diff options
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug2649a | 5 | ||||
| -rw-r--r-- | changes/bug2649b | 5 | ||||
| -rw-r--r-- | changes/bug3898a | 6 | ||||
| -rw-r--r-- | changes/bug3909 | 3 | ||||
| -rw-r--r-- | changes/bug3923 | 5 | ||||
| -rw-r--r-- | changes/replay-firstpart | 13 |
6 files changed, 37 insertions, 0 deletions
diff --git a/changes/bug2649a b/changes/bug2649a new file mode 100644 index 000000000..4ee31ebdb --- /dev/null +++ b/changes/bug2649a @@ -0,0 +1,5 @@ + o Minor features: + - Add a VoteOnHidServDirectoriesV2 configuration option to allow + directory authorities to abstain from voting on assignment of + the HSDir consensus flag. Related to bug 2649. + diff --git a/changes/bug2649b b/changes/bug2649b new file mode 100644 index 000000000..1ff14e556 --- /dev/null +++ b/changes/bug2649b @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Change the default required uptime for a relay to be accepted as + a HSDir from 24 hours to 25 hours. Bugfix on 0.2.0.10-alpha; + fixes bug 2649. + diff --git a/changes/bug3898a b/changes/bug3898a new file mode 100644 index 000000000..d40445e34 --- /dev/null +++ b/changes/bug3898a @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Correct the man page to explain that HashedControlPassword and + CookieAuthentication can both be set, in which case either method + is sufficient to authenticate to Tor. Bugfix on 0.2.0.7-alpha, + when we decided to allow these config options to both be set. Issue + raised by bug 3898. diff --git a/changes/bug3909 b/changes/bug3909 new file mode 100644 index 000000000..0b4b29203 --- /dev/null +++ b/changes/bug3909 @@ -0,0 +1,3 @@ + o Build fixes: + - Search for a platform-specific version of "ar" when cross-compiling. + Should fix builds on iOS. Found by Marco Bonetti. diff --git a/changes/bug3923 b/changes/bug3923 new file mode 100644 index 000000000..9c0e13882 --- /dev/null +++ b/changes/bug3923 @@ -0,0 +1,5 @@ + o Major bugfies: + - Avoid an assertion failure when reloading a configuration with + TrackExitHosts changes. Found and fixed by 'laruldan'. Fixes + bug 3923; bugfix on 0.2.2.25-alpha. + diff --git a/changes/replay-firstpart b/changes/replay-firstpart new file mode 100644 index 000000000..f4a7767fb --- /dev/null +++ b/changes/replay-firstpart @@ -0,0 +1,13 @@ + o Minor features (security): + + - Check for replays of the public-key encrypted portion of an + INTRODUCE1 cell, in addition to the current check for replays of + the g^x value. This prevents a possible class of active attacks + by an attacker who controls both an introduction point and a + rendezvous point, and who uses the malleability of AES-CTR to + alter the encrypted g^x portion of the INTRODUCE1 cell. We + think that these attacks is infeasible (requiring the attacker + to send on the order of zettabytes of altered cells in a short + interval), but we'd rather block them off in case there are any + classes of this attack that we missed. Reported by dvorak. + |