mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Add a blurb, edit the changelog
This commit is contained in:
parent
39606aece5
commit
7878668cab
89
ChangeLog
89
ChangeLog
@ -1,5 +1,14 @@
|
|||||||
Changes in version 0.3.0.3-alpha - 2017-02-03
|
Changes in version 0.3.0.3-alpha - 2017-02-03
|
||||||
BLURB BLURB BLURB.
|
Tor 0.3.0.3-alpha fixes a few significant bugs introduced over the
|
||||||
|
0.3.0.x development series, including some that could cause
|
||||||
|
authorities to behave badly. There is also a fix for a longstanding
|
||||||
|
bug that could prevent IPv6 exits from working. Tor 0.3.0.3-alpha also
|
||||||
|
includes some smaller features and bugfixes.
|
||||||
|
|
||||||
|
The Tor 0.3.0.x release series is now in patch-freeze: no additional
|
||||||
|
features will be considered for inclusion in 0.3.0.x. We suspect that
|
||||||
|
some bugs will probably remain, however, and we encourage people to
|
||||||
|
test this release.
|
||||||
|
|
||||||
o Major bugfixes (directory authority):
|
o Major bugfixes (directory authority):
|
||||||
- During voting, when marking a node as a probable sybil, do not
|
- During voting, when marking a node as a probable sybil, do not
|
||||||
@ -14,20 +23,20 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|||||||
|
|
||||||
o Major bugfixes (entry guards):
|
o Major bugfixes (entry guards):
|
||||||
- Stop trying to build circuits through entry guards for which we
|
- Stop trying to build circuits through entry guards for which we
|
||||||
have no descriptor yet. Also, stop crashing if we *do*
|
have no descriptor. Also, stop crashing in the case that we *do*
|
||||||
accidentally try to build a circuit in such a state. Fixes bug
|
accidentally try to build a circuit in such a state. Fixes bug
|
||||||
21242; bugfix on 0.3.0.1-alpha.
|
21242; bugfix on 0.3.0.1-alpha.
|
||||||
|
|
||||||
o Major bugfixes (IPv6 Exits):
|
o Major bugfixes (IPv6 Exits):
|
||||||
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
|
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects
|
||||||
IPv6 addresses. Instead, only reject a port over IPv6 if the exit
|
any IPv6 addresses. Instead, only reject a port over IPv6 if the
|
||||||
policy rejects that port on more than an IPv6 /16 of addresses.
|
exit policy rejects that port on more than an IPv6 /16 of
|
||||||
This bug was made worse by 17027 in 0.2.8.1-alpha, which rejects a
|
addresses. This bug was made worse by 17027 in 0.2.8.1-alpha,
|
||||||
relay's own IPv6 address by default. Fixes bug 21357; bugfix on
|
which rejected a relay's own IPv6 address by default. Fixes bug
|
||||||
commit 004f3f4e53 in 0.2.4.7-alpha.
|
21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
||||||
|
|
||||||
o Minor feature (client):
|
o Minor feature (client):
|
||||||
- Enable IPv6 traffic by default on the SocksPort. To disable this,
|
- Enable IPv6 traffic on the SocksPort by default. To disable this,
|
||||||
a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
|
a user will have to specify "NoIPv6Traffic". Closes ticket 21269.
|
||||||
|
|
||||||
o Minor feature (fallback scripts):
|
o Minor feature (fallback scripts):
|
||||||
@ -36,10 +45,10 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|||||||
20174. Patch by haxxpop.
|
20174. Patch by haxxpop.
|
||||||
|
|
||||||
o Minor features (ciphersuite selection):
|
o Minor features (ciphersuite selection):
|
||||||
|
- Clients now advertise a list of ciphersuites closer to the ones
|
||||||
|
preferred by Firefox. Closes part of ticket 15426.
|
||||||
- Allow servers to accept a wider range of ciphersuites, including
|
- Allow servers to accept a wider range of ciphersuites, including
|
||||||
chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
|
chacha20-poly1305 and AES-CCM. Closes the other part of 15426.
|
||||||
- Clients now advertise a list of ciphersuites closer to the ones
|
|
||||||
preferred by Firefox. Closes ticket 15426.
|
|
||||||
|
|
||||||
o Minor features (controller, configuration):
|
o Minor features (controller, configuration):
|
||||||
- Each of the *Port options, such as SocksPort, ORPort, ControlPort,
|
- Each of the *Port options, such as SocksPort, ORPort, ControlPort,
|
||||||
@ -53,23 +62,24 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|||||||
in feature 20956. Implements ticket 21300.
|
in feature 20956. Implements ticket 21300.
|
||||||
|
|
||||||
o Minor features (portability, compilation):
|
o Minor features (portability, compilation):
|
||||||
- Autoconf now check to determine if OpenSSL structures are opaque,
|
- Autoconf now checks to determine if OpenSSL structures are opaque,
|
||||||
instead of explicitly checking for OpenSSL version numbers. Part
|
instead of explicitly checking for OpenSSL version numbers. Part
|
||||||
of ticket 21359.
|
of ticket 21359.
|
||||||
- Support building with recent LibreSSL code that uses opaque
|
- Support building with recent LibreSSL code that uses opaque
|
||||||
structures. Closes ticket 21359.
|
structures. Closes ticket 21359.
|
||||||
|
|
||||||
o Minor features (relay):
|
o Minor features (relay):
|
||||||
- Allow separation of exit and relay traffic to different source IP
|
- We now allow separation of exit and relay traffic to different
|
||||||
addresses. Closes ticket 17975. Written by Michael Sonntag.
|
source IP addresses, using the OutboundBindAddressExit and
|
||||||
|
OutboundBindAddressOR options respectively. Closes ticket 17975.
|
||||||
|
Written by Michael Sonntag.
|
||||||
|
|
||||||
o Minor bugfix (logging):
|
o Minor bugfix (logging):
|
||||||
- Don't recommend the use of Tor2web in non anonymous mode. In that
|
- Don't recommend the use of Tor2web in non-anonymous mode.
|
||||||
mode, we disable client functionalities and recommending Tor2web
|
Recommending Tor2web is a bad idea because the client loses all
|
||||||
as a solution is a bad idea because in that case client loses all
|
anonymity. Tor2web shouldy only be used in specific cases by users
|
||||||
anonymity. Tor2web should really only be used in very specific
|
who *know* and understand the issues. Fixes bug 21294; bugfix
|
||||||
cases and with users *knowing* what they do. Fixes bug 21294;
|
on 0.2.9.3-alpha.
|
||||||
bugfix on 0.2.9.3-alpha.
|
|
||||||
|
|
||||||
o Minor bugfixes (client):
|
o Minor bugfixes (client):
|
||||||
- Always recover from failures in extend_info_from_node(), in an
|
- Always recover from failures in extend_info_from_node(), in an
|
||||||
@ -90,38 +100,39 @@ Changes in version 0.3.0.3-alpha - 2017-02-03
|
|||||||
|
|
||||||
o Minor bugfixes (configure, autoconf):
|
o Minor bugfixes (configure, autoconf):
|
||||||
- Rename the configure option --enable-expensive-hardening to
|
- Rename the configure option --enable-expensive-hardening to
|
||||||
--enable-fragile-hardening. TROVE-2017-001 was triggerable only
|
--enable-fragile-hardening. Expensive hardening makes the tor
|
||||||
through the expensive hardening which is making the tor daemon
|
daemon abort when some kinds of issues are detected. Thus, it
|
||||||
abort when the issue is detected. Thus, it makes tor more at risk
|
makes tor more at risk of remote crashes but safer against RCE or
|
||||||
of remote crashes but safer against RCE or heartbleed bug
|
heartbleed bug category. We now try to explain this issue in a
|
||||||
category. Fixes bug 21290; bugfix on 0.2.5.4-alpha.
|
message from the configure script. Fixes bug 21290; bugfix
|
||||||
|
on 0.2.5.4-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (controller):
|
o Minor bugfixes (controller):
|
||||||
- Restore the (deprecated) DROPGUARDS controller command. Fixes bug
|
- Restore the (deprecated) DROPGUARDS controller command. Fixes bug
|
||||||
20824; bugfix on 0.3.0.1-alpha.
|
20824; bugfix on 0.3.0.1-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (hidden service):
|
o Minor bugfixes (hidden service):
|
||||||
- Cleanup expiring intro point nodes if no circuit is associated to
|
- Clean up the code for expiring intro points with no associated
|
||||||
it anymore. It was causing, rarely, the service to not open enough
|
circuits. It was causing, rarely, a service with some expiring
|
||||||
introduction points circuit in the case we had dead expiring
|
nodes to not open enough introduction points. Fixes part of bug
|
||||||
nodes.; bugfix on 0.2.7.2-alpha.
|
21302; bugfix on 0.2.7.2-alpha.
|
||||||
- Stop modifying the value of our torrc option
|
- Stop setting the torrc option HiddenServiceStatistics to "0" just
|
||||||
HiddenServiceStatistics just because we're not a bridge or relay.
|
because we're not a bridge or relay. Instead, we preserve whatever
|
||||||
Use an internal value for what tor should use and keep the torrc
|
value the user set (or didn't set). Fixes bug 21150; bugfix
|
||||||
option intact. Fixes bug 21150; bugfix on 0.2.6.2-alpha.
|
on 0.2.6.2-alpha.
|
||||||
- Two possible underflow which would ultimately lead to creating a
|
- Two possible underflow which would ultimately lead to creating a
|
||||||
lot of introduction points circuits and closing them in a non stop
|
lot of introduction points circuits and closing them in a non stop
|
||||||
loop. Fixes bug 21302; bugfix on 0.2.7.2-alpha.
|
loop. Fixes bug 21302; bugfix on 0.2.7.2-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (portability):
|
o Minor bugfixes (portability):
|
||||||
- Use "OpenBSD" pre-defined compiler macro instead of "OPENBSD" or
|
- Use "OpenBSD" compiler macro instead of "OPENBSD" or "__OpenBSD__".
|
||||||
"__OpenBSD__". It is supported by OpenBSD itself and also most
|
It is supported by OpenBSD itself, and also by most OpenBSD
|
||||||
OpenBSD variants like Bitrig. Fixes bug 20980; bugfix
|
variants (such as Bitrig). Fixes bug 20980; bugfix
|
||||||
on 0.1.2.1-alpha.
|
on 0.1.2.1-alpha.
|
||||||
- Do not silently truncate content of files if they are larger than
|
- When mapping a file of length greater than SIZE_MAX, do not
|
||||||
SIZE_MAX bytes. This issue could occur on 32 bit systems with
|
silently its contents. This issue could occur on 32 bit systems
|
||||||
large file support and files which are larger than 4 GB. Fixes bug
|
with large file support and files which are larger than 4 GB.
|
||||||
21134; bugfix on 0.3.0.1-alpha.
|
Fixes bug 21134; bugfix on 0.3.0.1-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (tor-resolve):
|
o Minor bugfixes (tor-resolve):
|
||||||
- The tor-resolve command line tool now rejects hostnames over 255
|
- The tor-resolve command line tool now rejects hostnames over 255
|
||||||
|
Loading…
Reference in New Issue
Block a user