security fixes

Tor 0.2.1.11-alpha finishes fixing the "if your Tor is off for a week it
will take a long time to bootstrap again" bug. It also fixes an important
security-related bug reported by Ilja van Sprundel. You should upgrade.
(We'll send out more details about the bug once people have had some
time to upgrade.)

https://www.torproject.org/download.html.en

Changes in version 0.2.1.11-alpha - 2009-01-20
Security fixes:

• Fix a heap-corruption bug that may be remotely triggerable on
  some platforms. Reported by Ilja van Sprundel.

Major bugfixes:

• Discard router descriptors as we load them if they are more than
  five days old. Otherwise if Tor is off for a long time and then
  starts with cached descriptors, it will try to use the onion
  keys in those obsolete descriptors when building circuits. Bugfix
  on 0.2.0.x. Fixes bug 887.

Minor features: read more »

Tor 0.2.1.9-alpha fixes many more bugs, some of them security-related.

https://www.torproject.org/download.html.en

Changes in version 0.2.1.9-alpha - 2008-12-25
New directory authorities:

• gabelmoo (the authority run by Karsten Loesing) now has a new
  IP address.

Security fixes:

• Never use a connection with a mismatched address to extend a
  circuit, unless that connection is canonical. A canonical
  connection is one whose address is authenticated by the router's
  identity key, either in a NETINFO cell or in a router descriptor.
• Avoid a possible memory corruption bug when receiving hidden service
  descriptors. Bugfix on 0.2.1.6-alpha.

Major bugfixes: read more »

Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu packages
(and maybe other packages) noticed by Theo de Raadt, fixes a smaller
security flaw that might allow an attacker to access local services,
further improves hidden service performance, and fixes a variety of
other issues.

https://www.torproject.org/download.html

Or use our new https://www.torproject.org/easy-download page. read more »

Changes in version 0.2.0.32 - 2008-11-20
Security fixes:

• The "User" and "Group" config options did not clear the
  supplementary group entries for the Tor process. The "User" option
  is now more robust, and we now set the groups to the specified
  user's primary group. The "Group" option is now ignored. For more
  detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
  in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
  and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
• The "ClientDNSRejectInternalAddresses" config option wasn't being
  consistently obeyed: if an exit relay refuses a stream because its
  exit policy doesn't allow it, we would remember what IP address
  the relay said the destination address resolves to, even if it's
  an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.

Major bugfixes:

• Fix a DOS opportunity during the voting signature collection process
  at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.

Major bugfixes (hidden services):

• When fetching v0 and v2 rendezvous service descriptors in parallel,
  we were failing the whole hidden service request when the v0
  descriptor fetch fails, even if the v2 fetch is still pending and
  might succeed. Similarly, if the last v2 fetch fails, we were
  failing the whole hidden service request even if a v0 fetch is
  still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.