[tor-commits] [tor/release-0.2.2] prepare a release blurb
arma at torproject.org
arma at torproject.org
Tue Sep 13 23:09:00 UTC 2011
commit 8522652d8e9213d4adf6d1d712c233ad8c9190f7
Author: Roger Dingledine <arma at torproject.org>
Date: Tue Sep 13 19:08:47 2011 -0400
prepare a release blurb
---
ChangeLog | 26 +++++++++++++----------
ReleaseNotes | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 78 insertions(+), 11 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index d82ba49..e1a0c87 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,8 @@
-Changes in version 0.2.2.33 - 2011-09-??
+Changes in version 0.2.2.33 - 2011-09-13
+ Tor 0.2.2.33 fixes several bugs, and includes a slight tweak to Tor's
+ TLS handshake that makes relays and bridges that run this new version
+ reachable from Iran again.
+
o Major bugfixes:
- Avoid an assertion failure when reloading a configuration with
TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug
@@ -11,23 +15,23 @@ Changes in version 0.2.2.33 - 2011-09-??
by an attacker who controls both an introduction point and a
rendezvous point, and who uses the malleability of AES-CTR to
alter the encrypted g^x portion of the INTRODUCE1 cell. We think
- that these attacks is infeasible (requiring the attacker to send
+ that these attacks are infeasible (requiring the attacker to send
on the order of zettabytes of altered cells in a short interval),
but we'd rather block them off in case there are any classes of
this attack that we missed. Reported by Willem Pinckaers.
o Minor features:
- - Add a VoteOnHidServDirectoriesV2 configuration option to allow
- directory authorities to abstain from voting on assignment of
- the HSDir consensus flag. Related to bug 2649.
- - Update to the September 6 2011 Maxmind GeoLite Country database.
- - Change the default required uptime for a relay to be accepted as
- a HSDir from 24 hours to 25 hours. Improves on 0.2.0.10-alpha;
- resolves ticket 2649.
- Adjust the expiration time on our SSL session certificates to
better match SSL certs seen in the wild. Resolves ticket 4014.
+ - Change the default required uptime for a relay to be accepted as
+ a HSDir (hidden service directory) from 24 hours to 25 hours.
+ Improves on 0.2.0.10-alpha; resolves ticket 2649.
+ - Add a VoteOnHidServDirectoriesV2 config option to allow directory
+ authorities to abstain from voting on assignment of the HSDir
+ consensus flag. Related to bug 2649.
+ - Update to the September 6 2011 Maxmind GeoLite Country database.
- o Minor bugfixes:
+ o Minor bugfixes (documentation and log messages):
- Correct the man page to explain that HashedControlPassword and
CookieAuthentication can both be set, in which case either method
is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,
@@ -54,7 +58,7 @@ Changes in version 0.2.2.33 - 2011-09-??
- Clean up some code issues that prevented Tor from building on older
BSDs. Fixes bug 3894; reported by "grarpamp".
- Search for a platform-specific version of "ar" when cross-compiling.
- Should fix builds on iOS. Found by Marco Bonetti.
+ Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.
Changes in version 0.2.2.32 - 2011-08-27
diff --git a/ReleaseNotes b/ReleaseNotes
index da83fd2..a04bfae 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -3,6 +3,69 @@ This document summarizes new features and bugfixes in each stable release
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.2.33 - 2011-09-13
+ Tor 0.2.2.33 fixes several bugs, and includes a slight tweak to Tor's
+ TLS handshake that makes relays and bridges that run this new version
+ reachable from Iran again.
+
+ o Major bugfixes:
+ - Avoid an assertion failure when reloading a configuration with
+ TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes bug
+ 3923; bugfix on 0.2.2.25-alpha.
+
+ o Minor features (security):
+ - Check for replays of the public-key encrypted portion of an
+ INTRODUCE1 cell, in addition to the current check for replays of
+ the g^x value. This prevents a possible class of active attacks
+ by an attacker who controls both an introduction point and a
+ rendezvous point, and who uses the malleability of AES-CTR to
+ alter the encrypted g^x portion of the INTRODUCE1 cell. We think
+ that these attacks are infeasible (requiring the attacker to send
+ on the order of zettabytes of altered cells in a short interval),
+ but we'd rather block them off in case there are any classes of
+ this attack that we missed. Reported by Willem Pinckaers.
+
+ o Minor features:
+ - Adjust the expiration time on our SSL session certificates to
+ better match SSL certs seen in the wild. Resolves ticket 4014.
+ - Change the default required uptime for a relay to be accepted as
+ a HSDir (hidden service directory) from 24 hours to 25 hours.
+ Improves on 0.2.0.10-alpha; resolves ticket 2649.
+ - Add a VoteOnHidServDirectoriesV2 config option to allow directory
+ authorities to abstain from voting on assignment of the HSDir
+ consensus flag. Related to bug 2649.
+ - Update to the September 6 2011 Maxmind GeoLite Country database.
+
+ o Minor bugfixes (documentation and log messages):
+ - Correct the man page to explain that HashedControlPassword and
+ CookieAuthentication can both be set, in which case either method
+ is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha,
+ when we decided to allow these config options to both be set. Issue
+ raised by bug 3898.
+ - Demote the 'replay detected' log message emitted when a hidden
+ service receives the same Diffie-Hellman public key in two different
+ INTRODUCE2 cells to info level. A normal Tor client can cause that
+ log message during its normal operation. Bugfix on 0.2.1.6-alpha;
+ fixes part of bug 2442.
+ - Demote the 'INTRODUCE2 cell is too {old,new}' log message to info
+ level. There is nothing that a hidden service's operator can do
+ to fix its clients' clocks. Bugfix on 0.2.1.6-alpha; fixes part
+ of bug 2442.
+ - Clarify a log message specifying the characters permitted in
+ HiddenServiceAuthorizeClient client names. Previously, the log
+ message said that "[A-Za-z0-9+-_]" were permitted; that could have
+ given the impression that every ASCII character between "+" and "_"
+ was permitted. Now we say "[A-Za-z0-9+_-]". Bugfix on 0.2.1.5-alpha.
+
+ o Build fixes:
+ - Provide a substitute implementation of lround() for MSVC, which
+ apparently lacks it. Patch from Gisle Vanem.
+ - Clean up some code issues that prevented Tor from building on older
+ BSDs. Fixes bug 3894; reported by "grarpamp".
+ - Search for a platform-specific version of "ar" when cross-compiling.
+ Should fix builds on iOS. Resolves bug 3909, found by Marco Bonetti.
+
+
Changes in version 0.2.2.32 - 2011-08-27
The Tor 0.2.2 release series is dedicated to the memory of Andreas
Pfitzmann (1958-2010), a pioneer in anonymity and privacy research,
More information about the tor-commits
mailing list