security fixes

Tor 0.2.0.34-stable released

Tor 0.2.0.34 features several more security-related fixes. You
should upgrade, especially if you run an exit relay (remote crash) or
a directory authority (remote infinite loop), or you're on an older
(pre-XP) or not-recently-patched Windows (remote exploit).

This release marks end-of-life for Tor 0.1.2.x. Those Tor versions have
many known flaws, and nobody should be using them. You should upgrade. If
you're using a Linux or BSD and its packages are obsolete, stop using
those packages and upgrade anyway.

https://www.torproject.org/download.html

Changes in version 0.2.0.34 - 2009-02-08
Security fixes: read more »

  • Fix an infinite-loop bug on handling corrupt votes under certain
          circumstances. Bugfix on 0.2.0.8-alpha.
  • Fix a temporary DoS vulnerability that could be performed by
          a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
  • Avoid a potential crash on exit nodes when processing malformed

December 2008 Progress Report

Releases
Tor 0.2.1.8-alpha (released December 8) fixes some crash bugs in earlier alpha releases, builds better on unusual platforms like Solaris and old OS X, and fixes a variety of other issues.
http://archives.seul.org/or/talk/Dec-2008/msg00129.html

Tor Browser Bundle 1.1.6 (released December 2) and 1.1.7 (released December 12) update Tor to 0.2.1.8-alpha, include a new version of Firefox, and attempt to wrestle with the "AllowMultipleInstances=false" design that could allow us to run Tor Browser Bundle alongside a normal Firefox.
https://svn.torproject.org/svn/torbrowser/trunk/README

Tor 0.2.1.9-alpha (released December 25) fixes many more bugs, some of them security-related.
http://archives.seul.org/or/talk/Jan-2009/msg00029.html

Bug fixes
Security fixes in the Tor 0.2.1.8-alpha release: read more »

Tor 0.2.0.33-stable released

Tor 0.2.0.33 fixes a variety of bugs that were making relays less useful
to users. It also finally fixes a bug where a relay or client that's
been off for many days would take a long time to bootstrap.

This update also fixes an important security-related bug reported by
Ilja van Sprundel. You should upgrade. (We'll send out more details
about the bug once people have had some time to upgrade.)

https://www.torproject.org/download.html

Changes in version 0.2.0.33 - 2009-01-21
Security fixes:

  • Fix a heap-corruption bug that may be remotely triggerable on
    some platforms. Reported by Ilja van Sprundel.

Major bugfixes:

  • When a stream at an exit relay is in state "resolving" or
    "connecting" and it receives an "end" relay cell, the exit relay
    would silently ignore the end cell and not close the stream. If
    the client never closes the circuit, then the exit relay never read more »

Tor 0.2.1.11-alpha released

Tor 0.2.1.11-alpha finishes fixing the "if your Tor is off for a week it
will take a long time to bootstrap again" bug. It also fixes an important
security-related bug reported by Ilja van Sprundel. You should upgrade.
(We'll send out more details about the bug once people have had some
time to upgrade.)

https://www.torproject.org/download.html.en

Changes in version 0.2.1.11-alpha - 2009-01-20
Security fixes:

  • Fix a heap-corruption bug that may be remotely triggerable on
    some platforms. Reported by Ilja van Sprundel.

Major bugfixes:

  • Discard router descriptors as we load them if they are more than
    five days old. Otherwise if Tor is off for a long time and then
    starts with cached descriptors, it will try to use the onion
    keys in those obsolete descriptors when building circuits. Bugfix
    on 0.2.0.x. Fixes bug 887.

Minor features: read more »

Tor 0.2.1.9-alpha released

Tor 0.2.1.9-alpha fixes many more bugs, some of them security-related.

https://www.torproject.org/download.html.en

Changes in version 0.2.1.9-alpha - 2008-12-25
New directory authorities:

  • gabelmoo (the authority run by Karsten Loesing) now has a new
    IP address.

Security fixes:

  • Never use a connection with a mismatched address to extend a
    circuit, unless that connection is canonical. A canonical
    connection is one whose address is authenticated by the router's
    identity key, either in a NETINFO cell or in a router descriptor.
  • Avoid a possible memory corruption bug when receiving hidden service
    descriptors. Bugfix on 0.2.1.6-alpha.

Major bugfixes: read more »

Tor 0.2.0.32 Released

Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu packages
(and maybe other packages) noticed by Theo de Raadt, fixes a smaller
security flaw that might allow an attacker to access local services,
further improves hidden service performance, and fixes a variety of
other issues.

https://www.torproject.org/download.html

Or use our new https://www.torproject.org/easy-download page. read more »

Changes in version 0.2.0.32 - 2008-11-20
Security fixes:

  • The "User" and "Group" config options did not clear the
    supplementary group entries for the Tor process. The "User" option
    is now more robust, and we now set the groups to the specified
    user's primary group. The "Group" option is now ignored. For more
    detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
    in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
    and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
  • The "ClientDNSRejectInternalAddresses" config option wasn't being
    consistently obeyed: if an exit relay refuses a stream because its
    exit policy doesn't allow it, we would remember what IP address
    the relay said the destination address resolves to, even if it's
    an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.

Major bugfixes:

  • Fix a DOS opportunity during the voting signature collection process
    at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.

Major bugfixes (hidden services):

  • When fetching v0 and v2 rendezvous service descriptors in parallel,
    we were failing the whole hidden service request when the v0
    descriptor fetch fails, even if the v2 fetch is still pending and
    might succeed. Similarly, if the last v2 fetch fails, we were
    failing the whole hidden service request even if a v0 fetch is
    still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.
Syndicate content