mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 06:13:31 +01:00
Merge branch 'maint-0.2.1' into maint-0.2.2
This commit is contained in:
commit
879f1718ad
51
ReleaseNotes
51
ReleaseNotes
@ -3,6 +3,57 @@ This document summarizes new features and bugfixes in each stable release
|
||||
of Tor. If you want to see more detailed descriptions of the changes in
|
||||
each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.2.1.30 - 2011-02-23
|
||||
Tor 0.2.1.30 fixes a variety of less critical bugs. The main other
|
||||
change is a slight tweak to Tor's TLS handshake that makes relays
|
||||
and bridges that run this new version reachable from Iran again.
|
||||
We don't expect this tweak will win the arms race long-term, but it
|
||||
buys us time until we roll out a better solution.
|
||||
|
||||
o Major bugfixes:
|
||||
- Stop sending a CLOCK_SKEW controller status event whenever
|
||||
we fetch directory information from a relay that has a wrong clock.
|
||||
Instead, only inform the controller when it's a trusted authority
|
||||
that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes
|
||||
the rest of bug 1074.
|
||||
- Fix a bounds-checking error that could allow an attacker to
|
||||
remotely crash a directory authority. Bugfix on 0.2.1.5-alpha.
|
||||
Found by "piebeer".
|
||||
- If relays set RelayBandwidthBurst but not RelayBandwidthRate,
|
||||
Tor would ignore their RelayBandwidthBurst setting,
|
||||
potentially using more bandwidth than expected. Bugfix on
|
||||
0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470.
|
||||
- Ignore and warn if the user mistakenly sets "PublishServerDescriptor
|
||||
hidserv" in her torrc. The 'hidserv' argument never controlled
|
||||
publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha.
|
||||
|
||||
o Minor features:
|
||||
- Adjust our TLS Diffie-Hellman parameters to match those used by
|
||||
Apache's mod_ssl.
|
||||
- Update to the February 1 2011 Maxmind GeoLite Country database.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Check for and reject overly long directory certificates and
|
||||
directory tokens before they have a chance to hit any assertions.
|
||||
Bugfix on 0.2.1.28. Found by "doorss".
|
||||
- Bring the logic that gathers routerinfos and assesses the
|
||||
acceptability of circuits into line. This prevents a Tor OP from
|
||||
getting locked in a cycle of choosing its local OR as an exit for a
|
||||
path (due to a .exit request) and then rejecting the circuit because
|
||||
its OR is not listed yet. It also prevents Tor clients from using an
|
||||
OR running in the same instance as an exit (due to a .exit request)
|
||||
if the OR does not meet the same requirements expected of an OR
|
||||
running elsewhere. Fixes bug 1859; bugfix on 0.1.0.1-rc.
|
||||
|
||||
o Packaging changes:
|
||||
- Stop shipping the Tor specs files and development proposal documents
|
||||
in the tarball. They are now in a separate git repository at
|
||||
git://git.torproject.org/torspec.git
|
||||
- Do not include Git version tags as though they are SVN tags when
|
||||
generating a tarball from inside a repository that has switched
|
||||
between branches. Bugfix on 0.2.1.15-rc; fixes bug 2402.
|
||||
|
||||
|
||||
Changes in version 0.2.1.29 - 2011-01-15
|
||||
Tor 0.2.1.29 continues our recent code security audit work. The main
|
||||
fix resolves a remote heap overflow vulnerability that can allow remote
|
||||
|
Loading…
Reference in New Issue
Block a user