From 4fc866ce7f2f3a6685d7982fae45503a5828571e Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Fri, 26 Oct 2012 00:39:06 -0400 Subject: [PATCH] touch-ups --- ChangeLog | 12 ++++++------ src/common/tortls.c | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index b348392661..e017fcdd34 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,13 +1,13 @@ Changes in version 0.2.4.5-alpha - 2012-10-25 - Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two - important security vulnerabilities that could lead to remotely - triggerable relay crashes, fixes a major bug that was preventing - clients from choosing good exit nodes, and refactor some of our code. + Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix + two important security vulnerabilities that could lead to remotely + triggerable relay crashes, fix a major bug that was preventing clients + from choosing suitable exit nodes, and refactor some of our code. o Major bugfixes (security, also in 0.2.3.24-rc): - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed - by "some guy from France." Fix for CVE-2012-2250; bugfix on + by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory @@ -32,7 +32,7 @@ Changes in version 0.2.4.5-alpha - 2012-10-25 o Minor bugfixes: - Only disable TLS session ticket support when running as a TLS - server. This keeps clients harder to distinguish from regular firefox + server. Now clients will blend better with regular Firefox connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. o Code simplification and refactoring: diff --git a/src/common/tortls.c b/src/common/tortls.c index 1b7b544f36..d4f02d3d38 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1195,7 +1195,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, * create an opportunity to fingerprint us (since it's unusual to use them * with TLS sessions turned off). * - * In 0.2.4, clients advertise support for them, though to avoid a TLS + * In 0.2.4, clients advertise support for them though, to avoid a TLS * distinguishability vector. This can give us worse PFS, though, if we * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will * be few such servers by the time 0.2.4 is more stable.