[tor-commits] [tor/release-0.3.0] sort changes into 0.3.0.4-rc changelog
nickm at torproject.org
nickm at torproject.org
Tue Feb 28 14:25:54 UTC 2017
commit 46e096f2eb94cf13248fce1a136095c068f16d3c
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue Feb 28 09:25:22 2017 -0500
sort changes into 0.3.0.4-rc changelog
---
ChangeLog | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 114 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 7cc4f44..b805f6f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,117 @@
-Changes in version 0.3.0.4-??? - 2017-02-??
+Changes in version 0.3.0.4-rc - 2017-03-??
+ Tor 0.3.0.4-rc fixes some remaining bugs, large and small, in the 0.3.0
+ release series, and introduces a few reliability features to keep them
+ from coming back.
+
+ This is the first release candidate in the Tor 0.3.0 series.
+ If we find no new bugs or regressions here, the first stable 0.2.8
+ release will be identical to it.
+
+ o Major bugfixes (bridges):
+ - When the same bridge is configured multiple times at different
+ address:port combinations (but with the same identity), treat
+ those bridge instances as separate guards. This allows clients to
+ configure the same bridge with multiple pluggable transports, once
+ again. Fixes bug 21027; bugfix on 0.3.0.1-alpha.
+
+ o Major bugfixes (hidden service directory v3):
+ - When a descriptor lookup was done and it was not found in the directory
+ cache, it would crash on a NULL pointer instead of returning the 404
+ code back to the client like it was suppose to. Fixes bug 21471;
+ bugfixes on tor-0.3.0.1-alpha.
+
+ o Major bugfixes (HTTP, parsing):
+ - When parsing a malformed content-length field from an HTTP message,
+ do not read off the end of the buffer. This bug was a potential
+ remote denial-of-service attack against Tor clients and relays.
+ A workaround was released in October 2016, which prevents this
+ bug from crashing Tor. This is a fix for the underlying issue,
+ which should no longer matter (if you applied the earlier patch).
+ Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
+ using AFL (http://lcamtuf.coredump.cx/afl/).
+
+ o Major bugfixes (parsing):
+ - Fix an integer underflow bug when comparing malformed Tor versions.
+ This bug is harmless, except when Tor has been built with
+ --enable-expensive-hardening, which would turn it into a crash;
+ or on Tor 0.2.9.1-alpha through Tor 0.2.9.8, which were built with
+ -ftrapv by default.
+ Part of TROVE-2017-001. Fixes bug 21278; bugfix on
+ 0.0.8pre1. Found by OSS-Fuzz.
+
+ o Minor feature (protover):
+ - Add new protocol version for proposal 224. HSIntro now advertises
+ version "3-4" and HSDir version "1-2". Fixes ticket 20656.
+
+ o Minor features (directory authority):
+ - Directory authorities now reject descriptors that claim to be
+ malformed versions of Tor. Helps prevent exploitation of bug 21278.
+
+ o Minor features (geoip):
+ - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2
+ Country database.
+
+ o Minor features (reliability, crash):
+ - Try better to detect problems in buffers where they might grow (or
+ think they have grown) over 2 GB in size. Diagnostic for bug 21369.
+
+ o Minor features (testing):
+ - During 'make test-network-all', if tor logs any warnings, ask chutney
+ to output them. Requires a recent version of chutney with the 21572
+ patch.
+ Implements 21570.
+
+ o Minor bugfixes (certificate expiration time):
+ - Avoid using link certificates that don't become valid till
+ some time in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha
+
+ o Minor bugfixes (code correctness):
+ - Repair a couple of (unreachable or harmless) cases of the risky
+ comparison-by-subtraction pattern that caused bug 21278.
+
+ o Minor bugfixes (correctness):
+ - Remove a redundant check for the UseEntryGuards option from the
+ options_transition_affects_guards() function. Fixes bug 21492;
+ bugfix on 0.3.0.1-alpha.
+
+ o Minor bugfixes (directory mirrors):
+ - Allow relays to use directory mirrors without a DirPort: these relays
+ need to be contacted over their ORPorts using a begindir connection.
+ Fixes bug 20711; bugfix on 0.2.8.2-alpha.
+ - Clarify the message logged when a remote relay is unexpectedly missing
+ an ORPort or DirPort: users were confusing this with a local port.
+ Fixes bug 20711; bugfix on 0.2.8.2-alpha.
+
+ o Minor bugfixes (guards):
+ - Don't warn about a missing guard state on timeout-measurement
+ circuits: they aren't supposed to be using guards. Fixes an
+ instance of bug 21007; bugfix on 0.3.0.1-alpha.
+
+ o Minor bugfixes (hidden service):
+ - When encoding a legacy ESTABLISH_INTRO cell, we were using the sizeof()
+ on a pointer instead of real size of the destination buffer leading to
+ an overflow passing an enormous value to the signing digest function.
+ Fortunately, that value was only used to make sure the destination
+ buffer length was big enough for the key size and in this case it was.
+ Fixes bug 21553; bugfix on 0.3.0.1-alpha.
+
+ o Minor bugfixes (testing):
+ - Fix Raspbian build missing socket errno in test util. Fixes bug 21116;
+ bugfix on tor-0.2.8.2. Patch by "hein".
+ - Rename "make fuzz" to "make test-fuzz-corpora", since it doesn't
+ actually fuzz anything. Fixes bug 21447; bugfix on 0.3.0.3-alpha.
+ - Use bash in src/test/test-network.sh. This ensures we reliably call
+ chutney's newer tools/test-network.sh when available.
+ Fixes bug 21562; bugfix on 0.2.9.1-alpha.
+
+ o Minor bugfixes (voting consistency):
+ - Reject version numbers with components that exceed INT32_MAX.
+ Otherwise 32-bit and 64-bit platforms would behave inconsistently.
+ Fixes bug 21450; bugfix on 0.0.8pre1.
+
+ o Documentation:
+ - Small fixes to the fuzzing documentation. Closes ticket
+ 21472.
Changes in version 0.3.0.3-alpha - 2017-02-03
More information about the tor-commits
mailing list