diff --git a/ChangeLog b/ChangeLog index b475eec1e3..a53b0b636b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,119 @@ +Changes in version 0.3.4.10 - 2018-01-07 + Tor 0.3.4.9 is the second stable release in its series; it backports + numerous fixes, including an important fix for relays, and for anyone + using OpenSSL 1.1.1. Anyone running an earlier version of Tor 0.3.4 + should upgrade. + + As a reminder, the Tor 0.3.4 series will be supported until 10 June + 2019. Some time between now and then, users should switch to the Tor + 0.3.5 series, which will receive long-term support until at least 1 + Feb 2022. + + o Major bugfixes (OpenSSL, portability, backport from 0.3.5.5-alpha): + - Fix our usage of named groups when running as a TLS 1.3 client in + OpenSSL 1.1.1. Previously, we only initialized EC groups when + running as a relay, which caused clients to fail to negotiate TLS + 1.3 with relays. Fixes bug 28245; bugfix on 0.2.9.15 (when TLS 1.3 + support was added). + + o Major bugfixes (relay, directory, backport from 0.3.5.7): + - Always reactivate linked connections in the main loop so long as + any linked connection has been active. Previously, connections + serving directory information wouldn't get reactivated after the + first chunk of data was sent (usually 32KB), which would prevent + clients from bootstrapping. Fixes bug 28912; bugfix on + 0.3.4.1-alpha. Patch by "cypherpunks3". + + o Minor features (continuous integration, Windows, backport from 0.3.5.6-rc): + - Always show the configure and test logs, and upload them as build + artifacts, when building for Windows using Appveyor CI. + Implements 28459. + + o Minor features (controller, backport from 0.3.5.1-alpha): + - For purposes of CIRC_BW-based dropped cell detection, track half- + closed stream ids, and allow their ENDs, SENDMEs, DATA and path + bias check cells to arrive without counting it as dropped until + either the END arrives, or the windows are empty. Closes + ticket 25573. + + o Minor features (fallback directory list, backport from 0.3.5.6-rc): + - Replace the 150 fallbacks originally introduced in Tor + 0.3.3.1-alpha in January 2018 (of which ~115 were still + functional), with a list of 157 fallbacks (92 new, 65 existing, 85 + removed) generated in December 2018. Closes ticket 24803. + + o Minor features (geoip): + - Update geoip and geoip6 to the November 6 2018 Maxmind GeoLite2 + Country database. Closes ticket 28395. + + o Minor features (OpenSSL bug workaround, backport from 0.3.5.7): + - Work around a bug in OpenSSL 1.1.1a, which prevented the TLS 1.3 + key export function from handling long labels. When this bug is + detected, Tor will disable TLS 1.3. We recommend upgrading to a + version of OpenSSL without this bug when it becomes available. + Closes ticket 28973. + + o Minor bugfixes (compilation, backport from 0.3.5.5-alpha): + - Initialize a variable unconditionally in aes_new_cipher(), since + some compilers cannot tell that we always initialize it before + use. Fixes bug 28413; bugfix on 0.2.9.3-alpha. + + o Minor bugfixes (connection, relay, backport from 0.3.5.5-alpha): + - Avoid a logging a BUG() stacktrace when closing connection held + open because the write side is rate limited but not the read side. + Now, the connection read side is simply shut down until Tor is + able to flush the connection and close it. Fixes bug 27750; bugfix + on 0.3.4.1-alpha. + + o Minor bugfixes (continuous integration, Windows, backport from 0.3.5.5-alpha): + - Manually configure the zstd compiler options, when building using + mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does + not come with a pkg-config file. Fixes bug 28454; bugfix + on 0.3.4.1-alpha. + - Stop using an external OpenSSL install, and stop installing MSYS2 + packages, when building using mingw on Appveyor Windows CI. Fixes + bug 28399; bugfix on 0.3.4.1-alpha. + + o Minor bugfixes (continuous integration, Windows, backport from 0.3.5.6-rc): + - Explicitly specify the path to the OpenSSL library and do not + download OpenSSL from Pacman, but instead use the library that is + already provided by AppVeyor. Fixes bug 28574; bugfix on master. + + o Minor bugfixes (directory permissions, backport form 0.3.5.3-alpha): + - When a user requests a group-readable DataDirectory, give it to + them. Previously, when the DataDirectory and the CacheDirectory + were the same, the default setting (0) for + CacheDirectoryGroupReadable would override the setting for + DataDirectoryGroupReadable. Fixes bug 26913; bugfix + on 0.3.3.1-alpha. + + o Minor bugfixes (memory leaks, backport from 0.3.5.5-alpha): + - Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419; + bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger. + + o Minor bugfixes (onion service v3, backport from 0.3.5.3-alpha): + - Don't warn so loudly when Tor is unable to decode an onion + descriptor. This can now happen as a normal use case if a client + gets a descriptor with client authorization but the client is not + authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (onion service v3, backport from 0.3.5.6-rc): + - When deleting an ephemeral onion service (DEL_ONION), do not close + any rendezvous circuits in order to let the existing client + connections finish by themselves or closed by the application. The + HS v2 is doing that already so now we have the same behavior for + all versions. Fixes bug 28619; bugfix on 0.3.3.1-alpha. + + o Minor bugfixes (relay statistics, backport from 0.3.5.7): + - Update relay descriptor on bandwidth changes only when the uptime + is smaller than 24h, in order to reduce the efficiency of guard + discovery attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha. + + o Minor bugfixes (unit tests, guard selection, backport from 0.3.5.6-rc): + - Stop leaking memory in an entry guard unit test. Fixes bug 28554; + bugfix on 0.3.0.1-alpha. + + Changes in version 0.3.4.9 - 2018-11-02 Tor 0.3.4.9 is the second stable release in its series; it backports numerous fixes, including a fix for a bandwidth management bug that