stable release

Tor 0.2.1.18 lays the foundations for performance improvements, adds
status events to help users diagnose bootstrap problems, adds optional
authentication/authorization for hidden services, fixes a variety of
potential anonymity problems, and includes a huge pile of other features
and bug fixes.

Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
services.

https://www.torproject.org/easy-download

Changes in version 0.2.1.19 - 2009-07-28
Major bugfixes:

• Make accessing hidden services on 0.2.1.x work right again.
  Bugfix on 0.2.1.3-alpha; workaround for bug 1038. Diagnosis and
  part of patch provided by "optimist".

Minor features:

• When a relay/bridge is writing out its identity key fingerprint to
  the "fingerprint" file and to its logs, write it without spaces. Now
  it will look like the fingerprints in our bridges documentation, read more »

Updated Vidalia-bundle packages with Tor 0.2.0.35 are released. The only thing that's changed is the update of Vidalia from 0.1.14 to 0.1.15. You can retrieve the updated packages from https://www.torproject.org/easy-download

Tor 0.2.0.35 fixes a big bug that was causing Tor relays with dynamic
IP addresses to disappear from the network. It also fixes a rare crash
bug on fast exit relays.

https://www.torproject.org/easy-download

Changes in version 0.2.0.35 - 2009-06-24
Security fix:

• Avoid crashing in the presence of certain malformed descriptors.
  Found by lark, and by automated fuzzing.
• Fix an edge case where a malicious exit relay could convince a
  controller that the client's DNS question resolves to an internal IP
  address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.

Major bugfixes:

• Finally fix the bug where dynamic-IP relays disappear when their
  IP address changes: directory mirrors were mistakenly telling
  them their old address if they asked via begin_dir, so they
  never got an accurate answer about their new address, so they read more »

Tor 0.2.0.34 features several more security-related fixes. You
should upgrade, especially if you run an exit relay (remote crash) or
a directory authority (remote infinite loop), or you're on an older
(pre-XP) or not-recently-patched Windows (remote exploit).

This release marks end-of-life for Tor 0.1.2.x. Those Tor versions have
many known flaws, and nobody should be using them. You should upgrade. If
you're using a Linux or BSD and its packages are obsolete, stop using
those packages and upgrade anyway.

https://www.torproject.org/download.html

Changes in version 0.2.0.34 - 2009-02-08
Security fixes: read more »

• Fix an infinite-loop bug on handling corrupt votes under certain
        circumstances. Bugfix on 0.2.0.8-alpha.
• Fix a temporary DoS vulnerability that could be performed by
        a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
• Avoid a potential crash on exit nodes when processing malformed
  

Tor 0.2.0.33 fixes a variety of bugs that were making relays less useful
to users. It also finally fixes a bug where a relay or client that's
been off for many days would take a long time to bootstrap.

This update also fixes an important security-related bug reported by
Ilja van Sprundel. You should upgrade. (We'll send out more details
about the bug once people have had some time to upgrade.)

https://www.torproject.org/download.html

Changes in version 0.2.0.33 - 2009-01-21
Security fixes:

• Fix a heap-corruption bug that may be remotely triggerable on
  some platforms. Reported by Ilja van Sprundel.

Major bugfixes:

• When a stream at an exit relay is in state "resolving" or
  "connecting" and it receives an "end" relay cell, the exit relay
  would silently ignore the end cell and not close the stream. If
  the client never closes the circuit, then the exit relay never read more »

As detailed here, http://archives.seul.org/or/talk/Dec-2008/msg00044.html, there are some packaging fixes for OS X users in this 0.2.0.32 stable release.

For OS X users, there is a packaging bugfix in 0.2.0.32 labelled as
0.2.0.32a in the available packages. It turns out for years we've been
shipping a Info.plist with an incorrect key. The issue was discovered
and reported as bug 876,
https://bugs.torproject.org/flyspray/index.php?id=876&do=details.

The commit to fix the problem in the 0_2_0 branch is r17472:
http://archives.seul.org/or/cvs/Dec-2008/msg00037.html

The commit to fix the problem in the Vidalia 0.1 branch is r3361:
http://trac.vidalia-project.net/browser/vidalia/branches/vidalia-0.1/pkg...

The bug is that the OS X Installer will prompt "The chosen volume
contains software which is newer then [sic] the software you are
installing."

The problem is that the Installer looks in the file
/Library/Receipts/Vidalia.pkg/Contents/Info.plist for
CFBundleShortVersionString. We mistakenly called it
CFBundleSortVersionString, which Apple inserts "1" as the value. The
upgrade to Vidalia from 0.1.9 to 0.1.10 apparently triggered the issue.

The fix is to put the correct value in place for the future. The
simplest way to do this is to have the users click "Continue" when
prompted. We could have spent a lot of time trying to fix it for the
user to hide the issue, but well, that is fraught with problems and
complexities. A simple click of "Continue" is far simpler and less
error prone.

The difference between the released 0.2.0.32 Tor code is the inclusion
of r17472. It's not really 0.2.0.32a per se, but since we lack package
versions, I had to distinguish it in some way.

Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu packages
(and maybe other packages) noticed by Theo de Raadt, fixes a smaller
security flaw that might allow an attacker to access local services,
further improves hidden service performance, and fixes a variety of
other issues.

https://www.torproject.org/download.html

Or use our new https://www.torproject.org/easy-download page. read more »

Changes in version 0.2.0.32 - 2008-11-20
Security fixes:

• The "User" and "Group" config options did not clear the
  supplementary group entries for the Tor process. The "User" option
  is now more robust, and we now set the groups to the specified
  user's primary group. The "Group" option is now ignored. For more
  detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
  in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
  and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
• The "ClientDNSRejectInternalAddresses" config option wasn't being
  consistently obeyed: if an exit relay refuses a stream because its
  exit policy doesn't allow it, we would remember what IP address
  the relay said the destination address resolves to, even if it's
  an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.

Major bugfixes:

• Fix a DOS opportunity during the voting signature collection process
  at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.

Major bugfixes (hidden services):

• When fetching v0 and v2 rendezvous service descriptors in parallel,
  we were failing the whole hidden service request when the v0
  descriptor fetch fails, even if the v2 fetch is still pending and
  might succeed. Similarly, if the last v2 fetch fails, we were
  failing the whole hidden service request even if a v0 fetch is
  still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.

Releases

Vidalia 0.1.7 (released August 2) fixes a bug that caused Vidalia to not recognize Tor's version correctly in Tor 0.2.0.x, adds an "nsh2po" tool that helps Pootle translate the Vidalia bundle installer strings, adds "TZ=UTC" to the BrowserExecutable's environment variables when launched via Vidalia, and updates the Czech, French, and German translations.
http://trac.vidalia-project.net/browser/vidalia/tags/vidalia-0.1.7/CHANG...

Incognito 2008.1 (released August 2) is a Gentoo-based Tor LiveCD. This new release adds a "walkthrough" which will launch on startup; adds language support for Arabic, Green, Hebrew, Russian, and Swedish; improves the support for Chinese and Japanese fonts; adds support for VMWare and partial support for VirtualBox; switches to Tor 0.2.0.30 and Torbutton 1.2.0; and adds some new privacy-supporting software and removes some applications that are too likely to leak private information.
https://svn.torproject.org/svn/incognito/trunk/ChangeLog

Tor 0.2.1.3-alpha (released August 3) implements most of the pieces to prevent infinite-length circuit attacks (see proposal 110); fixes a bug that might cause exit relays to corrupt streams they send back; allows address patterns (e.g. 255.128.0.0/16) to appear in ExcludeNodes and ExcludeExitNodes config options; and fixes a big pile of bugs.
http://archives.seul.org/or/talk/Aug-2008/msg00039.html

Tor 0.2.1.4-alpha (released August 4) fixes a pair of crash bugs in 0.2.1.3-alpha.
http://archives.seul.org/or/talk/Aug-2008/msg00039.html

Tor Browser Bundle 1.1.2 (released August 9) updates Vidalia to version 0.1.6, updates Firefox to 2.0.0.16, updates Tor to 0.2.1.4-alpha, updates Torbutton to 1.2.0, and disables the TZ=UTC environment variable trick since Vidalia 0.1.7 now handles that for us.
https://svn.torproject.org/svn/torbrowser/trunk/README read more »

A better formatted version of this can be found at the OR-Announce Archives.

Tor 0.2.0.31 addresses two potential anonymity issues, starts to fix
a big bug we're seeing where in rare cases traffic from one Tor stream
gets mixed into another stream, and fixes a variety of smaller issues.

https://www.torproject.org/download.html

Changes in version 0.2.0.31 - 2008-09-03
o Major bugfixes:
- Make sure that two circuits can never exist on the same connection
with the same circuit ID, even if one is marked for close. This
is conceivably a bugfix for bug 779. Bugfix on 0.1.0.4-rc.
- Relays now reject risky extend cells: if the extend cell includes
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.
- If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.

o Minor bugfixes:
- Recover 3-7 bytes that were wasted per memory chunk. Fixes bug
794; bug spotted by rovv. Bugfix on 0.2.0.1-alpha.
- Correctly detect the presence of the linux/netfilter_ipv4.h header
when building against recent kernels. Bugfix on 0.1.2.1-alpha.
- Pick size of default geoip filename string correctly on windows.
Fixes bug 806. Bugfix on 0.2.0.30.
- Make the autoconf script accept the obsolete --with-ssl-dir
option as an alias for the actually-working --with-openssl-dir
option. Fix the help documentation to recommend --with-openssl-dir.
Based on a patch by "Dave". Bugfix on 0.2.0.1-alpha.
- Disallow session resumption attempts during the renegotiation
stage of the v2 handshake protocol. Clients should never be trying read more »

Tor 0.2.0.30 is released. A better formatted version of this report can be found at gmane.org

Tor 0.2.0.30 switches to a more efficient directory distribution design,
adds features to make connections to the Tor network harder to block,
allows Tor to act as a DNS proxy, adds separate rate limiting for relayed
traffic to make it easier for clients to become relays, fixes a variety
of potential anonymity problems, and includes the usual huge pile of
other features and bug fixes.

https://www.torproject.org/download.html

Changes in version 0.2.0.30 - 2008-07-15
o New v3 directory design:
- Tor now uses a new way to learn about and distribute information
about the network: the directory authorities vote on a common
network status document rather than each publishing their own
opinion. Now clients and caches download only one networkstatus
document to bootstrap, rather than downloading one for each
authority. Clients only download router descriptors listed in
the consensus. Implements proposal 101; see doc/spec/dir-spec.txt
for details.
- Set up moria1, tor26, and dizum as v3 directory authorities
in addition to being v2 authorities. Also add three new ones:
ides (run by Mike Perry), gabelmoo (run by Karsten Loesing), and
dannenberg (run by CCC).
- Switch to multi-level keys for directory authorities: now their
long-term identity key can be kept offline, and they periodically
generate a new signing key. Clients fetch the "key certificates"
to keep up to date on the right keys. Add a standalone tool
"tor-gencert" to generate key certificates. Implements proposal 103.
- Add a new V3AuthUseLegacyKey config option to make it easier for
v3 authorities to change their identity keys if another bug like
Debian's OpenSSL RNG flaw appears. read more »