commit 151ab614421eed48ba2f39518695b8ee08206904 Author: Roger Dingledine arma@torproject.org Date: Fri Mar 11 17:38:55 2011 -0500
put the 0.2.1.30 changes into releasenotes --- ReleaseNotes | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 51 insertions(+), 0 deletions(-)
diff --git a/ReleaseNotes b/ReleaseNotes index 9562133..7ba473e 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -3,6 +3,57 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file.
+Changes in version 0.2.1.30 - 2011-02-23 + Tor 0.2.1.30 fixes a variety of less critical bugs. The main other + change is a slight tweak to Tor's TLS handshake that makes relays + and bridges that run this new version reachable from Iran again. + We don't expect this tweak will win the arms race long-term, but it + buys us time until we roll out a better solution. + + o Major bugfixes: + - Stop sending a CLOCK_SKEW controller status event whenever + we fetch directory information from a relay that has a wrong clock. + Instead, only inform the controller when it's a trusted authority + that claims our clock is wrong. Bugfix on 0.1.2.6-alpha; fixes + the rest of bug 1074. + - Fix a bounds-checking error that could allow an attacker to + remotely crash a directory authority. Bugfix on 0.2.1.5-alpha. + Found by "piebeer". + - If relays set RelayBandwidthBurst but not RelayBandwidthRate, + Tor would ignore their RelayBandwidthBurst setting, + potentially using more bandwidth than expected. Bugfix on + 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. + - Ignore and warn if the user mistakenly sets "PublishServerDescriptor + hidserv" in her torrc. The 'hidserv' argument never controlled + publication of hidden service descriptors. Bugfix on 0.2.0.1-alpha. + + o Minor features: + - Adjust our TLS Diffie-Hellman parameters to match those used by + Apache's mod_ssl. + - Update to the February 1 2011 Maxmind GeoLite Country database. + + o Minor bugfixes: + - Check for and reject overly long directory certificates and + directory tokens before they have a chance to hit any assertions. + Bugfix on 0.2.1.28. Found by "doorss". + - Bring the logic that gathers routerinfos and assesses the + acceptability of circuits into line. This prevents a Tor OP from + getting locked in a cycle of choosing its local OR as an exit for a + path (due to a .exit request) and then rejecting the circuit because + its OR is not listed yet. It also prevents Tor clients from using an + OR running in the same instance as an exit (due to a .exit request) + if the OR does not meet the same requirements expected of an OR + running elsewhere. Fixes bug 1859; bugfix on 0.1.0.1-rc. + + o Packaging changes: + - Stop shipping the Tor specs files and development proposal documents + in the tarball. They are now in a separate git repository at + git://git.torproject.org/torspec.git + - Do not include Git version tags as though they are SVN tags when + generating a tarball from inside a repository that has switched + between branches. Bugfix on 0.2.1.15-rc; fixes bug 2402. + + Changes in version 0.2.1.29 - 2011-01-15 Tor 0.2.1.29 continues our recent code security audit work. The main fix resolves a remote heap overflow vulnerability that can allow remote
tor-commits@lists.torproject.org