commit 1dc4e86e412c21e115e3f4ef3512a9f430262596 Author: Nick Mathewson nickm@torproject.org Date: Mon May 15 18:28:06 2017 -0400

finish 0.3.0.7 changelog --- ChangeLog | 14 ++++++++++++-- changes/bug22246 | 6 ------ 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog index 49f2cd0..4a202cf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,15 @@ -Changes in version 0.3.0.7 - 2017-05-1? - blurb blurb blurb +Changes in version 0.3.0.7 - 2017-05-15 + Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions + of Tor 0.3.0.x, where an attacker could cause a Tor relay process to + exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; + clients are not affected. + + o Major bugfixes (hidden service directory, security): + - Fix an assertion failure in the hidden service directory code, + which could be used by an attacker to remotely cause a Tor relay + process to exit. Relays running earlier versions of Tor 0.3.0.x + should upgrade. This security issue is tracked as tracked as + TROVE-2017-002. Fixes bug 22246; bugfix on 0.3.0.1-alpha.

o Minor features: - Update geoip and geoip6 to the May 2 2017 Maxmind GeoLite2 diff --git a/changes/bug22246 b/changes/bug22246 deleted file mode 100644 index dbdf31a..0000000 --- a/changes/bug22246 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (hidden service directory, security): - - Fix an assertion failure in the hidden service directory code, which - could be used by an attacker to remotely cause a Tor relay process to - exit. Relays running earlier versions of Tor 0.3.0.x should upgrade. - This security issue is tracked as tracked as - TROVE-2017-002. Fixes bug 22246; bugfix on 0.3.0.1-alpha.