stable release | Tor Blog

New Release: Tor 0.4.2.5 (also 0.4.1.7, 0.4.0.6, and 0.3.5.9)

Ater months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.2.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser around January 7.

New release: Tor 0.4.1.6

We have a new stable release today. If you build Tor from source, you can download the source code for 0.4.1.6 from the download page on the website. Packages should be available within the next several weeks, with a new Tor Browser in the next week or two.

This release backports several bugfixes to improve stability and correctness. Anyone experiencing build problems or crashes with 0.4.1.5, or experiencing reliability issues with single onion services, should upgrade.

Changes in version 0.4.1.6 - 2019-09-19

Major bugfixes (crash, Linux, Android, backport from 0.4.2.1-alpha):
- Tolerate systems (including some Android installations) where madvise and MADV_DONTDUMP are available at build-time, but not at run time. Previously, these systems would notice a failed syscall and abort. Fixes bug 31570; bugfix on 0.4.1.1-alpha.
- Tolerate systems (including some Linux installations) where madvise and/or MADV_DONTFORK are available at build-time, but not at run time. Previously, these systems would notice a failed syscall and abort. Fixes bug 31696; bugfix on 0.4.1.1-alpha.
Minor features (stem tests, backport from 0.4.2.1-alpha):
- Change "make test-stem" so it only runs the stem tests that use tor. This change makes test-stem faster and more reliable. Closes ticket 31554.

3 comments

New release: Tor 0.4.1.5

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.1.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser in early September.

This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.

Per our support policy, we will support the 0.4.1.x series for nine months, or until three months after the release of a stable 0.4.2.x: whichever is longer. If you need longer-term support, please stick with 0.3.5.x, which will we plan to support until Feb 2022.

Below are the changes since 0.4.0.5. For a list of only the changes since 0.4.1.4-rc, see the ChangeLog file.

Changes in version 0.4.1.5 - 2019-08-20

Directory authority changes:
- The directory authority "dizum" has a new IP address. Closes ticket 31406.
Major features (circuit padding):
- Onion service clients now add padding cells at the start of their INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic look more like general purpose Exit traffic. The overhead for this is 2 extra cells in each direction for RENDEZVOUS circuits, and 1 extra upstream cell and 10 downstream cells for INTRODUCE circuits. This feature is only enabled when also supported by the circuit's middle node. (Clients may specify fixed middle nodes with the MiddleNodes option, and may force-disable this feature with the CircuitPadding option.) Closes ticket 28634.

New Release: Tor 0.4.0.5

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.0.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser likely later this month.

This is the first stable release in the 0.4.0.x series. It contains improvements for power management and bootstrap reporting, as well as preliminary backend support for circuit padding to prevent some kinds of traffic analysis. It also continues our work in refactoring Tor for long-term maintainability.

15 comments

New Release: Tor 0.3.4.9

We have a new stable release today. If you build Tor from source, you can download the source code for Tor 0.3.4.9 from the download page on the website. Packages should be available within the next several weeks, with a new Tor Browser by mid-December.

Tor 0.3.4.9 is the second stable release in its series; it backports numerous fixes, including a fix for a bandwidth management bug that was causing memory exhaustion on relays. Anyone running an earlier version of Tor 0.3.4.9 should upgrade.

Changes in version 0.3.4.9 - 2018-11-02

Major bugfixes (compilation, backport from 0.3.5.3-alpha):
- Fix compilation on ARM (and other less-used CPUs) when compiling with OpenSSL before 1.1. Fixes bug 27781; bugfix on 0.3.4.1-alpha.
Major bugfixes (mainloop, bootstrap, backport from 0.3.5.3-alpha):
- Make sure Tor bootstraps and works properly if only the ControlPort is set. Prior to this fix, Tor would only bootstrap when a client port was set (Socks, Trans, NATD, DNS or HTTPTunnel port). Fixes bug 27849; bugfix on 0.3.4.1-alpha.

20 comments

New Release: Tor 0.3.4.8 (also other stable updates: 0.2.9.17, 0.3.2.12, and 0.3.3.10)

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.3.4.8 on the download page of the website. Packages should be available within the next several weeks, with a new Tor Browser by some time next week.

21 comments

Tor 0.3.3.7 is released!

Hello, everyone!

We have a new stable release today. If you build Tor from source, you can
download the source code for 0.3.3.7 on the website. Packages
should be available within the next several weeks, with a new Tor Browser over the next several weeks.

Tor 0.3.3.7 backports several changes from the 0.3.4.x series, including fixes for bugs affecting compatibility and stability.

Changes in version 0.3.3.7 - 2018-06-12

Directory authority changes:
- Add an IPv6 address for the "dannenberg" directory authority. Closes ticket 26343.
Minor features (geoip):
- Update geoip and geoip6 to the June 7 2018 Maxmind GeoLite2 Country database. Closes ticket 26351.

11 comments

Tor 0.3.3.6 is released: a new stable series!

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.3.3.6 on the website. Packages should be available within the next several weeks, with a new Tor Browser by some time in June.

15 comments

New stable Tor releases, with security fixes and DoS prevention: 0.3.2.10, 0.3.1.10, 0.2.9.15

Today, we made several new stable Tor releases. Together, they fix an issue in directory authorities, and backport a feature to improve relays' resistance of denial-of-service attacks. In addition, the 0.3.2.10 release fixes a security bug affecting relays running earlier 0.3.2.x versions.

7 comments

Tor 0.3.2.9 is released: We have a new stable series!

After months of hard work, there's a new stable Tor release series available! If you build Tor from source, you can now download the source code for Tor 0.3.2.9 from the usual place on the website. Packages should become available over the coming days, including (we hope) a Tor Browser release before the end of the month.

Tor 0.3.2.9 is the first stable release in the 0.3.2 series.

Upcoming Events

December 14, 2019 - December 15, 2019

Hackers Next Door (Brooklyn)

December 14, 2019

Criptobaile (Brasília)

January 09, 2020

Censorship Resistance für den Anonymisierungsdienst Tor (Hagenberg)

See All Upcoming Events

Recent Updates

Modularizing Key Aspects of the Tor Network, Supported by MOSS

In 2018, the Tor Project was awarded a grant from Mozilla’s Open Source Support (MOSS) program’s Mission Partners track to improve

Digital Rights are Human Rights

In honor of the United Nations' proclamation and adoption of the Universal Declaration of Human Rights (UDHR) in 1948, December 10 is Human Rights Day.

New Release: Tor 0.4.2.5 (also 0.4.1.7, 0.4.0.6, and 0.3.5.9)

This is the first stable release in the 0.4.2.x series. This series improves reliability and stability, and includes several stability and correctness improvements for onion services. It also fixes many smaller bugs present in previous series.

Per our support policy, we will support the 0.4.2.x series for nine months, or until three months after the release of a stable 0.4.3.x: whichever is longer. If you need longer-term support, please stick with 0.3.5.x, which will we plan to support until Feb 2022.

Today we are also releasing updates to our older series: 0.4.1.7 (changelog), 0.4.0.6 (changelog), and 0.3.5.9 (changelog), which you can download at dist.torproject.org. Note that the 0.4.0.x series and the 0.2.9.x series will become unsupported early next year, so if you're running one of those versions, you should plan to upgrade.

Below are the changes in 0.4.2.5, since 0.4.1.4-rc. For a complete list of only the changes since 0.4.2.4-rc, see the ChangeLog file.

Changes in version 0.4.2.5 - 2019-12-09

Major features (directory authorities):
- Directory authorities now reject relays running all currently deprecated release series. The currently supported release series are: 0.2.9, 0.3.5, 0.4.0, 0.4.1, and 0.4.2. Closes ticket 31549.
Major features (onion service v3, denial of service):
- Add onion service introduction denial of service defenses. Intro points can now rate-limit client introduction requests, using parameters that can be sent by the service within the ESTABLISH_INTRO cell. If the cell extension for this is not used, the intro point will honor the consensus parameters. Closes ticket 30924.

The Next Chapter in Anti-Censorship

The video from my DEF CON 2019 talk ("The Tor Censorship Arms Race: The Next Chapter") is now up: