New Stable Releases: Tor 0.3.5.16, 0.4.5.10 and 0.4.6.7
We have a new stable release today. If you build Tor from source, you can download the source code for the latest stable release on the download page. Packages should be available within the next several weeks, with a new Tor Browser later this week.
The ChangeLog for 0.4.6.7 follows below. For the changelogs for other releases, see the announcement email. These releases backport stability fixes from later Tor releases, and a security issue classified as HIGH per our policy.
Tor 0.4.6.7 fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier version, whether as a client, a relay, or an onion service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7.
Changes in version 0.4.6.7 - 2021-08-16
- Major bugfixes (cryptography, security):
- Resolve an assertion failure caused by a behavior mismatch between our batch-signature verification code and our single-signature verification code. This assertion failure could be triggered remotely, leading to a denial of service attack. We fix this issue by disabling batch verification. Fixes bug 40078; bugfix on 0.2.6.1-alpha. This issue is also tracked as TROVE-2021-007 and CVE-2021-38385. Found by Henry de Valence.
- Minor feature (fallbackdir):
- Regenerate fallback directories list. Close ticket 40447.
- Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as retrieved on 2021/08/12.
- Minor bugfix (crypto):
- Disable the unused batch verification feature of ed25519-donna. Fixes bug 40078; bugfix on 0.2.6.1-alpha. Found by Henry de Valence.
- Minor bugfixes (onion service):
- Send back the extended SOCKS error 0xF6 (Onion Service Invalid Address) for a v2 onion address. Fixes bug 40421; bugfix on 0.4.6.2-alpha.
- Minor bugfixes (relay):
- Reduce the compression level for data streaming from HIGH to LOW in order to reduce CPU load on the directory relays. Fixes bug 40301; bugfix on 0.3.5.1-alpha.
- Minor bugfixes (timekeeping):
- Calculate the time of day correctly on systems where the time_t type includes leap seconds. (This is not the case on most operating systems, but on those where it occurs, our tor_timegm function did not correctly invert the system's gmtime function, which could result in assertion failures when calculating voting schedules.) Fixes bug 40383; bugfix on 0.2.0.3-alpha.