commit 5d83c34ef9dccab311b9991abc3904ab409c5cfc Author: Nick Mathewson nickm@torproject.org Date: Thu Apr 11 10:26:41 2019 -0400
Light editing on changelog --- ChangeLog | 81 +++++++++++++++++++++++++++++---------------------------------- 1 file changed, 37 insertions(+), 44 deletions(-)
diff --git a/ChangeLog b/ChangeLog index 5e7256ddc..70c040544 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,7 @@ Changes in version 0.4.0.4-rc - 2019-04-11 Tor 0.4.0.4-rc is the first release candidate in its series; it fixes - several bugs from earlier versions, including some that had - affected stability. + several bugs from earlier versions, including some that had affected + stability, and one that prevented relays from working with NSS.
o Major bugfixes (NSS, relay): - When running with NSS, disable TLS 1.2 ciphersuites that use @@ -11,11 +11,15 @@ Changes in version 0.4.0.4-rc - 2019-04-11 Fixes bug 29241; bugfix on 0.3.5.1-alpha.
o Minor features (bandwidth authority): - - Make bandwidth authorities to ignore relays that are reported in - the bandwidth file with the key-value "vote=0". This change allows - to report the relays that were not measured due some failure and - diagnose the reasons without the bandwidth being included in the - bandwidth authorities vote. Closes ticket 29806. + - Make bandwidth authorities ignore relays that are reported in the + bandwidth file with the flag "vote=0". This change allows us to + report unmeasured relays for diagnostic reasons without including + their bandwidth in the bandwidth authorities' vote. Closes + ticket 29806. + - When a directory authority is using a bandwidth file to obtain the + bandwidth values that will be included in the next vote, serve + this bandwidth file at /tor/status-vote/next/bandwidth. Closes + ticket 21377.
o Minor features (circuit padding): - Stop warning about undefined behavior in the probability @@ -26,15 +30,9 @@ Changes in version 0.4.0.4-rc - 2019-04-11
o Minor features (continuous integration): - On Travis Rust builds, cleanup Rust registry and refrain from - caching target/ directory to speed up builds. Resolves + caching the "target/" directory to speed up builds. Resolves issue 29962.
- o Minor features (dircache): - - When a directory authority is using a bandwidth file to obtain the - bandwidth values that will be included in the next vote, serve - this bandwidth file at /tor/status-vote/next/bandwidth. Closes - ticket 21377. - o Minor features (dormant mode): - Add a DormantCanceledByStartup option to tell Tor that it should treat a startup event as cancelling any previous dormant state. @@ -58,17 +56,24 @@ Changes in version 0.4.0.4-rc - 2019-04-11 the vulnerable code is only reached when directory authorities read bandwidth files, but bandwidth files come from a trusted source (usually the authorities themselves). Furthermore, the - issue is only exploitable in rare (non-POSIX) 32-bit architectures + issue is only exploitable in rare (non-POSIX) 32-bit architectures, which are not used by any of the current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by Tobias Stoeckmann. + - Verify in more places that we are not about to create a buffer + with more than INT_MAX bytes, to avoid possible OOB access in the + event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and + fixed by Tobias Stoeckmann.
o Minor bugfix (continuous integration): - - Reset coverage state on disk after Travis CI has finished. This is - being done to prevent future gcda file merge errors which causes - the test suite for the process subsystem to fail. The process - subsystem was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix + - Reset coverage state on disk after Travis CI has finished. This + should prevent future coverage merge errors from causing the test + suite for the "process" subsystem to fail. The process subsystem + was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15. + - Terminate test-stem if it takes more than 9.5 minutes to run. + (Travis terminates the job after 10 minutes of no output.) + Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.
o Minor bugfixes (bootstrap reporting): - During bootstrap reporting, correctly distinguish pluggable @@ -80,25 +85,14 @@ Changes in version 0.4.0.4-rc - 2019-04-11 29824; bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119.
- o Minor bugfixes (CI): - - Terminate test-stem if it takes more than 9.5 minutes to run. - (Travis terminates the job after 10 minutes of no output.) - Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha. - o Minor bugfixes (circuitpadding testing): - - Minor tweaks to avoid very rare test failures related to timers - and monotime. Fixes bug 29500; bugfix on 0.4.0.1-alpha + - Minor tweaks to avoid rare test failures related to timers and + monotime. Fixes bug 29500; bugfix on 0.4.0.1-alpha
o Minor bugfixes (directory authorities): - Actually include the bandwidth-file-digest line in directory authority votes. Fixes bug 29959; bugfix on 0.4.0.2-alpha.
- o Minor bugfixes (hardening): - - Verify in more places that we are not about to create a buffer - with more than INT_MAX bytes, to avoid possible OOB access in the - event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and - fixed by Tobias Stoeckmann. - o Minor bugfixes (logging): - On Windows, when errors cause us to reload a consensus from disk, tell the user that we are retrying at log level "notice". @@ -108,20 +102,20 @@ Changes in version 0.4.0.4-rc - 2019-04-11 on 0.4.0.2-alpha.
o Minor bugfixes (pluggable transports): - - Restore old behaviour when it comes to discovering the path of a - given Pluggable Transport exe-file. Fixes bug 29874; bugfix - on 0.4.0.1-alpha. + - Restore old behavior when it comes to discovering the path of a + given Pluggable Transport executable file. A change in + 0.4.0.1-alpha had broken this behavior on paths containing a + space. Fixes bug 29874; bugfix on 0.4.0.1-alpha.
o Minor bugfixes (testing): - Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a recent test-network.sh to use new chutney features in CI. Fixes bug 29703; bugfix on 0.2.9.1-alpha. + - Fix a test failure on Windows caused by an unexpected "BUG" + warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix + on 0.2.9.3-alpha.
- o Minor bugfixes (testing, windows): - - Fix a test failure caused by an unexpected bug warning in our test - for tor_gmtime_r(-1). Fixes bug 29922; bugfix on 0.2.9.3-alpha. - - o Minor bugfixes (TLS protocol, integration tests): + o Minor bugfixes (TLS protocol): - When classifying a client's selection of TLS ciphers, if the client ciphers are not yet available, do not cache the result. Previously, we had cached the unavailability of the cipher list @@ -131,15 +125,14 @@ Changes in version 0.4.0.4-rc - 2019-04-11 bug 30021; bugfix on 0.2.4.8-alpha.
o Code simplification and refactoring: - - Introduce a connection_dir_buf_add() helper function that checks - for compress_state of dir_connection_t and automatically writes a - string to directory connection with or without compression. + - Introduce a connection_dir_buf_add() helper function that detects + whether compression is in use, and adds a string accordingly. Resolves issue 28816. - Refactor handle_get_next_bandwidth() to use connection_dir_buf_add(). Implements ticket 29897.
o Documentation: - - Clarify that Tor performs stream isolation between *Port listeners + - Clarify that Tor performs stream isolation among *Port listeners by default. Resolves issue 29121.
tor-commits@lists.torproject.org