Changes in version 0.2.6.1-alpha - 2014-??-??
+Changes in version 0.2.5.6-alpha - 2014-07-28
+ Tor 0.2.5.6-alpha brings us a big step closer to slowing down the
+ risk from guard rotation, and fixes a variety of other issues to get
+ us closer to a release candidate.
+
+ o Major features (also in 0.2.4.23):
+ - Make the number of entry guards configurable via a new
+ NumEntryGuards consensus parameter, and the number of directory
+ guards configurable via a new NumDirectoryGuards consensus
+ parameter. Implements ticket 12688.
+
+ o Major bugfixes (also in 0.2.4.23):
+ - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
+ implementation that caused incorrect results on 32-bit
+ implementations when certain malformed inputs were used along with
+ a small class of private ntor keys. This bug does not currently
+ appear to allow an attacker to learn private keys or impersonate a
+ Tor server, but it could provide a means to distinguish 32-bit Tor
+ implementations from 64-bit Tor implementations. Fixes bug 12694;
+ bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
+ Adam Langley.
+
+ o Major bugfixes:
+ - Perform circuit cleanup operations even when circuit
+ construction operations are disabled (because the network is
+ disabled, or because there isn't enough directory information).
+ Previously, when we were not building predictive circuits, we
+ were not closing expired circuits either. Fixes bug 8387; bugfix on
+ 0.1.1.11-alpha. This bug became visible in 0.2.4.10-alpha when we
+ became more strict about when we have "enough directory information
+ to build circuits".
+
+ o Minor features:
+ - Authorities now assign the Guard flag to the fastest 25% of the
+ network (it used to be the fastest 50%). Also raise the consensus
+ weight that guarantees the Guard flag from 250 to 2000. For the
+ current network, this results in about 1100 guards, down from 2500.
+ This step paves the way for moving the number of entry guards
+ down to 1 (proposal 236) while still providing reasonable expected
+ performance for most users. Implements ticket 12690.
+ - Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
+ Country database.
+ - Slightly enhance the diagnostic message for bug 12184.
+
+ o Minor bugfixes (also in 0.2.4.23):
+ - Warn and drop the circuit if we receive an inbound 'relay early'
+ cell. Those used to be normal to receive on hidden service circuits
+ due to bug 1038, but the buggy Tor versions are long gone from
+ the network so we can afford to resume watching for them. Resolves
+ the rest of bug 1038; bugfix on 0.2.1.19.
+ - Correct a confusing error message when trying to extend a circuit
+ via the control protocol but we don't know a descriptor or
+ microdescriptor for one of the specified relays. Fixes bug 12718;
+ bugfix on 0.2.3.1-alpha.
+
+ o Minor bugfixes:
+ - Fix compilation when building with bufferevents enabled. (This
+ configuration is still not expected to work, however.)
+ Fixes bugs 12438, 12474, 11578; bugfixes on 0.2.5.1-alpha and
+ 0.2.5.3-alpha. Patches from Anthony G. Basile and Sathyanarayanan
+ Gunasekaran.
+ - Compile correctly with builds and forks of OpenSSL (such as
+ LibreSSL) that disable compression. Fixes bug 12602; bugfix on
+ 0.2.1.1-alpha. Patch from "dhill".
+
+
+Changes in version 0.2.4.23 - 2014-07-28
+ Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
+ guard rotation, and also backports several important fixes from the
+ Tor 0.2.5 alpha release series.
+
+ o Major features:
+ - Clients now look at the "usecreatefast" consensus parameter to
+ decide whether to use CREATE_FAST or CREATE cells for the first hop
+ of their circuit. This approach can improve security on connections
+ where Tor's circuit handshake is stronger than the available TLS
+ connection security levels, but the tradeoff is more computational
+ load on guard relays. Implements proposal 221. Resolves ticket 9386.
+ - Make the number of entry guards configurable via a new
+ NumEntryGuards consensus parameter, and the number of directory
+ guards configurable via a new NumDirectoryGuards consensus
+ parameter. Implements ticket 12688.
+
+ o Major bugfixes:
+ - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
+ implementation that caused incorrect results on 32-bit
+ implementations when certain malformed inputs were used along with
+ a small class of private ntor keys. This bug does not currently
+ appear to allow an attacker to learn private keys or impersonate a
+ Tor server, but it could provide a means to distinguish 32-bit Tor
+ implementations from 64-bit Tor implementations. Fixes bug 12694;
+ bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
+ Adam Langley.
+
+ o Minor bugfixes:
+ - Warn and drop the circuit if we receive an inbound 'relay early'
+ cell. Those used to be normal to receive on hidden service circuits
+ due to bug 1038, but the buggy Tor versions are long gone from
+ the network so we can afford to resume watching for them. Resolves
+ the rest of bug 1038; bugfix on 0.2.1.19.
+ - Correct a confusing error message when trying to extend a circuit
+ via the control protocol but we don't know a descriptor or
+ microdescriptor for one of the specified relays. Fixes bug 12718;
+ bugfix on 0.2.3.1-alpha.
+ - Avoid an illegal read from stack when initializing the TLS
+ module using a version of OpenSSL without all of the ciphers
+ used by the v2 link handshake. Fixes bug 12227; bugfix on
+ 0.2.4.8-alpha. Found by "starlight".
+
+ o Minor features:
+ - Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
+ Country database.
+
+
Changes in version 0.2.5.5-alpha - 2014-06-18
Tor 0.2.5.5-alpha fixes a wide variety of remaining issues in the Tor
0.2.5.x release series, including a couple of DoS issues, some
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.4.23 - 2014-07-28
+ Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
+ guard rotation, and also backports several important fixes from the
+ Tor 0.2.5 alpha release series.
+
+ o Major features:
+ - Clients now look at the "usecreatefast" consensus parameter to
+ decide whether to use CREATE_FAST or CREATE cells for the first hop
+ of their circuit. This approach can improve security on connections
+ where Tor's circuit handshake is stronger than the available TLS
+ connection security levels, but the tradeoff is more computational
+ load on guard relays. Implements proposal 221. Resolves ticket 9386.
+ - Make the number of entry guards configurable via a new
+ NumEntryGuards consensus parameter, and the number of directory
+ guards configurable via a new NumDirectoryGuards consensus
+ parameter. Implements ticket 12688.
+
+ o Major bugfixes:
+ - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
+ implementation that caused incorrect results on 32-bit
+ implementations when certain malformed inputs were used along with
+ a small class of private ntor keys. This bug does not currently
+ appear to allow an attacker to learn private keys or impersonate a
+ Tor server, but it could provide a means to distinguish 32-bit Tor
+ implementations from 64-bit Tor implementations. Fixes bug 12694;
+ bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
+ Adam Langley.
+
+ o Minor bugfixes:
+ - Warn and drop the circuit if we receive an inbound 'relay early'
+ cell. Those used to be normal to receive on hidden service circuits
+ due to bug 1038, but the buggy Tor versions are long gone from
+ the network so we can afford to resume watching for them. Resolves
+ the rest of bug 1038; bugfix on 0.2.1.19.
+ - Correct a confusing error message when trying to extend a circuit
+ via the control protocol but we don't know a descriptor or
+ microdescriptor for one of the specified relays. Fixes bug 12718;
+ bugfix on 0.2.3.1-alpha.
+ - Avoid an illegal read from stack when initializing the TLS
+ module using a version of OpenSSL without all of the ciphers
+ used by the v2 link handshake. Fixes bug 12227; bugfix on
+ 0.2.4.8-alpha. Found by "starlight".
+
+ o Minor features:
+ - Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
+ Country database.
+
+
Changes in version 0.2.4.22 - 2014-05-16
Tor 0.2.4.22 backports numerous high-priority fixes from the Tor 0.2.5
alpha release series. These include blocking all authority signing
projects / thirdparty / tor.git / commitdiff
