[tor-bugs] #20512 [Core Tor/Tor]: Make a Tor 0.2.7.7 release, with the patch for #20384

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 19 06:44:17 UTC 2016 

#20512: Make a Tor 0.2.7.7 release, with the patch for #20384
--------------------------+------------------------------------
 Reporter:  arma          |          Owner:
     Type:  task          |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: 0.2.7.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by arma):

 For the ones that I think we should backport, I have collected the actual
 commits here, so we can have a chance of somebody noticing that we're
 doing it wrong. :)

 > Directory authority keys (should include in 0.2.7.7):
 >
 > >         * #19728, #19690 (replace bridge authority)

 41ab23be, f60da192

 > >         * #19271 (remove urras from authority list)

 7ae34e72, 6b8c3d2b

 > >         * #17906 (dannenberg new key)

 11f63d26

 > Crashes and security bulletproofing (should include in 0.2.7.7):
 >
 > >         * #16248 (rare assert when using DNSPort)

 91d7cf50, 307b8635, e79da626

 > >         * #15221 (allow more syscalls without crashing when Sandbox 1
 is set)

 725e0c76

 > >         * #18162 (difficult-to-trigger heap corruption attack for
 enormous smartlists)

 c2fd6484, bca7083e

 > >         * #18089 (runtime error calling memwipe(NULL) when built with
 hardened)

 db815653, e2efa9e3

 > >         * #17675 (avoid sandbox error when using offline ed25519 relay
 identity keys)

 2cbaf39a

 > Build issues with weird platforms (we might want to backport these if
 the patches look easy):
 >
 > >         * #19213 (build problems on mingw-w64)

 5854b198

 > >         * #18490 (unit-test fail to cross-compile for aarch64)

 1a065cea

 > >         * #14821 (let hardened builds work when built with clang)

 67e5d49d

 > >         * #17923 (configure.ac mistake means we don't find
 in6_addr.s6_addr32)

 d0c209c5

 > >         * #17819 (fix compile on netbsd 6.x)

 33b5bfb9

 > >         * #17827 (freebsd compile fix)

 07cca627, e0aa4f83, 784e9fff (maybe we skip this one because it is messy?)

 > >         * #17818, 01a9575ad0, 670affa7 (support ancient automake
 versions)

 670affa7, 01a9575a, ff843ed3, 254d63da (maybe we skip this one because it
 is messy?)

 > Crashes, probably should backport:
 >
 > * #18710 (assert on surprising input to local DNSPort)

 0ca3f495

 > * #19152 (difficult-to-trigger crash when openssl runs out of memory)

 c4c4380a

 > * #20384 (prevent remote crash)

 3cea86eb

 And, there is also a mystery commit:

 7d1fe7c9: "Try to fix address tests on FreeBSD", which says "Bugfix not on
 any released Tor" despite being a commit on release-0.2.7. What's the
 story there: is it a bugfix on 0.2.7.6 or not?

 And lastly, let's not forget to update the GeoIP file(s) while we're
 there!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20512#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list