[tor-commits] [tor/release-0.2.1] fold in latest changes entries

arma at torproject.org arma at torproject.org
Sat May 14 04:21:33 UTC 2011 

commit 109ba37d54f0fea2f0b8073b6dd210e8d69693be
Author: Roger Dingledine <arma at torproject.org>
Date:   Sat May 14 00:21:12 2011 -0400

    fold in latest changes entries
---
 ChangeLog              |   12 +++++++++++-
 changes/bug3122_memcmp |    7 -------
 changes/bug3135        |    6 ------
 3 files changed, 11 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3553e5c..e799ded 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,5 @@
 Changes in version 0.2.1.31 - 2011-05-??
-  o Major bugfixes (also included in 0.2.2.x):
+  o Security/privacy fixes (also included in 0.2.2.x):
     - Avoid linkability based on cached hidden service descriptors: forget
       all hidden service descriptors cached as a client when processing a
       SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6.
@@ -10,6 +10,12 @@ Changes in version 0.2.1.31 - 2011-05-??
     - Fix an assert in parsing router descriptors containing IPv6
       addresses. This one took down the directory authorities when
       somebody tried some experimental code. Bugfix on 0.2.1.3-alpha.
+    - Replace all potentially sensitive memory comparison operations
+      with versions whose runtime does not depend on the data being
+      compared. This will help resist a class of attacks where an
+      adversary can use variations in timing information to learn
+      sensitive data. Fix for one case of bug 3122. (Safe memcmp
+      implementation by Robert Ransom based partially on code by DJB.)
 
   o Minor bugfixes (also included in 0.2.2.x):
     - When we restart our relay, we might get a successful connection
@@ -33,6 +39,10 @@ Changes in version 0.2.1.31 - 2011-05-??
       heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha.
     - When warning about missing zlib development packages during compile,
       give the correct package names. Bugfix on 0.2.0.1-alpha.
+    - Do not crash when our configuration file becomes unreadable, for
+      example due to a permissions change, between when we start up
+      and when a controller calls SAVECONF. Fixes bug 3135; bugfix
+      on 0.0.9pre6.
 
   o Minor bugfixes (only in 0.2.1.x):
     - Resume using micro-version numbers in 0.2.1.x: our Debian packages
diff --git a/changes/bug3122_memcmp b/changes/bug3122_memcmp
deleted file mode 100644
index a049476..0000000
--- a/changes/bug3122_memcmp
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Security fixes
-    - Replace all potentially sensitive memory comparison operations
-      with versions whose runtime does not depend on the data being
-      compared. This will help resist a class of attacks where an
-      adversary can use variations in timing information to learn
-      sensitive data.  Fix for one case of bug 3122.  (Safe memcmp
-      implementation by Robert Ransom based partially on code by DJB.)
diff --git a/changes/bug3135 b/changes/bug3135
deleted file mode 100644
index d761123..0000000
--- a/changes/bug3135
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes
-    - Do not crash when our configuration file becomes unreadable
-      (usually due to a permissions change) between when we start
-      up and when a controller calls SAVECONF.  Fixes bug 3135;
-      bugfix on 0.0.9pre6.
-

More information about the tor-commits mailing list