[tor-commits] [tor/master] Fold 20384 into changelog

[nickm at torproject.org]

commit 52b2b2c82f304629eb1128ed46fdd6edeba7eb67
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Oct 17 14:55:05 2016 -0400

    Fold 20384 into changelog
---
 ChangeLog            | 30 +++++++++++++++++++++++-------
 changes/buf-sentinel | 11 -----------
 2 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5bf4ebd..aa9aace 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,11 +1,27 @@
 Changes in version 0.2.9.4-alpha - 2016-10-17
-  Tor 0.2.9.4-alpha adds numerous small features and fix-ups to previous
-  versions of Tor, including the implementation of a feature to future-
-  proof the Tor ecosystem against protocol changes, some bug fixes
-  necessary for Tor Browser to use unix domain sockets correctly, and
-  several portability improvements. We anticipate that this will be the
-  last alpha in the Tor 0.2.9 series, and that the next release will be
-  a release candidate.
+  Tor 0.2.9.4-alpha fixes a security hole in previous versions of Tor
+  that would allow a remote attacker to crash a Tor client, hidden
+  service, relay, or authority. All Tor users should upgrade to this
+  version, or to 0.2.8.9. Patches will be released for older versions
+  of Tor.
+
+  Tor 0.2.9.4-alpha also adds numerous small features and fix-ups to
+  previous versions of Tor, including the implementation of a feature to
+  future- proof the Tor ecosystem against protocol changes, some bug
+  fixes necessary for Tor Browser to use unix domain sockets correctly,
+  and several portability improvements. We anticipate that this will be
+  the last alpha in the Tor 0.2.9 series, and that the next release will
+  be a release candidate.
+
+  o Major features (security fixes):
+    - Prevent a class of security bugs caused by treating the contents
+      of a buffer chunk as if they were a NUL-terminated string. At
+      least one such bug seems to be present in all currently used
+      versions of Tor, and would allow an attacker to remotely crash
+      most Tor instances, especially those compiled with extra compiler
+      hardening. With this defense in place, such bugs can't crash Tor,
+      though we should still fix them as they occur. Closes ticket
+      20384 (TROVE-2016-10-001).
 
   o Major features (subprotocol versions):
     - Tor directory authorities now vote on a set of recommended
diff --git a/changes/buf-sentinel b/changes/buf-sentinel
deleted file mode 100644
index 7c5b829..0000000
--- a/changes/buf-sentinel
+++ /dev/null
@@ -1,11 +0,0 @@
-  o Major features (security fixes):
-
-    - Prevent a class of security bugs caused by treating the contents
-      of a buffer chunk as if they were a NUL-terminated string.  At
-      least one such bug seems to be present in all currently used
-      versions of Tor, and would allow an attacker to remotely crash
-      most Tor instances, especially those compiled with extra compiler
-      hardening. With this defense in place, such bugs can't crash Tor,
-      though we should still fix them as they occur. Closes ticket 20384
-      (TROVE-2016-10-001).
-