[tor-commits] [tor/master] forward-port the 0.2.2.38 changelog
arma at torproject.org
arma at torproject.org
Mon Aug 13 04:36:44 UTC 2012
commit 37d19fdfcd4bc82da3276c18b616e7c64ca0c6ab
Author: Roger Dingledine <arma at torproject.org>
Date: Mon Aug 13 00:35:37 2012 -0400
forward-port the 0.2.2.38 changelog
---
ChangeLog | 25 +++++++++++++++++++++++++
ReleaseNotes | 25 +++++++++++++++++++++++++
2 files changed, 50 insertions(+), 0 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 5f985e9..896fc70 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,28 @@
+Changes in version 0.2.2.38 - 2012-08-12
+ Tor 0.2.2.38 fixes a rare race condition that can crash exit relays;
+ fixes a remotely triggerable crash bug; and fixes a timing attack that
+ could in theory leak path information.
+
+ o Security fixes:
+ - Avoid read-from-freed-memory and double-free bugs that could occur
+ when a DNS request fails while launching it. Fixes bug 6480;
+ bugfix on 0.2.0.1-alpha.
+ - Avoid an uninitialized memory read when reading a vote or consensus
+ document that has an unrecognized flavor name. This read could
+ lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.
+ - Try to leak less information about what relays a client is
+ choosing to a side-channel attacker. Previously, a Tor client would
+ stop iterating through the list of available relays as soon as it
+ had chosen one, thus finishing a little earlier when it picked
+ a router earlier in the list. If an attacker can recover this
+ timing information (nontrivial but not proven to be impossible),
+ they could learn some coarse-grained information about which relays
+ a client was picking (middle nodes in particular are likelier to
+ be affected than exits). The timing attack might be mitigated by
+ other factors (see bug 6537 for some discussion), but it's best
+ not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
+
+
Changes in version 0.2.3.20-rc - 2012-08-05
Tor 0.2.3.20-rc is the third release candidate for the Tor 0.2.3.x
series. It fixes a pair of code security bugs and a potential anonymity
diff --git a/ReleaseNotes b/ReleaseNotes
index 93e38fa..e9f6055 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -3,6 +3,31 @@ This document summarizes new features and bugfixes in each stable release
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.2.38 - 2012-08-12
+ Tor 0.2.2.38 fixes a rare race condition that can crash exit relays;
+ fixes a remotely triggerable crash bug; and fixes a timing attack that
+ could in theory leak path information.
+
+ o Security fixes:
+ - Avoid read-from-freed-memory and double-free bugs that could occur
+ when a DNS request fails while launching it. Fixes bug 6480;
+ bugfix on 0.2.0.1-alpha.
+ - Avoid an uninitialized memory read when reading a vote or consensus
+ document that has an unrecognized flavor name. This read could
+ lead to a remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.
+ - Try to leak less information about what relays a client is
+ choosing to a side-channel attacker. Previously, a Tor client would
+ stop iterating through the list of available relays as soon as it
+ had chosen one, thus finishing a little earlier when it picked
+ a router earlier in the list. If an attacker can recover this
+ timing information (nontrivial but not proven to be impossible),
+ they could learn some coarse-grained information about which relays
+ a client was picking (middle nodes in particular are likelier to
+ be affected than exits). The timing attack might be mitigated by
+ other factors (see bug 6537 for some discussion), but it's best
+ not to take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
+
+
Changes in version 0.2.2.37 - 2012-06-06
Tor 0.2.2.37 introduces a workaround for a critical renegotiation
bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
More information about the tor-commits
mailing list