Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
T
Tor
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Benjamin J. Thompson
Tor
Commits
e577eb22
Commit
e577eb22
authored
8 years ago
by
Nick Mathewson
Browse files
Options
Downloads
Patches
Plain Diff
forward-port releasenotes and changelog
parent
157e6a29
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
2
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
ChangeLog
+72
-0
72 additions, 0 deletions
ChangeLog
ReleaseNotes
+688
-0
688 additions, 0 deletions
ReleaseNotes
with
760 additions
and
0 deletions
ChangeLog
+
72
−
0
View file @
e577eb22
Changes in version 0.3.0.1-alpha - 2016-??-??
Changes in version 0.2.8.12 - 2016-12-19
Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018
below) where Tor clients could crash when attempting to visit a
hostile hidden service. Clients are recommended to upgrade as packages
become available for their systems.
It also includes an updated list of fallback directories, backported
from 0.2.9.
Now that the Tor 0.2.9 series is stable, only major bugfixes will be
backported to 0.2.8 in the future.
o Major bugfixes (parsing, security, backported from 0.2.9.8):
- Fix a bug in parsing that could cause clients to read a single
byte past the end of an allocated region. This bug could be used
to cause hardened clients (built with --enable-expensive-hardening)
to crash if they tried to visit a hostile hidden service. Non-
hardened clients are only affected depending on the details of
their platform's memory allocator. Fixes bug 21018; bugfix on
0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
2016-12-002 and as CVE-2016-1254.
o Minor features (fallback directory list, backported from 0.2.9.8):
- Replace the 81 remaining fallbacks of the 100 originally
introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
fallbacks (123 new, 54 existing, 27 removed) generated in December
2016. Resolves ticket 20170.
o Minor features (geoip, backported from 0.2.9.7-rc):
- Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2
Country database.
Changes in version 0.2.9.8 - 2016-12-19
Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series.
The Tor 0.2.9 series makes mandatory a number of security features
that were formerly optional. It includes support for a new shared-
randomness protocol that will form the basis for next generation
hidden services, includes a single-hop hidden service mode for
optimizing .onion services that don't actually want to be hidden,
tries harder not to overload the directory authorities with excessive
downloads, and supports a better protocol versioning scheme for
improved compatibility with other implementations of the Tor protocol.
And of course, there are numerous other bugfixes and improvements.
This release also includes a fix for a medium-severity issue (bug
21018 below) where Tor clients could crash when attempting to visit a
hostile hidden service. Clients are recommended to upgrade as packages
become available for their systems.
Below are the changes since 0.2.9.7-rc. For a list of all changes
since 0.2.8, see the ReleaseNotes file.
o Major bugfixes (parsing, security):
- Fix a bug in parsing that could cause clients to read a single
byte past the end of an allocated region. This bug could be used
to cause hardened clients (built with --enable-expensive-hardening)
to crash if they tried to visit a hostile hidden service. Non-
hardened clients are only affected depending on the details of
their platform's memory allocator. Fixes bug 21018; bugfix on
0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE-
2016-12-002 and as CVE-2016-1254.
o Minor features (fallback directory list):
- Replace the 81 remaining fallbacks of the 100 originally
introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177
fallbacks (123 new, 54 existing, 27 removed) generated in December
2016. Resolves ticket 20170.
Changes in version 0.2.9.7-rc - 2016-12-12
Tor 0.2.9.7-rc fixes a few small bugs remaining in Tor 0.2.9.6-rc,
including a few that had prevented tests from passing on
This diff is collapsed.
Click to expand it.
ReleaseNotes
+
688
−
0
View file @
e577eb22
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
