[tor-commits] [tor/release-0.2.2] schedule tomorrow as the 0.2.2.37 release day

arma at torproject.org arma at torproject.org
Tue Jun 5 22:51:04 UTC 2012


commit c450e524860e23014da250bad88b476d0d540ff9
Author: Roger Dingledine <arma at torproject.org>
Date:   Tue Jun 5 18:50:29 2012 -0400

    schedule tomorrow as the 0.2.2.37 release day
---
 ChangeLog           |   27 +++++++++++++++++++++++++++
 changes/bug5283     |    6 ------
 changes/bug5969_022 |    7 -------
 changes/bug6007     |    5 -----
 changes/bug6033     |    6 ------
 5 files changed, 27 insertions(+), 24 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2150587..78bccbb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,30 @@
+Changes in version 0.2.2.37 - 2012-06-06
+  Tor 0.2.2.37 introduces a workaround for a critical renegotiation
+  bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
+  currently).
+
+  o Major bugfixes:
+    - Work around a bug in OpenSSL that broke renegotiation with TLS
+      1.1 and TLS 1.2. Without this workaround, all attempts to speak
+      the v2 Tor connection protocol when both sides were using OpenSSL
+      1.0.1 would fail. Resolves ticket 6033.
+    - When waiting for a client to renegotiate, don't allow it to add
+      any bytes to the input buffer. This fixes a potential DoS issue.
+      Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
+    - Fix an edge case where if we fetch or publish a hidden service
+      descriptor, we might build a 4-hop circuit and then use that circuit
+      for exiting afterwards -- even if the new last hop doesn't obey our
+      ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
+
+  o Minor bugfixes:
+    - Fix a build warning with Clang 3.1 related to our use of vasprint.
+      Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
+
+  o Minor features:
+    - Tell GCC and Clang to check for any errors in format strings passed
+      to the tor_v*(print|scan)f functions.
+
+
 Changes in version 0.2.2.36 - 2012-05-24
   Tor 0.2.2.36 updates the addresses for two of the eight directory
   authorities, fixes some potential anonymity and security issues,
diff --git a/changes/bug5283 b/changes/bug5283
deleted file mode 100644
index f0325cf..0000000
--- a/changes/bug5283
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Fix an edge case where if we fetch or publish a hidden service
-      descriptor, we might build a 4-hop circuit and then use that circuit
-      for exiting afterwards -- even if the new last hop doesn't obey our
-      ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
-
diff --git a/changes/bug5969_022 b/changes/bug5969_022
deleted file mode 100644
index 57c8744..0000000
--- a/changes/bug5969_022
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes
-    - Fix a build warning with Clang 3.1 related to our use of vasprint.
-      Fix for bug 5969. Bugfix on 0.2.2.11-alpha.
-
-  o Compilation improvements:
-    - Tell GCC and Clang to check for any errors in format strings passed
-      to the tor_v*(print|scan)f functions.
diff --git a/changes/bug6007 b/changes/bug6007
deleted file mode 100644
index 4e81575..0000000
--- a/changes/bug6007
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (security):
-    - When waiting for a client to renegotiate, don't allow it to add
-      any bytes to the input buffer. This fixes a DoS issue. Fix for
-      bugs 6007 and 5934; bugfix on 0.2.0.20-rc.
-
diff --git a/changes/bug6033 b/changes/bug6033
deleted file mode 100644
index 56cffd6..0000000
--- a/changes/bug6033
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes:
-    - Work around a bug in OpenSSL that broke renegotiation with
-      TLS 1.1 and TLS 1.2.  Without this workaround, all attempts
-      to speak the v2 Tor network protocol when both sides were
-      using OpenSSL 1.0.1 would fail.  Fix for bug 6033, which is
-      not a bug in Tor.



More information about the tor-commits mailing list