diff options
Diffstat (limited to 'changes')
-rw-r--r-- | changes/bug10849_023 | 6 | ||||
-rw-r--r-- | changes/bug11464_023 | 5 | ||||
-rw-r--r-- | changes/bug11519 | 3 | ||||
-rw-r--r-- | changes/bug7164_downgrade | 6 | ||||
-rw-r--r-- | changes/bug9229 | 5 | ||||
-rw-r--r-- | changes/bug9686_024 | 5 | ||||
-rw-r--r-- | changes/ff28_ciphers | 6 | ||||
-rw-r--r-- | changes/md_leak_bug | 5 |
8 files changed, 41 insertions, 0 deletions
diff --git a/changes/bug10849_023 b/changes/bug10849_023 new file mode 100644 index 000000000..480dea3de --- /dev/null +++ b/changes/bug10849_023 @@ -0,0 +1,6 @@ + o Major bugfixes: + - When running a hidden service, do not allow TunneledDirConns 0; + this will keep the hidden service from running, and also + make it publish its descriptors directly over HTTP. Fixes bug 10849; + bugfix on 0.2.1.1-alpha. + diff --git a/changes/bug11464_023 b/changes/bug11464_023 new file mode 100644 index 000000000..80c04b21e --- /dev/null +++ b/changes/bug11464_023 @@ -0,0 +1,5 @@ + o Major features (security): + - Block authority signing keys that were used on an authorities + vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160). + (We don't have any evidence that these keys _were_ compromised; + we're doing this to be prudent.) Resolves ticket 11464. diff --git a/changes/bug11519 b/changes/bug11519 new file mode 100644 index 000000000..5c1e6af7e --- /dev/null +++ b/changes/bug11519 @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Avoid sending an garbage value to the controller when a circuit is + cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha. diff --git a/changes/bug7164_downgrade b/changes/bug7164_downgrade new file mode 100644 index 000000000..4d75586bb --- /dev/null +++ b/changes/bug7164_downgrade @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Downgrade the warning severity for the the "md was still referenced 1 + node(s)" warning. Tor 0.2.5.4-alpha has better code for trying to + diagnose this bug, and the current warning in earlier versions of + tor achieves nothing useful. Addresses warning from bug 7164. + diff --git a/changes/bug9229 b/changes/bug9229 new file mode 100644 index 000000000..ad7fd22c2 --- /dev/null +++ b/changes/bug9229 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Avoid 60-second delays in the bootstrapping process when Tor + is launching for a second time while using bridges. Fixes bug 9229; + bugfix on 0.2.0.3-alpha. + diff --git a/changes/bug9686_024 b/changes/bug9686_024 new file mode 100644 index 000000000..8705379d3 --- /dev/null +++ b/changes/bug9686_024 @@ -0,0 +1,5 @@ + o Minor features (security): + - Decrease the lower limit of MaxMemInCellQueues to 256 MBytes (but leave + the default at 8GBytes), to better support Raspberry Pi users. Fixes + bug 9686; bugfix on 0.2.4.14-alpha. + diff --git a/changes/ff28_ciphers b/changes/ff28_ciphers new file mode 100644 index 000000000..05eb4e9bc --- /dev/null +++ b/changes/ff28_ciphers @@ -0,0 +1,6 @@ + o Minor features (performance, compatibility): + - Update the list of TLS cipehrsuites that a client advertises + to match those advertised by Firefox 28. This enables selection of + (fast) GCM ciphersuites, disables some strange old ciphers, and + disables the ECDH (not to be confused with ECDHE) ciphersuites. + Resolves ticket 11438. diff --git a/changes/md_leak_bug b/changes/md_leak_bug new file mode 100644 index 000000000..26270aacc --- /dev/null +++ b/changes/md_leak_bug @@ -0,0 +1,5 @@ + o Major bugfixes (security, OOM) + - Fix a memory leak that could occur if a microdescriptor parse + fails during the tokenizing step. This could enable a memory + exhaustion attack by directory servers. Fixes bug #11649; bugfix + on 0.2.2.6-alpha. |