mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-23 20:03:31 +01:00
0.2.1.29 changelog and blurb
This commit is contained in:
parent
ef6fa07e48
commit
5110490253
66
ReleaseNotes
66
ReleaseNotes
@ -3,6 +3,72 @@ This document summarizes new features and bugfixes in each stable release
|
|||||||
of Tor. If you want to see more detailed descriptions of the changes in
|
of Tor. If you want to see more detailed descriptions of the changes in
|
||||||
each development snapshot, see the ChangeLog file.
|
each development snapshot, see the ChangeLog file.
|
||||||
|
|
||||||
|
Changes in version 0.2.1.29 - 2011-01-15
|
||||||
|
Tor 0.2.1.29 continues our recent code security audit work. The main
|
||||||
|
fix resolves a remote heap overflow vulnerability that can allow remote
|
||||||
|
code execution. Other fixes address a variety of assert and crash bugs,
|
||||||
|
most of which we think are hard to exploit remotely.
|
||||||
|
|
||||||
|
o Major bugfixes (security):
|
||||||
|
- Fix a heap overflow bug where an adversary could cause heap
|
||||||
|
corruption. This bug probably allows remote code execution
|
||||||
|
attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on
|
||||||
|
0.1.2.10-rc.
|
||||||
|
- Prevent a denial-of-service attack by disallowing any
|
||||||
|
zlib-compressed data whose compression factor is implausibly
|
||||||
|
high. Fixes part of bug 2324; reported by "doorss".
|
||||||
|
- Zero out a few more keys in memory before freeing them. Fixes
|
||||||
|
bug 2384 and part of bug 2385. These key instances found by
|
||||||
|
"cypherpunks", based on Andrew Case's report about being able
|
||||||
|
to find sensitive data in Tor's memory space if you have enough
|
||||||
|
permissions. Bugfix on 0.0.2pre9.
|
||||||
|
|
||||||
|
o Major bugfixes (crashes):
|
||||||
|
- Prevent calls to Libevent from inside Libevent log handlers.
|
||||||
|
This had potential to cause a nasty set of crashes, especially
|
||||||
|
if running Libevent with debug logging enabled, and running
|
||||||
|
Tor with a controller watching for low-severity log messages.
|
||||||
|
Bugfix on 0.1.0.2-rc. Fixes bug 2190.
|
||||||
|
- Add a check for SIZE_T_MAX to tor_realloc() to try to avoid
|
||||||
|
underflow errors there too. Fixes the other part of bug 2324.
|
||||||
|
- Fix a bug where we would assert if we ever had a
|
||||||
|
cached-descriptors.new file (or another file read directly into
|
||||||
|
memory) of exactly SIZE_T_CEILING bytes. Fixes bug 2326; bugfix
|
||||||
|
on 0.2.1.25. Found by doorss.
|
||||||
|
- Fix some potential asserts and parsing issues with grossly
|
||||||
|
malformed router caches. Fixes bug 2352; bugfix on Tor 0.2.1.27.
|
||||||
|
Found by doorss.
|
||||||
|
|
||||||
|
o Minor bugfixes (other):
|
||||||
|
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||||
|
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a
|
||||||
|
bug reported by doorss.
|
||||||
|
- Fix compilation on mingw when a pthreads compatibility library
|
||||||
|
has been installed. (We don't want to use it, so we shouldn't
|
||||||
|
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
|
||||||
|
- Fix a bug where we would declare that we had run out of virtual
|
||||||
|
addresses when the address space was only half-exhausted. Bugfix
|
||||||
|
on 0.1.2.1-alpha.
|
||||||
|
- Correctly handle the case where AutomapHostsOnResolve is set but
|
||||||
|
no virtual addresses are available. Fixes bug 2328; bugfix on
|
||||||
|
0.1.2.1-alpha. Bug found by doorss.
|
||||||
|
- Correctly handle wrapping around to when we run out of virtual
|
||||||
|
address space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
||||||
|
- The 0.2.1.28 tarball was missing src/common/OpenBSD_malloc_Linux.c
|
||||||
|
because we built it with a too-old version of automake. Thus that
|
||||||
|
release broke ./configure --enable-openbsd-malloc, which is popular
|
||||||
|
among really fast exit relays on Linux.
|
||||||
|
|
||||||
|
o Minor features:
|
||||||
|
- Update to the January 1 2011 Maxmind GeoLite Country database.
|
||||||
|
- Introduce output size checks on all of our decryption functions.
|
||||||
|
|
||||||
|
o Build changes:
|
||||||
|
- Tor does not build packages correctly with Automake 1.6 and earlier;
|
||||||
|
added a check to Makefile.am to make sure that we're building with
|
||||||
|
Automake 1.7 or later.
|
||||||
|
|
||||||
|
|
||||||
Changes in version 0.2.1.28 - 2010-12-17
|
Changes in version 0.2.1.28 - 2010-12-17
|
||||||
Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
|
Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
|
||||||
exploitable bugs. We also took this opportunity to change the IP address
|
exploitable bugs. We also took this opportunity to change the IP address
|
||||||
|
Loading…
Reference in New Issue
Block a user