This is an automated email from the git hooks/post-receive script.
dgoulet pushed a change to branch release-0.4.7 in repository tor.
from 0564a19f6a Merge branch 'tor-gitlab/mr/613' into maint-0.4.7 new f9acdd0630 Update geoip files to match ipfire location db, 2022/08/11. new 65ffb97c2f fallbackdir: Update list generated on August 11, 2022 new c65d8b2aad Merge branch 'maint-0.4.5' into maint-0.4.6 new 9b4d3ed492 Merge branch 'maint-0.4.6' into maint-0.4.7 new 56152a1048 version: Bump version to 0.4.5.13 new 3684e512ff Merge branch 'maint-0.4.5' into maint-0.4.6 new db4e226354 Merge branch 'maint-0.4.6' into maint-0.4.7 new 661c214f4b version: Bump version to 0.4.6.11 new eddd80b2c2 Merge branch 'maint-0.4.6' into maint-0.4.7 new 5021fb50ee release: ChangeLog and ReleaseNotes for 0.4.7.9 new cabfbb4f18 release: ChangeLog/ReleaseNotes fixes new f478be6dc7 version: Bump version to 0.4.7.9 new 7c8b87bcc4 Merge branch 'maint-0.4.7' into release-0.4.7
The 13 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
Summary of changes: ChangeLog | 75 + ReleaseNotes | 75 + changes/bug40639 | 5 - changes/bug40642 | 9 - changes/bug40644 | 8 - changes/bug40645 | 5 - changes/ticket40604 | 5 - changes/ticket40623 | 4 - changes/ticket40649 | 4 - changes/ticket40652 | 10 - configure.ac | 4 +- contrib/win32build/tor-mingw.nsi.in | 2 +- src/app/config/fallback_dirs.inc | 987 +- src/config/geoip | 55637 +++++++++++++++++++++++----------- src/config/geoip6 | 18884 ++++++------ src/win32/orconfig.h | 2 +- 16 files changed, 47495 insertions(+), 28221 deletions(-) delete mode 100644 changes/bug40639 delete mode 100644 changes/bug40642 delete mode 100644 changes/bug40644 delete mode 100644 changes/bug40645 delete mode 100644 changes/ticket40604 delete mode 100644 changes/ticket40623 delete mode 100644 changes/ticket40649 delete mode 100644 changes/ticket40652
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch release-0.4.7 in repository tor.
commit 5021fb50ee60d713e54efc4cc60620df1218e463 Author: Tor CI Release no-email@torproject.org AuthorDate: Thu Aug 11 13:40:44 2022 +0000
release: ChangeLog and ReleaseNotes for 0.4.7.9 --- ChangeLog | 68 +++++++++++++++++++++++++++++++++++++++++ ReleaseNotes | 68 +++++++++++++++++++++++++++++++++++++++++ changes/bug40639 | 5 --- changes/bug40642 | 9 ------ changes/bug40644 | 8 ----- changes/bug40645 | 5 --- changes/fallbackdirs-2022-08-11 | 2 -- changes/geoip-2022-08-11 | 3 -- changes/ticket40604 | 5 --- changes/ticket40623 | 4 --- changes/ticket40649 | 4 --- changes/ticket40652 | 10 ------ 12 files changed, 136 insertions(+), 55 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 0ed1710d7b..38c7dd6d22 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,71 @@ +INSERT SUMMARY BLURP + +Changes in version 0.4.7.9 - 2022-08-11 + o Major bugfixes (congestion control): + - Implement RFC3742 Limited Slow Start. Congestion control was + overshooting the congestion window during slow start, particularly + for onion service activity. With this fix, we now update the + congestion window more often during slow start, as well as dampen + the exponential growth when the congestion window grows above a + capping parameter. This should reduce the memory increases guard + relays were seeing, as well as allow us to set lower queue limits + to defend against ongoing DoS attacks. Fixes bug 40642; bugfix + on 0.4.7.5-alpha. + + o Major bugfixes (relay): + - Remove OR connections btrack subsystem entries when the + connections closes normally. Before this, we would only close it + on error and thus leaking memory for each normal OR connections. + Fixes bug 40604; bugfix on 0.4.0.1-alpha. + - Stop sending TRUNCATED cell and instead close the circuits which + sends a DESTROY cell so every relay in the circuit path can stop + queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. + + o Major bugfixes (vanguards): + - We had omitted some checks for whether our vanguards (second layer + guards from proposal 333) overlapped. Now make sure to pick each + of them to be independent. Also, change the design to allow them + to come from the same family. Fixes bug 40639; bugfix + on 0.4.7.1-alpha. + + o Minor features (dirauth): + - Add a torrc option to control the Guard flag bandwidth threshold + percentile. Closes ticket 40652. + - Add an AuthDirVoteGuard torrc option that can allow authorities to + assign the Guard flag to the given fingerprints/country code/IPs. + This is a needed feature mostly for defense purposes in case a DoS + hits the network and relay start losing the Guard flags too fast. + - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, + TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable + from torrc. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on August 11, 2022. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2022/08/11. + + o Minor bugfixes (congestion control): + - Add a check for an integer underflow condition that might happen + in cases where the system clock is stopped, the ORconn is blocked, + and the endpoint sends more than a congestion window worth of non- + data control cells at once. This would cause a large congestion + window to be calculated instead of a small one. No security + impact. Fixes bug 40644; bugfix on 0.4.7.5-alpha. + + o Minor bugfixes (defense in depth): + - Change a test in the netflow padding code to make it more + _obviously_ safe against remotely triggered crashes. (It was safe + against these before, but not obviously so.) Fixes bug 40645; + bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (relay): + - Do not propagate either forward or backward a DESTROY remote + reason when closing a circuit so to avoid a possible side channel. + Fixes bug 40649; bugfix on 0.1.2.4-alpha. + + Changes in version 0.4.7.8 - 2022-06-17 This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version diff --git a/ReleaseNotes b/ReleaseNotes index ae90f71510..708e7220c3 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,74 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file.
+INSERT SUMMARY BLURP + +Changes in version 0.4.7.9 - 2022-08-11 + o Major bugfixes (congestion control): + - Implement RFC3742 Limited Slow Start. Congestion control was + overshooting the congestion window during slow start, particularly + for onion service activity. With this fix, we now update the + congestion window more often during slow start, as well as dampen + the exponential growth when the congestion window grows above a + capping parameter. This should reduce the memory increases guard + relays were seeing, as well as allow us to set lower queue limits + to defend against ongoing DoS attacks. Fixes bug 40642; bugfix + on 0.4.7.5-alpha. + + o Major bugfixes (relay): + - Remove OR connections btrack subsystem entries when the + connections closes normally. Before this, we would only close it + on error and thus leaking memory for each normal OR connections. + Fixes bug 40604; bugfix on 0.4.0.1-alpha. + - Stop sending TRUNCATED cell and instead close the circuits which + sends a DESTROY cell so every relay in the circuit path can stop + queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. + + o Major bugfixes (vanguards): + - We had omitted some checks for whether our vanguards (second layer + guards from proposal 333) overlapped. Now make sure to pick each + of them to be independent. Also, change the design to allow them + to come from the same family. Fixes bug 40639; bugfix + on 0.4.7.1-alpha. + + o Minor features (dirauth): + - Add a torrc option to control the Guard flag bandwidth threshold + percentile. Closes ticket 40652. + - Add an AuthDirVoteGuard torrc option that can allow authorities to + assign the Guard flag to the given fingerprints/country code/IPs. + This is a needed feature mostly for defense purposes in case a DoS + hits the network and relay start losing the Guard flags too fast. + - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, + TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable + from torrc. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on August 11, 2022. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2022/08/11. + + o Minor bugfixes (congestion control): + - Add a check for an integer underflow condition that might happen + in cases where the system clock is stopped, the ORconn is blocked, + and the endpoint sends more than a congestion window worth of non- + data control cells at once. This would cause a large congestion + window to be calculated instead of a small one. No security + impact. Fixes bug 40644; bugfix on 0.4.7.5-alpha. + + o Minor bugfixes (defense in depth): + - Change a test in the netflow padding code to make it more + _obviously_ safe against remotely triggered crashes. (It was safe + against these before, but not obviously so.) Fixes bug 40645; + bugfix on 0.3.1.1-alpha. + + o Minor bugfixes (relay): + - Do not propagate either forward or backward a DESTROY remote + reason when closing a circuit so to avoid a possible side channel. + Fixes bug 40649; bugfix on 0.1.2.4-alpha. + + Changes in version 0.4.7.8 - 2022-06-17 This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version diff --git a/changes/bug40639 b/changes/bug40639 deleted file mode 100644 index d975e9ad22..0000000000 --- a/changes/bug40639 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (vanguards): - - We had omitted some checks for whether our vanguards (second layer - guards from proposal 333) overlapped. Now make sure to pick each - of them to be independent. Also, change the design to allow them to - come from the same family. Fixes bug 40639; bugfix on 0.4.7.1-alpha. diff --git a/changes/bug40642 b/changes/bug40642 deleted file mode 100644 index f50d87e031..0000000000 --- a/changes/bug40642 +++ /dev/null @@ -1,9 +0,0 @@ - o Major bugfixes (congestion control): - - Implement RFC3742 Limited Slow Start. Congestion control was - overshooting the congestion window during slow start, particularly for - onion service activity. With this fix, we now update the congestion - window more often during slow start, as well as dampen the exponential - growth when the congestion window grows above a capping parameter. - This should reduce the memory increases guard relays were seeing, as - well as allow us to set lower queue limits to defend against - ongoing DoS attacks. Fixes bug 40642; bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40644 b/changes/bug40644 deleted file mode 100644 index a27c63ede2..0000000000 --- a/changes/bug40644 +++ /dev/null @@ -1,8 +0,0 @@ - o Minor bugfixes (congestion control): - - Add a check for an integer underflow condition that might - happen in cases where the system clock is stopped, the - ORconn is blocked, and the endpoint sends more than a - congestion window worth of non-data control cells at once. - This would cause a large congestion window to be calculated - instead of a small one. No security impact. Fixes bug 40644; - bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40645 b/changes/bug40645 deleted file mode 100644 index 044d5b67d2..0000000000 --- a/changes/bug40645 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (defense in depth): - - Change a test in the netflow padding code to make it more - _obviously_ safe against remotely triggered crashes. - (It was safe against these before, but not obviously so.) - Fixes bug 40645; bugfix on 0.3.1.1-alpha. diff --git a/changes/fallbackdirs-2022-08-11 b/changes/fallbackdirs-2022-08-11 deleted file mode 100644 index 21200700ad..0000000000 --- a/changes/fallbackdirs-2022-08-11 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on August 11, 2022. diff --git a/changes/geoip-2022-08-11 b/changes/geoip-2022-08-11 deleted file mode 100644 index aad2392f1f..0000000000 --- a/changes/geoip-2022-08-11 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2022/08/11. diff --git a/changes/ticket40604 b/changes/ticket40604 deleted file mode 100644 index ec24a46e66..0000000000 --- a/changes/ticket40604 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (relay): - - Remove OR connections btrack subsystem entries when the connections - closes normally. Before this, we would only close it on error and thus - leaking memory for each normal OR connections. Fixes bug 40604; bugfix - on 0.4.0.1-alpha. diff --git a/changes/ticket40623 b/changes/ticket40623 deleted file mode 100644 index d2a0e7eaad..0000000000 --- a/changes/ticket40623 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (relay): - - Stop sending TRUNCATED cell and instead close the circuits which sends a - DESTROY cell so every relay in the circuit path can stop queuing cells. - Fixes bug 40623; bugfix on 0.1.0.2-rc. diff --git a/changes/ticket40649 b/changes/ticket40649 deleted file mode 100644 index 28df58f106..0000000000 --- a/changes/ticket40649 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (relay): - - Do not propagate either forward or backward a DESTROY remote reason when - closing a circuit so to avoid a possible side channel. Fixes bug 40649; - bugfix on 0.1.2.4-alpha. diff --git a/changes/ticket40652 b/changes/ticket40652 deleted file mode 100644 index ff9f4d0591..0000000000 --- a/changes/ticket40652 +++ /dev/null @@ -1,10 +0,0 @@ - o Minor features (dirauth): - - Add an AuthDirVoteGuard torrc option that can allow authorities to - assign the Guard flag to the given fingerprints/country code/IPs. This - is a needed feature mostly for defense purposes in case a DoS hits the - network and relay start losing the Guard flags too fast. - - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, - TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable from - torrc. - - Add a torrc option to control the Guard flag bandwidth threshold - percentile. Closes ticket 40652.
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch release-0.4.7 in repository tor.
commit cabfbb4f18cbcb22449d16e0c0a3d6f806c56b02 Author: David Goulet dgoulet@torproject.org AuthorDate: Thu Aug 11 10:29:33 2022 -0400
release: ChangeLog/ReleaseNotes fixes
Signed-off-by: David Goulet dgoulet@torproject.org --- ChangeLog | 31 +++++++++++++++++++------------ ReleaseNotes | 31 +++++++++++++++++++------------ 2 files changed, 38 insertions(+), 24 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 38c7dd6d22..66e575d1c8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,13 @@ -INSERT SUMMARY BLURP - Changes in version 0.4.7.9 - 2022-08-11 + This version contains several major fixes aimed at reducing memory pressure on + relays and possible side-channel. It also contains a major bugfix related to + congestion control also aimed at reducing memory pressure on relays. + Finally, there is last one major bugfix related to Vanguard L2 layer node + selection. + + We strongly recommend to upgrade to this version especially for Exit relays + in order to help the network defend against this ongoing DDoS. + o Major bugfixes (congestion control): - Implement RFC3742 Limited Slow Start. Congestion control was overshooting the congestion window during slow start, particularly @@ -13,13 +20,13 @@ Changes in version 0.4.7.9 - 2022-08-11 on 0.4.7.5-alpha.
o Major bugfixes (relay): - - Remove OR connections btrack subsystem entries when the - connections closes normally. Before this, we would only close it - on error and thus leaking memory for each normal OR connections. - Fixes bug 40604; bugfix on 0.4.0.1-alpha. - - Stop sending TRUNCATED cell and instead close the circuits which - sends a DESTROY cell so every relay in the circuit path can stop - queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. + - Remove OR connections btrack subsystem entries when the connections + close normally. Before this, we would only remove the entry on error and + thus leaking memory for each normal OR connections. Fixes bug 40604; + bugfix on 0.4.0.1-alpha. + - Stop sending TRUNCATED cell and instead close the circuit from which we + received a DESTROY cell. This makes every relay in the circuit path to + stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc.
o Major bugfixes (vanguards): - We had omitted some checks for whether our vanguards (second layer @@ -61,9 +68,9 @@ Changes in version 0.4.7.9 - 2022-08-11 bugfix on 0.3.1.1-alpha.
o Minor bugfixes (relay): - - Do not propagate either forward or backward a DESTROY remote - reason when closing a circuit so to avoid a possible side channel. - Fixes bug 40649; bugfix on 0.1.2.4-alpha. + - Do not propagate either forward or backward a DESTROY remote reason when + closing a circuit in order to avoid a possible side channel. Fixes bug + 40649; bugfix on 0.1.2.4-alpha.
Changes in version 0.4.7.8 - 2022-06-17 diff --git a/ReleaseNotes b/ReleaseNotes index 708e7220c3..da8f452df4 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,9 +2,16 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file.
-INSERT SUMMARY BLURP - Changes in version 0.4.7.9 - 2022-08-11 + This version contains several major fixes aimed at reducing memory pressure on + relays and possible side-channel. It also contains a major bugfix related to + congestion control also aimed at reducing memory pressure on relays. + Finally, there is last one major bugfix related to Vanguard L2 layer node + selection. + + We strongly recommend to upgrade to this version especially for Exit relays + in order to help the network defend against this ongoing DDoS. + o Major bugfixes (congestion control): - Implement RFC3742 Limited Slow Start. Congestion control was overshooting the congestion window during slow start, particularly @@ -17,13 +24,13 @@ Changes in version 0.4.7.9 - 2022-08-11 on 0.4.7.5-alpha.
o Major bugfixes (relay): - - Remove OR connections btrack subsystem entries when the - connections closes normally. Before this, we would only close it - on error and thus leaking memory for each normal OR connections. - Fixes bug 40604; bugfix on 0.4.0.1-alpha. - - Stop sending TRUNCATED cell and instead close the circuits which - sends a DESTROY cell so every relay in the circuit path can stop - queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. + - Remove OR connections btrack subsystem entries when the connections + close normally. Before this, we would only remove the entry on error and + thus leaking memory for each normal OR connections. Fixes bug 40604; + bugfix on 0.4.0.1-alpha. + - Stop sending TRUNCATED cell and instead close the circuit from which we + received a DESTROY cell. This makes every relay in the circuit path to + stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc.
o Major bugfixes (vanguards): - We had omitted some checks for whether our vanguards (second layer @@ -65,9 +72,9 @@ Changes in version 0.4.7.9 - 2022-08-11 bugfix on 0.3.1.1-alpha.
o Minor bugfixes (relay): - - Do not propagate either forward or backward a DESTROY remote - reason when closing a circuit so to avoid a possible side channel. - Fixes bug 40649; bugfix on 0.1.2.4-alpha. + - Do not propagate either forward or backward a DESTROY remote reason when + closing a circuit in order to avoid a possible side channel. Fixes bug + 40649; bugfix on 0.1.2.4-alpha.
Changes in version 0.4.7.8 - 2022-06-17
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch release-0.4.7 in repository tor.
commit 7c8b87bcc493f4335d00b519fd27403423ae905a Merge: cabfbb4f18 f478be6dc7 Author: David Goulet dgoulet@torproject.org AuthorDate: Thu Aug 11 10:29:36 2022 -0400
Merge branch 'maint-0.4.7' into release-0.4.7
configure.ac | 4 ++-- contrib/win32build/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-)
tor-commits@lists.torproject.org
-
gitolite role