Commit d7aab158 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

forward-port the changelog

parent 102b4f3a
Changes in version - 2017-12-14
Tor fixes various bugs in earlier versions of Tor,
including some that could affect reliability or correctness.
This is the first release candidate in the 0.3.2 series. If we find no
new bugs or regression here, then the first stable 0.3.2. release will
be nearly identical to this.
o Major bugfixes (circuit prediction):
- Fix circuit prediction logic so that a client doesn't treat a port
as being "handled" by a circuit if that circuit already has
isolation settings on it. This change should make Tor clients more
responsive by improving their chances of having a pre-created
circuit ready for use when a request arrives. Fixes bug 18859;
bugfix on
o Minor features (logging):
- Provide better warnings when the getrandom() syscall fails. Closes
ticket 24500.
o Minor features (portability):
- Tor now compiles correctly on arm64 with libseccomp-dev installed.
(It doesn't yet work with the sandbox enabled.) Closes
ticket 24424.
o Minor bugfixes (bridge clients, bootstrap):
- Retry directory downloads when we get our first bridge descriptor
during bootstrap or while reconnecting to the network. Keep
retrying every time we get a bridge descriptor, until we have a
reachable bridge. Fixes part of bug 24367; bugfix on
- Stop delaying bridge descriptor fetches when we have cached bridge
descriptors. Instead, only delay bridge descriptor fetches when we
have at least one reachable bridge. Fixes part of bug 24367;
bugfix on
- Stop delaying directory fetches when we have cached bridge
descriptors. Instead, only delay bridge descriptor fetches when
all our bridges are definitely unreachable. Fixes part of bug
24367; bugfix on
o Minor bugfixes (compilation):
- Fix a signed/unsigned comparison warning introduced by our fix to
TROVE-2017-009. Fixes bug 24480; bugfix on
o Minor bugfixes (correctness):
- Fix several places in our codebase where a C compiler would be
likely to eliminate a check, based on assuming that undefined
behavior had not happened elsewhere in the code. These cases are
usually a sign of redundant checking or dubious arithmetic. Found
by Georg Koppen using the "STACK" tool from Wang, Zeldovich,
Kaashoek, and Solar-Lezama. Fixes bug 24423; bugfix on various
Tor versions.
o Minor bugfixes (onion service v3):
- Fix a race where an onion service would launch a new intro circuit
after closing an old one, but fail to register it before freeing
the previously closed circuit. This bug was making the service
unable to find the established intro circuit and thus not upload
its descriptor, thus making a service unavailable for up to 24
hours. Fixes bug 23603; bugfix on
o Minor bugfixes (scheduler, KIST):
- Properly set the scheduler state of an unopened channel in the
KIST scheduler main loop. This prevents a harmless but annoying
log warning. Fixes bug 24502; bugfix on
- Avoid a possible integer overflow when computing the available
space on the TCP buffer of a channel. This had no security
implications; but could make KIST allow too many cells on a
saturated connection. Fixes bug 24590; bugfix on
- Downgrade to "info" a harmless warning about the monotonic time
moving backwards: This can happen on platform not supporting
monotonic time. Fixes bug 23696; bugfix on
Changes in version - 2017-12-01
This version of Tor is the latest in the 0.3.2 alpha series. It
includes fixes for several important security issues. All Tor users
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment