Commit 06c31b1b authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Remove changes files that have also appeared in 0.4.4 releases.

parent db10d001
o Minor bugfixes (logging):
- Downgrade a noisy log message that could occur naturally when
receiving an extrainfo document that we no longer want.
Fixes bug 16016; bugfix on
o Minor bugfixes (linux seccomp2 sandbox):
- Fix a regression on sandboxing rules for the openat() syscall.
The fix for bug 25440 fixed the problem on systems with glibc >=
2.27 but broke tor on previous versions of glibc. We now apply
the correct seccomp rule according to the running glibc version.
Patch from Daniel Pinto. Fixes bug 27315; bugfix on
o Minor bugfixes (windows):
- Fix a bug that prevented Tor from starting if its log file
grew above 2GB. Fixes bug 31036; bugfix on
o Major bugfixes (NSS):
- Fix out-of-bound memory access in `tor_tls_cert_matches_key()` when Tor is
compiled with NSS support. Fixes bug 33119; bugfix on This
issue is also tracked as TROVE-2020-001.
o Minor bugfixes (onion services v3):
- Avoid a non-fatal assert log in an edge-case of opening an intro circuit
as a client. Fixes bug 34084; bugfix on
o Minor bugfixes (onion service v3):
- Remove a BUG() warning that could trigger in certain unlikely edge-cases.
Fixes bug 34086; bugfix on
o Minor features (entry guards):
- Reinstate support for GUARD NEW/UP/DOWN control port events.
Closes ticket 40001.
\ No newline at end of file
o Minor bugfixes (linux seccomp2 sandbox):
- Makes the seccomp sandbox allow the correct syscall for opendir
according to the running glibc version. The opendir function
either uses open or openat but the current code does not
differenciate between opendir and open calls. This adds a new
seccomp sandbox rule for opendir. This fixes crashes when
reloading torrc with sandbox enabled when running on glibc
2.15 to 2.21 and 2.26. Patch from Daniel Pinto. Fixes bug 40020;
bugfix on
o Minor bugfixes (compiler warnings):
- Fix a compiler warning on platforms with 32-bit time_t values.
Fixes bug 40028; bugfix on
o Minor bugfixes (linux seccomp2 sandbox):
- Fix startup crash with seccomp sandbox enabled when tor tries to
open the data directory. Patch from Daniel Pinto. Fixes bug 40072;
bugfix on
o Minor bugfixes (correctness, buffers):
- Fix a correctness bug that could cause an assertion failure if we ever
tried using the buf_move_all() function with an empty input.
As far as we know, no released versions of Tor do this.
Fixes bug 40076; bugfix on
o Minor bugfixes (relay, self-testing):
- When starting up as a relay, if we haven't been able to verify that
we're reachable, only launch reachability tests at most once a minute.
Previously, we had been launching tests up to once a second, which
was needlessly noisy. Fixes bug 40083; bugfix on
o Minor bugfixes (testing):
- When running the subsystem order check, use the python binary
configured with the PYTHON environment variable. Fixes bug 40095;
bugfix on
o Documentation:
- Replace most http:// URLs in our code and documentation with https://
URLs. (We have left unchanged the code in src/ext/, and the text in
LICENSE.) Closes ticket 31812. Patch from Jeremy Rand.
o Minor features (bootstrap reporting):
- Report more detailed reasons for bootstrap failure when the failure
happens due to a TLS error. Previously we would just call these errors
"MISC" when they happened during read, and "DONE" when they
happened during any other TLS operation. Closes ticket 32622.
o Minor features (directory authority):
- Authorities now recommend protocol versions that are supported
by Tor 0.3.5 and later. (Earlier versions of Tor have been
deprecated since January of this year.) This recommendation
will cause older clients and relays to give a warning on startup,
or when they download a consensus directory.
Closes ticket 32696.
o Minor features (linux seccomp2 sandbox):
- Permit the unlinkat() syscall, which some Libc implementations
use to implement unlink(). Closes ticket 33346.
o Minor bugfixes (rate limiting, bridges, pluggable transports):
- On a bridge, treat all connections from an ExtORPort as remote
by default for the purposes of rate-limiting. Previously,
bridges would treat the connection as local unless they explicitly
received a "USERADDR" command. ExtORPort connections still
count as local if there is a USERADDR command with an explicit local
address. Fixes bug 33747; bugfix on
o Removed features (IPv6, revert):
- Revert the client port prefer IPv6 feature because it breaks the
torsocks use case. The SOCKS resolve command is lacking a mechanism to
ask for a specific address family (v4 or v6) thus prioritizing IPv6 when
an IPv4 address is asked on the resolve SOCKS interface resulting in a
failure. Tor Browser explicitly set PreferIPv6 so this should not affect
the majority of our users. Closes ticket 33796; bugfix on
o Minor bugfix (SOCKS, onion service client):
- Also detect bad v3 onion service address of the wrong length when
returning the F6 ExtendedErrors code. Fixes bug 33873; bugfix on
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment