[tor-commits] [tor/release-0.2.2] schedule tomorrow as the 0.2.2.37 release day
arma at torproject.org
arma at torproject.org
Tue Jun 5 22:51:04 UTC 2012
commit c450e524860e23014da250bad88b476d0d540ff9
Author: Roger Dingledine <arma at torproject.org>
Date: Tue Jun 5 18:50:29 2012 -0400
schedule tomorrow as the 0.2.2.37 release day
---
ChangeLog | 27 +++++++++++++++++++++++++++
changes/bug5283 | 6 ------
changes/bug5969_022 | 7 -------
changes/bug6007 | 5 -----
changes/bug6033 | 6 ------
5 files changed, 27 insertions(+), 24 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 2150587..78bccbb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,30 @@
+Changes in version 0.2.2.37 - 2012-06-06
+ Tor 0.2.2.37 introduces a workaround for a critical renegotiation
+ bug in OpenSSL 1.0.1 (where 20% of the Tor network can't talk to itself
+ currently).
+
+ o Major bugfixes:
+ - Work around a bug in OpenSSL that broke renegotiation with TLS
+ 1.1 and TLS 1.2. Without this workaround, all attempts to speak
+ the v2 Tor connection protocol when both sides were using OpenSSL
+ 1.0.1 would fail. Resolves ticket 6033.
+ - When waiting for a client to renegotiate, don't allow it to add
+ any bytes to the input buffer. This fixes a potential DoS issue.
+ Fixes bugs 5934 and 6007; bugfix on 0.2.0.20-rc.
+ - Fix an edge case where if we fetch or publish a hidden service
+ descriptor, we might build a 4-hop circuit and then use that circuit
+ for exiting afterwards -- even if the new last hop doesn't obey our
+ ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
+
+ o Minor bugfixes:
+ - Fix a build warning with Clang 3.1 related to our use of vasprint.
+ Fixes bug 5969. Bugfix on 0.2.2.11-alpha.
+
+ o Minor features:
+ - Tell GCC and Clang to check for any errors in format strings passed
+ to the tor_v*(print|scan)f functions.
+
+
Changes in version 0.2.2.36 - 2012-05-24
Tor 0.2.2.36 updates the addresses for two of the eight directory
authorities, fixes some potential anonymity and security issues,
diff --git a/changes/bug5283 b/changes/bug5283
deleted file mode 100644
index f0325cf..0000000
--- a/changes/bug5283
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - Fix an edge case where if we fetch or publish a hidden service
- descriptor, we might build a 4-hop circuit and then use that circuit
- for exiting afterwards -- even if the new last hop doesn't obey our
- ExitNodes config option. Fixes bug 5283; bugfix on 0.2.0.10-alpha.
-
diff --git a/changes/bug5969_022 b/changes/bug5969_022
deleted file mode 100644
index 57c8744..0000000
--- a/changes/bug5969_022
+++ /dev/null
@@ -1,7 +0,0 @@
- o Minor bugfixes
- - Fix a build warning with Clang 3.1 related to our use of vasprint.
- Fix for bug 5969. Bugfix on 0.2.2.11-alpha.
-
- o Compilation improvements:
- - Tell GCC and Clang to check for any errors in format strings passed
- to the tor_v*(print|scan)f functions.
diff --git a/changes/bug6007 b/changes/bug6007
deleted file mode 100644
index 4e81575..0000000
--- a/changes/bug6007
+++ /dev/null
@@ -1,5 +0,0 @@
- o Major bugfixes (security):
- - When waiting for a client to renegotiate, don't allow it to add
- any bytes to the input buffer. This fixes a DoS issue. Fix for
- bugs 6007 and 5934; bugfix on 0.2.0.20-rc.
-
diff --git a/changes/bug6033 b/changes/bug6033
deleted file mode 100644
index 56cffd6..0000000
--- a/changes/bug6033
+++ /dev/null
@@ -1,6 +0,0 @@
- o Major bugfixes:
- - Work around a bug in OpenSSL that broke renegotiation with
- TLS 1.1 and TLS 1.2. Without this workaround, all attempts
- to speak the v2 Tor network protocol when both sides were
- using OpenSSL 1.0.1 would fail. Fix for bug 6033, which is
- not a bug in Tor.
More information about the tor-commits
mailing list