commit 579a73c9bc3f9c71308541f4df6f19430fa7412a Author: Nick Mathewson nickm@torproject.org Date: Thu Jul 16 15:55:54 2015 -0400
Start changelog sections that are straight copies from 0.2.6 --- ChangeLog | 68 +++++++++++++++++++++++++++++ changes/bug16013 | 5 --- changes/bug16030 | 3 -- changes/bug16164 | 4 -- changes/bug16212 | 5 --- changes/bug16244 | 7 --- changes/bug16247 | 5 --- changes/bug16360-failed-crypto-early-init | 7 --- changes/bug16363 | 4 -- changes/bug16381 | 13 ------ changes/bug16400 | 5 --- changes/geoip-june2015 | 3 -- changes/geoip6-june2015 | 3 -- changes/ticket8243 | 7 --- 14 files changed, 68 insertions(+), 71 deletions(-)
diff --git a/ChangeLog b/ChangeLog index aa53893..af3b00d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,73 @@ Changes in version 0.2.7.2-alpha - 2015-07-??
+ o Major bugfixes (client-side privacy, also in 0.2.6.9): + - Properly separate out each SOCKSPort when applying stream + isolation. The error occurred because each port's session group was + being overwritten by a default value when the listener connection + was initialized. Fixes bug 16247; bugfix on 0.2.6.3-alpha. Patch + by "jojelino". + + o Minor feature (directory authorities, security, also in 0.2.6.9): + - The HSDir flag given by authorities now requires the Stable flag. + For the current network, this results in going from 2887 to 2806 + HSDirs. Also, it makes it harder for an attacker to launch a sybil + attack by raising the effort for a relay to become Stable which + takes at the very least 7 days to do so and by keeping the 96 + hours uptime requirement for HSDir. Implements ticket 8243. + + o Minor bugfixes (compilation, also in 0.2.6.9): + - Build with --enable-systemd correctly when libsystemd is + installed, but systemd is not. Fixes bug 16164; bugfix on + 0.2.6.3-alpha. Patch from Peter Palfrader. + + o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.9): + - Fix sandboxing to work when running as a relaymby renaming of + secret_id_key, and allowing the eventfd2 and futex syscalls. Fixes + bug 16244; bugfix on 0.2.6.1-alpha. Patch by Peter Palfrader. + - Allow systemd connections to work with the Linux seccomp2 sandbox + code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. Patch by + Peter Palfrader. + + o Minor bugfixes (tests, also in 0.2.6.9): + - Fix a crash in the unit tests when built with MSVC2013. Fixes bug + 16030; bugfix on 0.2.6.2-alpha. Patch from "NewEraCracker". + + o Major bugfixes (hidden service clients, stability, also in 0.2.6.10): + - Stop refusing to store updated hidden service descriptors on a + client. This reverts commit 9407040c59218 (which indeed fixed bug + 14219, but introduced a major hidden service reachability + regression detailed in bug 16381). This is a temporary fix since + we can live with the minor issue in bug 14219 (it just results in + some load on the network) but the regression of 16381 is too much + of a setback. First-round fix for bug 16381; bugfix + on 0.2.6.3-alpha. + + o Major bugfixes (stability, also in 0.2.6.10): + - Stop crashing with an assertion failure when parsing certain kinds + of malformed or truncated microdescriptors. Fixes bug 16400; + bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch + by "cypherpunks_backup". + - Stop random client-side assertion failures that could occur when + connecting to a busy hidden service, or connecting to a hidden + service while a NEWNYM is in progress. Fixes bug 16013; bugfix + on 0.1.0.1-rc. + + o Minor features (geoip, also in 0.2.6.10): + - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database. + - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database. + + o Minor bugfixes (crypto error-handling, also in 0.2.6.10): + - Check for failures from crypto_early_init, and refuse to continue. + A previous typo meant that we could keep going with an + uninitialized crypto library, and would have OpenSSL initialize + its own PRNG. Fixes bug 16360; bugfix on 0.2.5.2-alpha, introduced + when implementing ticket 4900. Patch by "teor". + + o Minor bugfixes (Linux seccomp2 sandbox, also in 0.2.6.10): + - Allow pipe() and pipe2() syscalls in the seccomp2 sandbox: we need + these when eventfd2() support is missing. Fixes bug 16363; bugfix + on 0.2.6.3-alpha. Patch from "teor". +
Changes in version 0.2.6.10 - 2015-07-12 Tor version 0.2.6.10 fixes some significant stability and hidden diff --git a/changes/bug16013 b/changes/bug16013 deleted file mode 100644 index d194c60..0000000 --- a/changes/bug16013 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (hidden service, stability): - - Stop randomly crashing with an assertion failure when connecting to a - busy hidden service, or connecting to a hidden service while a NEWNYM - is in progress. Fixes bug 16013; bugfix on 0.1.0.1-rc. - diff --git a/changes/bug16030 b/changes/bug16030 deleted file mode 100644 index c14fd62..0000000 --- a/changes/bug16030 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (tests): - - Fix a crash in the unit tests on MSVC2013. Fixes bug 16030; bugfix on - 0.2.6.2-alpha. Patch from "NewEraCracker". \ No newline at end of file diff --git a/changes/bug16164 b/changes/bug16164 deleted file mode 100644 index fbb383c..0000000 --- a/changes/bug16164 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): - - Build with --enable-systemd correctly when libsystemd is installed, - but systemd is not. Fixes bug 16164, bugfix on 0.2.6.3-alpha. Patch - from Peter Palfrader. diff --git a/changes/bug16212 b/changes/bug16212 deleted file mode 100644 index bc12463..0000000 --- a/changes/bug16212 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (sandbox, systemd): - - Allow systemd connections to work with the Linux seccomp2 sandbox - code. Fixes bug 16212; bugfix on 0.2.6.2-alpha. - Patch by Peter Palfrader. - diff --git a/changes/bug16244 b/changes/bug16244 deleted file mode 100644 index 00bc557..0000000 --- a/changes/bug16244 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (sandbox, relay): - - Fix sandboxing to work when running as a relay again. This - includes correctly allowing renaming secret_id_key and - allowing the eventfd2 and futex syscalls. - Fixes bug 16244; bugfix on 0.2.6.1-alpha. - Patch by Peter Palfrader. - diff --git a/changes/bug16247 b/changes/bug16247 deleted file mode 100644 index 9464b1c..0000000 --- a/changes/bug16247 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (client-side privacy): - - Properly separate out each SOCKSPort when applying stream isolation. - The error occured because each port's session group was being - overwritten by a default value. Fixes bug 16247; bugfix on - 0.2.6.3-alpha. Patch by "jojelino". diff --git a/changes/bug16360-failed-crypto-early-init b/changes/bug16360-failed-crypto-early-init deleted file mode 100644 index 21972bc..0000000 --- a/changes/bug16360-failed-crypto-early-init +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (crypto error-handling): - - If crypto_early_init fails, a typo in a return value from tor_init - means that tor_main continues running, rather than returning - an error value. - Fixes bug 16360; bugfix on d3fb846d8c98 in 0.2.5.2-alpha, - introduced when implementing #4900. - Patch by "teor". diff --git a/changes/bug16363 b/changes/bug16363 deleted file mode 100644 index 1a6f8c6..0000000 --- a/changes/bug16363 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (Linux seccomp2 sandbox): - - Allow pipe() and pipe2() syscalls; we need these when eventfd2() - support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha. - Patch from "teor". diff --git a/changes/bug16381 b/changes/bug16381 deleted file mode 100644 index 51a9b53..0000000 --- a/changes/bug16381 +++ /dev/null @@ -1,13 +0,0 @@ - o Major bugfix (Hidden service client) - - Revert commit 9407040c592184e05e45a3c1a00739c2dd302288 of bug #14219 - that indeed fixed an issue but introduced a major hidden service - reachability regression detailed in bug #16381. This is a temporary - fix since we can live with the minor issue in #14219 but the - regression introduced is too much of a set back. - - To be clear, #14219 bug just results in some load on the network, and - some delay for the client when visiting a hidden service that will - ultimately fail. - - This is only a bandaid for #16381 thus it does _not_ fixes it. bugfix - on tor-0.2.6.3-alpha~138. diff --git a/changes/bug16400 b/changes/bug16400 deleted file mode 100644 index 3e5f9c5..0000000 --- a/changes/bug16400 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Do not crash with an assertion error when parsing certain kinds - of malformed or truncated microdescriptors. Fixes bug 16400; - bugfix on 0.2.6.1-alpha. Found by "torkeln"; fix based on a patch by - "cypherpunks_backup". diff --git a/changes/geoip-june2015 b/changes/geoip-june2015 deleted file mode 100644 index 9d6cd36..0000000 --- a/changes/geoip-june2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip to the June 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/geoip6-june2015 b/changes/geoip6-june2015 deleted file mode 100644 index 527dbff..0000000 --- a/changes/geoip6-june2015 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update geoip6 to the June 3 2015 Maxmind GeoLite2 Country database. - diff --git a/changes/ticket8243 b/changes/ticket8243 deleted file mode 100644 index 8946a21..0000000 --- a/changes/ticket8243 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor feature: - - The HSDir flag given by authorities now requires the Stable flag. For - the current network, this results in going from 2887 to 2806 HSDirs. - Also, it makes it harder for an attacker to launch a sybil attack by - raising the effort for a relay to become Stable which takes at the - very least 7 days to do so and by keeping the 96 hours uptime - requirement for HSDir. Implements ticket #8243.