mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-16 14:03:00 +02:00
9446956679
Changes in version 0.4.8.9 - 2023-11-09
This is another security release fixing a high severity bug affecting onion
services which is tracked by TROVE-2023-006. We are also releasing a guard
major bugfix as well. If you are an onion service operator, we strongly
recommend to update as soon as possible.
o Major bugfixes (guard usage):
- When Tor excluded a guard due to temporary circuit restrictions,
it considered *additional* primary guards for potential usage by
that circuit. This could result in more than the specified number
of guards (currently 2) being used, long-term, by the tor client.
This could happen when a Guard was also selected as an Exit node,
but it was exacerbated by the Conflux guard restrictions. Both
instances have been fixed. Fixes bug 40876; bugfix
on 0.3.0.1-alpha.
o Major bugfixes (onion service, TROVE-2023-006):
- Fix a possible hard assert on a NULL pointer when recording a
failed rendezvous circuit on the service side for the MetricsPort.
Fixes bug 40883; bugfix on 0.4.8.1-alpha
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 09, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/09.
Changes in version 0.4.8.8 - 2023-11-03
We are releasing today a fix for a high security issue, TROVE-2023-004, that
is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
as soon as posssible.
o Major bugfixes (TROVE-2023-004, relay):
- Mitigate an issue when Tor compiled with OpenSSL can crash during
handshake with a remote relay. Fixes bug 40874; bugfix
on 0.2.7.2-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 03, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/03.
o Minor bugfixes (directory authority):
- Look at the network parameter "maxunmeasuredbw" with the correct
spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
o Minor bugfixes (vanguards addon support):
- Count the conflux linked cell as valid when it is successfully
processed. This will quiet a spurious warn in the vanguards addon.
Fixes bug 40878; bugfix on 0.4.8.1-alpha.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
IPFire 2.x - The Open Source Firewall
What is IPFire?
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Its ease of use, high performance in any scenario and extensibility make it usable for everyone. For a full list of features have a look here.
This repository contains the source code of IPFire 2.x which is used to build the whole distribution from scratch, since IPFire is not based on any other distribution.
Where can I get IPFire?
Just head over to https://www.ipfire.org/download
How do I use this software?
We have a long and detailed wiki located here which should answers most of your questions.
But I have some questions left. Where can I get support?
You can ask your question at our community located here. A complete list of our support channels can be found here.
How can I contribute?
We have another document for this. Please look here.