New release candidate: Tor 0.4.5.4-rc
nickm January 22, 2021

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.5.4-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely around this coming Tuesday.

Tor 0.4.5.4-rc is the second release candidate in its series. It fixes several bugs present in previous releases.

We expect that the stable release will be the same, or almost the same, as this release candidate, unless serious bugs are found.

Changes in version 0.4.5.4-rc - 2021-01-22

  • Major bugfixes (authority, IPv6):
    • Do not consider multiple relays in the same IPv6 /64 network to be sybils. Fixes bug 40243; bugfix on 0.4.5.1-alpha.
  • Major bugfixes (directory cache, performance, windows):
    • Limit the number of items in the consensus diff cache to 64 on Windows. We hope this will mitigate an issue where Windows relay operators reported Tor using 100% CPU, while we investigate better solutions. Fixes bug 24857; bugfix on 0.3.1.1-alpha.

 

New release candidate: Tor 0.4.5.3-rc
nickm January 12, 2021

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.5.3-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release in 3-4 days.

We're getting closer and closer to stable here, so I hope that people will try this one out and report any bugs they find.

Tor 0.4.5.3-rc is the first release candidate in its series. It fixes several bugs, including one that broke onion services on certain older ARM CPUs, and another that made v3 onion services less reliable.

Though we anticipate that we'll be doing a bit more clean-up between now and the stable release, we expect that our remaining changes will be fairly simple. There will be at least one more release candidate before 0.4.5.x is stable.

Changes in version 0.4.5.3-rc - 2021-01-12

  • Major bugfixes (onion service v3):
    • Stop requiring a live consensus for v3 clients and services, and allow a "reasonably live" consensus instead. This allows v3 onion services to work even if the authorities fail to generate a consensus for more than 2 hours in a row. Fixes bug 40237; bugfix on 0.3.5.1-alpha.
  • Minor features (crypto):
    • Fix undefined behavior on our Keccak library. The bug only appeared on platforms with 32-byte CPU cache lines (e.g. armv5tel) and would result in wrong digests. Fixes bug 40210; bugfix on 0.2.8.1-alpha. Thanks to Bernhard Übelacker, Arnd Bergmann and weasel for diagnosing this.

 

New release candidate: 0.4.4.4-rc

by nickm | August 13, 2020

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.4.4-rc from the download page. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the coming weeks.

Remember, this is a release candidate, not a a stable release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.4.4.4-rc is the first release candidate in its series. It fixes several bugs in previous versions, including some that caused annoying behavior for relay and bridge operators.

Changes in version 0.4.4.4-rc - 2020-08-13

  • Minor features (security):
    • Channels using obsolete versions of the Tor link protocol are no longer allowed to circumvent address-canonicity checks. (This is only a minor issue, since such channels have no way to set ed25519 keys, and therefore should always be rejected for circuits that specify ed25519 identities.) Closes ticket 40081.
  • Minor features (defense in depth):
    • Wipe more data from connection address fields before returning them to the memory heap. Closes ticket 6198.

 

New Release Candidate: Tor 0.4.3.4-rc

by nickm | April 13, 2020

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.3.4-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely later this week.

This is a release candidate: unless we find new significant bugs in it, the stable release for the 0.4.3.x series will be substantially the same as this release.

Tor 0.4.3.4-rc is the first release candidate in its series. It fixes several bugs from earlier versions, including one affecting DoS defenses on bridges using pluggable transports.

Changes in version 0.4.3.4-rc - 2020-04-13

  • Major bugfixes (DoS defenses, bridges, pluggable transport):
    • Fix a bug that was preventing DoS defenses from running on bridges with a pluggable transport. Previously, the DoS subsystem was not given the transport name of the client connection, thus failed to find the GeoIP cache entry for that client address. Fixes bug 33491; bugfix on 0.3.3.2-alpha.
  • Minor feature (sendme, flow control):
    • Default to sending SENDME version 1 cells. (Clients are already sending these, because of a consensus parameter telling them to do so: this change only affects what clients would do if the consensus didn't contain a recommendation.) Closes ticket 33623.

 

New Release Candidate: Tor 0.4.2.4-rc

by nickm | November 15, 2019

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.2.4-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely by December 3.

Remember, this is a release candidate: there may still be more bugs here than usual. We'd love to know about any new ones, so that we can try to get them fixed before we call this series stable.

Tor 0.4.2.4-rc is the first release candidate in its series. It fixes several bugs from earlier versions, including a few that would result in stack traces or incorrect behavior.

Changes in version 0.4.2.4-rc - 2019-11-15

  • Minor features (build system):
    • Make pkg-config use --prefix when cross-compiling, if PKG_CONFIG_PATH is not set. Closes ticket 32191.
  • Minor features (geoip):
    • Update geoip and geoip6 to the November 6 2019 Maxmind GeoLite2 Country database. Closes ticket 32440.

 

New release candidate: Tor 0.4.1.4-rc

by nickm | July 25, 2019

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.1.4-rc from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next month or so.

Remember, this is just a release candidate: you should only run this if you'd like to find and report bugs.

Tor 0.4.1.4-rc fixes a few bugs from previous versions of Tor, and updates to a new list of fallback directories. If no new bugs are found, the next release in the 0.4.1.x series should be stable.

Changes in version 0.4.1.4-rc - 2019-07-25

  • Major bugfixes (circuit build, guard):
    • When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Otherwise, we can end up in the situation where a subsystem is notified that a closing circuit has just opened, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.
  • Minor features (continuous integration):
    • Our Travis configuration now uses Chutney to run some network integration tests automatically. Closes ticket 29280.

 

New Release: Tor 0.3.5.6-rc

by nickm | December 18, 2018

There's a new alpha release available for download. If you build Tor from source, you can download the source code for 0.3.5.6-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by early February.

New Release: Tor 0.3.4.6-rc

by nickm | August 07, 2018

There's a new alpha release available for download. If you build Tor from source, you can download the source code for Tor 0.3.4.6-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release by some time next month.

Remember, this is an alpha release: you should only run this if you'd like to find and report more bugs than usual.

Tor 0.3.4.6-rc fixes several small compilation, portability, and correctness issues in previous versions of Tor. This version is a release candidate: if no serious bugs are found, we expect that the stable 0.3.4 release will be (almost) the same as this release.

Changes in version 0.3.4.6-rc - 2018-08-06

  • Major bugfixes (event scheduler):
    • When we enable a periodic event, schedule it in the event loop rather than running it immediately. Previously, we would re-run periodic events immediately in the middle of (for example) changing our options, with unpredictable effects. Fixes bug 27003; bugfix on 0.3.4.1-alpha.
  • Minor features (compilation):
    • When building Tor, prefer to use Python 3 over Python 2, and more recent (contemplated) versions over older ones. Closes ticket 26372.

 

Tor 0.3.3.5-rc is released!

by nickm | April 15, 2018

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.3.3.5-rc from the usual place on the website. If you don't build Tor from source, don't worry! Updated packages should be available over the coming weeks, with a new alpha Tor Browser release some time this week.