mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-19 09:50:29 +01:00
Code Issues Projects Releases Wiki Activity

find all those stanzas in master too

Browse Source
This commit is contained in:
Roger Dingledine 2011-10-27 20:15:50 -04:00
parent 425e4236c6
commit 6258013e41
2 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
ChangeLog
View File

@ -16,10 +16,10 @@ Changes in version 0.2.3.6-alpha - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
outgoing OR connections. Previously, each client or bridge
would use the same cert chain for all outgoing OR connections
for up to 24 hours, which allowed any relay that the client or
bridge contacted to determine which entry guards it is using.
outgoing OR connections. Previously, each client or bridge would
use the same cert chain for all outgoing OR connections until
its IP address changes, which allowed any relay that the client
or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@ -160,10 +160,10 @@ Changes in version 0.2.2.34 - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
outgoing OR connections. Previously, each client or bridge
would use the same cert chain for all outgoing OR connections
for up to 24 hours, which allowed any relay that the client or
bridge contacted to determine which entry guards it is using.
outgoing OR connections. Previously, each client or bridge would
use the same cert chain for all outgoing OR connections until
its IP address changes, which allowed any relay that the client
or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@ -264,11 +264,11 @@ Changes in version 0.2.1.31 - 2011-10-26
o Privacy/anonymity fixes (also included in 0.2.2.x):
- Clients and bridges no longer send TLS certificate chains on
outgoing OR connections. Previously, each client or bridge
would use the same cert chain for all outgoing OR connections
for up to 24 hours, which allowed any relay that the client or
bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
outgoing OR connections. Previously, each client or bridge would
use the same cert chain for all outgoing OR connections until
its IP address changes, which allowed any relay that the client
or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
circuit EXTEND request. Now relays can protect clients from the

18
ReleaseNotes
View File

@ -32,10 +32,10 @@ Changes in version 0.2.2.34 - 2011-10-26
o Privacy/anonymity fixes (clients):
- Clients and bridges no longer send TLS certificate chains on
outgoing OR connections. Previously, each client or bridge
would use the same cert chain for all outgoing OR connections
for up to 24 hours, which allowed any relay that the client or
bridge contacted to determine which entry guards it is using.
outgoing OR connections. Previously, each client or bridge would
use the same cert chain for all outgoing OR connections until
its IP address changes, which allowed any relay that the client
or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
@ -136,11 +136,11 @@ Changes in version 0.2.1.31 - 2011-10-26
o Privacy/anonymity fixes (also included in 0.2.2.x):
- Clients and bridges no longer send TLS certificate chains on
outgoing OR connections. Previously, each client or bridge
would use the same cert chain for all outgoing OR connections
for up to 24 hours, which allowed any relay that the client or
bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by frosty_un.
outgoing OR connections. Previously, each client or bridge would
use the same cert chain for all outgoing OR connections until
its IP address changes, which allowed any relay that the client
or bridge contacted to determine which entry guards it is using.
Fixes CVE-2011-2768. Bugfix on 0.0.9pre5; found by "frosty_un".
- If a relay receives a CREATE_FAST cell on a TLS connection, it
no longer considers that connection as suitable for satisfying a
circuit EXTEND request. Now relays can protect clients from the