stable

Updates for old Tor stable release series: 0.2.4.28, 0.2.5.13, 0.2.6.11, 0.2.7.7, 0.2.8.13

Hi! We've just tagged and uploaded new versions for the older 0.2.4 through 0.2.8 release series, to backport important patches and extend the useful life of these versions.

If you have the option, we'd recommend that you run the latest stable release instead of these. They are mainly of interest to distribution maintainers who for whatever reason want to track older release series of Tor.

You can, as usual, find the source at https://dist.torproject.org/. For a list of the backported changes in each release, see one of the nice handcrafted links below:

Please note that these releases are larger than we expect most future old-stable releases to be, because until recently we didn't have an actual policy of which releases should receive backports and support. You can learn more about our plans for "regular" and "long-term support" releases of Tor on the wiki.

Tor 0.2.9.10 is released

Tor 0.2.9.10 backports a security fix for users who build Tor with the --enable-expensive-hardening option. It also includes fixes for some major issues affecting directory authorities, LibreSSL compatibility, and IPv6 correctness.

The Tor 0.2.9.x release series is now marked as a long-term-support series. We intend to backport security fixes to 0.2.9.x until at least January of 2020.

You can download the source code from https://dist.torproject.org/ but most users should wait for next week's upcoming Tor Browser release, or for their upcoming system package updates.

Changes in version 0.2.9.10 - 2017-03-01

  • Major bugfixes (directory authority, 0.3.0.3-alpha):
    • During voting, when marking a relay as a probable sybil, do not clear its BadExit flag: sybils can still be bad in other ways too. (We still clear the other flags.) Fixes bug 21108; bugfix on 0.2.0.13-alpha.
  • Major bugfixes (IPv6 Exits, backport from 0.3.0.3-alpha):
    • Stop rejecting all IPv6 traffic on Exits whose exit policy rejects any IPv6 addresses. Instead, only reject a port over IPv6 if the exit policy rejects that port on more than an IPv6 /16 of addresses. This bug was made worse by 17027 in 0.2.8.1-alpha, which rejected a relay's own IPv6 address by default. Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.

  read more »

Tor 0.2.9.9 is released

Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could cause relays and clients to crash, even if they were not built with the --enable-expensive-hardening option. This bug affects all 0.2.9.x versions, and also affects 0.3.0.1-alpha: all relays running an affected version should upgrade.

This release also resolves a client-side onion service reachability bug, and resolves a pair of small portability issues.

You can download the source code from https://dist.torproject.org/ but most users should wait for the upcoming Tor Browser release, or for their upcoming system package updates.

Changes in version 0.2.9.9 - 2017-01-23

  • Major bugfixes (security):
    • Downgrade the "-ftrapv" option from "always on" to "only on when --enable-expensive-hardening is provided." This hardening option, like others, can turn survivable bugs into crashes -- and having it on by default made a (relatively harmless) integer overflow bug into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on 0.2.9.1-alpha.
  • Major bugfixes (client, onion service):
    • Fix a client-side onion service reachability bug, where multiple socks requests to an onion service (or a single slow request) could cause us to mistakenly mark some of the service's introduction points as failed, and we cache that failure so eventually we run out and can't reach the service. Also resolves a mysterious "Remote server sent bogus reason code 65021" log warning. The bug was introduced in ticket 17218, where we tried to remember the circuit end reason as a uint16_t, which mangled negative values. Partially fixes bug 21056 and fixes bug 20307; bugfix on 0.2.8.1-alpha.
  • Minor features (geoip):
    • Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 Country database.
  • Minor bugfixes (portability):
    • Avoid crashing when Tor is built using headers that contain CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on 0.2.9.1-alpha.
    • Fix Libevent detection on platforms without Libevent 1 headers installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.

Tor 0.2.9.8 is released: finally, a new stable series!

Tor 0.2.9.8 is the first stable release of the Tor 0.2.9 series.

The Tor 0.2.9 series makes mandatory a number of security features that were formerly optional. It includes support for a new shared- randomness protocol that will form the basis for next generation hidden services, includes a single-hop hidden service mode for optimizing .onion services that don't actually want to be hidden, tries harder not to overload the directory authorities with excessive downloads, and supports a better protocol versioning scheme for improved compatibility with other implementations of the Tor protocol.

And of course, there are numerous other bugfixes and improvements.

This release also includes a fix for a medium-severity issue (bug 21018 below) where Tor clients could crash when attempting to visit a hostile hidden service. Clients are recommended to upgrade as packages become available for their systems.

You can download the source code from the usual place on the website. Packages should be up within the next few days, with a
TorBrowser release planned for early January.

Below are listed the changes since Tor 0.2.8.11. For a list of changes since 0.2.9.7-rc, see the ChangeLog file.

Changes in version 0.2.9.8 - 2016-12-19

  • New system requirements:
    • When building with OpenSSL, Tor now requires version 1.0.1 or later. OpenSSL 1.0.0 and earlier are no longer supported by the OpenSSL team, and should not be used. Closes ticket 20303.
    • Tor now requires Libevent version 2.0.10-stable or later. Older versions of Libevent have less efficient backends for several platforms, and lack the DNS code that we use for our server-side DNS support. This implements ticket 19554.
    • Tor now requires zlib version 1.2 or later, for security, efficiency, and (eventually) gzip support. (Back when we started, zlib 1.1 and zlib 1.0 were still found in the wild. 1.2 was released in 2003. We recommend the latest version.)
  • Deprecated features:
    • A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future version of Tor. (We believe that client-side DNS caching is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache.
    • A number of options are deprecated for security reasons, and may be removed in a future version of Tor. The options are: AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits, ClientDNSRejectInternalAddresses, CloseHSClientCircuitsImmediatelyOnTimeout, CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks.
    • The *ListenAddress options are now deprecated as unnecessary: the corresponding *Port options should be used instead. These options may someday be removed. The affected options are: ControlListenAddress, DNSListenAddress, DirListenAddress, NATDListenAddress, ORListenAddress, SocksListenAddress, and TransListenAddress.

  read more »

Tor 0.2.8.12 is released

There's a new "old stable" release of Tor! (But maybe you want the 0.2.9.8 release instead; that also comes out today.)

Tor 0.2.8.12 backports a fix for a medium-severity issue (bug 21018 below) where Tor clients could crash when attempting to visit a hostile hidden service. Clients are recommended to upgrade as packages become available for their systems.

It also includes an updated list of fallback directories, backported from 0.2.9.

Now that the Tor 0.2.9 series is stable, only major bugfixes will be backported to 0.2.8 in the future.

You can download Tor 0.2.8 -- and other older release series -- from dist.torproject.org.

Changes in version 0.2.8.12 - 2016-12-19

  • Major bugfixes (parsing, security, backported from 0.2.9.8):
    • Fix a bug in parsing that could cause clients to read a single byte past the end of an allocated region. This bug could be used to cause hardened clients (built with --enable-expensive-hardening) to crash if they tried to visit a hostile hidden service. Non- hardened clients are only affected depending on the details of their platform's memory allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by using libFuzzer. Also tracked as TROVE- 2016-12-002 and as CVE-2016-1254.
  • Minor features (fallback directory list, backported from 0.2.9.8):
    • Replace the 81 remaining fallbacks of the 100 originally introduced in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks (123 new, 54 existing, 27 removed) generated in December 2016. Resolves ticket 20170.
  • Minor features (geoip, backported from 0.2.9.7-rc):
    • Update geoip and geoip6 to the December 7 2016 Maxmind GeoLite2 Country database.

Tor 0.2.8.11 is released, with small portability fixes

There's a new stable release of Tor!

Tor 0.2.8.11 backports fixes for additional portability issues that could prevent Tor from building correctly on OSX Sierra, or with OpenSSL 1.1. Affected users should upgrade; others can safely stay with 0.2.8.10.

You can download the source from the usual place on the website. Packages should be available over the next several days, including a TorBrowser release around December 14. Remember to check the signatures!

Below are the changes since 0.2.8.10.

Changes in version 0.2.8.11 - 2016-12-08

  • Minor bugfixes (portability):
    • Avoid compilation errors when building on OSX Sierra. Sierra began to support the getentropy() and clock_gettime() APIs, but created a few problems in doing so. Tor 0.2.9 has a more thorough set of workarounds; in 0.2.8, we are just using the /dev/urandom and mach monotonic time interfaces. Fixes bug 20865. Bugfix on 0.2.8.1-alpha.
  • Minor bugfixes (portability, backport from 0.2.9.5-alpha):
    • Fix compilation with OpenSSL 1.1 and less commonly-used CPU architectures. Closes ticket 20588.

Tor 0.2.8.10 is released

There's a new stable version of Tor!

Tor 0.2.8.10 backports a fix for a bug that would sometimes make clients unusable after they left standby mode. It also backports fixes for a few portability issues and a small but problematic memory leak.

You can download the source from the usual place on the website. Packages should be available over the next several days, including a TorBrowser release around December 14. Remember to check the signatures!

Below are the changes since 0.2.8.9.

Changes in version 0.2.8.10 - 2016-12-02

  • Major bugfixes (client reliability, backport from 0.2.9.5-alpha):
    • When Tor leaves standby because of a new application request, open circuits as needed to serve that request. Previously, we would potentially wait a very long time. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
  • Major bugfixes (client performance, backport from 0.2.9.5-alpha):
    • Clients now respond to new application stream requests immediately when they arrive, rather than waiting up to one second before starting to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
  • Minor bugfixes (portability, backport from 0.2.9.6-rc):
    • Work around a bug in the OSX 10.12 SDK that would prevent us from successfully targeting earlier versions of OSX. Resolves ticket 20235.
  • Minor bugfixes (portability, backport from 0.2.9.5-alpha):
    • Fix implicit conversion warnings under OpenSSL 1.1. Fixes bug 20551; bugfix on 0.2.1.1-alpha.
  • Minor bugfixes (relay, backport from 0.2.9.5-alpha):
    • Work around a memory leak in OpenSSL 1.1 when encoding public keys. Fixes bug 20553; bugfix on 0.0.2pre8.
  • Minor features (geoip):
    • Update geoip and geoip6 to the November 3 2016 Maxmind GeoLite2 Country database.

Tor 0.2.8.8 is released, with important fixes

Tor 0.2.8.8 fixes two crash bugs present in previous versions of the 0.2.8.x series. Relays running 0.2.8.x should upgrade, as should users who select public relays as their bridges.

You can download the source from the Tor website. Packages should be available over the next week or so.

Below is a list of changes since 0.2.8.6.

Changes in version 0.2.8.8 - 2016-09-23

  • Major bugfixes (crash):
    • Fix a complicated crash bug that could affect Tor clients configured to use bridges when replacing a networkstatus consensus in which one of their bridges was mentioned. OpenBSD users saw more crashes here, but all platforms were potentially affected. Fixes bug 20103; bugfix on 0.2.8.2-alpha.
  • Major bugfixes (relay, OOM handler):
    • Fix a timing-dependent assertion failure that could occur when we tried to flush from a circuit after having freed its cells because of an out-of-memory condition. Fixes bug 20203; bugfix on 0.2.8.1-alpha. Thanks to "cypherpunks" for help diagnosing this one.
  • Minor feature (fallback directories):
    • Remove broken fallbacks from the hard-coded fallback directory list. Closes ticket 20190; patch by teor.
  • Minor features (geoip):
    • Update geoip and geoip6 to the September 6 2016 Maxmind GeoLite2 Country database.

Tor 0.2.8.7 is released, with important fixes

Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses option in 0.2.8.6, and replaces a retiring bridge authority. Everyone who sets the ReachableAddresses option, and all bridges, are strongly encouraged to upgrade.

You can download the source from the Tor website. Packages should be available over the next week or so.

Below is a list of changes since 0.2.8.6.

Changes in version 0.2.8.7 - 2016-08-24

  • Directory authority changes:
    • The "Tonga" bridge authority has been retired; the new bridge authority is "Bifroest". Closes tickets 19728 and 19690.
  • Major bugfixes (client, security):
    • Only use the ReachableAddresses option to restrict the first hop in a path. In earlier versions of 0.2.8.x, it would apply to every hop in the path, with a possible degradation in anonymity for anyone using an uncommon ReachableAddress setting. Fixes bug 19973; bugfix on 0.2.8.2-alpha.
  • Minor features (geoip):
    • Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 Country database.
  • Minor bugfixes (compilation):
    • Remove an inappropriate "inline" in tortls.c that was causing warnings on older versions of GCC. Fixes bug 19903; bugfix on 0.2.8.1-alpha.
  • Minor bugfixes (fallback directories):
    • Avoid logging a NULL string pointer when loading fallback directory information. Fixes bug 19947; bugfix on 0.2.4.7-alpha and 0.2.8.1-alpha. Report and patch by "rubiate".

Tor 0.2.8.6 is released!

Tor 0.2.8.6 has been released! You can download the source from the Tor website. Packages should be available over the next week or so.

Tor 0.2.8.6 is the first stable version of the Tor 0.2.8 series.

The Tor 0.2.8 series improves client bootstrapping performance, completes the authority-side implementation of improved identity keys for relays, and includes numerous bugfixes and performance improvements throughout the program. This release continues to improve the coverage of Tor's test suite.

Below is a list of the changes since Tor 0.2.7. For a list of only the changes that are new since 0.2.8.5-rc, please see the ChangeLog file.

Changes in version 0.2.8.6 - 2016-08-02

  • New system requirements:
    • Tor no longer attempts to support platforms where the "time_t" type is unsigned. (To the best of our knowledge, only OpenVMS does this, and Tor has never actually built on OpenVMS.) Closes ticket 18184.
    • Tor no longer supports versions of OpenSSL with a broken implementation of counter mode. (This bug was present in OpenSSL 1.0.0, and was fixed in OpenSSL 1.0.0a.) Tor still detects, but no longer runs with, these versions.
    • Tor now uses Autoconf version 2.63 or later, and Automake 1.11 or later (released in 2008 and 2009 respectively). If you are building Tor from the git repository instead of from the source distribution, and your tools are older than this, you will need to upgrade. Closes ticket 17732.

  read more »

Syndicate content Syndicate content