security fixes

Tor 0.2.1.11-alpha released

Tor 0.2.1.11-alpha finishes fixing the "if your Tor is off for a week it
will take a long time to bootstrap again" bug. It also fixes an important
security-related bug reported by Ilja van Sprundel. You should upgrade.
(We'll send out more details about the bug once people have had some
time to upgrade.)

https://www.torproject.org/download.html.en

Changes in version 0.2.1.11-alpha - 2009-01-20
Security fixes:

  • Fix a heap-corruption bug that may be remotely triggerable on
    some platforms. Reported by Ilja van Sprundel.

Major bugfixes:

  • Discard router descriptors as we load them if they are more than
    five days old. Otherwise if Tor is off for a long time and then
    starts with cached descriptors, it will try to use the onion
    keys in those obsolete descriptors when building circuits. Bugfix
    on 0.2.0.x. Fixes bug 887.

Minor features: read more »

Tor 0.2.1.9-alpha released

Tor 0.2.1.9-alpha fixes many more bugs, some of them security-related.

https://www.torproject.org/download.html.en

Changes in version 0.2.1.9-alpha - 2008-12-25
New directory authorities:

  • gabelmoo (the authority run by Karsten Loesing) now has a new
    IP address.

Security fixes:

  • Never use a connection with a mismatched address to extend a
    circuit, unless that connection is canonical. A canonical
    connection is one whose address is authenticated by the router's
    identity key, either in a NETINFO cell or in a router descriptor.
  • Avoid a possible memory corruption bug when receiving hidden service
    descriptors. Bugfix on 0.2.1.6-alpha.

Major bugfixes: read more »

Tor 0.2.0.32 Released

Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu packages
(and maybe other packages) noticed by Theo de Raadt, fixes a smaller
security flaw that might allow an attacker to access local services,
further improves hidden service performance, and fixes a variety of
other issues.

https://www.torproject.org/download.html

Or use our new https://www.torproject.org/easy-download page. read more »

Changes in version 0.2.0.32 - 2008-11-20
Security fixes:

  • The "User" and "Group" config options did not clear the
    supplementary group entries for the Tor process. The "User" option
    is now more robust, and we now set the groups to the specified
    user's primary group. The "Group" option is now ignored. For more
    detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
    in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
    and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
  • The "ClientDNSRejectInternalAddresses" config option wasn't being
    consistently obeyed: if an exit relay refuses a stream because its
    exit policy doesn't allow it, we would remember what IP address
    the relay said the destination address resolves to, even if it's
    an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.

Major bugfixes:

  • Fix a DOS opportunity during the voting signature collection process
    at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.

Major bugfixes (hidden services):

  • When fetching v0 and v2 rendezvous service descriptors in parallel,
    we were failing the whole hidden service request when the v0
    descriptor fetch fails, even if the v2 fetch is still pending and
    might succeed. Similarly, if the last v2 fetch fails, we were
    failing the whole hidden service request even if a v0 fetch is
    still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.
Syndicate content