This is an automated email from the git hooks/post-receive script.

dgoulet pushed a commit to branch release-0.4.7 in repository tor.

commit 7a78436b0ca327eaea56ade6e4bc562d0c710db5 Author: Tor CI Release no-email@torproject.org AuthorDate: Thu Jan 12 16:01:09 2023 +0000

release: ChangeLog and ReleaseNotes for 0.4.7.13 --- ChangeLog | 62 +++++++++++++++++++++++++++++++++++++++++ ReleaseNotes | 62 +++++++++++++++++++++++++++++++++++++++++ changes/bug40563 | 8 ------ changes/bug40732 | 7 ----- changes/fallbackdirs-2023-01-12 | 2 -- changes/geoip-2023-01-12 | 3 -- changes/ip_bind_address_no_port | 5 ---- changes/issue40613 | 3 -- changes/ticket40664 | 3 -- changes/ticket40727 | 3 -- changes/ticket40729 | 3 -- changes/ticket40730 | 5 ---- 12 files changed, 124 insertions(+), 42 deletions(-)

diff --git a/ChangeLog b/ChangeLog index f108973171..e07939071d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,65 @@ +Changes in version 0.4.7.13 - 2023-01-12 + This version contains three major bugfixes, two for relays and one for + client being a security fix, TROVE-2022-002. We have added, for Linux, the + support for IP_BIND_ADDRESS_NO_PORT for relays using OutboundBindAddress. + We strongly recommend to upgrade to this version considering the important + congestion control fix detailed below. + + o Major bugfixes (congestion control): + - Avoid incrementing the congestion window when the window is not + fully in use. Thia prevents overshoot in cases where long periods + of low activity would allow our congestion window to grow, and + then get followed by a burst, which would cause queue overload. + Also improve the increment checks for RFC3742. Fixes bug 40732; + bugfix on 0.4.7.5-alpha. + + o Major bugfixes (relay): + - When opening a channel because of a circuit request that did not + include an Ed25519 identity, record the Ed25519 identity that we + actually received, so that we can use the channel for other + circuit requests that _do_ list an Ed25519 identity. (Previously + we had code to record this identity, but a logic bug caused it to + be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch + from "cypherpunks". + + o Major bugfixes (TROVE-2022-002, client): + - The SafeSocks option had its logic inverted for SOCKS4 and + SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe + SOCKS4a one. This is TROVE-2022-002 which was reported on + Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. + + o Minor feature (authority): + - Reject 0.4.6.x series at the authority level. Closes ticket 40664. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on January 12, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/01/12. + + o Minor features (relays): + - Set the Linux-specific IP_BIND_ADDRESS_NO_PORT option on outgoing + sockets, allowing relays using OutboundBindAddress to make more + outgoing connections than ephemeral ports, as long as they are to + separate destinations. Related to issue 40597; patch by Alex + Xu (Hello71). + + o Minor bugfixes (relay, metrics): + - Fix typo in a congestion control label on the MetricsPort. Fixes + bug 40727; bugfix on 0.4.7.12. + + o Minor bugfixes (sandbox, authority): + - With the sandbox enabled, allow to write "my-consensus- + {ns|microdesc}" and to rename them as well. Fixes bug 40729; + bugfix on 0.3.5.1-alpha. + + o Code simplifications and refactoring: + - Rely on actual error returned by the kernel when choosing what + resource exhaustion to log. Fixes issue 40613; Fix + on tor-0.4.6.1-alpha. + + Changes in version 0.4.7.12 - 2022-12-06 This version contains a major change that is a new key for moria1. Also, new metrics are exported on the MetricsPort for the congestion control diff --git a/ReleaseNotes b/ReleaseNotes index 6dc9b19239..54e7374719 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,68 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file.

+Changes in version 0.4.7.13 - 2023-01-12 + This version contains three major bugfixes, two for relays and one for + client being a security fix, TROVE-2022-002. We have added, for Linux, the + support for IP_BIND_ADDRESS_NO_PORT for relays using OutboundBindAddress. + We strongly recommend to upgrade to this version considering the important + congestion control fix detailed below. + + o Major bugfixes (congestion control): + - Avoid incrementing the congestion window when the window is not + fully in use. Thia prevents overshoot in cases where long periods + of low activity would allow our congestion window to grow, and + then get followed by a burst, which would cause queue overload. + Also improve the increment checks for RFC3742. Fixes bug 40732; + bugfix on 0.4.7.5-alpha. + + o Major bugfixes (relay): + - When opening a channel because of a circuit request that did not + include an Ed25519 identity, record the Ed25519 identity that we + actually received, so that we can use the channel for other + circuit requests that _do_ list an Ed25519 identity. (Previously + we had code to record this identity, but a logic bug caused it to + be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch + from "cypherpunks". + + o Major bugfixes (TROVE-2022-002, client): + - The SafeSocks option had its logic inverted for SOCKS4 and + SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe + SOCKS4a one. This is TROVE-2022-002 which was reported on + Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha. + + o Minor feature (authority): + - Reject 0.4.6.x series at the authority level. Closes ticket 40664. + + o Minor features (fallbackdir): + - Regenerate fallback directories generated on January 12, 2023. + + o Minor features (geoip data): + - Update the geoip files to match the IPFire Location Database, as + retrieved on 2023/01/12. + + o Minor features (relays): + - Set the Linux-specific IP_BIND_ADDRESS_NO_PORT option on outgoing + sockets, allowing relays using OutboundBindAddress to make more + outgoing connections than ephemeral ports, as long as they are to + separate destinations. Related to issue 40597; patch by Alex + Xu (Hello71). + + o Minor bugfixes (relay, metrics): + - Fix typo in a congestion control label on the MetricsPort. Fixes + bug 40727; bugfix on 0.4.7.12. + + o Minor bugfixes (sandbox, authority): + - With the sandbox enabled, allow to write "my-consensus- + {ns|microdesc}" and to rename them as well. Fixes bug 40729; + bugfix on 0.3.5.1-alpha. + + o Code simplifications and refactoring: + - Rely on actual error returned by the kernel when choosing what + resource exhaustion to log. Fixes issue 40613; Fix + on tor-0.4.6.1-alpha. + + Changes in version 0.4.7.12 - 2022-12-06 This version contains a major change that is a new key for moria1. Also, new metrics are exported on the MetricsPort for the congestion control diff --git a/changes/bug40563 b/changes/bug40563 deleted file mode 100644 index e7a3deec6d..0000000000 --- a/changes/bug40563 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (relay): - - When opening a channel because of a circuit request that did not - include an Ed25519 identity, record the Ed25519 identity that we - actually received, so that we can use the channel for other circuit - requests that _do_ list an Ed25519 identity. - (Previously we had code to record this identity, but a logic bug - caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. - Patch from "cypherpunks". diff --git a/changes/bug40732 b/changes/bug40732 deleted file mode 100644 index f2388e7e8d..0000000000 --- a/changes/bug40732 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes (congestion control): - - Avoid incrementing the congestion window when the window is not - fully in use. Thia prevents overshoot in cases where long periods - of low activity would allow our congestion window to grow, and - then get followed by a burst, which would cause queue overload. - Also improve the increment checks for RFC3742. Fixes bug 40732; - bugfix on 0.4.7.5-alpha. diff --git a/changes/fallbackdirs-2023-01-12 b/changes/fallbackdirs-2023-01-12 deleted file mode 100644 index e3788a16ae..0000000000 --- a/changes/fallbackdirs-2023-01-12 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features (fallbackdir): - - Regenerate fallback directories generated on January 12, 2023. diff --git a/changes/geoip-2023-01-12 b/changes/geoip-2023-01-12 deleted file mode 100644 index 8378d34fbf..0000000000 --- a/changes/geoip-2023-01-12 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (geoip data): - - Update the geoip files to match the IPFire Location Database, - as retrieved on 2023/01/12. diff --git a/changes/ip_bind_address_no_port b/changes/ip_bind_address_no_port deleted file mode 100644 index 9c4f712a9e..0000000000 --- a/changes/ip_bind_address_no_port +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features (relays): - - Set the Linux-specific IP_BIND_ADDRESS_NO_PORT option on outgoing - sockets, allowing relays using OutboundBindAddress to make more outgoing - connections than ephemeral ports, as long as they are to separate - destinations. Related to issue 40597; patch by Alex Xu (Hello71). diff --git a/changes/issue40613 b/changes/issue40613 deleted file mode 100644 index 76434beba2..0000000000 --- a/changes/issue40613 +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplifications and refactoring: - - Rely on actual error returned by the kernel when choosing what resource - exhaustion to log. Fixes issue 40613; Fix on tor-0.4.6.1-alpha. diff --git a/changes/ticket40664 b/changes/ticket40664 deleted file mode 100644 index 729b6ff02a..0000000000 --- a/changes/ticket40664 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor feature (authority): - - Reject 0.4.6.x series at the authority level. Closes ticket 40664. - diff --git a/changes/ticket40727 b/changes/ticket40727 deleted file mode 100644 index ce462481f4..0000000000 --- a/changes/ticket40727 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (relay, metrics): - - Fix typo in a congestion control label on the MetricsPort. Fixes bug - 40727; bugfix on 0.4.7.12. diff --git a/changes/ticket40729 b/changes/ticket40729 deleted file mode 100644 index 1c2d43d14f..0000000000 --- a/changes/ticket40729 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (sandbox, authority): - - With the sandbox enabled, allow to write "my-consensus-{ns|microdesc}" and - to rename them as well. Fixes bug 40729; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket40730 b/changes/ticket40730 deleted file mode 100644 index f6d4c9de3b..0000000000 --- a/changes/ticket40730 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (TROVE-2022-002, client): - - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It - would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is - TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug - 40730; bugfix on 0.3.5.1-alpha.