tor-announce

tor-announce@lists.torproject.org

264 discussions

Urgent: Release 0.4.5.14, 0.4.6.12 and 0.4.7.10
by David Goulet 12 Aug '22

12 Aug '22

Greetings, We had to do an emergency release due to an IPFire GeoIP database bug they informed us about. Announcement: https://forum.torproject.net/t/urgent-stable-release-0-4-5-14-0-4-6-12-and-… Dear packagers, sorry about the inconvenience but we had no choice. ChangeLog below. Cheers! David Changes in version 0.4.7.10 - 2022-08-12 This version updates the geoip cache that we generate from IPFire location database to use the August 9th, 2022 one. Everyone MUST update to this latest release else circuit path selection and relay metrics are badly affected. o Major bugfixes (geoip data): - IPFire informed us on August 12th that databases generated after (including) August 10th did not have proper ARIN network allocations. We are updating the database to use the one generated on August 9th, 2022. Fixes bug 40658; bugfix on 0.4.7.9. -- 3CBm2Bbvakv+fCJGDKJrAZGUoUfOOQOqR7XrrPOT9n8=

1 0

Tor stable release 0.4.5.13, 0.4.6.11 and 0.4.7.9
by David Goulet 11 Aug '22

11 Aug '22

Greetings, We just released 3 new stable versions which, in part, will help with the ongoing DoS attack on the network. Announcement: https://forum.torproject.net/t/stable-release-0-4-5-13-0-4-6-11-and-0-4-7-9… We strongly urge everyone to upgrade to the latest stable! Also, this is the very last release of the 0.4.6.x series as it is end of life since August 1st 2022. Below is the ChangeLog for all 3 versions Cheers! David -- Changes in version 0.4.7.9 - 2022-08-11 This version contains several major fixes aimed at reducing memory pressure on relays and possible side-channel. It also contains a major bugfix related to congestion control also aimed at reducing memory pressure on relays. Finally, there is last one major bugfix related to Vanguard L2 layer node selection. We strongly recommend to upgrade to this version especially for Exit relays in order to help the network defend against this ongoing DDoS. o Major bugfixes (congestion control): - Implement RFC3742 Limited Slow Start. Congestion control was overshooting the congestion window during slow start, particularly for onion service activity. With this fix, we now update the congestion window more often during slow start, as well as dampen the exponential growth when the congestion window grows above a capping parameter. This should reduce the memory increases guard relays were seeing, as well as allow us to set lower queue limits to defend against ongoing DoS attacks. Fixes bug 40642; bugfix on 0.4.7.5-alpha. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Major bugfixes (vanguards): - We had omitted some checks for whether our vanguards (second layer guards from proposal 333) overlapped. Now make sure to pick each of them to be independent. Also, change the design to allow them to come from the same family. Fixes bug 40639; bugfix on 0.4.7.1-alpha. o Minor features (dirauth): - Add a torrc option to control the Guard flag bandwidth threshold percentile. Closes ticket 40652. - Add an AuthDirVoteGuard torrc option that can allow authorities to assign the Guard flag to the given fingerprints/country code/IPs. This is a needed feature mostly for defense purposes in case a DoS hits the network and relay start losing the Guard flags too fast. - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable from torrc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor bugfixes (congestion control): - Add a check for an integer underflow condition that might happen in cases where the system clock is stopped, the ORconn is blocked, and the endpoint sends more than a congestion window worth of non- data control cells at once. This would cause a large congestion window to be calculated instead of a small one. No security impact. Fixes bug 40644; bugfix on 0.4.7.5-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. Changes in version 0.4.6.11 - 2022-08-11 This version contains two major fixes aimed at reducing memory pressure on relays and possible side-channel. The rest of the fixes were backported for stability or safety purposes. This is the very LAST version of this series. As of August 1st 2022, it is end-of-life (EOL). We thus strongly recommend to upgrade to the latest stable of the 0.4.7.x series. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor features (linux seccomp2 sandbox): - Permit the clone3 syscall, which is apparently used in glibc-2.34 and later. Closes ticket 40590. o Minor bugfixes (controller, path bias): - When a circuit's path is specified, in full or in part, from the controller API, do not count that circuit towards our path-bias calculations. (Doing so was incorrect, since we cannot tell whether the controller is selecting relays randomly.) Resolves a "Bug" warning. Fixes bug 40515; bugfix on 0.2.4.10-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (metrics port, onion service): - The MetricsPort line for an onion service with multiple ports are now unique that is one line per port. Before this, all ports of an onion service would be on the same line which violates the Prometheus rules of unique labels. Fixes bug 40581; bugfix on 0.4.5.1-alpha. o Minor bugfixes (onion service, client): - Fix a fatal assert due to a guard subsystem recursion triggered by the onion service client. Fixes bug 40579; bugfix on 0.3.5.1-alpha. o Minor bugfixes (performance, DoS): - Fix one case of a not-especially viable denial-of-service attack found by OSS-Fuzz in our consensus-diff parsing code. This attack causes a lot small of memory allocations and then immediately frees them: this is only slow when running with all the sanitizers enabled. Fixes one case of bug 40472; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. Changes in version 0.4.5.13 - 2022-08-11 This version contains two major fixes aimed at reducing memory pressure on relays and possible side-channel. The rest of the fixes were backported for stability or safety purposes. We strongly recommend to upgrade your relay to this version or, ideally, to the latest stable of the 0.4.7.x series. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor features (linux seccomp2 sandbox): - Permit the clone3 syscall, which is apparently used in glibc-2.34 and later. Closes ticket 40590. o Minor bugfixes (controller, path bias): - When a circuit's path is specified, in full or in part, from the controller API, do not count that circuit towards our path-bias calculations. (Doing so was incorrect, since we cannot tell whether the controller is selecting relays randomly.) Resolves a "Bug" warning. Fixes bug 40515; bugfix on 0.2.4.10-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (metrics port, onion service): - The MetricsPort line for an onion service with multiple ports are now unique that is one line per port. Before this, all ports of an onion service would be on the same line which violates the Prometheus rules of unique labels. Fixes bug 40581; bugfix on 0.4.5.1-alpha. o Minor bugfixes (onion service, client): - Fix a fatal assert due to a guard subsystem recursion triggered by the onion service client. Fixes bug 40579; bugfix on 0.3.5.1-alpha. o Minor bugfixes (performance, DoS): - Fix one case of a not-especially viable denial-of-service attack found by OSS-Fuzz in our consensus-diff parsing code. This attack causes a lot small of memory allocations and then immediately frees them: this is only slow when running with all the sanitizers enabled. Fixes one case of bug 40472; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. -- m2jOdc71eksaeTawBhtVwkp+r1hg+dcgIW1GrSON+pY=

1 0

Tor stable release 0.4.7.8 - Security Fix
by David Goulet 17 Jun '22

17 Jun '22

Hello everyone! We have released tor 0.4.7.8 earlier today, a new stable version for the 0.4.7.x series containing an important High severity security fix. The affected tor are only those of the 0.4.7.x series as in from tor-0.4.7.1-alpha to tor-0.4.7.7. https://forum.torproject.net/t/stable-release-0-4-7-8/3679 As stated in the announcement (link above), we strongly recommend that everyone upgrades to 0.4.7.8. Packages are being updated and released for OS distributions so keep an eye out! Our beloved packagers are hard at work! Also, I will repeat it here, the security issue is categorized as a Denial of Service so it is not affecting the security of the host machine running "tor". Nevertheless, again, we strongly encourage you to upgrade. Here is the ChangeLog for this version: Changes in version 0.4.7.8 - 2022-06-17 This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version should upgrade to this version. o Major bugfixes (congestion control, TROVE-2022-001): - Fix a scenario where RTT estimation can become wedged, seriously degrading congestion control performance on all circuits. This impacts clients, onion services, and relays, and can be triggered remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes bug 40626; bugfix on 0.4.7.5-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on June 17, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/06/17. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (logging): - Demote a harmless warn log message about finding a second hop to from warn level to info level, if we do not have enough descriptors yet. Leave it at notice level for other cases. Fixes bug 40603; bugfix on 0.4.7.1-alpha. - Demote a notice log message about "Unexpected path length" to info level. These cases seem to happen arbitrarily, and we likely will never find all of them before the switch to arti. Fixes bug 40612; bugfix on 0.4.7.5-alpha. o Minor bugfixes (relay, logging): - Demote a harmless XOFF log message to from notice level to info level. Fixes bug 40620; bugfix on 0.4.7.5-alpha. Cheers! David -- 2T22ifd4rhYVbSbjDNppIEIrp1Iz0lnUkfbKzkbn8s4=

1 0

Network Team - New Support and Release Policy
by David Goulet 11 May '22

11 May '22

Greetings everyone! This is, for now, the last policy change from the network team after the Deprecating C Patches policy from couple days ago[0]. However, this one has a bit more impact especially on the relay operators and thus the network. We are changing the C-tor support and release policy which essentially changes "for how long" we will maintain stable releases. This will particularly affect relay operators that are using the tor stable package of their OS distribution. It is very important to use a more "current" update channel like deb.torproject.org for Debian/Ubuntu. As for BSDs, since they have a faster stable release cycle, keeping the OS updated should help getting the latest stable of tor. Here is the new policy: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/SupportPoli… There are lots of changes but three in particular are worth highlighting and explaining: 1. No More LTS Apart from being a burden because in part due to backports complexity, they are actually a bit of a problem on the relay side with regards to the network itself. We need an healthy network and that implies, in part, to have up to date relays. Both for security reasons, but also to take advantage of the new features and defenses we roll out in the latest stable releases. We are currently suffering around 3 years upgrade path due to LTS versions that lingers in the stable OS distributions (Debian, Ubuntu, ...) for a long time. Tor is in a constant arms race against powerful adversaries, evolving technologies and resource restrictions. Fast network upgrades is instrumental to keep us in this race and provide the best security and anonymity for our users. 2. Drop the 6 months fixed stable release With 0.4.7.x series, we needed more time to roll out a version that we were satisfied with quality-wise due to not only its awesomness and complexity but because we had less people to work on the C implementation of Tor than before (some engineering power shifted to Arti development). It lead to having a much better and thoroughly tested tor without having an intermediary release with half backed features forcing us to maintain for months while being a torn in the network foot. 3. Faster End-Of-Life Path We will now only support for 3 months the previous stable once a new stable comes out. In other words, a stable version is maintained until a new stable is released plus 3 months to the date. This will also make our rejection of EOL relays from the network faster tying this to the importance of the network health with updated relays. These changes also fall into our overall efforts to shift our resources towards arti development. C-tor is not going away anytime soon, we are simply slowing down its development pace. Please, don't hesitate to ask questions and comments. We know this might not be ideal for everyone but we believe this is the best route to the sustainability of C-tor, health of the network and security for our users. Cheers! Network Team [0] https://lists.torproject.org/pipermail/tor-dev/2022-May/014731.html -- G1nLmyQttfczv2rHXvhgktvgPessxMCOKSOe/VwGY/Y=

1 0

[RELEASE] Tor stable release 0.4.7.7
by David Goulet 27 Apr '22

27 Apr '22

Greetings, We have just released the first stable version of the 0.4.7.x series. https://forum.torproject.net/t/stable-release-0-4-7-7/3108 As stated on the Forum (link above), we would like to ask all packagers to package this version as soon as possible so Exit relay operators can start upgrading in order to bring congestion control to the network. Thanks a lot for your work and help! :) The 0.4.7.7 release notes contains the all changes contained in 0.4.7: https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes The ChangeLog since the release candidate is below (pretty small): o Minor features (fallbackdir): - Regenerate fallback directories generated on April 27, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/04/27. o Minor bugfixes (congestion control, client side logs): - Demote a warn about 1-hop circuits using congestion control down to info; Demote the 4-hop case to notice. Fixes bug 40598; bugfix on 0.4.5-alpha. Cheers! David -- L+ZaVoe4gUF+iKYet2Q0wR/cgOp+HaFTqV4sVyM314M=

1 0

[RELEASE] Tor 0.4.7.6-rc
by David Goulet 07 Apr '22

07 Apr '22

Greetings, We've just released the first 0.4.7.x release candidate: https://forum.torproject.net/t/release-0-4-7-6-rc/2889 Changes in version 0.4.7.6-rc - 2022-04-07 This is the first release candidate of the 0.4.7.x series. Only one minor bugfix went in since the last alpha couple weeks ago. We strongly recommend anyone running an alpha version to upgrade to this version. Unless major problems are found, the next release will finally be the stable! o Minor features (fallbackdir): - Regenerate fallback directories generated on April 07, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/04/07. o Minor features (linux seccomp2 sandbox): - Permit the clone3 syscall, which is apparently used in glibc-2.34 and later. Closes ticket 40590. Cheers! David -- pICMPlTWKktlCkIv3Hh37RGfrVPd/9zhpvf94Oq3ooA=

1 0

[RELEASE] Tor 0.4.7.5-alpha
by David Goulet 25 Mar '22

25 Mar '22

Greetings, We've just released tor 0.4.7.5-alpha. ChangeLog is below. https://forum.torproject.net/t/release-0-4-7-5-alpha/2744 Cheers! David Changes in version 0.4.7.5-alpha - 2022-03-25 This version contains, of what we hope, the final work for congestion control paving the way to the stable version. We expect this to be the last alpha version of the 0.4.7.x series. Mostly minor bugfixes except one major bugfix that changes how Tor behaves with DNS timeouts for Exit relays. As always with an alpha, we recommend all relay operators to upgrade from previous alpha to this one. o Major bugfixes (onion service, congestion control): - Fix the onion service upload case where the congestion control parameters were not added to the right object. Fixes bug 40586; bugfix on 0.4.7.4-alpha. o Major bugfixes (relay, DNS): - Lower the DNS timeout from 3 attempts at 5 seconds each to 2 attempts at 1 seconds each. Two new consensus parameters were added to control these values. This change should improve observed performance under DNS load; see ticket for more details. Fixes bug 40312; bugfix on 0.3.5.1-alpha. o Minor features (control port): - Provide congestion control fields on CIRC_BW and STREAM control port events, for use by sbws. Closes ticket 40568. o Minor features (fallbackdir): - Regenerate fallback directories generated on March 25, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/03/25. o Minor bugfixes (DNSPort, dormant mode): - A request on the DNSPort now wakes up a dormant tor. Fixes bug 40577; bugfix on 0.3.5.1-alpha. o Minor bugfixes (metrics port, onion service): - Fix the metrics with a port label to be unique. Before this, all ports of an onion service would be on the same line which violates the Prometheus rules of unique labels. Fixes bug 40581; bugfix on 0.4.5.1-alpha. o Minor bugfixes (onion service congestion control): - Avoid a non-fatal assertion failure in the case where we fail to set up congestion control on a rendezvous circuit. This could happen naturally if a cache entry expired at an unexpected time. Fixes bug 40576; bugfix on 0.4.7.4-alpha. o Minor bugfixes (onion service, client): - Fix a rare but fatal assertion failure due to a guard subsystem recursion triggered by the onion service client. Fixes bug 40579; bugfix on 0.3.5.1-alpha. o Minor bugfixes (relay, overload): - Decide whether to signal overload based on a fraction and assessment period of ntor handshake drops. Previously, a single drop could trigger an overload state, which caused many false positives. Fixes bug 40560; bugfix on 0.4.7.1-alpha. -- kru8pKXbe2FhypfeM2WSbi8Pd7ZzkaybuvJFT4nvawQ=

1 0

[RELEASE] Tor 0.4.7.4-alpha
by David Goulet 25 Feb '22

25 Feb '22

Greetings, We've just released tor 0.4.7.4-alpha. ChangeLog is below. https://forum.torproject.net/t/release-0-4-7-4-alpha/2300 Cheers! David Changes in version 0.4.7.4-alpha - 2022-02-25 This version contains the negotiation congestion control work which is the final part needed before going stable. There are also various bugfixes including two major ones detailed below. Last, the Exit notice page layout has been modernized but the text is unchanged. We recommend that all relay operators running any previous alpha upgrade to this one. o Major features (relay, client, onion services): - Implement RTT-based congestion control for exits and onion services, from Proposal 324. Disabled by default. Enabled by the 'cc_alg' consensus parameter. Closes ticket 40444. o Major bugfixes (client): - Stop caching TCP connect failures to relays/bridges when we initiated the connection as a client. Now we only cache connect failures as a relay or bridge when we initiated them because of an EXTEND request. Declining to re-attempt the client-based connections could cause problems when we lose connectivity and try to reconnect. Fixes bug 40499; bugfix on 0.3.3.4-alpha. o Major bugfixes (relay, overload): - Do not trigger a general overload on DNS timeout. Even after fixing 40527, some code remained that triggered the overload. Fixes bug 40564; bugfix on 0.4.7.1-alpha. o Minor feature (authority, relay): - Reject End-Of-Life relays running version 0.3.5.x. Closes ticket 40559. o Minor features (fallbackdir): - Regenerate fallback directories generated on February 25, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/02/25. o Minor bugfix (logging): - Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on 0.3.5.1-alpha. o Minor bugfix (relay): - Remove the HSDir and HSIntro onion service v2 protocol versions so relay stop advertising that they support them. Fixes bug 40509; bugfix on 0.3.5.17. o Minor bugfixes (cell scheduling): - Avoid writing empty payload with NSS write. - Don't attempt to write 0 bytes after a cell scheduling loop. No empty payload was put on the wire. Fixes bug 40548; bugfix on 0.3.5.1-alpha. o Minor bugfixes (compilation): - Resume being able to build on old / esoteric gcc versions. Fixes bug 40550; bugfix on 0.4.7.1-alpha. o Minor bugfixes (compiler warnings): - Fix couple compiler warnings on latest Ubuntu Jammy. Fixes bug 40516; bugfix on 0.3.5.1-alpha. o Documentation: - Provide an improved version of the tor-exit-notice.html file for exit relays to use as a landing page. The text is unchanged, but the page design and layout are significantly modernized, and several links are fixed. Patch from "n_user"; closes ticket 40529. -- mS/QhxKfrcPEBE2kKmo6rbgvCB0PCapOMqhxmGoxMc8=

1 0

[RELEASE] Tor 0.4.5.12 and 0.4.6.10
by David Goulet 04 Feb '22

04 Feb '22

Greetings, We just released 0.4.5.12 and 0.4.6.10: https://forum.torproject.net/t/release-0-4-5-12-and-0-4-6-10/2024 Changelog below. Cheers! David Changes in version 0.4.5.12 - 2022-02-04 This version contains mostly minor bugfixes for which you can find the details below. The previous release (0.4.5.11) was suppose to update the GeoIP and fallbackdir lists but a problem in our release pipeline prevented those files to be updated correctly. Thus, this release regenerates up to date lists. Furthermore, another fix to highlight is that relays don't advertise onion service v2 support at the protocol version level. o Minor feature (reproducible build): - The repository can now build reproducible tarballs which adds the build command "make dist-reprod" for that purpose. Closes ticket 26299. o Minor features (compilation): - Give an error message if trying to build with a version of LibreSSL known not to work with Tor. (There's an incompatibility with LibreSSL versions 3.2.1 through 3.4.0 inclusive because of their incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.) Closes ticket 40511. o Minor features (fallbackdir): - Regenerate fallback directories generated on February 04, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/02/04. o Minor bugfix (logging): - Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on 0.3.5.1-alpha. o Minor bugfix (relay): - Remove the HSDir and HSIntro onion service v2 protocol versions so relay stop advertising that they support them. Fixes bug 40509; bugfix on 0.3.5.17. o Minor bugfixes (compilation): - Fix a compilation error when trying to build Tor with a compiler that does not support expanding statitically initialized const values in macro's. Fixes bug 40410; bugfix on 0.4.5.1-alpha - Fix our configuration logic to detect whether we had OpenSSL 3: previously, our logic was reversed. This has no other effect than to change whether we suppress deprecated API warnings. Fixes bug 40429; bugfix on 0.3.5.13. o Minor bugfixes (MetricsPort, Prometheus): - Add double quotes to the label values of the onion service metrics. Fixes bug 40552; bugfix on 0.4.5.1-alpha. o Minor bugfixes (relay): - Reject IPv6-only DirPorts. Our reachability self-test forces DirPorts to be IPv4, but our configuration parser allowed them to be IPv6-only, which led to an assertion failure. Fixes bug 40494; bugfix on 0.4.5.1-alpha. Changes in version 0.4.6.10 - 2022-02-04 This version contains minor bugfixes but one in particular is that relays don't advertise onion service v2 support at the protocol version level. o Minor features (fallbackdir): - Regenerate fallback directories generated on February 04, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/02/04. o Minor bugfix (logging): - Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on 0.3.5.1-alpha. o Minor bugfix (relay): - Remove the HSDir and HSIntro onion service v2 protocol versions so relay stop advertising that they support them. Fixes bug 40509; bugfix on 0.3.5.17. o Minor bugfixes (MetricsPort, Prometheus): - Add double quotes to the label values of the onion service metrics. Fixes bug 40552; bugfix on 0.4.5.1-alpha. -- CqvhezRRA7YQ69pWBQW0JgqXqRwwcdWriEpwTbfRbU4=

1 0

[RELEASE] Tor 0.3.5.18
by David Goulet 24 Jan '22

24 Jan '22

Greetings! We just released 0.3.5.18. You can find out about it here: https://forum.torproject.net/t/release-0-3-5-18/1871 It is the last release of the 0.3.5.x series because it is reaching end-of-life in 7 days. Download at: https://dist.torproject.org Inline ChangeLog: Changes in version 0.3.5.18 - 2022-01-24 This is the very last version of the 0.3.5.x series as it is end of life on February 1st, 2022. This version fixes some minor bugs including a build warning about LibreSSL incompatibility with OpenSSL TLSv1.3. Godspeed 0.3.5, we won't miss you. o Minor feature (reproducible build): - The repository can now build reproducible tarballs which adds the build command "make dist-reprod" for that purpose. Closes ticket 26299. o Minor features (compilation): - Give an error message if trying to build with a version of LibreSSL known not to work with Tor. (There's an incompatibility with LibreSSL versions 3.2.1 through 3.4.0 inclusive because of their incompatibility with OpenSSL 1.1.1's TLSv1.3 APIs.) Closes ticket 40511. o Minor bugfix (logging): - Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on 0.3.5.1-alpha. o Minor bugfix (relay): - Remove the HSDir and HSIntro onion service v2 protocol versions so relay stop advertising that they support them. Fixes bug 40509; bugfix on 0.3.5.17. o Minor bugfixes (compilation): - Fix our configuration logic to detect whether we had OpenSSL 3: previously, our logic was reversed. This has no other effect than to change whether we suppress deprecated API warnings. Fixes bug 40429; bugfix on 0.3.5.13. Cheers! David -- 3obTrBY9FLhQsK4/YufSTiyO7ERRvmLFjMaVvocpZfQ=

1 0

← Newer
1
...
8
9
10
11
12
13
14
...
27
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-announce