[tor-commits] [tor/master] Fold in changelog item; draft blurb for 0.2.4.5-alpha

nickm at torproject.org nickm at torproject.org
Thu Oct 25 14:32:23 UTC 2012 

commit b6e0236fa20d001ba3f940caf37b5434bf76401a
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Oct 25 10:32:20 2012 -0400

    Fold in changelog item; draft blurb for 0.2.4.5-alpha
---
 ChangeLog                       |   26 ++++++++++++++++++--------
 changes/link_negotiation_assert |    6 ------
 2 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index f312b22..1a55d47 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,20 @@
 Changes in version 0.2.4.5-alpha - 2012-10-2?
-  o Major bugfixes (also in 0.2.3.24-rc):
+  Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two
+  important security vulnerabilities that could lead to remotely
+  triggerable relay crashes, fixes a major bug that was preventing
+  clients from choosing good exit nodes, and refactor some of our code.
+
+  o Major bugfixes (security, also in 0.2.3.24-rc):
+    - Fix a group of remotely triggerable assertion failures related to
+      incorrect link protocol negotiation. Found, diagnosed, and fixed
+      by "some guy from France." Fix for CVE-2012-2250; bugfix on
+      0.2.3.6-alpha.
     - Fix a denial of service attack by which any directory authority
       could crash all the others, or by which a single v2 directory
       authority could crash everybody downloading v2 directory
       information. Fixes bug 7191; bugfix on 0.2.0.10-alpha.
+
+  o Major bugfixes (also in 0.2.3.24-rc):
     - When parsing exit policy summaries from microdescriptors, we had
       previously been ignoring the last character in each one, so that
       "accept 80,443,8080" would be treated by clients as indicating
@@ -19,18 +30,17 @@ Changes in version 0.2.4.5-alpha - 2012-10-2?
       an exit relay would allow exiting to an internal address. Fixes
       bug 7190; bugfix on 0.2.3.1-alpha.
 
-  o Code simplification and refactoring:
-    - Start using OpenBSD's implementation of queue.h (originally by Niels
-      Provos).
-    - Move the entry node code from circuitbuild.c to its own file.
-    - Move the circuit build timeout tracking code from circuitbuild.c
-      to its own file.
-
   o Minor bugfixes:
     - Only disable TLS session ticket support when running as a TLS
       server. This keeps clients harder to distinguish from regular firefox
       connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
 
+  o Code simplification and refactoring:
+    - Start using OpenBSD's implementation of queue.h (originally by
+      Niels Provos).
+    - Move the entry node code from circuitbuild.c to its own file.
+    - Move the circuit build timeout tracking code from circuitbuild.c
+      to its own file.
 
 
 Changes in version 0.2.4.4-alpha - 2012-10-20
diff --git a/changes/link_negotiation_assert b/changes/link_negotiation_assert
deleted file mode 100644
index 398a545..0000000
--- a/changes/link_negotiation_assert
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixs (security):
-    - Fix a group of remotely triggerable assertion failures related to
-      incorrect link protocol negotiation. Found, diagnosed, and fixed
-      by "some guy from France." Fix for CVE-2012-2250; bugfix on
-      0.2.3.6-alpha.
-

More information about the tor-commits mailing list