[tor-commits] [tor/release-0.2.9] start assembling changelog for 0.2.9.12

nickm at torproject.org nickm at torproject.org
Thu Sep 14 17:13:23 UTC 2017


commit f96dc77b06413c96bc5cd5400a33f513db280979
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Sep 14 13:13:18 2017 -0400

    start assembling changelog for 0.2.9.12
---
 ChangeLog                   | 123 ++++++++++++++++++++++++++++++++++++++++++++
 changes/bug15582            |   4 --
 changes/bug18100            |   5 --
 changes/bug19025            |   4 --
 changes/bug20059            |   3 --
 changes/bug20247            |   4 --
 changes/bug21507            |   5 --
 changes/bug21576            |   4 --
 changes/bug22245            |   5 --
 changes/bug22446            |   4 --
 changes/bug22516            |   5 --
 changes/bug22636            |   8 ---
 changes/bug22644            |   5 --
 changes/bug22737            |  12 -----
 changes/bug22789            |   7 ---
 changes/bug22797            |   4 --
 changes/bug22801            |   5 --
 changes/bug22838_028        |   5 --
 changes/bug22915            |   3 --
 changes/bug22916_027        |   3 --
 changes/bug23030_029        |   7 ---
 changes/geoip-august2017    |   4 --
 changes/geoip-july2017      |   4 --
 changes/geoip-june2017      |   4 --
 changes/geoip-september2017 |   4 --
 changes/ticket19769         |   7 ---
 26 files changed, 123 insertions(+), 125 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 37e7dedca..448e4d612 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,126 @@
+Changes in version 0.2.9.12 - 2017-09-18
+  BLURB
+
+  o Major features (security, backport from 0.3.0.2-alpha):
+    - Change the algorithm used to decide DNS TTLs on client and server
+      side, to better resist DNS-based correlation attacks like the
+      DefecTor attack of Greschbach, Pulls, Roberts, Winter, and
+      Feamster. Now relays only return one of two possible DNS TTL
+      values, and clients are willing to believe DNS TTL values up to 3
+      hours long. Closes ticket 19769.
+
+  o Major bugfixes (crash, directory connections, backport from 0.3.0.5-rc):
+    - Fix a rare crash when sending a begin cell on a circuit whose
+      linked directory connection had already been closed. Fixes bug
+      21576; bugfix on 0.2.9.3-alpha. Reported by Alec Muffett.
+
+  o Major bugfixes (DNS, backport from 0.3.0.2-alpha):
+    - Fix a bug that prevented exit nodes from caching DNS records for
+      more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
+
+  o Major bugfixes (linux TPROXY support, backport from 0.3.1.1-alpha):
+    - Fix a typo that had prevented TPROXY-based transparent proxying
+      from working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
+      Patch from "d4fq0fQAgoJ".
+
+  o Major bugfixes (openbsd, denial-of-service, backport from 0.3.1.5-alpha):
+    - Avoid an assertion failure bug affecting our implementation of
+      inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
+      handling of "0xfoo" differs from what we had expected. Fixes bug
+      22789; bugfix on 0.2.3.8-alpha. Also tracked as TROVE-2017-007.
+
+  o Minor features (code style, backport from 0.3.1.3-alpha):
+    - Add "Falls through" comments to our codebase, in order to silence
+      GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
+      Stieger. Closes ticket 22446.
+
+  o Minor features (geoip):
+    - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
+      Country database.
+
+  o Minor bugfixes (bandwidth accounting, backport from 0.3.1.1-alpha):
+    - Roll over monthly accounting at the configured hour and minute,
+      rather than always at 00:00. Fixes bug 22245; bugfix on 0.0.9rc1.
+      Found by Andrey Karpov with PVS-Studio.
+
+  o Minor bugfixes (compilation, backport from 0.3.1.5-alpha):
+    - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
+      bugfix on 0.2.8.1-alpha.
+    - Fix warnings when building with libscrypt and openssl scrypt support
+      on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
+    - When building with certain versions the mingw C header files, avoid
+      float-conversion warnings when calling the C functions isfinite(),
+      isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
+
+  o Minor bugfixes (compilation, backport from 0.3.1.7):
+    - Avoid compiler warnings in the unit tests for running tor_sscanf()
+      with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
+
+  o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
+    - Backport a fix for an "unused variable" warning that appeared
+      in some versions of mingw. Fixes bug 22838; bugfix on
+      0.2.8.1-alpha.
+
+  o Minor bugfixes (controller, backport from 0.3.1.7):
+    - Do not crash when receiving a HSPOST command with an empty body.
+      Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
+    - Do not crash when receiving a POSTDESCRIPTOR command with an
+      empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
+
+  o Minor bugfixes (coverity build support, backport from 0.3.1.5-alpha):
+    - Avoid Coverity build warnings related to our BUG() macro. By
+      default, Coverity treats BUG() as the Linux kernel does: an
+      instant abort(). We need to override that so our BUG() macro
+      doesn't prevent Coverity from analyzing functions that use it.
+      Fixes bug 23030; bugfix on 0.2.9.1-alpha.
+
+  o Minor bugfixes (defensive programming, undefined behavior, backport from 0.3.1.4-alpha):
+    - Fix a memset() off the end of an array when packing cells. This
+      bug should be harmless in practice, since the corrupted bytes are
+      still in the same structure, and are always padding bytes,
+      ignored, or immediately overwritten, depending on compiler
+      behavior. Nevertheless, because the memset()'s purpose is to make
+      sure that any other cell-handling bugs can't expose bytes to the
+      network, we need to fix it. Fixes bug 22737; bugfix on
+      0.2.4.11-alpha. Fixes CID 1401591.
+
+  o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
+    - When setting the maximum number of connections allowed by the OS,
+      always allow some extra file descriptors for other files. Fixes
+      bug 22797; bugfix on 0.2.0.10-alpha.
+
+  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.5-alpha):
+    - Avoid a sandbox failure when trying to re-bind to a socket and
+      mark it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
+
+  o Minor bugfixes (linux seccomp2 sandbox, backport from 0.3.1.4-alpha):
+    - Permit the fchmod system call, to avoid crashing on startup when
+      starting with the seccomp2 sandbox and an unexpected set of
+      permissions on the data directory or its contents. Fixes bug
+      22516; bugfix on 0.2.5.4-alpha.
+
+  o Minor bugfixes (relay, backport from 0.3.0.5-rc):
+    - Avoid a double-marked-circuit warning that could happen when we
+      receive DESTROY cells under heavy load. Fixes bug 20059; bugfix
+      on 0.1.0.1-rc.
+
+  o Minor bugfixes (voting consistency, backport from 0.3.1.1-alpha):
+    - Reject version numbers with non-numeric prefixes (such as +, -, or
+      whitespace). Disallowing whitespace prevents differential version
+      parsing between POSIX-based and Windows platforms. Fixes bug 21507
+      and part of 21508; bugfix on 0.0.8pre1.
+
+  o Build features:
+    - Tor's repository now includes a Travis Continuous Integration (CI)
+      configuration file (.travis.yml). This is meant to help new
+      developers and contributors who fork Tor to a Github repository be
+      better able to test their changes, and understand what we expect
+      to pass. To use this new build feature, you must fork Tor to your
+      Github account, then go into the "Integrations" menu in the
+      repository settings for your fork and enable Travis, then push
+      your changes. Closes ticket 22636.
+
+
 Changes in version 0.2.9.11 - 2017-06-08
   Tor 0.2.9.11 backports a fix for a bug that would allow an attacker to
   remotely crash a hidden service with an assertion failure. Anyone
diff --git a/changes/bug15582 b/changes/bug15582
deleted file mode 100644
index 5ea6431cf..000000000
--- a/changes/bug15582
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (compilation):
-    - Avoid compiler warnings in the unit tests for running tor_sscanf()
-      with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
-
diff --git a/changes/bug18100 b/changes/bug18100
deleted file mode 100644
index cd3ba2c97..000000000
--- a/changes/bug18100
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (linux TPROXY support):
-    - Fix a typo that had prevented TPROXY-based transparent proxying from
-      working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
-      Patch from "d4fq0fQAgoJ".
-
diff --git a/changes/bug19025 b/changes/bug19025
deleted file mode 100644
index 0f365f52b..000000000
--- a/changes/bug19025
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes (DNS):
-    - Fix a bug that prevented exit nodes from caching DNS records for more
-      than 60 seconds.
-      Fixes bug 19025; bugfix on 0.2.4.7-alpha.
diff --git a/changes/bug20059 b/changes/bug20059
deleted file mode 100644
index 091fab06d..000000000
--- a/changes/bug20059
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (relay):
-    - Avoid a double-marked-circuit warning that can happen when we receive
-      DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc.
diff --git a/changes/bug20247 b/changes/bug20247
deleted file mode 100644
index 731cf0046..000000000
--- a/changes/bug20247
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (linux seccomp2 sandbox):
-    - Avoid a sandbox failure when trying to re-bind to a socket and mark
-      it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
-
diff --git a/changes/bug21507 b/changes/bug21507
deleted file mode 100644
index f83e291b6..000000000
--- a/changes/bug21507
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (voting consistency):
-    - Reject version numbers with non-numeric prefixes (such as +, -, and
-      whitespace). Disallowing whitespace prevents differential version
-      parsing between POSIX-based and Windows platforms.
-      Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
diff --git a/changes/bug21576 b/changes/bug21576
deleted file mode 100644
index 68d847119..000000000
--- a/changes/bug21576
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Major bugfixes (crash, directory connections):
-    - Fix a rare crash when sending a begin cell on a circuit whose linked
-      directory connection has already been closed. Fixes bug 21576;
-      bugfix on Tor 0.2.9.3-alpha. Reported by alecmuffett.
diff --git a/changes/bug22245 b/changes/bug22245
deleted file mode 100644
index 6ae18593e..000000000
--- a/changes/bug22245
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (bandwidth accounting):
-    - Roll over monthly accounting at the configured hour and minute,
-      rather than always at 00:00.
-      Fixes bug 22245; bugfix on 0.0.9rc1.
-      Found by Andrey Karpov with PVS-Studio.
diff --git a/changes/bug22446 b/changes/bug22446
deleted file mode 100644
index eab65aac0..000000000
--- a/changes/bug22446
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features (code style, backport from 0.3.1.3-alpha):
-    - Add "Falls through" comments to our codebase, in order to silence
-      GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
-      Stieger. Closes ticket 22446.
diff --git a/changes/bug22516 b/changes/bug22516
deleted file mode 100644
index f024a3c47..000000000
--- a/changes/bug22516
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (linux seccomp2 sandbox):
-    - Permit the fchmod system call, to avoid crashing on startup when
-      starting with the seccomp2 sandbox and an unexpected set of permissions
-      on the data directory or its contents. Fixes bug 22516; bugfix on
-      0.2.5.4-alpha.
diff --git a/changes/bug22636 b/changes/bug22636
deleted file mode 100644
index 770cac72e..000000000
--- a/changes/bug22636
+++ /dev/null
@@ -1,8 +0,0 @@
- o Build features:
-   - Tor's repository now includes a Travis Continuous Integration (CI)
-     configuration file (.travis.yml). This is meant to help new developers and
-     contributors who fork Tor to a Github repository be better able to test
-     their changes, and understand what we expect to pass. To use this new build
-     feature, you must fork Tor to your Github account, then go into the
-     "Integrations" menu in the repository settings for your fork and enable
-     Travis, then push your changes.
diff --git a/changes/bug22644 b/changes/bug22644
deleted file mode 100644
index 9b8742eda..000000000
--- a/changes/bug22644
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (controller):
-    - Do not crash when receiving a POSTDESCRIPTOR command with an
-      empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
-    - Do not crash when receiving a HSPOST command with an empty body.
-      Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
diff --git a/changes/bug22737 b/changes/bug22737
deleted file mode 100644
index f0de8e6c4..000000000
--- a/changes/bug22737
+++ /dev/null
@@ -1,12 +0,0 @@
-  o Minor bugfixes (defensive programming, undefined behavior):
-
-    - Fix a memset() off the end of an array when packing cells.  This
-      bug should be harmless in practice, since the corrupted bytes
-      are still in the same structure, and are always padding bytes,
-      ignored, or immediately overwritten, depending on compiler
-      behavior. Nevertheless, because the memset()'s purpose is to
-      make sure that any other cell-handling bugs can't expose bytes
-      to the network, we need to fix it. Fixes bug 22737; bugfix on
-      0.2.4.11-alpha. Fixes CID 1401591.
-
-
diff --git a/changes/bug22789 b/changes/bug22789
deleted file mode 100644
index a65359284..000000000
--- a/changes/bug22789
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major bugfixes (openbsd, denial-of-service):
-    - Avoid an assertion failure bug affecting our implementation of
-      inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
-      handling of "0xfoo" differs from what we had expected.
-      Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as
-      TROVE-2017-007.
-
diff --git a/changes/bug22797 b/changes/bug22797
deleted file mode 100644
index 619baaa40..000000000
--- a/changes/bug22797
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (file limits):
-    - When setting the maximum number of connections allowed by the OS,
-      always allow some extra file descriptors for other files.
-      Fixes bug 22797; bugfix on 0.2.0.10-alpha.
diff --git a/changes/bug22801 b/changes/bug22801
deleted file mode 100644
index 7edc79bc8..000000000
--- a/changes/bug22801
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (compilation):
-    - When building with certain versions the mingw C header files, avoid
-      float-conversion warnings when calling the C functions isfinite(),
-      isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
-
diff --git a/changes/bug22838_028 b/changes/bug22838_028
deleted file mode 100644
index 1d0a4fbfd..000000000
--- a/changes/bug22838_028
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
-    - Backport a fix for an "unused variable" warning that appeared
-      in some versions of mingw. Fixes bug 22838; bugfix on
-      0.2.8.1-alpha.
-
diff --git a/changes/bug22915 b/changes/bug22915
deleted file mode 100644
index 17a9c6018..000000000
--- a/changes/bug22915
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (compilation warnings):
-    - Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
-      bugfix on 0.2.8.1-alpha.
diff --git a/changes/bug22916_027 b/changes/bug22916_027
deleted file mode 100644
index 5cf99c7d1..000000000
--- a/changes/bug22916_027
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (Compilation):
-    - Fix warnings when building with libscrypt and openssl scrypt support
-      on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
diff --git a/changes/bug23030_029 b/changes/bug23030_029
deleted file mode 100644
index 89a1b507d..000000000
--- a/changes/bug23030_029
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (coverity builds):
-    - Avoid Coverity build warnings related to our BUG() macro. By
-      default, Coverity treats BUG() as the Linux kernel does: an
-      instant abort(). We need to override that so our BUG() macro
-      doesn't prevent Coverity from analyzing functions that use it.
-      Fixes bug 23030; bugfix on 0.2.9.1-alpha.
-
diff --git a/changes/geoip-august2017 b/changes/geoip-august2017
deleted file mode 100644
index 2dab18a63..000000000
--- a/changes/geoip-august2017
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the August 3 2017 Maxmind GeoLite2
-      Country database.
-
diff --git a/changes/geoip-july2017 b/changes/geoip-july2017
deleted file mode 100644
index ed10369f1..000000000
--- a/changes/geoip-july2017
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the July 4 2017 Maxmind GeoLite2
-      Country database.
-
diff --git a/changes/geoip-june2017 b/changes/geoip-june2017
deleted file mode 100644
index 2ea7bf105..000000000
--- a/changes/geoip-june2017
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the June 8 2017 Maxmind GeoLite2
-      Country database.
-
diff --git a/changes/geoip-september2017 b/changes/geoip-september2017
deleted file mode 100644
index be01ff952..000000000
--- a/changes/geoip-september2017
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor features:
-    - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
-      Country database.
-
diff --git a/changes/ticket19769 b/changes/ticket19769
deleted file mode 100644
index 9fc05c3e9..000000000
--- a/changes/ticket19769
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major features (security):
-    - Change the algorithm used to decide DNS TTLs on client and server side,
-      to better resist DNS-based correlation attacks like the DefecTor attack
-      of Greschbach, Pulls, Roberts, Winter, and Feamster).  Now
-      relays only return one of two possible DNS TTL values, and clients
-      are willing to believe DNS TTL values up to 3 hours long.
-      Closes ticket 19769.



More information about the tor-commits mailing list