diff --git a/ChangeLog b/ChangeLog index 0c912de160..6b1e11f77a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,130 @@ +Changes in version 0.4.6.7 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, + including one that could lead to a denial-of-service attack. Everyone + running an earlier version, whether as a client, a relay, or an onion + service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between + our batch-signature verification code and our single-signature + verification code. This assertion failure could be triggered + remotely, leading to a denial of service attack. We fix this issue + by disabling batch verification. Fixes bug 40078; bugfix on + 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and + CVE-2021-38385. Found by Henry de Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/08/12. + + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. + Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry + de Valence. + + o Minor bugfixes (onion service): + - Send back the extended SOCKS error 0xF6 (Onion Service Invalid + Address) for a v2 onion address. Fixes bug 40421; bugfix + on 0.4.6.2-alpha. + + o Minor bugfixes (relay): + - Reduce the compression level for data streaming from HIGH to LOW + in order to reduce CPU load on the directory relays. Fixes bug + 40301; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (timekeeping): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating voting + schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. + + +Changes in version 0.4.5.10 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, + including one that could lead to a denial-of-service attack. Everyone + running an earlier version, whether as a client, a relay, or an onion + service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between + our batch-signature verification code and our single-signature + verification code. This assertion failure could be triggered + remotely, leading to a denial of service attack. We fix this issue + by disabling batch verification. Fixes bug 40078; bugfix on + 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and + CVE-2021-38385. Found by Henry de Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/08/12. + + o Minor features (testing): + - Enable the deterministic RNG for unit tests that covers the + address set bloomfilter-based API's. Fixes bug 40419; bugfix + on 0.3.3.2-alpha. + + o Minor bugfix (crypto, backport from 0.4.6.7): + - Disable the unused batch verification feature of ed25519-donna. + Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry + de Valence. + + o Minor bugfixes (relay, backport from 0.4.6.7): + - Reduce the compression level for data streaming from HIGH to LOW. + Fixes bug 40301; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (timekeeping, backport from 0.4.6.7): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating voting + schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (warnings, portability, backport from 0.4.6.6): + - Suppress a strict-prototype warning when building with some + versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. + + +Changes in version 0.3.5.16 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, + including one that could lead to a denial-of-service attack. Everyone + running an earlier version, whether as a client, a relay, or an onion + service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between + our batch-signature verification code and our single-signature + verification code. This assertion failure could be triggered + remotely, leading to a denial of service attack. We fix this issue + by disabling batch verification. Fixes bug 40078; bugfix on + 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and + CVE-2021-38385. Found by Henry de Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2021/08/12. + + o Minor bugfix (crypto, backport from 0.4.6.7): + - Disable the unused batch verification feature of ed25519-donna. + Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry + de Valence. + + o Minor bugfixes (relay, backport from 0.4.6.7): + - Reduce the compression level for data streaming from HIGH to LOW. + Fixes bug 40301; bugfix on 0.3.5.1-alpha. + + Changes in version 0.4.6.6 - 2021-06-30 Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that allows Tor to build correctly on older versions of GCC. You should diff --git a/ReleaseNotes b/ReleaseNotes index e4c42feefb..8bcb61e7fa 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,128 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.4.6.7 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, including one + that could lead to a denial-of-service attack. Everyone running an earlier + version, whether as a client, a relay, or an onion service, should upgrade + to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between our + batch-signature verification code and our single-signature verification + code. This assertion failure could be triggered remotely, leading to a + denial of service attack. We fix this issue by disabling batch + verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is + also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de + Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, + as retrieved on 2021/08/12. + + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. Fixes + bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. + + o Minor bugfixes (onion service): + - Send back the extended SOCKS error 0xF6 (Onion Service Invalid Address) + for a v2 onion address. Fixes bug 40421; bugfix on 0.4.6.2-alpha. + + o Minor bugfixes (relay): + - Reduce the compression level for data streaming from HIGH to LOW in + order to reduce CPU load on the directory relays. Fixes bug 40301; + bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (timekeeping): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating + voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. + + +Changes in version 0.4.5.10 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, including one + that could lead to a denial-of-service attack. Everyone running an earlier + version, whether as a client, a relay, or an onion service, should upgrade + to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between our + batch-signature verification code and our single-signature verification + code. This assertion failure could be triggered remotely, leading to a + denial of service attack. We fix this issue by disabling batch + verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is + also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de + Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, + as retrieved on 2021/08/12. + + o Minor features (testing): + - Enable the deterministic RNG for unit tests that covers the address set + bloomfilter-based API's. Fixes bug 40419; bugfix on 0.3.3.2-alpha. + + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. Fixes + bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. + + o Minor bugfixes (relay, backport from 0.4.6.x): + - Reduce the compression level for data streaming from HIGH to LOW. Fixes + bug 40301; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (timekeeping, backport from 0.4.6.x): + - Calculate the time of day correctly on systems where the time_t + type includes leap seconds. (This is not the case on most + operating systems, but on those where it occurs, our tor_timegm + function did not correctly invert the system's gmtime function, + which could result in assertion failures when calculating + voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha. + + o Minor bugfixes (warnings, portability, backport from 0.4.6.x): + - Suppress a strict-prototype warning when building with some versions + of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. + + +Changes in version 0.3.5.16 - 2021-08-16 + This version fixes several bugs from earlier versions of Tor, including one + that could lead to a denial-of-service attack. Everyone running an earlier + version, whether as a client, a relay, or an onion service, should upgrade + to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7. + + o Major bugfixes (cryptography, security): + - Resolve an assertion failure caused by a behavior mismatch between our + batch-signature verification code and our single-signature verification + code. This assertion failure could be triggered remotely, leading to a + denial of service attack. We fix this issue by disabling batch + verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is + also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de + Valence. + + o Minor feature (fallbackdir): + - Regenerate fallback directories list. Close ticket 40447. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, + as retrieved on 2021/08/12. + + o Minor bugfix (crypto): + - Disable the unused batch verification feature of ed25519-donna. Fixes + bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence. + + o Minor bugfixes (relay, backport from 0.4.6.x): + - Reduce the compression level for data streaming from HIGH to LOW. Fixes + bug 40301; bugfix on 0.3.5.1-alpha. + + Changes in version 0.4.6.6 - 2021-06-30 Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that allows Tor to build correctly on older versions of GCC. You should