diff --git a/ChangeLog b/ChangeLog index 5091e45844..8b0bc09c96 100644 --- a/ChangeLog +++ b/ChangeLog @@ -20,43 +20,6 @@ Changes in version 0.2.7.7 - 2017-03-?? it was changed on 18 November 2015. Closes task 17906. Patch by "teor". - o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): - - Avoid crashing when running as a DNS proxy. Fixes bug 16248; - bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". - - o Minor features (bug-resistance, backport from 0.2.8.2-alpha): - - Make Tor survive errors involving connections without a - corresponding event object. Previously we'd fail with an - assertion; now we produce a log message. Related to bug 16248. - - o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): - - Make memwipe() do nothing when passed a NULL pointer or buffer of - zero size. Check size argument to memwipe() for underflow. Fixes - bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", - patch by "teor". - - o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): - - Avoid a difficult-to-trigger heap corruption attack when extending - a smartlist to contain over 16GB of pointers. Fixes bug 18162; - bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. - Reported by Guido Vranken. - - - o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): - - Stop a crash that could occur when a client running with DNSPort - received a query with multiple address types, and the first - address type was not supported. Found and fixed by Scott Dial. - Fixes bug 18710; bugfix on 0.2.5.4-alpha. - - - Prevent a class of security bugs caused by treating the contents - of a buffer chunk as if they were a NUL-terminated string. At - least one such bug seems to be present in all currently used - versions of Tor, and would allow an attacker to remotely crash - most Tor instances, especially those compiled with extra compiler - hardening. With this defense in place, such bugs can't crash Tor, - though we should still fix them as they occur. Closes ticket - 20384 (TROVE-2016-10-001). - o Major bugfixes (parsing, security, backport from 0.2.9.8): - Fix a bug in parsing that could cause clients to read a single byte past the end of an allocated region. This bug could be used @@ -67,6 +30,30 @@ Changes in version 0.2.7.7 - 2017-03-?? 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- 2016-12-002 and as CVE-2016-1254. + o Major bugfixes (security, client, DNS proxy, backport from 0.2.8.3-alpha): + - Stop a crash that could occur when a client running with DNSPort + received a query with multiple address types, and the first + address type was not supported. Found and fixed by Scott Dial. + Fixes bug 18710; bugfix on 0.2.5.4-alpha. + - Prevent a class of security bugs caused by treating the contents + of a buffer chunk as if they were a NUL-terminated string. At + least one such bug seems to be present in all currently used + versions of Tor, and would allow an attacker to remotely crash + most Tor instances, especially those compiled with extra compiler + hardening. With this defense in place, such bugs can't crash Tor, + though we should still fix them as they occur. Closes ticket + 20384 (TROVE-2016-10-001). + + o Major bugfixes (security, pointers, backport from 0.2.8.2-alpha): + - Avoid a difficult-to-trigger heap corruption attack when extending + a smartlist to contain over 16GB of pointers. Fixes bug 18162; + bugfix on 0.1.1.11-alpha, which fixed a related bug incompletely. + Reported by Guido Vranken. + + o Major bugfixes (dns proxy mode, crash, backport from 0.2.8.2-alpha): + - Avoid crashing when running as a DNS proxy. Fixes bug 16248; + bugfix on 0.2.0.1-alpha. Patch from "cypherpunks". + o Major bugfixes (key management, backport from 0.2.8.3-alpha): - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer to the previous (uninitialized) key value. The impact here @@ -76,10 +63,6 @@ Changes in version 0.2.7.7 - 2017-03-?? 0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and Baishakhi Ray. - o Minor features (geoip): - - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 - Country database. - o Major bugfixes (parsing, backported from 0.3.0.4-rc): - Fix an integer underflow bug when comparing malformed Tor versions. This bug could crash Tor when built with @@ -88,6 +71,21 @@ Changes in version 0.2.7.7 - 2017-03-?? it was harmless. Part of TROVE-2017-001. Fixes bug 21278; bugfix on 0.0.8pre1. Found by OSS-Fuzz. + o Minor features (security, memory erasure, backport from 0.2.8.1-alpha): + - Make memwipe() do nothing when passed a NULL pointer or buffer of + zero size. Check size argument to memwipe() for underflow. Fixes + bug 18089; bugfix on 0.2.3.25 and 0.2.4.6-alpha. Reported by "gk", + patch by "teor". + + o Minor features (bug-resistance, backport from 0.2.8.2-alpha): + - Make Tor survive errors involving connections without a + corresponding event object. Previously we'd fail with an + assertion; now we produce a log message. Related to bug 16248. + + o Minor features (geoip): + - Update geoip and geoip6 to the February 8 2017 Maxmind GeoLite2 + Country database. + Changes in version 0.2.7.6 - 2015-12-10 Tor version 0.2.7.6 fixes a major bug in entry guard selection, as