bug fixes

Vidalia 0.2.2 is released. It addresses an issue with openssl which causes the geoip lookups to fail on various versions of Windows. It also switches from the Nullsoft Installer to the Microsoft System Installer for better compatibility with Microsoft Windows.

There are now separate Apple OS X builds, one for PowerPC architectures and one for i386 architectures. No more Universal binary bloat to download.

The changes are: read more »

• When the user clicks "Browse" in the Advanced settings page to locate
  a new torrc, set the initial directory shown in the file dialog to the
  current location of the user's torrc. (Ticket #505)
• Use 'ditto' to strip the architectures we don't want from the Qt
  frameworks installed into the app bundle with the dist-osx,
  dist-osx-bundle and dist-osx-split-bundle build targets.
• Fix a bug in the CMakeLists.txt files for ts2po and po2ts that caused
  build errors on Panther for those two tools.

New releases

On July 8th, we released Vidalia 0.1.15..

On July 8th, we updated the Tor 0.2.0.35-stable bundles with the new Vidalia to fix an ssl issue and the Firefox Torbutton extension installation for OS X users.

On July 8th, we released Tor 0.2.1.17-rc.

Tor Browser Bundle 1.2.3 was released on July 8, 2009.
TBB 1.2.3 was replaced by 1.2.4 on July 11, 2009
TBB 1.2.5 was released on July 25th. It solely included an update to Tor 0.2.1.18 . read more »

Tor 0.2.1.18 lays the foundations for performance improvements, adds
status events to help users diagnose bootstrap problems, adds optional
authentication/authorization for hidden services, fixes a variety of
potential anonymity problems, and includes a huge pile of other features
and bug fixes.

Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
services.

https://www.torproject.org/easy-download

Changes in version 0.2.1.19 - 2009-07-28
Major bugfixes:

• Make accessing hidden services on 0.2.1.x work right again.
  Bugfix on 0.2.1.3-alpha; workaround for bug 1038. Diagnosis and
  part of patch provided by "optimist".

Minor features:

• When a relay/bridge is writing out its identity key fingerprint to
  the "fingerprint" file and to its logs, write it without spaces. Now
  it will look like the fingerprints in our bridges documentation, read more »

Tor Browser Bundle 1.2.3 was released on July 8, 2009. It contains the following changes:

• Update Vidalia to 0.1.14
• Update Tor to 0.2.1.17-rc
• Update Pidgin to 2.5.8

TBB 1.2.3 was replaced by 1.2.4 on July 11, 2009 to include:

• Include libeay32.dll from OpenSSL 0.9.8k to make QT happy
• Update Vidalia to 0.1.15

TBB 1.2.4 is available at https://torproject.org/torbrowser.

Tor 0.2.1.17-rc marks the fourth -- and hopefully last -- release
candidate for the 0.2.1.x series. It lays the groundwork for further
client performance improvements, and also fixes a big bug with directory
authorities that were causing them to assign Guard and Stable flags
poorly.

The Windows bundles also finally include the geoip database that we
thought we'd been shipping since 0.2.0.x (oops), and the OS X bundles
should actually install Torbutton rather than giving you a cryptic
failure message (oops).

This is a release candidate! That means that we don't know of any
remaining show-stopping bugs, and 0.2.1.18 will be the new stable if
there are no problems. Please test it, and tell us about any problems
that you find.

https://www.torproject.org/download

Changes in version 0.2.1.17-rc - 2009-07-02
Major features: read more »

• Clients now use the bandwidth values in the consensus, rather than
  

Tor 0.2.0.35 fixes a big bug that was causing Tor relays with dynamic
IP addresses to disappear from the network. It also fixes a rare crash
bug on fast exit relays.

https://www.torproject.org/easy-download

Changes in version 0.2.0.35 - 2009-06-24
Security fix:

• Avoid crashing in the presence of certain malformed descriptors.
  Found by lark, and by automated fuzzing.
• Fix an edge case where a malicious exit relay could convince a
  controller that the client's DNS question resolves to an internal IP
  address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.

Major bugfixes:

• Finally fix the bug where dynamic-IP relays disappear when their
  IP address changes: directory mirrors were mistakenly telling
  them their old address if they asked via begin_dir, so they
  never got an accurate answer about their new address, so they read more »

Tor 0.2.1.16-rc speeds up performance for fast exit relays, and fixes
a bunch of minor bugs.

https://www.torproject.org/download

Changes in version 0.2.1.16-rc - 2009-06-20
Security fixes:

• Fix an edge case where a malicious exit relay could convince a
  controller that the client's DNS question resolves to an internal IP
  address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.

Major performance improvements (on 0.2.0.x):

• Disable and refactor some debugging checks that forced a linear scan
  over the whole server-side DNS cache. These accounted for over 50%
  of CPU time on a relatively busy exit node's gprof profile. Found
  by Jacob.
• Disable some debugging checks that appeared in exit node profile
  data.

Minor features: read more »

• Update to the "June 3 2009" ip-to-country file.

Tor Browser Bundle 1.2.1 is released. The major changes are:

• changes to Firefox to stop scanning for plugins such as Java, Windows Media, etc. These were disabled by torbutton, but still showed up in Firefox. More work will continue on this task
• Include OpenSSL dll (ssleay32.dll) so we're not relying upon the system ssl dll. This should fix Vidalia errors relating to ssl differences.

The official changelog is:

• Better updates to Firefox to stop scanning for plugins on start
• Update Pidgin to 2.5.6r2
• Update Firefox to 3.0.11
• Include OpenSSL 0.9.8k DLL and stop using the system ssl dll
• Update Tor to 0.2.1.16-rc

In continuing to improve TBB for a vast array of users, here's the release candidate for Tor Browser Bundle 1.2.1.

I appreciate your feedback, comments, and bugs filed so far about TBB 1.2.1-dev.

You can find here the updated TBB 1.2.1-1-dev, sig, and sha1 files.

The changes since the last test are:

• Update Pidgin to 2.5.6r2
• Update Firefox to 3.0.11
• Include OpenSSL 0.9.8k DLL and stop using the system ssl dll

Tor 0.2.1.15-rc marks the second release candidate for the 0.2.1.x
series. It fixes a major bug on fast exit relays, as well as a variety
of more minor bugs.

This is a release candidate! That means that we don't know of any
remaining show-stopping bugs, and this will become the new stable if
there are no problems. Please test it, and tell us about any problems
that you find. read more »