[tor-commits] [tor/release-0.2.4] Start on an 0.2.4.14-alpha changelog
nickm at torproject.org
nickm at torproject.org
Tue Jun 18 14:53:46 UTC 2013
commit ce168e78009d7aab21254e8dc976573bd2bb2701
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue Jun 18 10:33:14 2013 -0400
Start on an 0.2.4.14-alpha changelog
---
ChangeLog | 24 ++++++++++++++++++++++++
changes/bug9002 | 4 ----
changes/bug9063_redux | 15 ---------------
changes/bug9072 | 3 ---
4 files changed, 24 insertions(+), 22 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 333213d..266a1cc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,27 @@
+Changes in version 0.2.4.14-alpha - 2013-06-18
+ Tor 0.2.4.13-alpha fixes a pair of client guard enumeration problems
+ present in 0.2.4.13-alpha.
+
+ o Major bugfixes:
+ - When we have too much memory queued in circuits (according to a new
+ MaxMemInCellQueues option), close the circuits consuming the most
+ memory. This prevents us from running out of memory as a relay if
+ circuits fill up faster than they can be drained. Fixes
+ bug 9063; bugfix on the 54th commit of Tor. This bug is a further
+ fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc.
+
+ This change also fixes an earlier approach taken in 0.2.4.13-alpha,
+ where we tried to solve this issue simply by imposing an upper limit on
+ the number of queued cells for a single circuit. That approach proved
+ to be problematic, since there are ways to provoke clients to send a
+ number of cells in excess of any such reasonable limit. Fixes bug
+ 9072; bugfix on 0.2.4.13-alpha.
+
+ - Limit hidden service descriptors to at most ten introduction
+ points, to slow one kind of guard enumeration. Fixes bug 9002;
+ bugfix on 0.1.1.11-alpha.
+
+
Changes in version 0.2.4.13-alpha - 2013-06-14
Tor 0.2.4.13-alpha fixes a variety of potential remote crash
vulnerabilities, makes socks5 username/password circuit isolation
diff --git a/changes/bug9002 b/changes/bug9002
deleted file mode 100644
index c41ace3..0000000
--- a/changes/bug9002
+++ /dev/null
@@ -1,4 +0,0 @@
- o Major bugfixes:
- - Limit hidden service descriptors to at most ten introduction
- points, to slow one kind of guard enumeration. Fixes bug 9002;
- bugfix on 0.1.1.11-alpha.
diff --git a/changes/bug9063_redux b/changes/bug9063_redux
deleted file mode 100644
index e6fae72..0000000
--- a/changes/bug9063_redux
+++ /dev/null
@@ -1,15 +0,0 @@
- o Major bugfixes:
- - When we have too much memory queued in circuits (according to a new
- MaxMemInCellQueues option), close the circuits consuming the most
- memory. This prevents us from running out of memory as a relay if
- circuits fill up faster than they can be drained. Fixes
- bug 9063; bugfix on the 54th commit of Tor. This bug is a further
- fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc.
-
- Also fixes an earlier approach taken in 0.2.4.13-alpha, where we
- tried to solve this issue simply by imposing an upper limit on the
- number of queued cells for a single circuit. That approach proved to
- be problematic, since there are ways to provoke clients to send a
- number of cells in excess of any such reasonable limit.
- Fixes bug 9072; bugfix on 0.2.4.13-alpha.
-
diff --git a/changes/bug9072 b/changes/bug9072
deleted file mode 100644
index e594a38..0000000
--- a/changes/bug9072
+++ /dev/null
@@ -1,3 +0,0 @@
- o Critical bugfixes:
- - Disable middle relay queue overfill detection code due to possible
- guard discovery attack, pending further analysis. Fixes bug #9072.
More information about the tor-commits
mailing list