[tor/release-0.2.2] slight correction on the already published changelog

28 Oct 2011

commit 30722de8fafec4be7e6f1e4ad22d5cdf465b15f7
Author: Roger Dingledine <arma@torproject.org>
Date:   Thu Oct 27 20:13:10 2011 -0400

    slight correction on the already published changelog
---
 ChangeLog    |    8 ++++----
 ReleaseNotes |    8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index db59365..af378f5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,10 +27,10 @@ Changes in version 0.2.2.34 - 2011-10-26
 
   o Privacy/anonymity fixes (clients):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a
diff --git a/ReleaseNotes b/ReleaseNotes
index 1fec570..5ed2539 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -32,10 +32,10 @@ Changes in version 0.2.2.34 - 2011-10-26
 
   o Privacy/anonymity fixes (clients):
     - Clients and bridges no longer send TLS certificate chains on
-      outgoing OR connections. Previously, each client or bridge
-      would use the same cert chain for all outgoing OR connections
-      for up to 24 hours, which allowed any relay that the client or
-      bridge contacted to determine which entry guards it is using.
+      outgoing OR connections. Previously, each client or bridge would
+      use the same cert chain for all outgoing OR connections until
+      its IP address changes, which allowed any relay that the client
+      or bridge contacted to determine which entry guards it is using.
       Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
     - If a relay receives a CREATE_FAST cell on a TLS connection, it
       no longer considers that connection as suitable for satisfying a

    

arma＠torproject.org

tags

participants (1)