put recent release blurbs into the changelog; fix a typo in tor-spec.

svn:r17586

diff --git a/ChangeLog b/ChangeLog
index 8e69f816b470ce8c3661b5c7ae2bc9a8dc0b5e25..c6b2dd6745fb243c15146839330c24f5445ac027 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -40,6 +40,10 @@ Changes in version 0.2.1.9-alpha - 200?-??-??
 
 
 Changes in version 0.2.1.8-alpha - 2008-12-08
+  Tor 0.2.1.8-alpha fixes some crash bugs in earlier alpha releases,
+  builds better on unusual platforms like Solaris and old OS X, and
+  fixes a variety of other issues.
+
   o Major features:
     - New DirPortFrontPage option that takes an html file and publishes
       it as "/" on the DirPort. Now relay operators can provide a
@@ -101,6 +105,12 @@ Changes in version 0.2.1.8-alpha - 2008-12-08
 
 
 Changes in version 0.2.0.32 - 2008-11-20
+  Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu
+  packages (and maybe other packages) noticed by Theo de Raadt, fixes
+  a smaller security flaw that might allow an attacker to access local
+  services, further improves hidden service performance, and fixes a
+  variety of other issues.
+
   o Security fixes:
     - The "User" and "Group" config options did not clear the
       supplementary group entries for the Tor process. The "User" option
@@ -166,6 +176,13 @@ Changes in version 0.2.0.32 - 2008-11-20
 
 
 Changes in version 0.2.1.7-alpha - 2008-11-08
+  Tor 0.2.1.7-alpha fixes a major security problem in Debian and Ubuntu
+  packages (and maybe other packages) noticed by Theo de Raadt, fixes
+  a smaller security flaw that might allow an attacker to access local
+  services, adds better defense against DNS poisoning attacks on exit
+  relays, further improves hidden service performance, and fixes a
+  variety of other issues.
+
   o Security fixes:
     - The "ClientDNSRejectInternalAddresses" config option wasn't being
       consistently obeyed: if an exit relay refuses a stream because its

diff --git a/ReleaseNotes b/ReleaseNotes
index 36371d7b9d2ce4fed0ad57e3748caeacee618fd9..d37703dc2f8c262da58e2ee18f1bd8220fbbdb8a 100644 (file)
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -4,6 +4,12 @@ of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
 Changes in version 0.2.0.32 - 2008-11-20
+  Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu
+  packages (and maybe other packages) noticed by Theo de Raadt, fixes
+  a smaller security flaw that might allow an attacker to access local
+  services, further improves hidden service performance, and fixes a
+  variety of other issues.
+
   o Security fixes:
     - The "User" and "Group" config options did not clear the
       supplementary group entries for the Tor process. The "User" option

diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt
index 8ab50242d9abc7922d5500eba44e9428599db524..d514ad1eaa32f1a10c85cb0a92c255017d3d250a 100644 (file)
--- a/doc/spec/tor-spec.txt
+++ b/doc/spec/tor-spec.txt
@@ -253,8 +253,8 @@ see tor-design.pdf.
 
    To avoid being trivially distinguished from servers, client-only Tor
    instances are encouraged but not required to use a two-certificate chain
-   as well.  Clients SHOULD NOT use keep using the same certificates when
-   their IP changes.  Clients MAY send no certificates at all.
+   as well.  Clients SHOULD NOT keep using the same certificates when
+   their IP address changes.  Clients MAY send no certificates at all.
 
 3. Cell Packet format