[tor-commits] [tor/master] find all those stanzas in master too
arma at torproject.org
arma at torproject.org
Fri Oct 28 00:16:03 UTC 2011
commit 6258013e412dbabcb2482648d84b6199381740fd
Author: Roger Dingledine <arma at torproject.org>
Date: Thu Oct 27 20:15:50 2011 -0400
find all those stanzas in master too
---
ChangeLog | 26 +++++++++++++-------------
ReleaseNotes | 18 +++++++++---------
2 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index c721e70..73e83f0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,10 +16,10 @@ Changes in version 0.2.3.6-alpha - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge
- would use the same cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay that the client or
- bridge contacted to determine which entry guards it is using.
+ outgoing OR connections. Previously, each client or bridge would
+ use the same cert chain for all outgoing OR connections until
+ its IP address changes, which allowed any relay that the client
+ or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@@ -160,10 +160,10 @@ Changes in version 0.2.2.34 - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge
- would use the same cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay that the client or
- bridge contacted to determine which entry guards it is using.
+ outgoing OR connections. Previously, each client or bridge would
+ use the same cert chain for all outgoing OR connections until
+ its IP address changes, which allowed any relay that the client
+ or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@@ -264,11 +264,11 @@ Changes in version 0.2.1.31 - 2011-10-26
o Privacy/anonymity fixes (also included in 0.2.2.x):
- Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge
- would use the same cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay that the client or
- bridge contacted to determine which entry guards it is using.
- Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+ outgoing OR connections. Previously, each client or bridge would
+ use the same cert chain for all outgoing OR connections until
+ its IP address changes, which allowed any relay that the client
+ or bridge contacted to determine which entry guards it is using.
+ Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
circuit EXTEND request. Now relays can protect clients from the
diff --git a/ReleaseNotes b/ReleaseNotes
index 879028a..cbc8f0e 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -32,10 +32,10 @@ Changes in version 0.2.2.34 - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge
- would use the same cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay that the client or
- bridge contacted to determine which entry guards it is using.
+ outgoing OR connections. Previously, each client or bridge would
+ use the same cert chain for all outgoing OR connections until
+ its IP address changes, which allowed any relay that the client
+ or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@@ -136,11 +136,11 @@ Changes in version 0.2.1.31 - 2011-10-26
o Privacy/anonymity fixes (also included in 0.2.2.x):
- Clients and bridges no longer send TLS certificate chains on
- outgoing OR connections. Previously, each client or bridge
- would use the same cert chain for all outgoing OR connections
- for up to 24 hours, which allowed any relay that the client or
- bridge contacted to determine which entry guards it is using.
- Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+ outgoing OR connections. Previously, each client or bridge would
+ use the same cert chain for all outgoing OR connections until
+ its IP address changes, which allowed any relay that the client
+ or bridge contacted to determine which entry guards it is using.
+ Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
circuit EXTEND request. Now relays can protect clients from the
More information about the tor-commits
mailing list