find all those stanzas in master too

author: Roger Dingledine <arma@torproject.org> 2011-10-27 20:15:50 -0400
committer: Roger Dingledine <arma@torproject.org> 2011-10-27 20:15:50 -0400
commit: 6258013e412dbabcb2482648d84b6199381740fd (patch)
tree: 54e1edb0cab4af1a422e8d97f74b01a217e7d6a9 /ChangeLog
parent: 425e4236c6c3af653565763cfa9e921aa73cf9e0 (diff)
download: tor-6258013e412dbabcb2482648d84b6199381740fd.tar
tor-6258013e412dbabcb2482648d84b6199381740fd.tar.gz
1 files changed, 13 insertions, 13 deletions
diff --git a/ChangeLog b/ChangeLog
index c721e7073..73e83f0d3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,10 +16,10 @@ Changes in version 0.2.3.6-alpha - 2011-10-26
 
   o Privacy/anonymity fixes (clients):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
@@ -160,10 +160,10 @@ Changes in version 0.2.2.34 - 2011-10-26
 
   o Privacy/anonymity fixes (clients):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
@@ -264,11 +264,11 @@ Changes in version 0.2.1.31 - 2011-10-26
 
   o Privacy/anonymity fixes (also included in 0.2.2.x):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
-      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
+      Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
       circuit EXTEND request. Now relays can protect clients from the
author	Roger Dingledine <arma@torproject.org>	2011-10-27 20:15:50 -0400
committer	Roger Dingledine <arma@torproject.org>	2011-10-27 20:15:50 -0400
commit	6258013e412dbabcb2482648d84b6199381740fd (patch)
tree	54e1edb0cab4af1a422e8d97f74b01a217e7d6a9 /ChangeLog
parent	425e4236c6c3af653565763cfa9e921aa73cf9e0 (diff)
download	tor-6258013e412dbabcb2482648d84b6199381740fd.tar tor-6258013e412dbabcb2482648d84b6199381740fd.tar.gz