+++ /dev/null
- o Minor features (compilation):
- - Make the autoconf script build correctly with autoconf versions 2.70
- and later. Closes part of ticket 40335.
+++ /dev/null
- o Minor bugfix (crypto):
- - Disable the unused batch verification feature of ed25519-donna. Fixes
- bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence.
\ No newline at end of file
+++ /dev/null
- o Minor features (logging, diagnostic):
- - Log decompression failures at a higher severity level, since they
- can help provide missing context for other warning messages.
- We rate-limit these messages, to avoid flooding the logs if they
- begin to occur frequently. Closes ticket 40175.
+++ /dev/null
- o Minor bugfixes (consensus handling):
- - Avoid a set of bugs that could be caused by inconsistently preferring
- an out-of-date consensus stored in a stale directory cache over
- a more recent one stored on disk as the latest consensus.
- Fixes bug 40375; bugfix on 0.3.1.1-alpha.
+++ /dev/null
- o Minor bugfixes (compiler warnings):
- - Fix an indentation problem that led to a warning from GCC 11.1.1.
- Fixes bug 40380; bugfix on 0.3.0.1-alpha.
+++ /dev/null
- o Minor bugfixes (timekeeping):
- - Calculate the time of day correctly on systems where the time_t
- type includes leap seconds. (This is not the case on most
- operating systems, but on those where it occurs, our tor_timegm
- function did not correctly invert the system's gmtime function,
- which could result in assertion failures when calculating
- voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha.
+++ /dev/null
- o Major bugfixes (security):
- - Resist a hashtable-based CPU denial-of-service attack against
- relays. Previously we used a naive unkeyed hash function to look up
- circuits in a circuitmux object. An attacker could exploit this to
- construct circuits with chosen circuit IDs in order to try to create
- collisions and make the hash table inefficient. Now we use a SipHash
- construction for this hash table instead. Fixes bug 40391; bugfix on
- 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005.
- Reported by Jann Horn from Google's Project Zero.
+++ /dev/null
- o Major bugfixes (security, denial of service, onion services):
- - Fix an out-of-bounds memory access in v3 descriptor parsing. Fixes bug
- 40392; bugfix on 0.3.0.1-alpha. This issue is also tracked as
- TROVE-2021-006. Reported by Sergei Glazunov from Google's Project Zero.
\ No newline at end of file
+++ /dev/null
- o Minor features (compatibility):
- - Remove an assertion function related to TLS renegotiation.
- It was used nowhere outside the unit tests, and it was breaking
- compilation with recent alpha releases of OpenSSL 3.0.0.
- Closes ticket 40399.
+++ /dev/null
- o Minor bugfixes (warnings, portability):
- - Suppress a strict-prototype warning when building with some versions
- of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha.
+++ /dev/null
- o Minor features (geoip data):
- - Update the geoip files to match the IPFire Location Database,
- as retrieved on 2021/05/07.
+++ /dev/null
- o Minor features (geoip data):
- - Update the geoip files to match the IPFire Location Database,
- as retrieved on 2021/06/10.
+++ /dev/null
- o Minor features (geoip data):
- - Update the geoip files to match the IPFire Location Database,
- as retrieved on 2021/08/12.
+++ /dev/null
- o Minor bugfix (logging, relay):
- - Emit a warning if an Address is found to be internal and tor can't use it.
- Fixes bug 40290; bugfix on 0.4.5.1-alpha.
+++ /dev/null
- o Minor bugfixes (relay):
- - Reduce the compression level for data streaming from HIGH to LOW. Fixes
- bug 40301; bugfix on 0.3.5.1-alpha.
-
+++ /dev/null
- o Minor bugfix (onion service, client, memory leak):
- - An expired cached descriptor could have been overwritten with a new one
- leading to a memory leak. Fixes bug 40356; bugfix on 0.3.5.1-alpha.
+++ /dev/null
- o Minor bugfixes (build, cross-compilation):
- - Allow a custom "ar" for cross-compilation. Our previous build script
- had used the $AR environment variable in most places, but it missed
- one. Fixes bug 40369; bugfix on 0.4.5.1-alpha.
+++ /dev/null
- o Minor bugfix (metrics port):
- - Fix a bug that made tor try to re-bind() every 60 seconds on an already
- open MetricsPort. Fixes bug 40370; bugfix on 0.4.5.1-alpha.
-
+++ /dev/null
- o Minor features (onion services):
- - Add warning message when connecting to deprecated v2 onions.
- Closes ticket 40373.
\ No newline at end of file
+++ /dev/null
- o Removed features:
- - Remove unneeded code for parsing private keys in directory documents.
- This code was only used for client authentication in v2 onion
- services, which are now unsupported. Closes ticket 40374.
+++ /dev/null
- o Major bugfixes (onion service, control port):
- - Make the ADD_ONION command properly configure client authorization. Before
- this fix, the created onion failed to add the client(s). Fixes bug 40378;
- bugfix on 0.4.6.1-alpha.
+++ /dev/null
- o Minor features (compatibility, Linux seccomp sandbox):
- - Add a workaround to enable the Linux sandbox to work correctly
- on systems running Glibc 2.33. These versions have started
- using the fstatat() system call, which previously our sandbox did not
- allow.
- Closes ticket 40382; see the ticket for a discussion of tradeoffs.
+++ /dev/null
- o Major bugfixes (relay, TROVE):
- - Don't allow entry or middle relays to spoof RELAY_END or RELAY_RESOLVED
- cell on half-closed streams. Fixes bug 40389; bugfix on 0.3.5.1-alpha.
+++ /dev/null
- o Major bugfixes (security, defense-in-depth):
- - Detect a wider variety of failure conditions from the OpenSSL RNG
- code. Previously, we would detect errors from a missing RNG
- implementation, but not failures from the RNG code itself.
- Fortunately, it appears those failures do not happen in practice
- when Tor is using OpenSSL's default RNG implementation.
- Fixes bug 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as
- TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
+++ /dev/null
- o Minor bugfixes (compilation):
- - Fix a compilation error when trying to build Tor with a compiler that
- does not support expanding statitically initialized const values in
- macro's. Fixes bug 40410; bugfix on 0.4.6.5.
+++ /dev/null
- o Minor features (testing):
- - Enable the deterministic RNG for unit tests that covers the address set
- bloomfilter-based API's. Fixes bug 40419; bugfix on 0.3.3.2-alpha.
+++ /dev/null
- o Minor bugfixes (onion service):
- - Send back the extended SOCKS error 0xF6 for a v2 onion address. Fixes bug
- 40421; bugfix on 0.4.6.2-alpha.
+++ /dev/null
- o Minor feature (fallbackdir):
- - Regenerate fallback directories list. Close ticket 40447.
projects / thirdparty / tor.git / commitdiff
