mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
Copy changelogs for today's releases to master.
This commit is contained in:
parent
7059c32968
commit
7793ccdee4
340
ChangeLog
340
ChangeLog
@ -1,3 +1,343 @@
|
||||
Changes in version 0.4.3.3-alpha - 2020-03-18
|
||||
Tor 0.4.3.3-alpha fixes several bugs in previous releases, including
|
||||
TROVE-2020-002, a major denial-of-service vulnerability that affected
|
||||
all released Tor instances since 0.2.1.5-alpha. Using this
|
||||
vulnerability, an attacker could cause Tor instances to consume a huge
|
||||
amount of CPU, disrupting their operations for several seconds or
|
||||
minutes. This attack could be launched by anybody against a relay, or
|
||||
by a directory cache against any client that had connected to it. The
|
||||
attacker could launch this attack as much as they wanted, thereby
|
||||
disrupting service or creating patterns that could aid in traffic
|
||||
analysis. This issue was found by OSS-Fuzz, and is also tracked
|
||||
as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Major bugfixes (directory authority):
|
||||
- Directory authorities will now send a 503 (not enough bandwidth)
|
||||
code to clients when under bandwidth pressure. Known relays and
|
||||
other authorities will always be answered regardless of the
|
||||
bandwidth situation. Fixes bug 33029; bugfix on 0.1.2.5-alpha.
|
||||
|
||||
o Minor features (diagnostic):
|
||||
- Improve assertions and add some memory-poisoning code to try to
|
||||
track down possible causes of a rare crash (32564) in the EWMA
|
||||
code. Closes ticket 33290.
|
||||
|
||||
o Minor features (directory authorities):
|
||||
- Directory authorities now reject descriptors from relays running
|
||||
Tor versions from the 0.2.9 and 0.4.0 series. The 0.3.5 series is
|
||||
still allowed. Resolves ticket 32672. Patch by Neel Chauhan.
|
||||
|
||||
o Minor features (usability):
|
||||
- Include more information when failing to parse a configuration
|
||||
value. This should make it easier to tell what's going wrong when
|
||||
a configuration file doesn't parse. Closes ticket 33460.
|
||||
|
||||
o Minor bugfix (relay, configuration):
|
||||
- Warn if the ContactInfo field is not set, and tell the relay
|
||||
operator that not having a ContactInfo field set might cause their
|
||||
relay to get rejected in the future. Fixes bug 33361; bugfix
|
||||
on 0.1.1.10-alpha.
|
||||
|
||||
o Minor bugfixes (coding best practices checks):
|
||||
- Allow the "practracker" script to read unicode files when using
|
||||
Python 2. We made the script use unicode literals in 0.4.3.1-alpha,
|
||||
but didn't change the codec for opening files. Fixes bug 33374;
|
||||
bugfix on 0.4.3.1-alpha.
|
||||
|
||||
o Minor bugfixes (continuous integration):
|
||||
- Remove the buggy and unused mirroring job. Fixes bug 33213; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion service v3, client):
|
||||
- Remove a BUG() warning that would cause a stack trace if an onion
|
||||
service descriptor was freed while we were waiting for a
|
||||
rendezvous circuit to complete. Fixes bug 28992; bugfix
|
||||
on 0.3.2.1-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Documentation (manpage):
|
||||
- Alphabetize the Server and Directory server sections of the tor
|
||||
manpage. Also split Statistics options into their own section of
|
||||
the manpage. Closes ticket 33188. Work by Swati Thacker as part of
|
||||
Google Season of Docs.
|
||||
- Document the __OwningControllerProcess torrc option and specify
|
||||
its polling interval. Resolves issue 32971.
|
||||
|
||||
o Testing (Travis CI):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.2.7 - 2020-03-18
|
||||
This is the third stable release in the 0.4.2.x series. It backports
|
||||
numerous fixes from later releases, including a fix for TROVE-2020-
|
||||
002, a major denial-of-service vulnerability that affected all
|
||||
released Tor instances since 0.2.1.5-alpha. Using this vulnerability,
|
||||
an attacker could cause Tor instances to consume a huge amount of CPU,
|
||||
disrupting their operations for several seconds or minutes. This
|
||||
attack could be launched by anybody against a relay, or by a directory
|
||||
cache against any client that had connected to it. The attacker could
|
||||
launch this attack as much as they wanted, thereby disrupting service
|
||||
or creating patterns that could aid in traffic analysis. This issue
|
||||
was found by OSS-Fuzz, and is also tracked as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak, backport from 0.4.3.3-alpha):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Major bugfixes (directory authority, backport from 0.4.3.3-alpha):
|
||||
- Directory authorities will now send a 503 (not enough bandwidth)
|
||||
code to clients when under bandwidth pressure. Known relays and
|
||||
other authorities will always be answered regardless of the
|
||||
bandwidth situation. Fixes bug 33029; bugfix on 0.1.2.5-alpha.
|
||||
|
||||
o Minor features (continuous integration, backport from 0.4.3.2-alpha):
|
||||
- Stop allowing failures on the Travis CI stem tests job. It looks
|
||||
like all the stem hangs we were seeing before are now fixed.
|
||||
Closes ticket 33075.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.1.9 - 2020-03-18
|
||||
Tor 0.4.1.9 backports important fixes from later Tor releases,
|
||||
including a fix for TROVE-2020-002, a major denial-of-service
|
||||
vulnerability that affected all released Tor instances since
|
||||
0.2.1.5-alpha. Using this vulnerability, an attacker could cause Tor
|
||||
instances to consume a huge amount of CPU, disrupting their operations
|
||||
for several seconds or minutes. This attack could be launched by
|
||||
anybody against a relay, or by a directory cache against any client
|
||||
that had connected to it. The attacker could launch this attack as
|
||||
much as they wanted, thereby disrupting service or creating patterns
|
||||
that could aid in traffic analysis. This issue was found by OSS-Fuzz,
|
||||
and is also tracked as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak, backport from 0.4.3.3-alpha):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.3.5.10 - 2020-03-18
|
||||
Tor 0.3.5.10 backports many fixes from later Tor releases, including a
|
||||
fix for TROVE-2020-002, a major denial-of-service vulnerability that
|
||||
affected all released Tor instances since 0.2.1.5-alpha. Using this
|
||||
vulnerability, an attacker could cause Tor instances to consume a huge
|
||||
amount of CPU, disrupting their operations for several seconds or
|
||||
minutes. This attack could be launched by anybody against a relay, or
|
||||
by a directory cache against any client that had connected to it. The
|
||||
attacker could launch this attack as much as they wanted, thereby
|
||||
disrupting service or creating patterns that could aid in traffic
|
||||
analysis. This issue was found by OSS-Fuzz, and is also tracked
|
||||
as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (linux seccomp sandbox, backport from 0.4.3.1-alpha):
|
||||
- Correct how we use libseccomp. Particularly, stop assuming that
|
||||
rules are applied in a particular order or that more rules are
|
||||
processed after the first match. Neither is the case! In
|
||||
libseccomp <2.4.0 this lead to some rules having no effect.
|
||||
libseccomp 2.4.0 changed how rules are generated, leading to a
|
||||
different ordering, which in turn led to a fatal crash during
|
||||
startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by
|
||||
Peter Gerber.
|
||||
|
||||
o Minor features (continuous integration, backport from 0.4.3.2-alpha):
|
||||
- Stop allowing failures on the Travis CI stem tests job. It looks
|
||||
like all the stem hangs we were seeing before are now fixed.
|
||||
Closes ticket 33075.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (crash, backport from 0.4.2.4-rc):
|
||||
- When running Tor with an option like --verify-config or
|
||||
--dump-config that does not start the event loop, avoid crashing
|
||||
if we try to exit early because of an error. Fixes bug 32407;
|
||||
bugfix on 0.3.3.1-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (backport from 0.4.3.1-alpha):
|
||||
- Re-enable the Travis CI macOS Chutney build, but don't let it
|
||||
prevent the Travis job from finishing. (The Travis macOS jobs are
|
||||
slow, so we don't want to have it delay the whole CI process.)
|
||||
Closes ticket 32629.
|
||||
- Turn off Tor's Sandbox in Chutney jobs, and run those jobs on
|
||||
Ubuntu Bionic. Turning off the Sandbox is a work-around, until we
|
||||
fix the sandbox errors in 32722. Closes ticket 32240.
|
||||
|
||||
o Testing (continuous integration, backport from 0.4.3.1-alpha):
|
||||
- Use zstd in our Travis Linux builds. Closes ticket 32242.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.3.2-alpha - 2020-02-10
|
||||
This is the second stable alpha release in the Tor 0.4.3.x series. It
|
||||
fixes several bugs present in the previous alpha release. Anybody
|
||||
|
340
ReleaseNotes
340
ReleaseNotes
@ -2,6 +2,346 @@ This document summarizes new features and bugfixes in each stable
|
||||
release of Tor. If you want to see more detailed descriptions of the
|
||||
changes in each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.4.3.3-alpha - 2020-03-18
|
||||
Tor 0.4.3.3-alpha fixes several bugs in previous releases, including
|
||||
TROVE-2020-002, a major denial-of-service vulnerability that affected
|
||||
all released Tor instances since 0.2.1.5-alpha. Using this
|
||||
vulnerability, an attacker could cause Tor instances to consume a huge
|
||||
amount of CPU, disrupting their operations for several seconds or
|
||||
minutes. This attack could be launched by anybody against a relay, or
|
||||
by a directory cache against any client that had connected to it. The
|
||||
attacker could launch this attack as much as they wanted, thereby
|
||||
disrupting service or creating patterns that could aid in traffic
|
||||
analysis. This issue was found by OSS-Fuzz, and is also tracked
|
||||
as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Major bugfixes (directory authority):
|
||||
- Directory authorities will now send a 503 (not enough bandwidth)
|
||||
code to clients when under bandwidth pressure. Known relays and
|
||||
other authorities will always be answered regardless of the
|
||||
bandwidth situation. Fixes bug 33029; bugfix on 0.1.2.5-alpha.
|
||||
|
||||
o Minor features (diagnostic):
|
||||
- Improve assertions and add some memory-poisoning code to try to
|
||||
track down possible causes of a rare crash (32564) in the EWMA
|
||||
code. Closes ticket 33290.
|
||||
|
||||
o Minor features (directory authorities):
|
||||
- Directory authorities now reject descriptors from relays running
|
||||
Tor versions from the 0.2.9 and 0.4.0 series. The 0.3.5 series is
|
||||
still allowed. Resolves ticket 32672. Patch by Neel Chauhan.
|
||||
|
||||
o Minor features (usability):
|
||||
- Include more information when failing to parse a configuration
|
||||
value. This should make it easier to tell what's going wrong when
|
||||
a configuration file doesn't parse. Closes ticket 33460.
|
||||
|
||||
o Minor bugfix (relay, configuration):
|
||||
- Warn if the ContactInfo field is not set, and tell the relay
|
||||
operator that not having a ContactInfo field set might cause their
|
||||
relay to get rejected in the future. Fixes bug 33361; bugfix
|
||||
on 0.1.1.10-alpha.
|
||||
|
||||
o Minor bugfixes (coding best practices checks):
|
||||
- Allow the "practracker" script to read unicode files when using
|
||||
Python 2. We made the script use unicode literals in 0.4.3.1-alpha,
|
||||
but didn't change the codec for opening files. Fixes bug 33374;
|
||||
bugfix on 0.4.3.1-alpha.
|
||||
|
||||
o Minor bugfixes (continuous integration):
|
||||
- Remove the buggy and unused mirroring job. Fixes bug 33213; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion service v3, client):
|
||||
- Remove a BUG() warning that would cause a stack trace if an onion
|
||||
service descriptor was freed while we were waiting for a
|
||||
rendezvous circuit to complete. Fixes bug 28992; bugfix
|
||||
on 0.3.2.1-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Documentation (manpage):
|
||||
- Alphabetize the Server and Directory server sections of the tor
|
||||
manpage. Also split Statistics options into their own section of
|
||||
the manpage. Closes ticket 33188. Work by Swati Thacker as part of
|
||||
Google Season of Docs.
|
||||
- Document the __OwningControllerProcess torrc option and specify
|
||||
its polling interval. Resolves issue 32971.
|
||||
|
||||
o Testing (Travis CI):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.2.7 - 2020-03-18
|
||||
This is the third stable release in the 0.4.2.x series. It backports
|
||||
numerous fixes from later releases, including a fix for TROVE-2020-
|
||||
002, a major denial-of-service vulnerability that affected all
|
||||
released Tor instances since 0.2.1.5-alpha. Using this vulnerability,
|
||||
an attacker could cause Tor instances to consume a huge amount of CPU,
|
||||
disrupting their operations for several seconds or minutes. This
|
||||
attack could be launched by anybody against a relay, or by a directory
|
||||
cache against any client that had connected to it. The attacker could
|
||||
launch this attack as much as they wanted, thereby disrupting service
|
||||
or creating patterns that could aid in traffic analysis. This issue
|
||||
was found by OSS-Fuzz, and is also tracked as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak, backport from 0.4.3.3-alpha):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Major bugfixes (directory authority, backport from 0.4.3.3-alpha):
|
||||
- Directory authorities will now send a 503 (not enough bandwidth)
|
||||
code to clients when under bandwidth pressure. Known relays and
|
||||
other authorities will always be answered regardless of the
|
||||
bandwidth situation. Fixes bug 33029; bugfix on 0.1.2.5-alpha.
|
||||
|
||||
o Minor features (continuous integration, backport from 0.4.3.2-alpha):
|
||||
- Stop allowing failures on the Travis CI stem tests job. It looks
|
||||
like all the stem hangs we were seeing before are now fixed.
|
||||
Closes ticket 33075.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.1.9 - 2020-03-18
|
||||
Tor 0.4.1.9 backports important fixes from later Tor releases,
|
||||
including a fix for TROVE-2020-002, a major denial-of-service
|
||||
vulnerability that affected all released Tor instances since
|
||||
0.2.1.5-alpha. Using this vulnerability, an attacker could cause Tor
|
||||
instances to consume a huge amount of CPU, disrupting their operations
|
||||
for several seconds or minutes. This attack could be launched by
|
||||
anybody against a relay, or by a directory cache against any client
|
||||
that had connected to it. The attacker could launch this attack as
|
||||
much as they wanted, thereby disrupting service or creating patterns
|
||||
that could aid in traffic analysis. This issue was found by OSS-Fuzz,
|
||||
and is also tracked as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (circuit padding, memory leak, backport from 0.4.3.3-alpha):
|
||||
- Avoid a remotely triggered memory leak in the case that a circuit
|
||||
padding machine is somehow negotiated twice on the same circuit.
|
||||
Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls.
|
||||
This is also tracked as TROVE-2020-004 and CVE-2020-10593.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
allow_failure), to speed up the build. Closes ticket 33195.
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.3.5.10 - 2020-03-18
|
||||
Tor 0.3.5.10 backports many fixes from later Tor releases, including a
|
||||
fix for TROVE-2020-002, a major denial-of-service vulnerability that
|
||||
affected all released Tor instances since 0.2.1.5-alpha. Using this
|
||||
vulnerability, an attacker could cause Tor instances to consume a huge
|
||||
amount of CPU, disrupting their operations for several seconds or
|
||||
minutes. This attack could be launched by anybody against a relay, or
|
||||
by a directory cache against any client that had connected to it. The
|
||||
attacker could launch this attack as much as they wanted, thereby
|
||||
disrupting service or creating patterns that could aid in traffic
|
||||
analysis. This issue was found by OSS-Fuzz, and is also tracked
|
||||
as CVE-2020-10592.
|
||||
|
||||
We do not have reason to believe that this attack is currently being
|
||||
exploited in the wild, but nonetheless we advise everyone to upgrade
|
||||
as soon as packages are available.
|
||||
|
||||
o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha):
|
||||
- Fix a denial-of-service bug that could be used by anyone to
|
||||
consume a bunch of CPU on any Tor relay or authority, or by
|
||||
directories to consume a bunch of CPU on clients or hidden
|
||||
services. Because of the potential for CPU consumption to
|
||||
introduce observable timing patterns, we are treating this as a
|
||||
high-severity security issue. Fixes bug 33119; bugfix on
|
||||
0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue
|
||||
as TROVE-2020-002 and CVE-2020-10592.
|
||||
|
||||
o Major bugfixes (linux seccomp sandbox, backport from 0.4.3.1-alpha):
|
||||
- Correct how we use libseccomp. Particularly, stop assuming that
|
||||
rules are applied in a particular order or that more rules are
|
||||
processed after the first match. Neither is the case! In
|
||||
libseccomp <2.4.0 this lead to some rules having no effect.
|
||||
libseccomp 2.4.0 changed how rules are generated, leading to a
|
||||
different ordering, which in turn led to a fatal crash during
|
||||
startup. Fixes bug 29819; bugfix on 0.2.5.1-alpha. Patch by
|
||||
Peter Gerber.
|
||||
|
||||
o Minor features (continuous integration, backport from 0.4.3.2-alpha):
|
||||
- Stop allowing failures on the Travis CI stem tests job. It looks
|
||||
like all the stem hangs we were seeing before are now fixed.
|
||||
Closes ticket 33075.
|
||||
|
||||
o Minor bugfixes (bridges, backport from 0.4.3.1-alpha):
|
||||
- Lowercase the configured value of BridgeDistribution before adding
|
||||
it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
|
||||
|
||||
o Minor bugfixes (crash, backport from 0.4.2.4-rc):
|
||||
- When running Tor with an option like --verify-config or
|
||||
--dump-config that does not start the event loop, avoid crashing
|
||||
if we try to exit early because of an error. Fixes bug 32407;
|
||||
bugfix on 0.3.3.1-alpha.
|
||||
|
||||
o Minor bugfixes (logging, backport from 0.4.3.2-alpha):
|
||||
- If we encounter a bug when flushing a buffer to a TLS connection,
|
||||
only log the bug once per invocation of the Tor process.
|
||||
Previously we would log with every occurrence, which could cause
|
||||
us to run out of disk space. Fixes bug 33093; bugfix
|
||||
on 0.3.2.2-alpha.
|
||||
|
||||
o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha):
|
||||
- Fix an assertion failure that could result from a corrupted
|
||||
ADD_ONION control port command. Found by Saibato. Fixes bug 33137;
|
||||
bugfix on 0.3.3.1-alpha. This issue is also tracked
|
||||
as TROVE-2020-003.
|
||||
|
||||
o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha):
|
||||
- Fix a syntax warning given by newer versions of Rust that was
|
||||
creating problems for our continuous integration. Fixes bug 33212;
|
||||
bugfix on 0.3.5.1-alpha.
|
||||
|
||||
o Testing (backport from 0.4.3.1-alpha):
|
||||
- Re-enable the Travis CI macOS Chutney build, but don't let it
|
||||
prevent the Travis job from finishing. (The Travis macOS jobs are
|
||||
slow, so we don't want to have it delay the whole CI process.)
|
||||
Closes ticket 32629.
|
||||
- Turn off Tor's Sandbox in Chutney jobs, and run those jobs on
|
||||
Ubuntu Bionic. Turning off the Sandbox is a work-around, until we
|
||||
fix the sandbox errors in 32722. Closes ticket 32240.
|
||||
|
||||
o Testing (continuous integration, backport from 0.4.3.1-alpha):
|
||||
- Use zstd in our Travis Linux builds. Closes ticket 32242.
|
||||
|
||||
o Testing (Travis CI, backport from 0.4.3.3-alpha):
|
||||
- Remove a redundant distcheck job. Closes ticket 33194.
|
||||
- Sort the Travis jobs in order of speed: putting the slowest jobs
|
||||
first takes full advantage of Travis job concurrency. Closes
|
||||
ticket 33194.
|
||||
- Stop allowing the Chutney IPv6 Travis job to fail. This job was
|
||||
previously configured to fast_finish (which requires
|
||||
- When a Travis chutney job fails, use chutney's new "diagnostics.sh"
|
||||
tool to produce detailed diagnostic output. Closes ticket 32792.
|
||||
|
||||
|
||||
Changes in version 0.4.2.6 - 2020-01-30
|
||||
This is the second stable release in the 0.4.2.x series. It backports
|
||||
several bugfixes from 0.4.3.1-alpha, including some that had affected
|
||||
|
Loading…
Reference in New Issue
Block a user