+Changes in version 0.4.5.16 - 2023-01-12
+ This version has one major bugfix for relay and a security fix,
+ TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our
+ 0.4.7.x stable series. As a reminder, this series is EOL on February 15th,
+ 2023.
+
+ o Major bugfixes (relay):
+ - When opening a channel because of a circuit request that did not
+ include an Ed25519 identity, record the Ed25519 identity that we
+ actually received, so that we can use the channel for other
+ circuit requests that _do_ list an Ed25519 identity. (Previously
+ we had code to record this identity, but a logic bug caused it to
+ be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch
+ from "cypherpunks".
+
+ o Major bugfixes (TROVE-2022-002, client):
+ - The SafeSocks option had its logic inverted for SOCKS4 and
+ SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe
+ SOCKS4a one. This is TROVE-2022-002 which was reported on
+ Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on January 12, 2023.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2023/01/12.
+
+
Changes in version 0.4.5.15 - 2022-12-06
This version has several major changes for directory authorities. And a
major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
release of Tor. If you want to see more detailed descriptions of the
changes in each development snapshot, see the ChangeLog file.
+Changes in version 0.4.5.16 - 2023-01-12
+ This version has one major bugfix for relay and a security fix,
+ TROVE-2022-002, affecting clients. We strongly recommend to upgrade to our
+ 0.4.7.x stable series. As a reminder, this series is EOL on February 15th,
+ 2023.
+
+ o Major bugfixes (relay):
+ - When opening a channel because of a circuit request that did not
+ include an Ed25519 identity, record the Ed25519 identity that we
+ actually received, so that we can use the channel for other
+ circuit requests that _do_ list an Ed25519 identity. (Previously
+ we had code to record this identity, but a logic bug caused it to
+ be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. Patch
+ from "cypherpunks".
+
+ o Major bugfixes (TROVE-2022-002, client):
+ - The SafeSocks option had its logic inverted for SOCKS4 and
+ SOCKS4a. It would let the unsafe SOCKS4 pass but not the safe
+ SOCKS4a one. This is TROVE-2022-002 which was reported on
+ Hackerone by "cojabo". Fixes bug 40730; bugfix on 0.3.5.1-alpha.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on January 12, 2023.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2023/01/12.
+
+
Changes in version 0.4.5.15 - 2022-12-06
This version has several major changes for directory authorities. And a
major bugfix on OSX. Again, we strongly recommend to upgrade to our 0.4.7.x
+++ /dev/null
- o Major bugfixes (relay):
- - When opening a channel because of a circuit request that did not
- include an Ed25519 identity, record the Ed25519 identity that we
- actually received, so that we can use the channel for other circuit
- requests that _do_ list an Ed25519 identity.
- (Previously we had code to record this identity, but a logic bug
- caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha.
- Patch from "cypherpunks".
+++ /dev/null
- o Minor features (fallbackdir):
- - Regenerate fallback directories generated on January 12, 2023.
+++ /dev/null
- o Minor features (geoip data):
- - Update the geoip files to match the IPFire Location Database,
- as retrieved on 2023/01/12.
+++ /dev/null
- o Major bugfixes (TROVE-2022-002, client):
- - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It
- would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is
- TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug
- 40730; bugfix on 0.3.5.1-alpha.
projects / thirdparty / tor.git / commitdiff
