[tor-commits] [tor/release-0.2.1] fold in changes files
arma at torproject.org
arma at torproject.org
Thu Oct 27 23:51:30 UTC 2011
commit 6bb9bd17d0d21ee32f7010a307bf35bf7d5b5cc0
Author: Roger Dingledine <arma at torproject.org>
Date: Wed Oct 26 18:02:13 2011 -0400
fold in changes files
---
ChangeLog | 27 ++++++++++++++++++++++-----
changes/issue-2011-10-19L | 21 ---------------------
changes/issue-2011-10-23G | 9 ---------
3 files changed, 22 insertions(+), 35 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9aef0e5..4a74ecf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,13 +1,33 @@
-Changes in version 0.2.1.31 - 2011-05-??
+Changes in version 0.2.1.31 - 2011-10-26
Tor 0.2.1.31 fixes a variety of potential privacy problems.
- o Security/privacy fixes (also included in 0.2.2.x):
+ o Security fixes (also included in 0.2.2.x):
- Replace all potentially sensitive memory comparison operations
with versions whose runtime does not depend on the data being
compared. This will help resist a class of attacks where an
adversary can use variations in timing information to learn
sensitive data. Fix for one case of bug 3122. (Safe memcmp
implementation by Robert Ransom based partially on code by DJB.)
+ - Fix an assert in parsing router descriptors containing IPv6
+ addresses. This one took down the directory authorities when
+ somebody tried some experimental code. Bugfix on 0.2.1.3-alpha.
+
+ o Privacy/anonymity fixes (also included in 0.2.2.x):
+ - Clients and bridges no longer send TLS certificate chains on
+ outgoing OR connections. Previously, each client or bridge
+ would use a single cert chain for all outgoing OR connections
+ for up to 24 hours, which allowed any relay that the client or
+ bridge contacted to determine which entry guards it is using.
+ Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+ - If a relay receives a CREATE_FAST cell on a TLS connection, it
+ no longer considers that connection as suitable for satisfying a
+ circuit EXTEND request. Now relays can protect clients from the
+ CVE-2011-2768 issue even if the clients haven't upgraded yet.
+ - Bridges now refuse CREATE or CREATE_FAST cells on OR connections
+ that they initiated. Relays could distinguish incoming bridge
+ connections from client connections, creating another avenue for
+ enumerating bridges. Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha.
+ Found by "frosty_un".
- When receiving a hidden service descriptor, check that it is for
the hidden service we wanted. Previously, Tor would store any
hidden service descriptors that a directory gave it, whether it
@@ -21,9 +41,6 @@ Changes in version 0.2.1.31 - 2011-05-??
requests for "all" descriptors. It used to include bridge
descriptors in its answer, which was a major information leak.
Found by "piebeer". Bugfix on 0.2.0.3-alpha.
- - Fix an assert in parsing router descriptors containing IPv6
- addresses. This one took down the directory authorities when
- somebody tried some experimental code. Bugfix on 0.2.1.3-alpha.
- Don't attach new streams to old rendezvous circuits after SIGNAL
NEWNYM. Previously, we would keep using an existing rendezvous
circuit if it remained open (i.e. if it were kept open by a
diff --git a/changes/issue-2011-10-19L b/changes/issue-2011-10-19L
deleted file mode 100644
index 1fefd72..0000000
--- a/changes/issue-2011-10-19L
+++ /dev/null
@@ -1,21 +0,0 @@
- o Security fixes:
-
- - Don't send TLS certificate chains on outgoing OR connections
- from clients and bridges. Previously, each client or bridge
- would use a single cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay connected to by a
- client or bridge to determine which entry guards it is using.
- This is a potential user-tracing bug for *all* users; everyone
- who uses Tor's client or hidden service functionality should
- upgrade. Fixes CVE-2011-2768. Bugfix on FIXME; found by
- frosty_un.
-
- - Don't use any OR connection on which we have received a
- CREATE_FAST cell to satisfy an EXTEND request. Previously, we
- would not consider whether a connection appears to be from a
- client or bridge when deciding whether to use that connection to
- satisfy an EXTEND request. Mitigates CVE-2011-2768, by
- preventing an attacker from determining whether an unpatched
- client is connected to a patched relay. Bugfix on FIXME; found
- by frosty_un.
-
diff --git a/changes/issue-2011-10-23G b/changes/issue-2011-10-23G
deleted file mode 100644
index 45f8675..0000000
--- a/changes/issue-2011-10-23G
+++ /dev/null
@@ -1,9 +0,0 @@
- o Security fixes:
-
- - Reject CREATE and CREATE_FAST cells on outgoing OR connections
- from a bridge to a relay. Previously, we would accept them and
- handle them normally, thereby allowing a malicious relay to
- easily distinguish bridges which connect to it from clients.
- Fixes CVE-2011-2769. Bugfix on 0.2.0.3-alpha, when bridges were
- implemented; found by frosty_un.
-
More information about the tor-commits
mailing list