There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.1.2-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by some time next week.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.1.2-alpha resolves numerous bugs--some of them from the previous alpha, and some much older. It also contains minor testing improvements, and an improvement to the security of our authenticated SENDME implementation.

Changes in version 0.4.1.2-alpha - 2019-06-06

• Major bugfixes (bridges):
  • Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875.
  • Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha.
• Major bugfixes (flow control, SENDME):
  • Decrement the stream-level package window after packaging a cell. Previously, it was done inside a log_debug() call, meaning that if debug logs were not enabled, the decrement would never happen, and thus the window would be out of sync with the other end point. Fixes bug 30628; bugfix on 0.4.1.1-alpha.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.1.1-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release in the next couple of weeks.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

This is the first alpha in the 0.4.1.x series. It introduces lightweight circuit padding to make some onion-service circuits harder to distinguish, includes a new "authenticated SENDME" feature to make certain denial-of-service attacks more difficult, and improves performance in several areas.

Changes in version 0.4.1.1-alpha - 2019-05-22

• Major features (circuit padding):
  • Onion service clients now add padding cells at the start of their INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic look more like general purpose Exit traffic. The overhead for this is 2 extra cells in each direction for RENDEZVOUS circuits, and 1 extra upstream cell and 10 downstream cells for INTRODUCE circuits. This feature is only enabled when also supported by the circuit's middle node. (Clients may specify fixed middle nodes with the MiddleNodes option, and may force-disable this feature with the CircuitPadding torrc.) Closes ticket 28634.
• Major features (code organization):
  • Tor now includes a generic publish-subscribe message-passing subsystem that we can use to organize intermodule dependencies. We hope to use this to reduce dependencies between modules that don't need to be related, and to generally simplify our codebase. Closes ticket 28226.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.0.3-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release some time in the coming weeks.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.0.3-alpha is the third in its series; it fixes several small bugs from earlier versions.

Changes in version 0.4.0.3-alpha - 2019-03-22

• Minor features (address selection):
  • Treat the subnet 100.64.0.0/10 as public for some purposes; private for others. This subnet is the RFC 6598 (Carrier Grade NAT) IP range, and is deployed by many ISPs as an alternative to RFC 1918 that does not break existing internal networks. Tor now blocks SOCKS and control ports on these addresses and warns users if client ports or ExtORPorts are listening on a RFC 6598 address. Closes ticket 28525. Patch by Neel Chauhan.
• Minor features (geoip):
  • Update geoip and geoip6 to the March 4 2019 Maxmind GeoLite2 Country database. Closes ticket 29666.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.0.1-alpha from the download page. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely by the end of the month.

Tor 0.3.5.5-alpha includes numerous bugfixes on earlier releases, including several that we hope to backport to older release series in the future.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.4-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by mid-December.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.3.5.4-alpha includes numerous bugfixes on earlier versions and improves our continuous integration support. It continues our attempts to stabilize this alpha branch and build it into a foundation for an acceptable long-term-support release.

Changes in version 0.3.5.4-alpha - 2018-11-08

• Major bugfixes (compilation, rust):
  • Rust tests can now build and run successfully with the --enable-fragile-hardening option enabled. Doing this currently requires the rust beta channel; it will be possible with stable rust once Rust version 1.31 is released. Patch from Alex Crichton. Fixes bugs 27272, 27273, and 27274. Bugfix on 0.3.1.1-alpha.
• Major bugfixes (embedding, main loop):
  • When DisableNetwork becomes set, actually disable periodic events that are already enabled. (Previously, we would refrain from enabling new ones, but we would leave the old ones turned on.) Fixes bug 28348; bugfix on 0.3.4.1-alpha.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.3-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next few weeks.

Tor 0.3.5.2-alpha fixes several bugs in 0.3.5.1-alpha, including one that made Tor think it had run out of sockets. Anybody running a relay or an onion service on 0.3.5.1-alpha should upgrade.

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.1-alpha from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release some time this week.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.3.5.1-alpha is the first release of the 0.3.5.x series. It adds client authorization for modern (v3) onion services, improves bootstrap reporting, begins reorganizing Tor's codebase, adds optional support for NSS in place of OpenSSL, and much more.

Changes in version 0.3.5.1-alpha - 2018-09-18

• Major features (onion services, UI change):
  • For a newly created onion service, the default version is now 3. Tor still supports existing version 2 services, but the operator now needs to set "HiddenServiceVersion 2" in order to create a new version 2 service. For existing services, Tor now learns the version by reading the key file. Closes ticket 27215.
• Major features (relay, UI change):
  • Relays no longer run as exits by default. If the "ExitRelay" option is auto (or unset), and no exit policy is specified with ExitPolicy or ReducedExitPolicy, we now treat ExitRelay as 0. Previously in this case, we allowed exit traffic and logged a warning message. Closes ticket 21530. Patch by Neel Chauhan.
  • Tor now validates that the ContactInfo config option is valid UTF- 8 when parsing torrc. Closes ticket 27428.