From ad49b8ab569ddaae8a828c6a611bd143772bb5aa Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 25 Oct 2012 10:13:34 -0400 Subject: [PATCH] Start an 0.2.4.5 changelog. The items from 0.2.3.x are copy-and-pastd from current release-0.2.3 changelog; the others are folded in from changes/*. --- ChangeLog | 35 +++++++++++++++++++++++++++++++++++ changes/bug7189_server_only | 4 ---- changes/bug7190 | 6 ------ changes/bug7191 | 5 ----- changes/bug7192 | 10 ---------- changes/split_circuitbuild | 4 ---- 6 files changed, 35 insertions(+), 29 deletions(-) delete mode 100644 changes/bug7189_server_only delete mode 100644 changes/bug7190 delete mode 100644 changes/bug7191 delete mode 100644 changes/bug7192 delete mode 100644 changes/split_circuitbuild diff --git a/ChangeLog b/ChangeLog index f45ae9c417..f312b22b2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,38 @@ +Changes in version 0.2.4.5-alpha - 2012-10-2? + o Major bugfixes (also in 0.2.3.24-rc): + - Fix a denial of service attack by which any directory authority + could crash all the others, or by which a single v2 directory + authority could crash everybody downloading v2 directory + information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. + - When parsing exit policy summaries from microdescriptors, we had + previously been ignoring the last character in each one, so that + "accept 80,443,8080" would be treated by clients as indicating + a node that allows access to ports 80, 443, and 808. That would + lead to clients attempting connections that could never work, + and ignoring exit nodes that would support their connections. Now + clients parse these exit policy summaries correctly. Fixes bug 7192; + bugfix on 0.2.3.1-alpha. + + o Minor bugfixes (also in 0.2.3.24-rc): + - Clients now consider the ClientRejectInternalAddresses config option + when using a microdescriptor consensus stanza to decide whether + an exit relay would allow exiting to an internal address. Fixes + bug 7190; bugfix on 0.2.3.1-alpha. + + o Code simplification and refactoring: + - Start using OpenBSD's implementation of queue.h (originally by Niels + Provos). + - Move the entry node code from circuitbuild.c to its own file. + - Move the circuit build timeout tracking code from circuitbuild.c + to its own file. + + o Minor bugfixes: + - Only disable TLS session ticket support when running as a TLS + server. This keeps clients harder to distinguish from regular firefox + connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. + + + Changes in version 0.2.4.4-alpha - 2012-10-20 Tor 0.2.4.4-alpha adds a new v3 directory authority, fixes a privacy vulnerability introduced by a change in OpenSSL, fixes a remotely diff --git a/changes/bug7189_server_only b/changes/bug7189_server_only deleted file mode 100644 index 9ad5ad9ab9..0000000000 --- a/changes/bug7189_server_only +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Only disable TLS session ticket support when running as a TLS - server. This keeps clients harder to distinguish from regular firefox - connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. diff --git a/changes/bug7190 b/changes/bug7190 deleted file mode 100644 index 1607f79442..0000000000 --- a/changes/bug7190 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes: - - Clients now consider the ClientRejectInternalAddresses config option - when using a microdescriptor consensus stanza to decide whether - an exit relay would allow exiting to an internal address. Fixes - bug 7190; bugfix on 0.2.3.1-alpha. - diff --git a/changes/bug7191 b/changes/bug7191 deleted file mode 100644 index a3bee6e5f7..0000000000 --- a/changes/bug7191 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a denial of service attack by which any directory authority - could crash all the others, or by which a single v2 directory - authority could crash everybody downloading v2 directory - information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. diff --git a/changes/bug7192 b/changes/bug7192 deleted file mode 100644 index 10cbc2469a..0000000000 --- a/changes/bug7192 +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes: - - When parsing exit policy summaries from microdescriptors, we had - previously been ignoring the last character in each one, so that - "accept 80,443,8080" would be treated by clients as indicating a - node that allows access to ports 80, 443, and 808. That would lead - to clients attempting connections that could never work, and - ignoring exit nodes that would support their connections. Now clients - parse these exit policy summaries correctly. Fixes bug 7192; - bugfix on 0.2.3.1-alpha. - diff --git a/changes/split_circuitbuild b/changes/split_circuitbuild deleted file mode 100644 index 0d3c80e5d9..0000000000 --- a/changes/split_circuitbuild +++ /dev/null @@ -1,4 +0,0 @@ - o Code simplification and refactoring: - - Move the entry node code from circuitbuild.c to its own file. - - Move the circuit build timeout tracking code from circuitbuild.c - to its own file.