commit 8d005d56e9a2e7d1bffe433ebfed6067e23d3c96 Author: Roger Dingledine arma@torproject.org Date: Fri Apr 25 21:31:06 2014 -0400
promote two stanzas; shuffle around two more --- ChangeLog | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 1448fa7..88c96dc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,10 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 have accumulated many known flaws; everyone should upgrade.
o Major features (security): + - If you don't specify MaxMemInQueues yourself, Tor now tries to + pick a good value based on your total system memory. Previously, + the default was always 8 GB. You can still override the default by + setting MaxMemInQueues yourself. Resolves ticket 11396. - Block authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL (CVE-2014-0160). (We don't have any evidence that these keys _were_ compromised; we're @@ -63,6 +67,11 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 advertising the ECDH (not to be confused with ECDHE) ciphersuites. Resolves ticket 11438.
+ o Major bugfixes (bridge client): + - Avoid 60-second delays in the bootstrapping process when Tor is + launching for a second time while using bridges. Fixes bug 9229; + bugfix on 0.2.0.3-alpha. + o Minor features (Transparent proxy, *BSD): - Support FreeBSD's ipfw firewall interface for TransPort ports on FreeBSD. To enable it, set "TransProxyType ipfw". Resolves ticket @@ -77,9 +86,9 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 o Minor features (security): - New --enable-expensive-hardening option to enable security hardening options that consume nontrivial amounts of CPU and - memory. Right now, this includes AddressSanitizer and UbSan, which - are supported in newer versions of GCC and Clang. Closes ticket - 11477. + memory. Right now, this includes AddressSanitizer and UbSan, + which are supported in newer versions of GCC and Clang. Closes + ticket 11477.
o Minor features (log verbosity): - Demote the message that we give when a flushing connection times @@ -89,20 +98,16 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 about downloading descriptors. Previously, we'd log a notice whenever we learned about more routers. Now, we only log a notice at every 5% of progress. Fixes bug 9963. + - Warn less verbosely when receiving a malformed ESTABLISH_RENDEZVOUS + cell. Fixes ticket 11279. + - When we run out of usable circuit IDs on a channel, log only one + warning for the whole channel, and describe how many circuits + there were on the channel. Fixes part of ticket 11553.
o Minor features (relay): - - If you don't specify MaxMemInQueues yourself, Tor now tries to - pick a good value based on your total system memory. Previously, - the default was always 8 GB. You can still override the default by - setting MaxMemInQueues yourself. Resolves ticket 11396. - If a circuit timed out for at least 3 minutes, check if we have a new external IP address, and publish a new descriptor with the new IP address if it changed. Resolves ticket 2454. - - Warn less verbosely when receiving a malformed - ESTABLISH_RENDEZVOUS cell. Fixes ticket 11279. - - When we run out of usable circuit IDs on a channel, log only one - warning for the whole channel, and describe how many circuits - there were on the channel. Fixes part of ticket 11553.
o Minor features (controller): - Make the entire exit policy available from the control port via @@ -146,9 +151,6 @@ Changes in version 0.2.5.4-alpha - 2014-04-25 - Avoid a 60-second delay in the bootstrapping process when a Tor client with pluggable transports re-reads its configuration at just the wrong time. Re-fixes bug 11156; bugfix on 0.2.5.3-alpha. - - Avoid 60-second delays in the bootstrapping process when Tor is - launching for a second time while using bridges. Fixes bug 9229; - bugfix on 0.2.0.3-alpha.
o Minor bugfixes (client, logging during bootstrap): - Warn only once if we start logging in an unsafe way. Previously, we