New stable Tor releases: 0.3.1.8, 0.3.0.12, 0.2.9.13, 0.2.8.16, 0.2.5.15

by nickm | October 25, 2017

Hi, all!

There are new stable Tor releases available for download.  If you build Tor from source, you can find the source for the latest stable release on our Download page. You can find the older releases at https://dist.torproject.org/. Packages should be available over the coming days, including a planned TorBrowser release in November.

These releases backport stability fixes from later Tor releases, and add the key for the latest directory authority, "bastet".

The ChangeLog for 0.3.1.8 follows below. For the changelogs for other releases, see the announcement email.

Tor 0.3.1.8 is the second stable release in the 0.3.1 series. It includes several bugfixes, including a bugfix for a crash issue that had affected relays under memory pressure. It also adds a new directory authority, Bastet.

Changes in version 0.3.1.8 - 2017-10-25

  • Directory authority changes:
    • Add "Bastet" as a ninth directory authority to the default list. Closes ticket 23910.
    • The directory authority "Longclaw" has changed its IP address. Closes ticket 23592.
  • Major bugfixes (relay, crash, assertion failure, backport from 0.3.2.2-alpha):
    • Fix a timing-based assertion failure that could occur when the circuit out-of-memory handler freed a connection's output buffer. Fixes bug 23690; bugfix on 0.2.6.1-alpha.

 

  • Minor features (directory authorities, backport from 0.3.2.2-alpha):
    • Remove longclaw's IPv6 address, as it will soon change. Authority IPv6 addresses were originally added in 0.2.8.1-alpha. This leaves 3/8 directory authorities with IPv6 addresses, but there are also 52 fallback directory mirrors with IPv6 addresses. Resolves 19760.
  • Minor features (geoip):
    • Update geoip and geoip6 to the October 4 2017 Maxmind GeoLite2 Country database.
  • Minor bugfixes (compilation, backport from 0.3.2.2-alpha):
    • Fix a compilation warning when building with zstd support on 32-bit platforms. Fixes bug 23568; bugfix on 0.3.1.1-alpha. Found and fixed by Andreas Stieger.
  • Minor bugfixes (compression, backport from 0.3.2.2-alpha):
    • Handle a pathological case when decompressing Zstandard data when the output buffer size is zero. Fixes bug 23551; bugfix on 0.3.1.1-alpha.
  • Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
    • Remove the length limit on HTTP status lines that authorities can send in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
  • Minor bugfixes (hidden service, relay, backport from 0.3.2.2-alpha):
    • Avoid a possible double close of a circuit by the intro point on error of sending the INTRO_ESTABLISHED cell. Fixes bug 23610; bugfix on 0.3.0.1-alpha.
  • Minor bugfixes (memory safety, backport from 0.3.2.3-alpha):
    • Clear the address when node_get_prim_orport() returns early. Fixes bug 23874; bugfix on 0.2.8.2-alpha.
  • Minor bugfixes (unit tests, backport from 0.3.2.2-alpha):
    • Fix additional channelpadding unit test failures by using mocked time instead of actual time for all tests. Fixes bug 23608; bugfix on 0.3.1.1-alpha.

Comments

Please note that the comment area below has been archived.

October 27, 2017

Permalink

I have been unable to use Tor for over a month now. Windows 10 did an update and it has not worked since. I've been looking all over the net for a fix, but I get the same error each time. It gives me a box that says to reset or copy/paste the info and send it to tor, but nothing gets saved. Anyone have an idea why this is?

There is a windows essentials tool for exploring an executable, try googling for that and opening the tor.exe (or whatever tor is called on windows) via it and check what dlls it is requesting and whether they are found or not.

I ran into an issue with Libreoffice the other day that was due to a missing dll thanks to the latest version being compiled with the visual studio 2017 redist which the installer didn't check for while installing. If something similiar happened with tor that might be the cause of your issue. Another possibility is a package you had installed was rolled back as a result of updates. In the latter case, unless it shows up in the dynamic link checking tool, you will be best helped by joining the mailing list and asking there, or filing a bug on the bugtracker.

October 27, 2017

Permalink

Do you plan to :
- insert a warning or visual/alert color icon for a suspicious relays ( but how to know that ?)
- the flag of the country (aesthetic improvement ? )
- invite the dev of tor_tools to update their app (is it not first their responsibility ?)
- block the connection if several tabs have the same relays (security improvement ?)
- block Tor if a malfunction ( https / noscript ) happens
- an automatic check tester in case of problem (a command line that i do not know ... i can't open Tor without connection so a bug report is not possible ?)
- alert the user to do not run Tor as root so prevent it by blocking Tor ! (and if i open a terminal as root when Tor runs ; it interferes with Tor ).

you propose a lot of technical improvement at every release : thx.

November 02, 2017

Permalink

I am still unable to use Tor browser in my Win 10. I don't understand but when I click on the icon the app it doesn't respond and absolutely nothing happens is it something comfortability issue or what do I need to do to fix it?