[tor-commits] [tor/release-0.2.3] Draft blurb for 0.2.3.24-rc; guess a release date

[nickm at torproject.org]

commit f684ac4fc29af4730d3495622340f7bf2dd69584
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Oct 25 10:28:08 2012 -0400

    Draft blurb for 0.2.3.24-rc; guess a release date
---
 ChangeLog |   15 +++++++++++++--
 1 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 39d6e4b..fbeb6d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,20 @@
-Changes in version 0.2.3.24-rc - 2012-10-2?
-  o Major bugfixes:
+Changes in version 0.2.3.24-rc - 2012-10-25
+  Tor 0.2.3.24-rc fixes two important security vulnerabilities that
+  could lead to remotely triggerable relay crashes, and fixes
+  a major bug that was preventing clients from choosing good exit
+  nodes.
+
+  o Major bugfixes (security):
+    - Fix a group of remotely triggerable assertion failures related to
+      incorrect link protocol negotiation. Found, diagnosed, and fixed
+      by "some guy from France." Fix for CVE-2012-2250; bugfix on
+      0.2.3.6-alpha.
     - Fix a denial of service attack by which any directory authority
       could crash all the others, or by which a single v2 directory
       authority could crash everybody downloading v2 directory
       information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
+
+  o Major bugfixes:
     - When parsing exit policy summaries from microdescriptors, we had
       previously been ignoring the last character in each one, so that
       "accept 80,443,8080" would be treated by clients as indicating