Tor 0.3.2.8-rc fixes a pair of bugs in the KIST and KISTLite schedulers that had led servers under heavy load to overload their outgoing connections. All relay operators running earlier 0.3.2.x versions should upgrade. This version also includes a mitigation for over-full DESTROY queues leading to out-of-memory conditions: if it works, we will soon backport it to earlier release series.
This is the second release candidate in the 0.3.2 series. If we find no new bugs or regression here, then the first stable 0.3.2 release will be nearly identical to this.
You can download the source from the usual place on the website. Binary packages should be available soon. There probably won't be a Tor Browser release for this one; this issues fixed here are mainly (but not exclusively) relevant to relays.
Changes in version 0.3.2.8-rc - 2017-12-21
- Major bugfixes (KIST, scheduler):
- The KIST scheduler did not correctly account for data already enqueued in each connection's send socket buffer, particularly in cases when the TCP/IP congestion window was reduced between scheduler calls. This situation lead to excessive per-connection buffering in the kernel, and a potential memory DoS. Fixes bug 24665; bugfix on 0.3.2.1-alpha.
- Minor features (geoip):
- Update geoip and geoip6 to the December 6 2017 Maxmind GeoLite2 Country database.