[tor-commits] [tor/master] forwardport the changelog for 0.2.7.4-rc
nickm at torproject.org
nickm at torproject.org
Wed Oct 21 19:34:33 UTC 2015
commit bebf6c6c676e9d8df73743b2619bda23a59c54df
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Oct 21 15:34:30 2015 -0400
forwardport the changelog for 0.2.7.4-rc
---
ChangeLog | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 68 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 46005a9..4c4d014 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,71 @@
+Changes in version 0.2.7.4-rc - 2015-10-21
+ Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
+ fixes some important memory leaks, and a scary-looking (but mostly
+ harmless in practice) invalid-read bug. It also has a few small
+ bugfixes, notably fixes for compilation and portability on different
+ platforms. If no further significant bounds are found, the next
+ release will the the official stable release.
+
+ o Major bugfixes (security, correctness):
+ - Fix an error that could cause us to read 4 bytes before the
+ beginning of an openssl string. This bug could be used to cause
+ Tor to crash on systems with unusual malloc implementations, or
+ systems with unusual hardening installed. Fixes bug 17404; bugfix
+ on 0.2.3.6-alpha.
+
+ o Major bugfixes (correctness):
+ - Fix a use-after-free bug in validate_intro_point_failure(). Fixes
+ bug 17401; bugfix on 0.2.7.3-rc.
+
+ o Major bugfixes (memory leaks):
+ - Fix a memory leak in ed25519 batch signature checking. Fixes bug
+ 17398; bugfix on 0.2.6.1-alpha.
+ - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
+ 17402; bugfix on 0.2.7.3-rc.
+ - Fix a memory leak when reading an expired signing key from disk.
+ Fixes bug 17403; bugfix on 0.2.7.2-rc.
+
+ o Minor features (geoIP):
+ - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
+ Country database.
+
+ o Minor bugfixes (compilation):
+ - Repair compilation with the most recent (unreleased, alpha)
+ vesions of OpenSSL 1.1. Fixes part of ticket 17237.
+ - Fix an integer overflow warning in test_crypto_slow.c. Fixes bug
+ 17251; bugfix on 0.2.7.2-alpha.
+ - Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
+ bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
+
+ o Minor bugfixes (portability):
+ - Use libexecinfo on FreeBSD to enable backtrace support. Fixes
+ part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from
+ Marcin Cieślak.
+
+ o Minor bugfixes (sandbox):
+ - Add the "hidserv-stats" filename to our sandbox filter for the
+ HiddenServiceStatistics option to work properly. Fixes bug 17354;
+ bugfix on tor-0.2.6.2-alpha. Patch from David Goulet.
+
+ o Minor bugfixes (testing):
+ - Add unit tests for get_interface_address* failure cases. Fixes bug
+ 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor.
+ - Fix breakage when running 'make check' with BSD make. Fixes bug
+ 17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
+ - Make the get_ifaddrs_* unit tests more tolerant of different
+ network configurations. (Don't assume every test box has an IPv4
+ address, and don't assume every test box has a non-localhost
+ address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor".
+ - Skip backtrace tests when backtrace support is not compiled in.
+ Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from
+ Marcin Cieślak.
+
+ o Documentation:
+ - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
+ - Note that HiddenServicePorts can take a unix domain socket. Closes
+ ticket 17364.
+
+
Changes in version 0.2.7.3-rc - 2015-09-25
Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
contains numerous usability fixes for Ed25519 keys, safeguards against
More information about the tor-commits
mailing list