Tor is released!

Hi! There's a new release candidate available for download. If you build Tor from source, you can download the source code for from the usual place on the website. If you don't build Tor from source, don't worry! Updated packages should be available over the coming weeks, with a new alpha Tor Browser release some time this week.

Tor fixes various bugs in earlier versions of Tor, including some that could affect reliability or correctness.

This is the first release candidate in the 0.3.3 series. If we find no new bugs or regression here, then the first stable 0.3.3 release will be nearly identical to this one.

Changes in version - 2018-04-15

  • Major bugfixes (security, protover, voting):
    • Revise Rust implementation of protover to use a more memory- efficient voting algorithm and corresponding data structures, thus avoiding a potential memory-based DoS attack where specially crafted protocol strings would expand to fill available memory. Fixes bug 24031; bugfix on
  • Major bugfixes (performance, load balancing):
    • Directory authorities no longer vote in favor of the Guard flag for relays without directory support. Starting in Tor, clients have been avoiding using such relays in the Guard position, leading to increasingly broken load balancing for the 5%-or-so of Guards that don't advertise directory support. Fixes bug 22310; bugfix on


  • Minor feature (continuous integration):
    • Update the Travis CI configuration to use the stable Rust channel, now that we have decided to require that. Closes ticket 25714.
  • Minor features (config options):
    • Change the way the default value for MaxMemInQueues is calculated. We now use 40% of the hardware RAM if the system has 8 GB RAM or more. Otherwise we use the former value of 75%. Closes ticket 24782.
  • Minor features (geoip):
    • Update geoip and geoip6 to the April 3 2018 Maxmind GeoLite2 Country database. Closes ticket 25718.
  • Minor bugfixes (client):
    • When using a listed relay as a bridge, and also using microdescriptors, and considering that relay as a non-bridge in a circuit, treat its microdescriptor as a valid source of information about that relay. This change should prevent a non- fatal assertion error. Fixes bug 25691; bugfix on
  • Minor bugfixes (controller):
    • Restore the correct operation of the RESOLVE command, which had been broken since we added the ability to enable/disable DNS on specific listener ports. Fixes bug 25617; bugfix on
  • Minor bugfixes (distribution, compilation, rust):
    • Build correctly when the rust dependencies submodule is loaded, but the TOR_RUST_DEPENDENCIES environment variable is not set. Fixes bug 25679; bugfix on
    • Actually include all of our Rust source in our source distributions. (Previously, a few of the files were accidentally omitted.) Fixes bug 25732; bugfix on
  • Minor bugfixes (documentation):
    • Document that the PerConnBW{Rate,Burst} options will fall back to their corresponding consensus parameters only if those parameters are set. Previously we had claimed that these values would always be set in the consensus. Fixes bug 25296; bugfix on
    • Revert a misformatting issue in the ExitPolicy documentation. Fixes bug 25582; bugfix on
  • Minor bugfixes (exit node DNS retries):
    • Re-attempt timed-out DNS queries 3 times before failure, since our timeout is 5 seconds for them, but clients wait 10-15. Also allow slightly more timeouts per resolver when an exit has multiple resolvers configured. Fixes bug 21394; bugfix on
  • Minor bugfixes (onion services):
    • Re-instate counting the client HSDir fetch circuits against the MaxClientCircuitsPending rate limit. Fixes bug 24989; bugfix on
    • Remove underscores from the _HSLayer{2,3}Nodes options. This expert-user configuration can now be enabled as HSLayer{2,3}Nodes. Fixes bug 25581; bugfix on
  • Code simplification and refactoring:
    • Move the list of default directory authorities to its own file. Closes ticket 24854. Patch by "beastr0".
  • Documentation (manpage, denial of service):
    • Provide more detail about the denial-of-service options, by listing each mitigation and explaining how they relate. Closes ticket 25248.

April 17, 2018


Is it possible to help me further understand how Tor uses Unix Sockets (UDS)?

If I set UnixSocksGroupWritable 1 in Torrc do I need to alter anything within the OS to make it work?

And most important what are the inherent risk/reward structure for this use case? How will I know it's working? Can it be used for hosting hidden services?

Is Tor generating Unix Internet Sockets? or Local Unix Sockets?

Join the discussion...

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

4 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.