forward-port 0.2.4.13-alpha changelog

1 files changed, 94 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 6528f7a3b..6513d0c4a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,97 @@
+Changes in version 0.2.4.13-alpha - 2013-06-14
+  Tor 0.2.4.13-alpha fixes a variety of potential remote crash
+  vulnerabilities, makes socks5 username/password circuit isolation
+  actually actually work (this time for sure!), and cleans up a bunch
+  of other issues in preparation for a release candidate.
+
+  o Major bugfixes (robustness):
+    - Close any circuit that has too many cells queued on it. Fixes
+      bug 9063; bugfix on the 54th commit of Tor. This bug is a further
+      fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc.
+    - Prevent the get_freelists() function from running off the end of
+      the list of freelists if it somehow gets an unrecognized
+      allocation. Fixes bug 8844; bugfix on 0.2.0.16-alpha. Reported by
+      eugenis.
+    - Avoid an assertion failure on OpenBSD (and perhaps other BSDs)
+      when an exit connection with optimistic data succeeds immediately
+      rather than returning EINPROGRESS. Fixes bug 9017; bugfix on
+      0.2.3.1-alpha.
+    - Fix a directory authority crash bug when building a consensus
+      using an older consensus as its basis. Fixes bug 8833. Bugfix
+      on 0.2.4.12-alpha.
+
+  o Major bugfixes:
+    - Avoid a memory leak where we would leak a consensus body when we
+      find that a consensus which we couldn't previously verify due to
+      missing certificates is now verifiable. Fixes bug 8719; bugfix
+      on 0.2.0.10-alpha.
+    - We used to always request authority certificates by identity digest,
+      meaning we'd get the newest one even when we wanted one with a
+      different signing key. Then we would complain about being given
+      a certificate we already had, and never get the one we really
+      wanted. Now we use the "fp-sk/" resource as well as the "fp/"
+      resource to request the one we want. Fixes bug 5595; bugfix on
+      0.2.0.8-alpha.
+    - Follow the socks5 protocol when offering username/password
+      authentication. The fix for bug 8117 exposed this bug, and it
+      turns out real-world applications like Pidgin do care. Bugfix on
+      0.2.3.2-alpha; fixes bug 8879.
+    - Prevent failures on Windows Vista and later when rebuilding the
+      microdescriptor cache. Diagnosed by Robert Ransom. Fixes bug 8822;
+      bugfix on 0.2.4.12-alpha.
+
+  o Minor bugfixes:
+    - Fix an impossible buffer overrun in the AES unit tests. Fixes
+      bug 8845; bugfix on 0.2.0.7-alpha. Found by eugenis.
+    - If for some reason we fail to write a microdescriptor while
+      rebuilding the cache, do not let the annotations from that
+      microdescriptor linger in the cache file, and do not let the
+      microdescriptor stay recorded as present in its old location.
+      Fixes bug 9047; bugfix on 0.2.2.6-alpha.
+    - Fix a memory leak that would occur whenever a configuration
+      option changed. Fixes bug 8718; bugfix on 0.2.3.3-alpha.
+    - Paste the description for PathBias parameters from the man
+      page into or.h, so the code documents them too. Fixes bug 7982;
+      bugfix on 0.2.3.17-beta and 0.2.4.8-alpha.
+    - Relays now treat a changed IPv6 ORPort as sufficient reason to
+      publish an updated descriptor. Fixes bug 6026; bugfix on
+      0.2.4.1-alpha.
+     - When launching a resolve request on behalf of an AF_UNIX control
+       socket, omit the address field of the new entry connection, used in
+       subsequent controller events, rather than letting tor_dup_addr()
+       set it to "<unknown address type>". Fixes bug 8639; bugfix on
+       0.2.4.12-alpha.
+
+  o Minor bugfixes (log messages):
+    - Fix a scaling issue in the path bias accounting code that
+      resulted in "Bug:" log messages from either
+      pathbias_scale_close_rates() or pathbias_count_build_success().
+      This represents a bugfix on a previous bugfix: the original fix
+      attempted in 0.2.4.10-alpha was incomplete. Fixes bug 8235; bugfix
+      on 0.2.4.1-alpha.
+    - Give a less useless error message when the user asks for an IPv4
+      address on an IPv6-only port, or vice versa. Fixes bug 8846; bugfix
+      on 0.2.4.7-alpha.
+
+  o Minor features:
+    - Downgrade "unexpected SENDME" warnings to protocol-warn for 0.2.4.x,
+      to tolerate bug 8093 for now.
+    - Add an "ignoring-advertised-bws" boolean to the flag-threshold lines
+      in directory authority votes to describe whether they have enough
+      measured bandwidths to ignore advertised (relay descriptor)
+      bandwidth claims. Resolves ticket 8711.
+    - Update to the June 5 2013 Maxmind GeoLite Country database.
+
+  o Removed documentation:
+    - Remove some of the older contents of doc/ as obsolete; move others
+      to torspec.git. Fixes bug 8965.
+
+  o Code simplification and refactoring:
+    - Avoid using character buffers when constructing most directory
+      objects: this approach was unwieldy and error-prone. Instead,
+      build smartlists of strings, and concatenate them when done.
+
+
 Changes in version 0.2.4.12-alpha - 2013-04-18
   Tor 0.2.4.12-alpha moves Tor forward on several fronts: it starts the
   process for lengthening the guard rotation period, makes directory