commit 4984e60a7f58056ed741bb68308e3b437bd7fdd7 Author: Roger Dingledine arma@torproject.org Date: Thu Oct 25 16:00:23 2012 -0400
update the release notes too --- ChangeLog | 2 +- ReleaseNotes | 28 ++++++++++++++++------------ 2 files changed, 17 insertions(+), 13 deletions(-)
diff --git a/ChangeLog b/ChangeLog index fbeb6d6..5966913 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,7 +7,7 @@ Changes in version 0.2.3.24-rc - 2012-10-25 o Major bugfixes (security): - Fix a group of remotely triggerable assertion failures related to incorrect link protocol negotiation. Found, diagnosed, and fixed - by "some guy from France." Fix for CVE-2012-2250; bugfix on + by "some guy from France". Fix for CVE-2012-2250; bugfix on 0.2.3.6-alpha. - Fix a denial of service attack by which any directory authority could crash all the others, or by which a single v2 directory diff --git a/ReleaseNotes b/ReleaseNotes index db82dc1..5717330 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -260,6 +260,22 @@ Changes in version 0.2.3.x - 2012-10-?? was closed. Fixes bug 7139; bugfix on all versions of Tor linked against OpenSSL 1.0.0 or later. Found by Florent Daignière.
+ o Major bugfixes (crashes and asserts): + - Avoid a pair of double-free and use-after-mark bugs that can + occur with certain timings in canceled and re-received DNS + requests. Fixes bug 6472; bugfix on 0.0.7rc1. + - Fix a denial of service attack by which any directory authority + could crash all the others, or by which a single v2 directory + authority could crash everybody downloading v2 directory + information. Fixes bug 7191; bugfix on 0.2.0.10-alpha. + - Fix an assert that directory authorities could trigger on sighup + during some configuration state transitions. We now don't treat + it as a fatal error when the new descriptor we just generated in + init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha. + - Avoid segfault when starting up having run with an extremely old + version of Tor and parsing its state file. Fixes bug 6801; bugfix + on 0.2.2.23-alpha. + o Major bugfixes (clients): - If we are unable to find any exit that supports our predicted ports, stop calling them predicted, so that we don't loop and build @@ -543,18 +559,6 @@ Changes in version 0.2.3.x - 2012-10-?? structures. Fixes issue 3135; issue noted by "wanoskarnet". - Shorten links in the tor-exit-notice file. Patch by Christian Kujau.
- o Minor bugfixes (crashes and asserts): - - Avoid a pair of double-free and use-after-mark bugs that can - occur with certain timings in canceled and re-received DNS - requests. Fixes bug 6472; bugfix on 0.0.7rc1. - - Fix an assert that directory authorities could trigger on sighup - during some configuration state transitions. We now don't treat - it as a fatal error when the new descriptor we just generated in - init_keys() isn't accepted. Fixes bug 4438; bugfix on 0.2.1.9-alpha. - - Avoid segfault when starting up having run with an extremely old - version of Tor and parsing its state file. Fixes bug 6801; bugfix - on 0.2.2.23-alpha. - o Minor bugfixes (code security): - Prevent a null-pointer dereference when receiving a data cell for a nonexistent stream when the circuit in question has an