mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Fold 20384 into changelog
This commit is contained in:
parent
66ecdcdd75
commit
52b2b2c82f
30
ChangeLog
30
ChangeLog
@ -1,11 +1,27 @@
|
|||||||
Changes in version 0.2.9.4-alpha - 2016-10-17
|
Changes in version 0.2.9.4-alpha - 2016-10-17
|
||||||
Tor 0.2.9.4-alpha adds numerous small features and fix-ups to previous
|
Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor
|
||||||
versions of Tor, including the implementation of a feature to future-
|
that would allow a remote attacker to crash a Tor client, hidden
|
||||||
proof the Tor ecosystem against protocol changes, some bug fixes
|
service, relay, or authority. All Tor users should upgrade to this
|
||||||
necessary for Tor Browser to use unix domain sockets correctly, and
|
version, or to 0.2.8.9. Patches will be released for older versions
|
||||||
several portability improvements. We anticipate that this will be the
|
of Tor.
|
||||||
last alpha in the Tor 0.2.9 series, and that the next release will be
|
|
||||||
a release candidate.
|
Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to
|
||||||
|
previous versions of Tor, including the implementation of a feature to
|
||||||
|
future- proof the Tor ecosystem against protocol changes, some bug
|
||||||
|
fixes necessary for Tor Browser to use unix domain sockets correctly,
|
||||||
|
and several portability improvements. We anticipate that this will be
|
||||||
|
the last alpha in the Tor 0.2.9 series, and that the next release will
|
||||||
|
be a release candidate.
|
||||||
|
|
||||||
|
o Major features (security fixes):
|
||||||
|
- Prevent a class of security bugs caused by treating the contents
|
||||||
|
of a buffer chunk as if they were a NUL-terminated string. At
|
||||||
|
least one such bug seems to be present in all currently used
|
||||||
|
versions of Tor, and would allow an attacker to remotely crash
|
||||||
|
most Tor instances, especially those compiled with extra compiler
|
||||||
|
hardening. With this defense in place, such bugs can't crash Tor,
|
||||||
|
though we should still fix them as they occur. Closes ticket
|
||||||
|
20384 (TROVE-2016-10-001).
|
||||||
|
|
||||||
o Major features (subprotocol versions):
|
o Major features (subprotocol versions):
|
||||||
- Tor directory authorities now vote on a set of recommended
|
- Tor directory authorities now vote on a set of recommended
|
||||||
|
@ -1,11 +0,0 @@
|
|||||||
o Major features (security fixes):
|
|
||||||
|
|
||||||
- Prevent a class of security bugs caused by treating the contents
|
|
||||||
of a buffer chunk as if they were a NUL-terminated string. At
|
|
||||||
least one such bug seems to be present in all currently used
|
|
||||||
versions of Tor, and would allow an attacker to remotely crash
|
|
||||||
most Tor instances, especially those compiled with extra compiler
|
|
||||||
hardening. With this defense in place, such bugs can't crash Tor,
|
|
||||||
though we should still fix them as they occur. Closes ticket 20384
|
|
||||||
(TROVE-2016-10-001).
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user