Delivery-Date: Wed, 30 Jul 2014 03:52:58 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 67A961E0E51
	for <archiver@seul.org>; Wed, 30 Jul 2014 03:52:57 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 99C4B2036E;
	Wed, 30 Jul 2014 07:52:19 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 209E230815
 for <tor-talk@lists.torproject.org>; Wed, 30 Jul 2014 07:43:05 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id fz3WnCgp1CfW for <tor-talk@lists.torproject.org>;
 Wed, 30 Jul 2014 07:43:05 +0000 (UTC)
Received: from khazad-dum.seul.org (khazad-dum.csail.mit.edu [128.31.0.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "moria.seul.org", Issuer "moria.seul.org" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 0042630813
 for <tor-talk@lists.torproject.org>; Wed, 30 Jul 2014 07:43:04 +0000 (UTC)
Received: by khazad-dum.seul.org (Postfix, from userid 501)
 id 80C581E0E52; Wed, 30 Jul 2014 03:43:02 -0400 (EDT)
Date: Wed, 30 Jul 2014 03:43:02 -0400
From: Roger Dingledine <arma@mit.edu>
To: tor-talk@lists.torproject.org
Message-ID: <20140730074302.GB8870@moria.seul.org>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-12-10)
Subject: [tor-talk] (FWD) Tor 0.2.4.23 is released
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Here's a reminder for those of you who aren't on tor-announce to be on it.

--Roger

----- Forwarded message from Roger Dingledine <arma@mit.edu> -----

Date: Wed, 30 Jul 2014 03:42:20 -0400
From: Roger Dingledine <arma@mit.edu>
To: tor-announce@lists.torproject.org
Subject: Tor 0.2.4.23 is released

Tor 0.2.4.23 brings us a big step closer to slowing down the risk from
guard rotation, and also backports several important fixes from the
Tor 0.2.5 alpha release series.

Changes in version 0.2.4.23 - 2014-07-28
  o Major features:
    - Clients now look at the "usecreatefast" consensus parameter to
      decide whether to use CREATE_FAST or CREATE cells for the first hop
      of their circuit. This approach can improve security on connections
      where Tor's circuit handshake is stronger than the available TLS
      connection security levels, but the tradeoff is more computational
      load on guard relays. Implements proposal 221. Resolves ticket 9386.
    - Make the number of entry guards configurable via a new
      NumEntryGuards consensus parameter, and the number of directory
      guards configurable via a new NumDirectoryGuards consensus
      parameter. Implements ticket 12688.

  o Major bugfixes:
    - Fix a bug in the bounds-checking in the 32-bit curve25519-donna
      implementation that caused incorrect results on 32-bit
      implementations when certain malformed inputs were used along with
      a small class of private ntor keys. This bug does not currently
      appear to allow an attacker to learn private keys or impersonate a
      Tor server, but it could provide a means to distinguish 32-bit Tor
      implementations from 64-bit Tor implementations. Fixes bug 12694;
      bugfix on 0.2.4.8-alpha. Bug found by Robert Ransom; fix from
      Adam Langley.

  o Minor bugfixes:
    - Warn and drop the circuit if we receive an inbound 'relay early'
      cell. Those used to be normal to receive on hidden service circuits
      due to bug 1038, but the buggy Tor versions are long gone from
      the network so we can afford to resume watching for them. Resolves
      the rest of bug 1038; bugfix on 0.2.1.19.
    - Correct a confusing error message when trying to extend a circuit
      via the control protocol but we don't know a descriptor or
      microdescriptor for one of the specified relays. Fixes bug 12718;
      bugfix on 0.2.3.1-alpha.
    - Avoid an illegal read from stack when initializing the TLS module
      using a version of OpenSSL without all of the ciphers used by the
      v2 link handshake. Fixes bug 12227; bugfix on 0.2.4.8-alpha. Found
      by "starlight".

  o Minor features:
    - Update geoip and geoip6 to the July 10 2014 Maxmind GeoLite2
      Country database.

----- End forwarded message -----

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

