forward-port the two recent changelog entries

1 files changed, 73 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index b87449ab6..0872f6f87 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,76 @@
+Changes in version 0.2.2.20-alpha - 2010-12-17
+  Tor 0.2.2.20-alpha does some code cleanup to reduce the risk of remotely
+  exploitable bugs. We also fix a variety of other significant bugs,
+  change the IP address for one of our directory authorities, and update
+  the minimum version that Tor relays must run to join the network.
+
+  o Major bugfixes:
+    - Fix a remotely exploitable bug that could be used to crash instances
+      of Tor remotely by overflowing on the heap. Remote-code execution
+      hasn't been confirmed, but can't be ruled out. Everyone should
+      upgrade. Bugfix on the 0.1.1 series and later.
+    - Fix a bug that could break accounting on 64-bit systems with large
+      time_t values, making them hibernate for impossibly long intervals.
+      Fixes bug 2146. Bugfix on 0.0.9pre6; fix by boboper.
+    - Fix a logic error in directory_fetches_from_authorities() that
+      would cause all _non_-exits refusing single-hop-like circuits
+      to fetch from authorities, when we wanted to have _exits_ fetch
+      from authorities. Fixes more of 2097. Bugfix on 0.2.2.16-alpha;
+      fix by boboper.
+    - Fix a stream fairness bug that would cause newer streams on a given
+      circuit to get preference when reading bytes from the origin or
+      destination. Fixes bug 2210. Fix by Mashael AlSabah. This bug was
+      introduced before the first Tor release, in svn revision r152.
+
+  o Directory authority changes:
+    - Change IP address and ports for gabelmoo (v3 directory authority).
+
+  o Minor bugfixes:
+    - Avoid crashes when AccountingMax is set on clients. Fixes bug 2235.
+      Bugfix on 0.2.2.18-alpha. Diagnosed by boboper.
+    - Fix an off-by-one error in calculating some controller command
+      argument lengths. Fortunately, this mistake is harmless since
+      the controller code does redundant NUL termination too. Found by
+      boboper. Bugfix on 0.1.1.1-alpha.
+    - Do not dereference NULL if a bridge fails to build its
+      extra-info descriptor. Found by an anonymous commenter on
+      Trac. Bugfix on 0.2.2.19-alpha.
+
+  o Minor features:
+    - Update to the December 1 2010 Maxmind GeoLite Country database.
+    - Directory authorities now reject relays running any versions of
+      Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have
+      known bugs that keep RELAY_EARLY cells from working on rendezvous
+      circuits. Followup to fix for bug 2081.
+    - Directory authorities now reject relays running any version of Tor
+      older than 0.2.0.26-rc. That version is the earliest that fetches
+      current directory information correctly. Fixes bug 2156.
+    - Report only the top 10 ports in exit-port stats in order not to
+      exceed the maximum extra-info descriptor length of 50 KB. Implements
+      task 2196.
+    - Build correctly on mingw with more recent version of OpenSSL 0.9.8.
+      Patch from mingw-san.
+
+
+Changes in version 0.2.1.28 - 2010-12-17
+  Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
+  exploitable bugs. We also took this opportunity to change the IP address
+  for one of our directory authorities, and to update the geoip database
+  we ship.
+
+  o Major bugfixes:
+    - Fix a remotely exploitable bug that could be used to crash instances
+      of Tor remotely by overflowing on the heap. Remote-code execution
+      hasn't been confirmed, but can't be ruled out. Everyone should
+      upgrade. Bugfix on the 0.1.1 series and later.
+
+  o Directory authority changes:
+    - Change IP address and ports for gabelmoo (v3 directory authority).
+
+  o Minor features:
+    - Update to the December 1 2010 Maxmind GeoLite Country database.
+
+
 Changes in version 0.2.2.19-alpha - 2010-11-22
   Yet another OpenSSL security patch broke its compatibility with Tor:
   Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b.