading @@ -72,11 +62,6 @@ Changes in version 0.2.4.22 - 2014-05-1? - Give the correct URL in the warning message when trying to run a relay on an ancient version of Windows. Fixes bug 9393. o Minor features (security, backport from 0.2.5.4-alpha): - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave the default at 8GBytes), to better support Raspberry Pi users. Fixes bug 9686; bugfix on 0.2.4.14-alpha. o Minor bugfixes (compilation): - Fix a compilation error when compiling with --disable-curve25519. Fixes bug 9700; bugfix on 0.2.4.17-rc. Loading @@ -88,6 +73,21 @@ Changes in version 0.2.4.22 - 2014-05-1? earlier versions of tor achieves nothing useful. Addresses warning from bug 7164. o Minor features (log verbosity, backport from 0.2.5.4-alpha): - When we run out of usable circuit IDs on a channel, log only one warning for the whole channel, and describe how many circuits there were on the channel. Fixes part of ticket 11553. o Minor features (security, backport from 0.2.5.4-alpha): - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave the default at 8GBytes), to better support Raspberry Pi users. Fixes bug 9686; bugfix on 0.2.4.14-alpha. o Documentation (backport from 0.2.5.4-alpha): - Correctly document that we search for a system torrc file before looking in ~/.torrc. Fixes documentation side of 9213; bugfix on 0.2.3.18-rc. Changes in version 0.2.4.21 - 2014-02-28 Tor 0.2.4.21 further improves security against potential adversaries who Loading