nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

promote two stanzas; shuffle around two more

Browse Source
This commit is contained in:
Roger Dingledine 2014-04-25 21:31:06 -04:00
parent ef69dc2d09
commit 8d005d56e9
1 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
ChangeLog
View File

@ -15,6 +15,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
have accumulated many known flaws; everyone should upgrade. have accumulated many known flaws; everyone should upgrade.
o Major features (security): o Major features (security):
- If you don't specify MaxMemInQueues yourself, Tor now tries to
pick a good value based on your total system memory. Previously,
the default was always 8 GB. You can still override the default by
setting MaxMemInQueues yourself. Resolves ticket 11396.
- Block authority signing keys that were used on authorities - Block authority signing keys that were used on authorities
vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We
don't have any evidence that these keys _were_ compromised; we're don't have any evidence that these keys _were_ compromised; we're
@ -63,6 +67,11 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
advertising the ECDH (not to be confused with ECDHE) ciphersuites. advertising the ECDH (not to be confused with ECDHE) ciphersuites.
Resolves ticket 11438. Resolves ticket 11438.
o Major bugfixes (bridge client):
- Avoid 60-second delays in the bootstrapping process when Tor is
launching for a second time while using bridges. Fixes bug 9229;
bugfix on 0.2.0.3-alpha.
o Minor features (Transparent proxy, *BSD): o Minor features (Transparent proxy, *BSD):
- Support FreeBSD's ipfw firewall interface for TransPort ports on - Support FreeBSD's ipfw firewall interface for TransPort ports on
FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket
@ -77,9 +86,9 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
o Minor features (security): o Minor features (security):
- New --enable-expensive-hardening option to enable security - New --enable-expensive-hardening option to enable security
hardening options that consume nontrivial amounts of CPU and hardening options that consume nontrivial amounts of CPU and
memory. Right now, this includes AddressSanitizer and UbSan, which memory. Right now, this includes AddressSanitizer and UbSan,
are supported in newer versions of GCC and Clang. Closes ticket which are supported in newer versions of GCC and Clang. Closes
11477. ticket 11477.
o Minor features (log verbosity): o Minor features (log verbosity):
- Demote the message that we give when a flushing connection times - Demote the message that we give when a flushing connection times
@ -89,21 +98,17 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
about downloading descriptors. Previously, we'd log a notice about downloading descriptors. Previously, we'd log a notice
whenever we learned about more routers. Now, we only log a notice whenever we learned about more routers. Now, we only log a notice
at every 5% of progress. Fixes bug 9963. at every 5% of progress. Fixes bug 9963.
- Warn less verbosely when receiving a malformed ESTABLISH_RENDEZVOUS
o Minor features (relay): cell. Fixes ticket 11279.
- If you don't specify MaxMemInQueues yourself, Tor now tries to
pick a good value based on your total system memory. Previously,
the default was always 8 GB. You can still override the default by
setting MaxMemInQueues yourself. Resolves ticket 11396.
- If a circuit timed out for at least 3 minutes, check if we have a
new external IP address, and publish a new descriptor with the new
IP address if it changed. Resolves ticket 2454.
- Warn less verbosely when receiving a malformed
ESTABLISH_RENDEZVOUS cell. Fixes ticket 11279.
- When we run out of usable circuit IDs on a channel, log only one - When we run out of usable circuit IDs on a channel, log only one
warning for the whole channel, and describe how many circuits warning for the whole channel, and describe how many circuits
there were on the channel. Fixes part of ticket 11553. there were on the channel. Fixes part of ticket 11553.
o Minor features (relay):
- If a circuit timed out for at least 3 minutes, check if we have a
new external IP address, and publish a new descriptor with the new
IP address if it changed. Resolves ticket 2454.
o Minor features (controller): o Minor features (controller):
- Make the entire exit policy available from the control port via - Make the entire exit policy available from the control port via
GETINFO exit-policy/*. Implements enhancement 7952. Patch from GETINFO exit-policy/*. Implements enhancement 7952. Patch from
@ -146,9 +151,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25
- Avoid a 60-second delay in the bootstrapping process when a Tor - Avoid a 60-second delay in the bootstrapping process when a Tor
client with pluggable transports re-reads its configuration at client with pluggable transports re-reads its configuration at
just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha. just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha.
- Avoid 60-second delays in the bootstrapping process when Tor is
launching for a second time while using bridges. Fixes bug 9229;
bugfix on 0.2.0.3-alpha.
o Minor bugfixes (client, logging during bootstrap): o Minor bugfixes (client, logging during bootstrap):
- Warn only once if we start logging in an unsafe way. Previously, we - Warn only once if we start logging in an unsafe way. Previously, we