commit 6c02f4d2e3103cf48c3d47b311ddbb07b308d8a1 Author: Roger Dingledine arma@torproject.org Date: Thu Jan 5 18:38:32 2012 -0500
fold in the next 0.2.2 changes --- ChangeLog | 56 +++++++++++++++++++++++++++++++++++++++++++++ changes/bug1240 | 8 ------ changes/bug4786 | 9 ------- changes/bug4788 | 6 ----- changes/bug4803 | 4 --- changes/bug4822 | 13 ---------- changes/clang_30_options | 5 ---- changes/geoip-january2012 | 3 -- changes/timersub_bug | 7 ----- 9 files changed, 56 insertions(+), 55 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 55bd9f7..cb1b764 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,59 @@ +Changes in version 0.2.2.36 - 2012-01-06 + o Major security workaround: + - When building or running with any version of OpenSSL earlier + than 0.9.8s or 1.0.0f, disable SSLv3 support. These OpenSSL + versions had a bug (CVE-2011-4576) in which their block cipher + padding included uninitialized data, potentially leaking sensitive + information to any peer with whom they made a SSLv3 connection. Tor + does not use SSL v3 by default, but a hostile client or server + could force an SSLv3 connection in order to gain information that + they shouldn't have been able to get. The best solution here is to + upgrade to OpenSSL 0.9.8s or 1.0.0f (or later). But when building + or running with a non-upgraded OpenSSL, we should instead make + sure that the bug can't happen by disabling SSLv3 entirely. + + o Major bugfixes: + - Provide correct replacements for the timeradd() and timersub() + functions for platforms that lack them (for example, windows). The + timersub() function is used when expiring circuits, timeradd() is + currently unused. Patch written by Vektor, who also reported the + bug. Thanks! Bugfix on 0.2.2.24-alpha/0.2.3.1-alpha, fixes bug 4778. + + o Minor bugfixes: + - When running with an older Linux kernel that erroneously responds + to strange nmap behavior by having accept() return successfully + with a zero-length socket, just close the connection. Previously, + we would try harder to learn the remote address: but there was + no such remote address to learn, and our method for trying to + learn it was incorrect. Fixes bugs 1240, 4745, and 4747. Bugfix + on 0.1.0.3-rc. Reported and diagnosed by "r1eo". + - Correctly spell "connect" in a log message when creating a + controlsocket fails. Fixes bug 4803; bugfix on 0.2.2.26-beta and + 0.2.3.2-alpha. + + o Minor features: + - Directory servers now reject versions of Tor older than 0.2.1.30, + and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha + (inclusive). These versions accounted for only a small fraction of + the Tor network, and have numerous known security issues. Resolves + issue 4788. + - Update to the January 3 2012 Maxmind GeoLite Country database. + + - Feature removal: + - When sending or relaying a RELAY_EARLY cell, we used to convert + it to a RELAY cell if the connection was using the v1 link + protocol. This was a workaround for older versions of Tor, which + didn't handle RELAY_EARLY cells properly. Now that all supported + versions can handle RELAY_EARLY cells, and now that we're enforcing + the "no RELAY_EXTEND commands except in RELAY_EARLY cells" rule, + we're removing this workaround. Addresses bug 4786. + + o Code simplifications and refactoring: + - During configure, detect when we're building with clang version + 3.0 or lower and disable the -Wnormalized=id and -Woverride-init + CFLAGS. clang doesn't support them yet. + + Changes in version 0.2.2.35 - 2011-12-16 Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's buffers code. Absolutely everybody should upgrade. diff --git a/changes/bug1240 b/changes/bug1240 deleted file mode 100644 index 6570664..0000000 --- a/changes/bug1240 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes: - - When running with an older Linux kernel that erroneously responds - to strange nmap behavior by having accept() return successfully - with a zero-length socket, just close the connection. Previously, - we would try harder to learn the remote address: but there was no - such remote address to learn, and our method for trying to learn - it was incorrect. Fixes bugs #1240, #4745, and #4747. Bugfix on - 0.1.0.3-rc. Reported and diagnosed by "r1eo". diff --git a/changes/bug4786 b/changes/bug4786 deleted file mode 100644 index 7c1c60f..0000000 --- a/changes/bug4786 +++ /dev/null @@ -1,9 +0,0 @@ - - Feature removal: - - When sending or relaying a RELAY_EARLY cell, we used to convert - it to a RELAY cell if the connection was using the v1 link - protocol. This was a workaround for older versions of Tor, which - didn't handle RELAY_EARLY cells properly. Now that all supported - versions can handle RELAY_EARLY cells, and now that we're - enforcing the "no RELAY_EXTEND commands except in RELAY_EARLY - cells" rule, we're removing this workaround. Addresses bug 4786. - diff --git a/changes/bug4788 b/changes/bug4788 deleted file mode 100644 index d65c001..0000000 --- a/changes/bug4788 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor features (directory server): - - Directory servers now reject versions of Tor older than 0.2.1.30, - and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha - (inclusive). These versions accounted for only a small fraction of - the Tor network, and have numerous known security issues. Resolves - issue #4788. diff --git a/changes/bug4803 b/changes/bug4803 deleted file mode 100644 index cd25266..0000000 --- a/changes/bug4803 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Correctly spell "connect" in a log message when creating a controlsocket - fails. Fixes bug 4803; bugfix on 0.2.2.26-beta/0.2.3.2-alpha. - diff --git a/changes/bug4822 b/changes/bug4822 deleted file mode 100644 index 73f43f0..0000000 --- a/changes/bug4822 +++ /dev/null @@ -1,13 +0,0 @@ - o Major security workaround: - - When building or running with any version of OpenSSL earlier - than 0.9.8s or 1.0.0f, disable SSLv3 support. These versions had - a bug (CVE-2011-4576) in which their block cipher padding - included uninitialized data, potentially leaking sensitive - information to any peer with whom they made a SSLv3 - connection. Tor does not use SSL v3 by default, but a hostile - client or server could force an SSLv3 connection in order to - gain information that they shouldn't have been able to get. The - best solution here is to upgrade to OpenSSL 0.9.8s or 1.0.0f (or - later). But when building or running with a non-upgraded - OpenSSL, we should instead make sure that the bug can't happen - by disabling SSLv3 entirely. diff --git a/changes/clang_30_options b/changes/clang_30_options deleted file mode 100644 index e8e34c8..0000000 --- a/changes/clang_30_options +++ /dev/null @@ -1,5 +0,0 @@ - o Code simplifications and refactoring: - - During configure, detect when we're building with clang version 3.0 or - lower and disable the -Wnormalized=id and -Woverride-init CFLAGS. - clang doesn't support them yet. - diff --git a/changes/geoip-january2012 b/changes/geoip-january2012 deleted file mode 100644 index 2f4180e..0000000 --- a/changes/geoip-january2012 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the January 3 2012 Maxmind GeoLite Country database. - diff --git a/changes/timersub_bug b/changes/timersub_bug deleted file mode 100644 index 9183862..0000000 --- a/changes/timersub_bug +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes: - - Provide correct replacements for the timeradd() and timersub() functions - for platforms that lack them (for example, windows). The timersub() - function is used when expiring circuits, timeradd() is currently unused. - Patch written by Vektor, who also reported the bug. Thanks! Bugfix - on 0.2.2.24-alpha/0.2.3.1-alpha, fixes bug 4778. -