Loading ChangeLog +6 −6 Original line number Diff line number Diff line Changes in version 0.2.4.5-alpha - 2012-10-25 Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely triggerable relay crashes, fixes a major bug that was preventing clients from choosing good exit nodes, and refactor some of our code. Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely triggerable relay crashes, fix a major bug that was preventing clients from choosing suitable exit nodes, and refactor some of our code. o Major bugfixes (security, also in 0.2.3.24-rc): - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed by "some guy from France." Fix for CVE-2012-2250; bugfix on by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory Loading @@ -32,7 +32,7 @@ Changes in version 0.2.4.5-alpha - 2012-10-25 o Minor bugfixes: - Only disable TLS session ticket support when running as a TLS server. This keeps clients harder to distinguish from regular firefox server. Now clients will blend better with regular Firefox connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. o Code simplification and refactoring: Loading src/common/tortls.c +1 −1 Original line number Diff line number Diff line Loading @@ -1195,7 +1195,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, * create an opportunity to fingerprint us (since it's unusual to use them * with TLS sessions turned off). * * In 0.2.4, clients advertise support for them, though to avoid a TLS * In 0.2.4, clients advertise support for them though, to avoid a TLS * distinguishability vector. This can give us worse PFS, though, if we * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will * be few such servers by the time 0.2.4 is more stable. Loading Loading
ChangeLog +6 −6 Original line number Diff line number Diff line Changes in version 0.2.4.5-alpha - 2012-10-25 Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely triggerable relay crashes, fixes a major bug that was preventing clients from choosing good exit nodes, and refactor some of our code. Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix two important security vulnerabilities that could lead to remotely triggerable relay crashes, fix a major bug that was preventing clients from choosing suitable exit nodes, and refactor some of our code. o Major bugfixes (security, also in 0.2.3.24-rc): - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed by "some guy from France." Fix for CVE-2012-2250; bugfix on by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory Loading @@ -32,7 +32,7 @@ Changes in version 0.2.4.5-alpha - 2012-10-25 o Minor bugfixes: - Only disable TLS session ticket support when running as a TLS server. This keeps clients harder to distinguish from regular firefox server. Now clients will blend better with regular Firefox connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. o Code simplification and refactoring: Loading
src/common/tortls.c +1 −1 Original line number Diff line number Diff line Loading @@ -1195,7 +1195,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, * create an opportunity to fingerprint us (since it's unusual to use them * with TLS sessions turned off). * * In 0.2.4, clients advertise support for them, though to avoid a TLS * In 0.2.4, clients advertise support for them though, to avoid a TLS * distinguishability vector. This can give us worse PFS, though, if we * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will * be few such servers by the time 0.2.4 is more stable. Loading