Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Tor
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Container Registry
Model registry
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
The Tor Project
Core
Tor
Commits
b6e0236f
Commit
b6e0236f
authored
12 years ago
by
Nick Mathewson
Browse files
Options
Downloads
Patches
Plain Diff
Fold in changelog item; draft blurb for 0.2.4.5-alpha
parent
48cdcc9d
No related branches found
Branches containing commit
No related tags found
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
ChangeLog
+18
-8
18 additions, 8 deletions
ChangeLog
changes/link_negotiation_assert
+0
-6
0 additions, 6 deletions
changes/link_negotiation_assert
with
18 additions
and
14 deletions
ChangeLog
+
18
−
8
View file @
b6e0236f
Changes in version 0.2.4.5-alpha - 2012-10-2?
o Major bugfixes (also in 0.2.3.24-rc):
Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two
important security vulnerabilities that could lead to remotely
triggerable relay crashes, fixes a major bug that was preventing
clients from choosing good exit nodes, and refactor some of our code.
o Major bugfixes (security, also in 0.2.3.24-rc):
- Fix a group of remotely triggerable assertion failures related to
incorrect link protocol negotiation. Found, diagnosed, and fixed
by "some guy from France." Fix for CVE-2012-2250; bugfix on
0.2.3.6-alpha.
- Fix a denial of service attack by which any directory authority
could crash all the others, or by which a single v2 directory
authority could crash everybody downloading v2 directory
information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
o Major bugfixes (also in 0.2.3.24-rc):
- When parsing exit policy summaries from microdescriptors, we had
previously been ignoring the last character in each one, so that
"accept 80,443,8080" would be treated by clients as indicating
...
...
@@ -19,18 +30,17 @@ Changes in version 0.2.4.5-alpha - 2012-10-2?
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
o Code simplification and refactoring:
- Start using OpenBSD's implementation of queue.h (originally by Niels
Provos).
- Move the entry node code from circuitbuild.c to its own file.
- Move the circuit build timeout tracking code from circuitbuild.c
to its own file.
o Minor bugfixes:
- Only disable TLS session ticket support when running as a TLS
server. This keeps clients harder to distinguish from regular firefox
connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
o Code simplification and refactoring:
- Start using OpenBSD's implementation of queue.h (originally by
Niels Provos).
- Move the entry node code from circuitbuild.c to its own file.
- Move the circuit build timeout tracking code from circuitbuild.c
to its own file.
Changes in version 0.2.4.4-alpha - 2012-10-20
...
...
This diff is collapsed.
Click to expand it.
changes/link_negotiation_assert
deleted
100644 → 0
+
0
−
6
View file @
48cdcc9d
o Major bugfixs (security):
- Fix a group of remotely triggerable assertion failures related to
incorrect link protocol negotiation. Found, diagnosed, and fixed
by "some guy from France." Fix for CVE-2012-2250; bugfix on
0.2.3.6-alpha.
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
