[tor-commits] [tor/release-0.3.0] finish changelog for 0.3.0.11

nickm at torproject.org nickm at torproject.org
Mon Sep 18 13:58:07 UTC 2017 

commit 5cb83c942584f86830ef1d13a9cd2501eea367c4
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Sep 18 09:56:54 2017 -0400

    finish changelog for 0.3.0.11
---
 ChangeLog              |  9 ++++++---
 ReleaseNotes           | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 changes/trove-2017-008 |  5 -----
 3 files changed, 54 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 4a7795113..93adb09ed 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,8 +1,11 @@
 Changes in version 0.3.0.11 - 2017-09-18
-   Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
-   series.
+  Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
+  series.
 
-   MORE HERE.
+  Most significantly, it includes a fix for TROVE-2017-008, a
+  security bug that affects hidden services running with the
+  SafeLogging option disabled. For more information, see
+  https://trac.torproject.org/projects/tor/ticket/23490
 
   o Minor features (code style, backport from 0.3.1.7):
     - Add "Falls through" comments to our codebase, in order to silence
diff --git a/ReleaseNotes b/ReleaseNotes
index 1dd3d9530..aaa7a5c46 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -2,6 +2,54 @@ This document summarizes new features and bugfixes in each stable release
 of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
+Changes in version 0.3.0.11 - 2017-09-18
+  Tor 0.3.0.11 backports a collection of bugfixes from Tor the 0.3.1
+  series.
+
+  Most significantly, it includes a fix for TROVE-2017-008, a
+  security bug that affects hidden services running with the
+  SafeLogging option disabled. For more information, see
+  https://trac.torproject.org/projects/tor/ticket/23490
+
+  Note: now that Tor 0.3.1.x is stable and released, support for the
+  0.3.0.x series will end on 26 Jan 2018.  For longer term support,
+  either upgrade to the most recent 0.3.1.x release, or downgrade to
+  0.2.9.x for long-term support.
+
+  o Minor features (code style, backport from 0.3.1.7):
+    - Add "Falls through" comments to our codebase, in order to silence
+      GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
+      Stieger. Closes ticket 22446.
+
+  o Minor features:
+    - Update geoip and geoip6 to the September 6 2017 Maxmind GeoLite2
+      Country database.
+
+  o Minor bugfixes (compilation, backport from 0.3.1.7):
+    - Avoid compiler warnings in the unit tests for calling tor_sscanf()
+      with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
+
+  o Minor bugfixes (controller, backport from 0.3.1.7):
+    - Do not crash when receiving a HSPOST command with an empty body.
+      Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
+    - Do not crash when receiving a POSTDESCRIPTOR command with an empty
+      body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
+
+  o Minor bugfixes (file limits, osx, backport from 0.3.1.5-alpha):
+    - When setting the maximum number of connections allowed by the OS,
+      always allow some extra file descriptors for other files. Fixes
+      bug 22797; bugfix on 0.2.0.10-alpha.
+
+  o Minor bugfixes (logging, relay, backport from 0.3.1.6-rc):
+    - Remove a forgotten debugging message when an introduction point
+      successfully establishes a hidden service prop224 circuit with
+      a client.
+    - Change three other log_warn() for an introduction point to
+      protocol warnings, because they can be failure from the network
+      and are not relevant to the operator. Fixes bug 23078; bugfix on
+      0.3.0.1-alpha and 0.3.0.2-alpha.
+
+
 Changes in version 0.3.0.10 - 2017-08-02
    Tor 0.3.0.10 backports a collection of small-to-medium bugfixes
    from the current Tor alpha series. OpenBSD users and TPROXY users
diff --git a/changes/trove-2017-008 b/changes/trove-2017-008
deleted file mode 100644
index 4b9c5b0a1..000000000
--- a/changes/trove-2017-008
+++ /dev/null
@@ -1,5 +0,0 @@
-  o Major bugfixes (security, hidden services, loggging):
-    - Fix a bug where we could log uninitialized stack when a certain
-      hidden service error occurred while SafeLogging was disabled.
-      Fixes bug #23490; bugfix on 0.2.7.2-alpha.
-      This is also tracked as TROVE-2017-008 and CVE-2017-0380.

More information about the tor-commits mailing list