[tor-commits] [tor/release-0.2.4] changelog edits for 0.2.4.22
nickm at torproject.org
nickm at torproject.org
Wed May 14 13:42:05 UTC 2014
commit 6932f87ae122a3126734500c85d5a1183d129213
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed May 14 09:41:58 2014 -0400
changelog edits for 0.2.4.22
---
ChangeLog | 46 +++++++++++++++++++++++++---------------------
1 file changed, 25 insertions(+), 21 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 51faaf1..c8cdfc1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,16 +1,23 @@
-Changes in version 0.2.4.22 - 2014-05-??
- Write a paragraph here.
+Changes in version 0.2.4.22 - 2014-05-1?
+ Tor 0.2.4.22 backports numerous high-priority fixes from the Tor 0.2.5
+ alpha release series. These include blocking all authority signing keys
+ that may have been affected by the OpenSSL "heartbleed" bug, choosing
+ a far more secure set of TLS ciphersuites by default, closing a couple of
+ memory leaks that could be used to run a target relay out of RAM, and
- o Major bugfixes:
- - When running a hidden service, do not allow TunneledDirConns 0;
- this will keep the hidden service from running, and also
+ o Major bugfixes (security, OOM)
+ - Fix a memory leak that could occur if a microdescriptor parse
+ fails during the tokenizing step. This bug could enable a memory
+ exhaustion attack by directory servers. Fixes bug #11649; bugfix
+ on 0.2.2.6-alpha.
+
+ o Major bugfixes (configuration, security):
+ - When running a hidden service, do not allow TunneledDirConns 0:
+ trying to set that option together with a hidden service would
+ otherwise prevent the hidden service from running, and also
make it publish its descriptors directly over HTTP. Fixes bug 10849;
bugfix on 0.2.1.1-alpha.
- o Minor bugfixes (exit relay, backport from 0.2.5.4-alpha):
- - Stop leaking memory when we successfully resolve a PTR record.
- Fixes bug 11437; bugfix on 0.2.4.7-alpha.
-
o Major features (security, backport from 0.2.5.4-alpha):
- Block authority signing keys that were used on authorities
vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We
@@ -41,17 +48,15 @@ Changes in version 0.2.4.22 - 2014-05-??
- Avoid sending an garbage value to the controller when a circuit is
cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
+ o Minor bugfixes (exit relay, backport from 0.2.5.4-alpha):
+ - Stop leaking memory when we successfully resolve a PTR record.
+ Fixes bug 11437; bugfix on 0.2.4.7-alpha.
+
o Minor features (log verbosity, backport from 0.2.5.4-alpha):
- When we run out of usable circuit IDs on a channel, log only one
warning for the whole channel, and describe how many circuits
there were on the channel. Fixes part of ticket 11553.
- o Minor bugfixes:
- - Downgrade the warning severity for the the "md was still referenced 1
- node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
- diagnose this bug, and the current warning in earlier versions of
- tor achieves nothing useful. Addresses warning from bug 7164.
-
o Documentation (backport from 0.2.5.4-alpha):
- Correctly document that we search for a system torrc file before
looking in ~/.torrc. Fixes documentation side of 9213; bugfix on
@@ -75,12 +80,11 @@ Changes in version 0.2.4.22 - 2014-05-??
- Fix a compilation error when compiling with --disable-cuve25519.
Fixes bug 9700; bugfix on 0.2.4.17-rc.
- o Major bugfixes (security, OOM)
- - Fix a memory leak that could occur if a microdescriptor parse
- fails during the tokenizing step. This could enable a memory
- exhaustion attack by directory servers. Fixes bug #11649; bugfix
- on 0.2.2.6-alpha.
-
+ o Minor bugfixes:
+ - Downgrade the warning severity for the the "md was still referenced 1
+ node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to
+ diagnose this bug, and the current warning in earlier versions of
+ tor achieves nothing useful. Addresses warning from bug 7164.
Changes in version 0.2.4.21 - 2014-02-28
More information about the tor-commits
mailing list