of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.0.35 - 2009-06-24
+ o Security fix:
+ - Avoid crashing in the presence of certain malformed descriptors.
+ Found by lark, and by automated fuzzing.
+ - Fix an edge case where a malicious exit relay could convince a
+ controller that the client's DNS question resolves to an internal IP
+ address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
+
+ o Major bugfixes:
+ - Finally fix the bug where dynamic-IP relays disappear when their
+ IP address changes: directory mirrors were mistakenly telling
+ them their old address if they asked via begin_dir, so they
+ never got an accurate answer about their new address, so they
+ just vanished after a day. For belt-and-suspenders, relays that
+ don't set Address in their config now avoid using begin_dir for
+ all direct connections. Should fix bugs 827, 883, and 900.
+ - Fix a timing-dependent, allocator-dependent, DNS-related crash bug
+ that would occur on some exit nodes when DNS failures and timeouts
+ occurred in certain patterns. Fix for bug 957.
+
+ o Minor bugfixes:
+ - When starting with a cache over a few days old, do not leak
+ memory for the obsolete router descriptors in it. Bugfix on
+ 0.2.0.33; fixes bug 672.
+ - Hidden service clients didn't use a cached service descriptor that
+ was older than 15 minutes, but wouldn't fetch a new one either,
+ because there was already one in the cache. Now, fetch a v2
+ descriptor unless the same descriptor was added to the cache within
+ the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
+
+
Changes in version 0.2.0.34 - 2009-02-08
Tor 0.2.0.34 features several more security-related fixes. You should
upgrade, especially if you run an exit relay (remote crash) or a
projects / thirdparty / tor.git / commitdiff
