+++ /dev/null
- o Minor bugfixes:
- - Disable sandbox name resolver cache when running tor-resolve:
- tor-resolve doesn't use the sandbox code, and turning it on was
- breaking attempts to do tor-resolve on a non-default server on
- Linux. Fixes bug 13295; bugfix on 0.2.5.3-alpha.
+++ /dev/null
- o Minor bugfixes:
- - Fix compilation when building with bufferevents enabled. (This
- configuration is still not expected to work, however.)
- Fixes bugs 12438, 12474, 11578; bugfixes on 0.2.5.1-alpha and
- 0.2.5.3-alpha. Patches from Anthony G. Basile and Sathyanarayanan
- Gunasekaran.
+++ /dev/null
- o Minor bugfixes:
- - Warn and drop the circuit if we receive an inbound 'relay early'
- cell. Those used to be normal to receive on hidden service circuits
- due to bug 1038, but the buggy Tor versions are long gone from
- the network so we can afford to resume watching for them. Resolves
- the rest of bug 1038; bugfix on 0.2.1.19.
+++ /dev/null
- o Major bugfixes:
- - When Tor starts with DisabledNetwork set, it would correctly
- conclude that it shouldn't try making circuits, but it would
- mistakenly cache this conclusion and continue believing it even
- when DisableNetwork is set to 0. Fixes the bug introduced by the
- fix for bug 11200; bugfix on 0.2.5.4-alpha.
-
+++ /dev/null
- o Bugfixes
- - Correctly update the local mark on the controlling channel when changing
- the address of an or_connection_t after the handshake. Fixes bug #12160;
- bugfix on 0.2.4.4-alpha.
+++ /dev/null
- o Minor bugfixes (portability):
- - Compile correctly with builds and forks of OpenSSL (such as
- LibreSSL) that disable compression. Fixes bug 12602; bugfix on
- 0.2.1.1-alpha. Patch from "dhill".
-
+++ /dev/null
- o Minor bugfixes:
- - When logging information about an EXTEND2 or EXTENDED2 cell, log
- their names correctly. Fixes part of bug 12700; bugfix on
- 0.2.4.8-alpha.
-
- o Minor bugfixes:
- - When logging information about a relay cell whose command we
- don't recognize, log its command as an integer. Fixes part of
- bug 12700; bugfix on 0.2.1.10-alpha.
-
+++ /dev/null
- o Minor bugfixes:
- - Correct a confusing error message when trying to extend a circuit
- via the control protocol but we don't know a descriptor or
- microdescriptor for one of the specified relays. Fixes bug 12718;
- bugfix on 0.2.3.1-alpha.
+++ /dev/null
- o Distribution:
- - Verify configuration file via ExecStartPre in the systemd unit file.
- Patch from intrigeri; resolves ticket 12730.
+++ /dev/null
- o Distribution:
- - Explicitly disable RunAsDaemon in the systemd unit file.
- Our current systemd unit uses "Type = simple", so systemd does
- not expect tor to fork. If the user has "RunAsDaemon 1" in their
- torrc, then things won't work as expected. This is e.g. the case
- on Debian (and derivatives), since there we pass
- "--defaults-torrc /usr/share/tor/tor-service-defaults-torrc"
- (that contains "RunAsDaemon 1") by default.
- Patch by intrigeri; resolves ticket 12731.
+++ /dev/null
- o Documentation:
- - Adjust the URLs in the README to refer to the new locations of
- several documents on the website. Patch from Matt Pagan. Fixes
- bug 12830.
+++ /dev/null
- o Major bugfixes (relay):
- - Avoid queuing or sending destroy cells for circuit ID zero when
- we fail to send a CREATE cell. Fixes bug 12848; bugfix on
- 0.0.8pre1. Found and fixed by "cypherpunks".
+++ /dev/null
- o Minor bugfixes:
- - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug
- 12864; bugfix on 0.2.5.1-alpha.
-
- o Minor features:
- - Add an ExtORPortCookieAuthFileGroupReadable option to make the
- cookie file for the ExtORPort g+r by default.
+++ /dev/null
- o Documentation:
- - Document 'reject6' and 'accept6' ExitPolicy entries. Resolves
- ticket 12878.
+++ /dev/null
- o Minor features:
- - Warn about attempts to run hidden services and relays in the
- same process: that's probably not a good idea. Closes ticket
- 12908.
+++ /dev/null
- o Major bugfixes:
- - Resume expanding abbreviations for command-line options. The fix
- for bug 4647 accidentally removed our hack from bug 586 that rewrote
- HashedControlPassword to __HashedControlSessionPassword when it
- appears on the commandline (which allowed the user to set her
- own HashedControlPassword in the torrc file while the controller
- generates a fresh session password for each run). Fixes bug 12948;
- bugfix on 0.2.5.1-alpha.
+++ /dev/null
- o Minor bugfixes:
- - Downgrade "Unexpected onionskin length after decryption" warning
- to a protocol-warn, since there's nothing relay operators can do
- about a client that sends them a malformed create cell. Resolves
- bug 12996; bugfix on 0.0.6rc1.
+++ /dev/null
- o Minor features:
- - Log more specific warnings when we get an ESTABLISH_RENDEZVOUS cell
- on a cannibalized or non-OR circuit. Resolves ticket 12997.
+++ /dev/null
- o Minor bugfixes (relay):
- - Escape all strings from the directory connection before logging them.
- Fixes bug 13071; bugfix on 0.1.1.15. Patch from "teor".
+++ /dev/null
- o Compilation fixes:
- - Make the nmake make files work again. Fixes bug 13081. Bugfix on 0.2.5.1-alpha. Patch
- from "NewEraCracker".
+++ /dev/null
- o Minor bugfixes (controller):
- - Actually send TRANSPORT_LAUNCHED and HS_DESC events to controllers.
- Fixes bug 13085; bugfix on 0.2.5.1-alpha. Patch by "teor".
+++ /dev/null
- o Minor bugfixes (conformance):
- - In routerlist_assert_ok(), don't take the address of a routerinfo's
- cache_info member unless that routerinfo is non-NULL. Fixes bug
- 13096; bugfix on 0.1.1.9-alpha. Patch by "teor".
+++ /dev/null
- o Directory authority changes:
- - Change IP address for gabelmoo (v3 directory authority).
-
+++ /dev/null
- o Minor bugfixes:
- - Reduce the log severity of the "Pluggable transport proxy does
- not provide any needed transports and will not be launched."
- message, since Tor Browser includes several ClientTransportPlugin
- lines in its torrc-defaults file, leading every Tor Browser user
- who looks at her logs to see these notices and wonder if they're
- dangerous. Resolves bug 13124; bugfix on 0.2.5.3-alpha.
-
+++ /dev/null
- o Major bugfixes:
- - Clients now send the correct address for their chosen rendezvous
- point when trying to access a hidden service. They used to send
- the wrong address, which would still work some of the time because
- they also sent the identity digest of the rendezvous point, and if
- the hidden service happened to try connecting to the rendezvous
- point from a relay that already had a connection open to it,
- the relay would reuse that connection. Now connections to hidden
- services should be more robust and faster. Also, this bug meant
- that clients were leaking to the hidden service whether they were
- on a little-endian (common) or big-endian (rare) system, which for
- some users might have reduced their anonymity. Fixes bug 13151;
- bugfix on 0.2.1.5-alpha.
+++ /dev/null
- o Compilation fixes:
- - Build and run correctly on systems like OpenBSD-current that
- have patched OpenSSL to remove get_cipher_by_char and/or its
- implementations. Fixes issue 13325.
+++ /dev/null
- o Major bugfixes (openssl bug workaround):
- - Avoid crashing when using OpenSSL version 0.9.8zc, 1.0.0o, or
- 1.0.1j, built with the 'no-ssl3' configuration option. Fixes
- bug 13471. This is a workaround for an OpenSSL bug.
-
+++ /dev/null
- o Downgraded warnings:
- - Downgrade the severity of the 'unexpected sendme cell from client' from
- 'warn' to 'protocol warning'. Closes ticket 8093.
+++ /dev/null
- o Major bugfixes (client):
-
- - Perform circuit cleanup operations even when circuit
- construction operations are disabled (because the network is
- disabled, or because there isn't enough directory information).
- Previously, when we were not building predictive circuits, we
- were not closing expired circuits either.
-
- Fixes bug 8387; bugfix on 0.1.1.11-alpha. This bug became visible
- in 0.2.4.10-alpha when we became more strict about when we have
- "enough directory information to build circuits".
+++ /dev/null
- o Major bugfixes:
-
- - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
- implementation that caused incorrect results on 32-bit
- implementations when certain malformed inputs were used along with
- a small class of private ntor keys. This bug does not currently
- appear to allow an attacker to learn private keys or impersonate a
- Tor server, but it could provide a means to distinguish 32-bit Tor
- implementations from 64-bit Tor implementations. Fixes bug 12694;
- bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
- Adam Langley.
-
+++ /dev/null
- o Major security fixes:
- - Disable support for SSLv3. All versions of OpenSSL in use with
- Tor today support TLS 1.0 or later, so we can safely turn off
- support for this old (and insecure) protocol. Fixes bug 13426.
+++ /dev/null
- o Minor features (diagnostic):
- - Slightly enhance the diagnostic message for bug 12184.
+++ /dev/null
- o Minor features:
- - Update geoip to the August 7 2014 Maxmind GeoLite2 Country database.
-
+++ /dev/null
- o Minor features:
- - Update geoip to the July 10 2014 Maxmind GeoLite2 Country database.
-
+++ /dev/null
- o Minor features:
- - Update geoip6 to the August 7 2014 Maxmind GeoLite2 Country database.
-
+++ /dev/null
- o Minor features:
- - Update geoip6 to the July 10 2014 Maxmind GeoLite2 Country database.
+++ /dev/null
- o Minor bugfixes (compilation):
- - Fix compilation of test.h with MSVC. Patch from Gisle Vanem;
- bugfix on 0.2.5.5-alpha.
+++ /dev/null
- Major features:
- - Make the number of entry guards configurable via a new
- NumEntryGuards consensus parameter, and the number of directory
- guards configurable via a new NumDirectoryGuards consensus
- parameter. Implements ticket 12688.
-
+++ /dev/null
- o Minor features:
- - Authorities now assign the Guard flag to the fastest 25% of the
- network (it used to be the fastest 50%). Also raise the consensus
- weight that guarantees the Guard flag from 250 to 2000. For the
- current network, this results in about 1100 guards, down from 2500.
- This step paves the way for moving the number of entry guards
- down to 1 (proposal 236) while still providing reasonable expected
- performance for most users. Implements ticket 12690.
-
+++ /dev/null
- o Minor bugfixes:
- - Fix a large number of false positive warnings from the clang
- analyzer static analysis tool. This should make real warnings
- easier for clang analyzer to find. Patch from "teor". Closes
- ticket 13036.
projects / thirdparty / tor.git / commitdiff
