[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Tor 0.2.6.4-rc is released!



Hi, all!

I've just tagged and uploaded Tor 0.2.6.4-rc to the usual places.
This is the first release candidate for the 0.2.6.x series, and I hope
the next release for 0.2.6 will be the stable release.

The source is available in the usual places on the website; packages
should follow. I'll put out an updated 0.2.5.11 in a few days, once
the changes in this release have seen more testing.

Changes in version 0.2.6.4-rc - 2015-03-09
  Tor 0.2.6.4-rc fixes an issue in the directory code that an
  attacker might be able to use in order to crash certain Tor
  directories. It also resolves some minor issues left over from, or
  introduced in, Tor 0.2.6.3-alpha or earlier.

  o Major bugfixes (crash, OSX, security):
    - Fix a remote denial-of-service opportunity caused by a bug in
      OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared
      in OSX 10.9.

  o Major bugfixes (relay, stability, possible security):
    - Fix a bug that could lead to a relay crashing with an assertion
      failure if a buffer of exactly the wrong layout is passed to
      buf_pullup() at exactly the wrong time. Fixes bug 15083; bugfix on
      0.2.0.10-alpha. Patch from "cypherpunks".
    - Do not assert if the 'data' pointer on a buffer is advanced to the
      very end of the buffer; log a BUG message instead. Only assert if
      it is past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.

  o Major bugfixes (FreeBSD IPFW transparent proxy):
    - Fix address detection with FreeBSD transparent proxies, when
      "TransProxyType ipfw" is in use. Fixes bug 15064; bugfix
      on 0.2.5.4-alpha.

  o Major bugfixes (Linux seccomp2 sandbox):
    - Pass IPPROTO_TCP rather than 0 to socket(), so that the Linux
      seccomp2 sandbox doesn't fail. Fixes bug 14989; bugfix
      on 0.2.6.3-alpha.
    - Allow AF_UNIX hidden services to be used with the seccomp2
      sandbox. Fixes bug 15003; bugfix on 0.2.6.3-alpha.
    - Upon receiving sighup with the seccomp2 sandbox enabled, do not
      crash during attempts to call wait4. Fixes bug 15088; bugfix on
      0.2.5.1-alpha. Patch from "sanic".

  o Minor features (controller):
    - Messages about problems in the bootstrap process now include
      information about the server we were trying to connect to when we
      noticed the problem. Closes ticket 15006.

  o Minor features (geoip):
    - Update geoip to the March 3 2015 Maxmind GeoLite2 Country database.
    - Update geoip6 to the March 3 2015 Maxmind GeoLite2
      Country database.

  o Minor features (logs):
    - Quiet some log messages in the heartbeat and at startup. Closes
      ticket 14950.

  o Minor bugfixes (certificate handling):
    - If an authority operator accidentally makes a signing certificate
      with a future publication time, do not discard its real signing
      certificates. Fixes bug 11457; bugfix on 0.2.0.3-alpha.
    - Remove any old authority certificates that have been superseded
      for at least two days. Previously, we would keep superseded
      certificates until they expired, if they were published close in
      time to the certificate that superseded them. Fixes bug 11454;
      bugfix on 0.2.1.8-alpha.

  o Minor bugfixes (compilation):
    - Fix a compilation warning on s390. Fixes bug 14988; bugfix
      on 0.2.5.2-alpha.
    - Fix a compilation warning on FreeBSD. Fixes bug 15151; bugfix
      on 0.2.6.2-alpha.

  o Minor bugfixes (testing):
    - Fix endianness issues in unit test for resolve_my_address() to
      have it pass on big endian systems. Fixes bug 14980; bugfix on
      Tor 0.2.6.3-alpha.
    - Avoid a side-effect in a tor_assert() in the unit tests. Fixes bug
      15188; bugfix on 0.1.2.3-alpha. Patch from Tom van der Woerdt.
    - When running the new 'make test-stem' target, use the configured
      python binary. Fixes bug 15037; bugfix on 0.2.6.3-alpha. Patch
      from "cypherpunks".
    - When running the zero-length-keys tests, do not use the default
      torrc file. Fixes bug 15033; bugfix on 0.2.6.3-alpha. Reported
      by "reezer".

  o Directory authority IP change:
    - The directory authority Faravahar has a new IP address. This
      closes ticket 14487.

  o Removed code:
    - Remove some lingering dead code that once supported mempools.
      Mempools were disabled by default in 0.2.5, and removed entirely
      in 0.2.6.3-alpha. Closes more of ticket 14848; patch
      by "cypherpunks".
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk