[tor-commits] [tor/main] changelog: ChangeLog for 0.4.7.1-alpha release
dgoulet at torproject.org
dgoulet at torproject.org
Fri Sep 17 13:43:49 UTC 2021
commit 9a7fe5d131e036417f373fea13044eba7cd3abb3
Author: David Goulet <dgoulet at torproject.org>
Date: Fri Sep 17 09:20:00 2021 -0400
changelog: ChangeLog for 0.4.7.1-alpha release
Signed-off-by: David Goulet <dgoulet at torproject.org>
---
ChangeLog | 99 +++++++++++++++++++++++++++++++++++++++++++++++++++++
changes/bug40317 | 5 ---
changes/bug40330 | 4 ---
changes/bug40365 | 3 --
changes/bug40371 | 6 ----
changes/bug40394 | 4 ---
changes/bug40407 | 5 ---
changes/bug40435 | 4 ---
changes/bug40453 | 4 ---
changes/bug40467 | 5 ---
changes/issue40338 | 3 --
changes/ticket33742 | 3 --
changes/ticket40209 | 4 ---
changes/ticket40337 | 16 ---------
changes/ticket40363 | 9 -----
changes/ticket40434 | 6 ----
16 files changed, 99 insertions(+), 81 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 6b1e11f77a..8e424096b9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,102 @@
+Changes in version 0.4.7.1-alpha - 2021-09-17
+ This version is the first alpha release of the 0.4.7.x series. One major
+ feature is the Vanguard Lite, from proposal 333, that help mitigate guard
+ discovery attacks for onion services. It also includes numerous bugfixes.
+
+ o Major features (Proposal 332, onion services, guard selection algorithm):
+ - Clients and onion services now choose four long-lived "layer 2"
+ guard relays for use as the middle hop in all onion circuits.
+ These relays are kept in place for a randomized duration averaging
+ 1 week each. This mitigates guard discovery attacks against
+ clients and short-lived onion services such as OnionShare. Long-
+ lived onion services that need high security should still use the
+ Vanguards addon (https://github.com/mikeperry-tor/vanguards).
+ Closes ticket 40363; implements proposal 333.
+
+ o Minor features (bridge testing support):
+ - Let external bridge reachability testing tools discard cached
+ bridge descriptors when setting new bridges, so they can be sure
+ to get a clean reachability test. Implements ticket 40209.
+
+ o Minor features (fuzzing):
+ - When building with --enable-libfuzzer, use a set of compiler flags
+ that works with more recent versions of the library. Previously we
+ were using a set of flags from 2017. Closes ticket 40407.
+
+ o Minor features (testing configuration):
+ - When TestingTorNetwork is enabled, skip the permission check on
+ the hidden service directory. Closes ticket 40338.
+
+ o Minor features (testing):
+ - On a testing network, relays can now use the
+ TestingMinTimeToReportBandwidth option to change the smallest
+ amount of time over which they're willing to report their observed
+ maximum bandwidth. Previously, this was fixed at 1 day. For
+ safety, values under 2 hours are only supported on testing
+ networks. Part of a fix for ticket 40337.
+ - Relays on testing networks no longer rate-limit how frequently
+ they are willing to report new bandwidth measurements. Part of a
+ fix for ticket 40337.
+ - Relays on testing networks now report their observed bandwidths
+ immediately from startup. Previously, they waited until they had
+ been running for a full day. Closes ticket 40337.
+
+ o Minor bugfix (onion service):
+ - Do not flag an HSDir as non-running in case the descriptor upload
+ or fetch fails. An onion service closes pending directory
+ connections before uploading a new descriptor which leads to
+ wrongly flagging many relays and thus affecting circuit path
+ selection. Fixes bug 40434; bugfix on 0.2.0.13-alpha.
+
+ o Minor bugfixes (circuit padding):
+ - Don't send STOP circuit padding cells when the other side has
+ already shut down the corresponding padding machine. Fixes bug
+ 40435; bugfix on 0.4.0.1-alpha.
+
+ o Minor bugfixes (compatibility):
+ - Fix compatibility with the most recent Libevent versions, which no
+ longer have an evdns_set_random_bytes() function. Because this
+ function has been a no-op since Libevent 2.0.4-alpha, it is safe
+ for us to just stop calling it. Fixes bug 40371; bugfix
+ on 0.2.1.7-alpha.
+
+ o Minor bugfixes (control, sandbox):
+ - Allows the control command SAVECONF to succeed when the seccomp
+ sandbox is enabled. Makes SAVECONF keep only one backup file to
+ simplify implementation. Fixes bug 40317; bugfix on 0.2.5.4-alpha.
+ Patch by Daniel Pinto.
+
+ o Minor bugfixes (documentation):
+ - Add a mention of the "fingerprint-ed25519" for relays in the tor.1
+ man page. Also clarify the difference between the RSA-based
+ "fingerprint" and "fingerprint-ed25519" files. Fixes bug 40467;
+ bugfix on 0.4.3.1-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (heartbeat):
+ - Adjust the heartbeat log message about distinct clients to
+ consider the HeartbeatPeriod rather than a flat 6-hour delay.
+ Fixes bug 40330; bugfix on 0.2.6.3-alpha.
+
+ o Minor bugfixes (logging, relay):
+ - Add spaces between the "and" when logging the "Your server has not
+ managed to confirm reachability for its" on dual-stack relays
+ Fixes bug 40453; bugfix on 0.4.5.1-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (statistics):
+ - Fix the fencepost issue when we check stability_last_downrated
+ where we call rep_hist_downrate_old_runs() twice. Fixes bug 40394;
+ bugfix on 0.2.0.5-alpha. Patch by Neel Chauhan.
+
+ o Minor bugfixes (tests):
+ - Fix a bug that prevented some tests from running with the correct
+ names. Fixes bug 40365; bugfix on 0.4.3.1-alpha.
+
+ o Documentation:
+ - Add links to original tor design paper and anonbib to
+ docs/HACKING/README.1st.md. Closes ticket 33742. Patch from
+ Emily Bones.
+
+
Changes in version 0.4.6.7 - 2021-08-16
This version fixes several bugs from earlier versions of Tor,
including one that could lead to a denial-of-service attack. Everyone
diff --git a/changes/bug40317 b/changes/bug40317
deleted file mode 100644
index 18ec499a51..0000000000
--- a/changes/bug40317
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (control, sandbox):
- - Allows the control command SAVECONF to succeed when the seccomp
- sandbox is enabled. Makes SAVECONF keep only one backup file to
- simplify implementation. Fixes bug 40317; bugfix on 0.2.5.4-alpha.
- Patch by Daniel Pinto.
diff --git a/changes/bug40330 b/changes/bug40330
deleted file mode 100644
index 8752ba5be7..0000000000
--- a/changes/bug40330
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (heartbeat):
- - Adjust the heartbeat log message about distinct clients to consider
- the HeartbeatPeriod rather than a flat 6-hour delay.
- Fixes bug 40330; bugfix on 0.2.6.3-alpha.
diff --git a/changes/bug40365 b/changes/bug40365
deleted file mode 100644
index e4ee7b3b90..0000000000
--- a/changes/bug40365
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor bugfixes (tests):
- - Fix a bug that prevented some tests from running with the correct names.
- Fixes bug 40365; bugfix on 0.4.3.1-alpha.
diff --git a/changes/bug40371 b/changes/bug40371
deleted file mode 100644
index 8cc7117f9f..0000000000
--- a/changes/bug40371
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfixes (compatibility):
- - Fix compatibility with the most recent Libevent versions, which
- no longer have an evdns_set_random_bytes() function. Because
- this function has been a no-op since Libevent 2.0.4-alpha,
- it is safe for us to just stop calling it. Fixes bug 40371;
- bugfix on 0.2.1.7-alpha.
diff --git a/changes/bug40394 b/changes/bug40394
deleted file mode 100644
index f55167f2dd..0000000000
--- a/changes/bug40394
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (statistics):
- - Fix the fencepost issue when we check stability_last_downrated where
- we call rep_hist_downrate_old_runs() twice. Fixes bug 40394; bugfix
- on 0.2.0.5-alpha. Patch by Neel Chauhan.
diff --git a/changes/bug40407 b/changes/bug40407
deleted file mode 100644
index 068d278e14..0000000000
--- a/changes/bug40407
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor features (fuzzing):
- - When building with --enable-libfuzzer, use a set of compiler flags
- that works with more recent versions of the library. Previously
- we were using a set of flags from 2017.
- Closes ticket 40407.
diff --git a/changes/bug40435 b/changes/bug40435
deleted file mode 100644
index 76d0a687eb..0000000000
--- a/changes/bug40435
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (circuit padding):
- - Don't send STOP circuit padding cells when the other side has already
- shut down the corresponding padding machine. Fixes bug 40435; bugfix on
- 0.4.0.1-alpha.
\ No newline at end of file
diff --git a/changes/bug40453 b/changes/bug40453
deleted file mode 100644
index 28ed13b47a..0000000000
--- a/changes/bug40453
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor bugfixes (logging, relay):
- - Add spaces between the "and" when logging the "Your server has
- not managed to confirm reachability for its" on dual-stack relays
- Fixes bug 40453; bugfix on 0.4.5.1-alpha. Patch by Neel Chauhan.
diff --git a/changes/bug40467 b/changes/bug40467
deleted file mode 100644
index 03f1cc3816..0000000000
--- a/changes/bug40467
+++ /dev/null
@@ -1,5 +0,0 @@
- o Minor bugfixes (documentation):
- - Add a mention of the `fingerprint-ed25519` for relays in the tor.1 man
- page. Also clarify the difference between the RSA-based `fingerprint` and
- `fingerprint-ed25519` files. Fixes bug 40467; bugfix on 0.4.3.1-alpha.
- Patch by Neel Chauhan.
diff --git a/changes/issue40338 b/changes/issue40338
deleted file mode 100644
index bc2cafff61..0000000000
--- a/changes/issue40338
+++ /dev/null
@@ -1,3 +0,0 @@
- o Minor features (testing configuration):
- - When TestingTorNetwork is enabled, skip the permission check on
- the hidden service directory. Closes ticket 40338.
diff --git a/changes/ticket33742 b/changes/ticket33742
deleted file mode 100644
index 3669e76f48..0000000000
--- a/changes/ticket33742
+++ /dev/null
@@ -1,3 +0,0 @@
- o Documentation:
- - Add links to original tor design paper and anonbib to
- docs/HACKING/README.1st.md. Closes ticket 33742. Patch from Emily Bones.
diff --git a/changes/ticket40209 b/changes/ticket40209
deleted file mode 100644
index a90243be8c..0000000000
--- a/changes/ticket40209
+++ /dev/null
@@ -1,4 +0,0 @@
- o Minor features (bridge testing support):
- - Let external bridge reachability testing tools discard cached
- bridge descriptors when setting new bridges, so they can be sure
- to get a clean reachability test. Implements ticket 40209.
diff --git a/changes/ticket40337 b/changes/ticket40337
deleted file mode 100644
index 1c86fc4c99..0000000000
--- a/changes/ticket40337
+++ /dev/null
@@ -1,16 +0,0 @@
- o Minor features (testing):
- - On a testing network, relays can now use the
- TestingMinTimeToReportBandwidth option to change
- the smallest amount of time over which they're willing to report
- their observed maximum bandwidth. Previously, this was fixed
- at 1 day. For safety, values under 2 hours are only supported on
- testing networks. Part of a fix for ticket 40337.
-
- o Minor features (testing):
- - Relays on testing networks now report their observed bandwidths
- immediately from startup. Previously, they waited
- until they had been running for a full day. Closes ticket
- 40337.
- - Relays on testing networks no longer rate-limit how frequently
- they are willing to report new bandwidth measurements. Part of a fix
- for ticket 40337.
diff --git a/changes/ticket40363 b/changes/ticket40363
deleted file mode 100644
index 713f943020..0000000000
--- a/changes/ticket40363
+++ /dev/null
@@ -1,9 +0,0 @@
- o Major features (Proposal 332, onion services, guard selection algorithm):
- - Clients and onion services now choose four long-lived "layer 2" guard
- relays for use as the middle hop in all onion circuits. These relays are
- kept in place for a randomized duration averaging 1 week each. This
- mitigates guard discovery attacks against clients and short-lived onion
- services such as OnionShare. Long-lived onion services that need high
- security should still use the Vanguards addon
- (https://github.com/mikeperry-tor/vanguards). Closes ticket 40363;
- implements proposal 333.
diff --git a/changes/ticket40434 b/changes/ticket40434
deleted file mode 100644
index 988bb416be..0000000000
--- a/changes/ticket40434
+++ /dev/null
@@ -1,6 +0,0 @@
- o Minor bugfix (onion service):
- - Do not flag an HSDir as non-running in case the descriptor upload or
- fetch fails. An onion service closes pending directory connections
- before uploading a new descriptor which can thus lead to wrongly
- flagging many relays and thus affecting circuit building path selection.
- Fixes bug 40434; bugfix on 0.2.0.13-alpha.
More information about the tor-commits
mailing list