Tor 0.2.1.8-alpha is now available

Tor 0.2.1.8-alpha fixes some crash bugs in earlier alpha releases,
builds better on unusual platforms like Solaris and old OS X, and fixes
a variety of other issues.

https://www.torproject.org/download

Changes in version 0.2.1.8-alpha - 2008-12-08
Major features:

New DirPortFrontPage option that takes an html file and publishes
it as "/" on the DirPort. Now relay operators can provide a
disclaimer without needing to set up a separate webserver. There's
a sample disclaimer in contrib/tor-exit-notice.html.

Security fixes:

When the client is choosing entry guards, now it selects at most
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator.
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

Major bugfixes:

Fix a DOS opportunity during the voting signature collection process
at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
Fix a possible segfault when establishing an exit connection. Bugfix
on 0.2.1.5-alpha.

Minor bugfixes:

Get file locking working on win32. Bugfix on 0.2.1.6-alpha. Fixes
bug 859.
Made Tor a little less aggressive about deleting expired
certificates. Partial fix for bug 854.
Stop doing unaligned memory access that generated bus errors on
sparc64. Bugfix on 0.2.0.10-alpha. Fix for bug 862.
Fix a crash bug when changing EntryNodes from the controller. Bugfix
on 0.2.1.6-alpha. Fix for bug 867. Patched by Sebastian.
Make USR2 log-level switch take effect immediately. Bugfix on
0.1.2.8-beta.
If one win32 nameserver fails to get added, continue adding the
rest, and don't automatically fail.
Use fcntl() for locking when flock() is not available. Should fix
compilation on Solaris. Should fix Bug 873. Bugfix on 0.2.1.6-alpha.
Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug
could make gcc generate non-functional binary search code. Bugfix
on 0.2.0.10-alpha.
Build correctly on platforms without socklen_t.
Avoid potential crash on internal error during signature collection.
Fixes bug 864. Patch from rovv.
Do not use C's stdio library for writing to log files. This will
improve logging performance by a minute amount, and will stop
leaking fds when our disk is full. Fixes bug 861.
Stop erroneous use of O_APPEND in cases where we did not in fact
want to re-seek to the end of a file before every last write().
Correct handling of possible malformed authority signing key
certificates with internal signature types. Fixes bug 880. Bugfix
on 0.2.0.3-alpha.
Fix a hard-to-trigger resource leak when logging credential status.
CID 349.

Minor features:

Directory mirrors no longer fetch the v1 directory or
running-routers files. They are obsolete, and nobody asks for them
anymore. This is the first step to making v1 authorities obsolete.

Minor features (controller):

Return circuit purposes in response to GETINFO circuit-status. Fixes
bug 858.

The original announcement can be found at http://archives.seul.org/or/talk/Dec-2008/msg00129.html

any chance of putting this

any chance of putting this new tor 0.2.1.8 in tor browser bundle?Need updates for tor browser bundle

tbb is always a week or so

tbb is always a week or so behind the releases. I'm sure it is coming.

Recent Updates

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.1.5 on the website. Packages should be available within the next several weeks, with a new Tor Browser in early September.

This is the first stable release in the 0.4.1.x series. This series adds experimental circuit-level padding, authenticated SENDME cells to defend against certain attacks, and several performance improvements to save on CPU consumption. It fixes bugs in bootstrapping and v3 onion services. It also includes numerous smaller features and bugfixes on earlier versions.

Per our support policy, we will support the 0.4.1.x series for nine months, or until three months after the release of a stable 0.4.2.x: whichever is longer. If you need longer-term support, please stick with 0.3.5.x, which will we plan to support until Feb 2022.

Below are the changes since 0.4.0.5. For a list of only the changes since 0.4.1.4-rc, see the ChangeLog file.

Changes in version 0.4.1.5 - 2019-08-20

Directory authority changes:
- The directory authority "dizum" has a new IP address. Closes ticket 31406.
Major features (circuit padding):
- Onion service clients now add padding cells at the start of their INTRODUCE and RENDEZVOUS circuits, to make those circuits' traffic look more like general purpose Exit traffic. The overhead for this is 2 extra cells in each direction for RENDEZVOUS circuits, and 1 extra upstream cell and 10 downstream cells for INTRODUCE circuits. This feature is only enabled when also supported by the circuit's middle node. (Clients may specify fixed middle nodes with the MiddleNodes option, and may force-disable this feature with the CircuitPadding option.) Closes ticket 28634.

New Release: Tor Browser 9.0a5

Tor Browser 9.0a5 is now available for Android from our distribution directory and

Tor’s Bug Smash Fund: Help Tor smash all the bugs!

Say hello to our Bug Smash Fund.

New release candidate: Tor 0.4.1.4-rc

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.1.4-rc from the usual place on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the next month or so.

Remember, this is just a release candidate: you should only run this if you'd like to find and report bugs.

Tor 0.4.1.4-rc fixes a few bugs from previous versions of Tor, and updates to a new list of fallback directories. If no new bugs are found, the next release in the 0.4.1.x series should be stable.

Changes in version 0.4.1.4-rc - 2019-07-25

Major bugfixes (circuit build, guard):
- When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Otherwise, we can end up in the situation where a subsystem is notified that a closing circuit has just opened, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha.
Minor features (continuous integration):
- Our Travis configuration now uses Chutney to run some network integration tests automatically. Closes ticket 29280.