[tor-commits] [tor/release-0.2.8] Fold new entries into 0.2.8.3-alpha changelog.

nickm at torproject.org nickm at torproject.org
Wed May 25 14:29:19 UTC 2016


commit 693e48a5a4dc0bd537e00134606268b6b91afce0
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed May 25 10:29:15 2016 -0400

    Fold new entries into 0.2.8.3-alpha changelog.
---
 ChangeLog                | 22 +++++++++++++++++++++-
 changes/bug19161         |  3 ---
 changes/memarea_overflow |  7 -------
 changes/rsa_init_bug     |  7 -------
 4 files changed, 21 insertions(+), 18 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c2c2821..04794e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,4 @@
-Changes in version 0.2.8.3-alpha - 2016-05-??
+Changes in version 0.2.8.3-alpha - 2016-05-2?
   Tor 0.2.8.3-alpha resolves several bugs, most of them introduced over
   the course of the 0.2.8 development cycle. It improves the behavior of
   directory clients, fixes several crash bugs, fixes a gap in compiler
@@ -51,6 +51,15 @@ Changes in version 0.2.8.3-alpha - 2016-05-??
       IPv6 bridges. Fixes bug 18921; bugfix on 0.2.8.1-alpha. Patch
       by "teor".
 
+  o Major bugfixes (key management):
+    - If OpenSSL fails to generate an RSA key, do not retain a dangling
+      pointer to the previous (uninitialized) key value. The impact here
+      should be limited to a difficult-to-trigger crash, if OpenSSL is
+      running an engine that makes key generation failures possible, or
+      if OpenSSL runs out of memory. Fixes bug 19152; bugfix on
+      0.2.1.10-alpha. Found by Yuan Jochen Kang, Suman Jana, and
+      Baishakhi Ray.
+
   o Major bugfixes (testing):
     - Fix a bug that would block 'make test-network-all' on systems where
       IPv6 packets were lost. Fixes bug 19008; bugfix on tor-0.2.7.3-rc.
@@ -89,6 +98,9 @@ Changes in version 0.2.8.3-alpha - 2016-05-??
     - Resolve warnings when building on systems that are concerned with
       signed char. Fixes bug 18728; bugfix on 0.2.7.2-alpha
       and 0.2.6.1-alpha.
+    - When libscrypt.h is found, but no libscrypt library can be linked,
+      treat libscrypt as absent. Fixes bug 19161; bugfix
+      on 0.2.6.1-alpha.
 
   o Minor bugfixes (client):
     - Turn all TestingClientBootstrap* into non-testing torrc options.
@@ -134,6 +146,14 @@ Changes in version 0.2.8.3-alpha - 2016-05-??
       to terminate a pluggable transport because it has already exited.
       Fixes bug 18686; bugfix on 0.2.5.5-alpha.
 
+  o Minor bugfixes (pointer arithmetic):
+    - Fix a bug in memarea_alloc() that could have resulted in remote
+      heap write access, if Tor had ever passed an unchecked size to
+      memarea_alloc(). Fortunately, all the sizes we pass to
+      memarea_alloc() are pre-checked to be less than 128 kilobytes.
+      Fixes bug 19150; bugfix on 0.2.1.1-alpha. Bug found by
+      Guido Vranken.
+
   o Minor bugfixes (relays):
     - Consider more config options when relays decide whether to
       regenerate their descriptor. Fixes more of bug 12538; bugfix
diff --git a/changes/bug19161 b/changes/bug19161
deleted file mode 100644
index 78c2165..0000000
--- a/changes/bug19161
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (compilation):
-    - When libscrypt.h is found, but no libscrypt library can be linked,
-      treat libscrypt as absent. Fixes bug 19161; bugfix on 0.2.6.1-alpha.
diff --git a/changes/memarea_overflow b/changes/memarea_overflow
deleted file mode 100644
index 8fdc38c..0000000
--- a/changes/memarea_overflow
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (pointer arithmetic):
-    - Fix a bug in memarea_alloc() that could have resulted in remote heap
-      write access, if Tor had ever passed an unchecked size to
-      memarea_alloc().  Fortunately, all the sizes we pass to memarea_alloc()
-      are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix
-      on 0.2.1.1-alpha. Bug found by Guido Vranken.
-
diff --git a/changes/rsa_init_bug b/changes/rsa_init_bug
deleted file mode 100644
index 6b5fb4f..0000000
--- a/changes/rsa_init_bug
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major bugfixes (key management):
-    - If OpenSSL fails to generate an RSA key, do not retain a dangling pointer
-      to the previous (uninitialized) key value. The impact here should be
-      limited to a difficult-to-trigger crash, if OpenSSL is running an
-      engine that makes key generation failures possible, or if OpenSSL runs
-      out of memory. Fixes bug 19152; bugfix on 0.2.1.10-alpha. Found by
-      Yuan Jochen Kang, Suman Jana, and Baishakhi Ray.



More information about the tor-commits mailing list