[tor-commits] [tor/release-0.3.3] Draft changelog for 0.3.3.3-alpha

nickm at torproject.org nickm at torproject.org
Sat Mar 3 13:17:13 UTC 2018 

commit 1bc35c59fbea02bc030e5f855fc65fb05475c0f9
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Mar 1 16:41:56 2018 -0500

    Draft changelog for 0.3.3.3-alpha
---
 ChangeLog                | 35 +++++++++++++++++++++++++++++++++--
 changes/bug25249         |  3 ---
 changes/bug25249.2       |  3 ---
 changes/trove-2018-001.1 |  6 ------
 changes/trove-2018-004   |  8 --------
 5 files changed, 33 insertions(+), 22 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 76a001a81..1b7d29319 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,11 +1,28 @@
 Changes in version 0.3.3.3-alpha - 2018-03-??
   Tor 0.3.3.3-alpha is the third alpha release for the 0.3.3.x series.
+  It includes an important security fix for a remote crash attack
+  against directory authorities tracked as TROVE-2018-001.
 
-  (TROVE BLURB HERE.)
+  Additionally, with this release, we are upgrading the severity of a
+  bug fixed in 0.3.3.2-alpha.  Bug 24700, which was fixed in
+  0.3.3.2-alpha, can be remotely triggered in order to crash relays with
+  a use-after-free pattern. As such, we are now tracking that bug as
+  TROVE-2018-002 and CVE-2018-0491. This bug affected versions
+  0.3.2.1-alpha through 0.3.2.9, as well as 0.3.3.1-alpha.
 
-  Additionally, it fixes several minor bugs and annoyances from
+  This release also fixes several minor bugs and annoyances from
   earlier releases.
 
+  All directory authorities should upgrade to one of the versions
+  released today.  All relays not already running Tor 0.3.3.2-alpha or
+  later should upgrade to one of the versions released today.
+
+  o Major bugfixes (denial-of-service, directory authority):
+    - Fix a protocol-list handling bug that could be used to remotely crash
+      directory authorities with a null-pointer exception. Fixes bug 25074;
+      bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001 and
+      CVE-2018-0490.
+
   o Minor features (compatibility, OpenSSL):
     - Tor will now support TLS1.3 once OpenSSL 1.1.1 is released.
       Previous versions of Tor would not have worked with OpenSSL 1.1.1,
@@ -21,6 +38,14 @@ Changes in version 0.3.3.3-alpha - 2018-03-??
     - Add a "make test-rust" target to run the rust tests only. Closes
       ticket 25071.
 
+  o Minor bugfixes (denial-of-service):
+    - Fix a possible crash on malformed consensus. If a consensus had
+      contained an unparseable protocol line, it could have made clients
+      and relays crash with a null-pointer exception. To exploit this
+      issue, however, an attacker would need to be able to subvert the
+      directory authority system. Fixes bug 25251; bugfix on
+      0.2.9.4-alpha. Also tracked as TROVE-2018-004.
+
   o Minor bugfixes (DoS mitigation):
     - Add extra safety checks when refilling the circuit creation bucket
       to ensure we never set a value above the allowed maximum burst.
@@ -41,6 +66,12 @@ Changes in version 0.3.3.3-alpha - 2018-03-??
       concurrent learning circuits to 10. Fixes bug 24769; bugfix
       on 0.3.1.1-alpha.
 
+  o Minor bugfixes (spec conformance):
+    - Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on
+      0.2.9.4-alpha.
+    - Forbid UINT32_MAX as a protocol version.  Fixes part of bug 25249;
+      bugfix on 0.2.9.4-alpha.
+
   o Code simplification and refactoring:
     - Update the "rust dependencies" submodule to be a project-level
       repository, rather than a user repository. Closes ticket 25323.
diff --git a/changes/bug25249 b/changes/bug25249
deleted file mode 100644
index b4153eeae..000000000
--- a/changes/bug25249
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (spec conformance):
-    - Forbid "-0" as a protocol version. Fixes part of bug 25249; bugfix on
-      0.2.9.4-alpha.
diff --git a/changes/bug25249.2 b/changes/bug25249.2
deleted file mode 100644
index 9058c1107..000000000
--- a/changes/bug25249.2
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (spec conformance):
-    - Forbid UINT32_MAX as a protocol version.  Fixes part of bug 25249;
-      bugfix on 0.2.9.4-alpha.
diff --git a/changes/trove-2018-001.1 b/changes/trove-2018-001.1
deleted file mode 100644
index f0ee92f40..000000000
--- a/changes/trove-2018-001.1
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes (denial-of-service, directory authority):
-    - Fix a protocol-list handling bug that could be used to remotely crash
-      directory authorities with a null-pointer exception. Fixes bug 25074;
-      bugfix on 0.2.9.4-alpha. Also tracked as TROVE-2018-001.
-
-
diff --git a/changes/trove-2018-004 b/changes/trove-2018-004
deleted file mode 100644
index 37e0a89b0..000000000
--- a/changes/trove-2018-004
+++ /dev/null
@@ -1,8 +0,0 @@
-  o Minor bugfixes (denial-of-service):
-    - Fix a possible crash on malformed consensus. If a consensus had
-      contained an unparseable protocol line, it could have made clients
-      and relays crash with a null-pointer exception. To exploit this
-      issue, however, an attacker would need to be able to subvert the
-      directory-authority system. Fixes bug 25251; bugfix on
-      0.2.9.4-alpha. Also tracked as TROVE-2018-004.
-

More information about the tor-commits mailing list