Tor 0.3.3.8 is released!
We have a new stable release today. If you build Tor from source, you can download the source code for 0.3.3.8 on the website. Packages should be available within the next several weeks, with a new stable Tor Browser by some time in September. (Don't worry, this isn't an urgent release for clients.)
Tor 0.3.3.8 backports several changes from the 0.3.4.x series, including fixes for a memory leak affecting directory authorities.
Changes in version 0.3.3.8 - 2018-07-09
- Major bugfixes (directory authority, backport from 0.3.4.3-alpha):
- Stop leaking memory on directory authorities when planning to vote. This bug was crashing authorities by exhausting their memory. Fixes bug 26435; bugfix on 0.3.3.6.
- Major bugfixes (rust, testing, backport from 0.3.4.3-alpha):
- Make sure that failing tests in Rust will actually cause the build to fail: previously, they were ignored. Fixes bug 26258; bugfix on 0.3.3.4-alpha.
- Minor features (compilation, backport from 0.3.4.4-rc):
- When building Tor, prefer to use Python 3 over Python 2, and more recent (contemplated) versions over older ones. Closes ticket 26372.
- Minor features (geoip):
- Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2 Country database. Closes ticket 26674.
- Minor features (relay, diagnostic, backport from 0.3.4.3-alpha):
- Add several checks to detect whether Tor relays are uploading their descriptors without specifying why they regenerated them. Diagnostic for ticket 25686.
- Minor bugfixes (circuit path selection, backport from 0.3.4.1-alpha):
- Don't count path selection failures as circuit build failures. This change should eliminate cases where Tor blames its guard or the network for situations like insufficient microdescriptors and/or overly restrictive torrc settings. Fixes bug 25705; bugfix on 0.3.3.1-alpha.
- Minor bugfixes (compilation, backport from 0.3.4.4-rc):
- Fix a compilation warning on some versions of GCC when building code that calls routerinfo_get_my_routerinfo() twice, assuming that the second call will succeed if the first one did. Fixes bug 26269; bugfix on 0.2.8.2-alpha.
- Minor bugfixes (control port, backport from 0.3.4.4-rc):
- Handle the HSADDRESS= argument to the HSPOST command properly. (Previously, this argument was misparsed and thus ignored.) Fixes bug 26523; bugfix on 0.3.3.1-alpha. Patch by "akwizgran".
- Minor bugfixes (memory, correctness, backport from 0.3.4.4-rc):
- Fix a number of small memory leaks identified by coverity. Fixes bug 26467; bugfix on numerous Tor versions.
- Minor bugfixes (relay, backport from 0.3.4.3-alpha):
- Relays now correctly block attempts to re-extend to the previous relay by Ed25519 identity. Previously they would warn in this case, but not actually reject the attempt. Fixes bug 26158; bugfix on 0.3.0.1-alpha.
- Minor bugfixes (restart-in-process, backport from 0.3.4.1-alpha):
- When shutting down, Tor now clears all the flags in the control.c module. This should prevent a bug where authentication cookies are not generated on restart. Fixes bug 25512; bugfix on 0.3.3.1-alpha.
- Minor bugfixes (testing, compatibility, backport from 0.3.4.4-rc):
- When running the hs_ntor_ref.py test, make sure only to pass strings (rather than "bytes" objects) to the Python subprocess module. Python 3 on Windows seems to require this. Fixes bug 26535; bugfix on 0.3.1.1-alpha.
- When running the ntor_ref.py test, make sure only to pass strings (rather than "bytes" objects) to the Python subprocess module. Python 3 on Windows seems to require this. Fixes bug 26535; bugfix on 0.2.5.5-alpha.
Any idea why verifying checksums fail for tor browser for windows. I downloaded it multiple times but get them wrong all the time.
Here is my output for sha256sum:
But the checksum file shows:
Even tried downloading from the onion site and still fails.
It looks like you're downloading the signed Tor Browser package, and then trying to compare the hash listed in the "unsigned" list.
(Your hash looks fine to me, for the signed one.)