<div dir="ltr"><p>Hello, everyone!</p>
<p>(If you are about to reply saying "please take me off this list", instead please follow these instructions:
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce/" rel="nofollow noreferrer noopener" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce/</a>
. If you have trouble, it is probably because you subscribed using a different address than the one you are trying to unsubscribe with. You will have to enter the actual email address you used when you subscribed.)</p>
<p>After months of work, Tor 0.4.6.5 is now available! This is the first stable release in the 0.4.6.x series, and we hope you find it useful.</p>
<p>You can download the source code from the download page at <a href="https://www.torproject.org/download/tor/" rel="nofollow noreferrer noopener" target="_blank">https://www.torproject.org/download/tor/</a> . Packages should be available within the next several weeks, with a new Tor Browser around the end of the week.</p><p>This release fixes several security vulnerabilities, described below. We are also releasing security fixes for the other supported release series; I'll describe them in a separate email. I recommend that everybody upgrade to 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5 as soon as binaries are available (or right now, if you build from source).</p><p><br>Changes in version 0.4.6.5 - 2021-06-14<br> Tor 0.4.6.5 is the first stable release in its series. The 0.4.6.x<br> series includes numerous features and bugfixes, including a significant<br> improvement to our circuit timeout algorithm that should improve<br> observed client performance, and a way for relays to report when they are<br> overloaded.<br><br> This release also includes security fixes for several security issues,<br> including a denial-of-service attack against onion service clients,<br> and another denial-of-service attack against relays. Everybody should<br> upgrade to one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5.<br><br> Below are the changes since 0.4.5.8. For a list of changes since<br> 0.4.6.4-rc, see the ChangeLog file.<br><br> o Major bugfixes (security):<br> - Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on<br> half-closed streams. Previously, clients failed to validate which<br> hop sent these cells: this would allow a relay on a circuit to end<br> a stream that wasn't actually built with it. Fixes bug 40389;<br> bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021-<br> 003 and CVE-2021-34548.<br><br> o Major bugfixes (security, defense-in-depth):<br> - Detect more failure conditions from the OpenSSL RNG code.<br> Previously, we would detect errors from a missing RNG<br> implementation, but not failures from the RNG code itself.<br> Fortunately, it appears those failures do not happen in practice<br> when Tor is using OpenSSL's default RNG implementation. Fixes bug<br> 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as<br> TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.<br><br> o Major bugfixes (security, denial of service):<br> - Resist a hashtable-based CPU denial-of-service attack against<br> relays. Previously we used a naive unkeyed hash function to look<br> up circuits in a circuitmux object. An attacker could exploit this<br> to construct circuits with chosen circuit IDs, to create<br> collisions and make the hash table inefficient. Now we use a<br> SipHash construction here instead. Fixes bug 40391; bugfix on<br> 0.2.4.4-alpha. This issue is also tracked as TROVE-2021-005 and<br> CVE-2021-34549. Reported by Jann Horn from Google's Project Zero.<br> - Fix an out-of-bounds memory access in v3 onion service descriptor<br> parsing. An attacker could exploit this bug by crafting an onion<br> service descriptor that would crash any client that tried to visit<br> it. Fixes bug 40392; bugfix on 0.3.0.1-alpha. This issue is also<br> tracked as TROVE-2021-006 and CVE-2021-34550. Reported by Sergei<br> Glazunov from Google's Project Zero.<br><br> o Major features (control port, onion services):<br> - Add controller support for creating version 3 onion services with<br> client authorization. Previously, only v2 onion services could be<br> created with client authorization. Closes ticket 40084. Patch by<br> Neel Chauhan.<br><br> o Major features (directory authority):<br> - When voting on a relay with a Sybil-like appearance, add the Sybil<br> flag when clearing out the other flags. This lets a relay operator<br> know why their relay hasn't been included in the consensus. Closes<br> ticket 40255. Patch by Neel Chauhan.<br><br> o Major features (metrics):<br> - Relays now report how overloaded they are in their extrainfo<br> documents. This information is controlled with the<br> OverloadStatistics torrc option, and it will be used to improve<br> decisions about the network's load balancing. Implements proposal<br> 328; closes ticket 40222.<br><br> o Major features (relay, denial of service):<br> - Add a new DoS subsystem feature to control the rate of client<br> connections for relays. Closes ticket 40253.<br><br> o Major features (statistics):<br> - Relays now publish statistics about the number of v3 onion<br> services and volume of v3 onion service traffic, in the same<br> manner they already do for v2 onions. Closes ticket 23126.<br><br> o Major bugfixes (circuit build timeout):<br> - Improve the accuracy of our circuit build timeout calculation for<br> 60%, 70%, and 80% build rates for various guard choices. We now<br> use a maximum likelihood estimator for Pareto parameters of the<br> circuit build time distribution, instead of a "right-censored<br> estimator". This causes clients to ignore circuits that never<br> finish building in their timeout calculations. Previously, clients<br> were counting such unfinished circuits as having the highest<br> possible build time value, when in reality these circuits most<br> likely just contain relays that are offline. We also now wait a<br> bit longer to let circuits complete for measurement purposes,<br> lower the minimum possible effective timeout from 1.5 seconds to<br> 10ms, and increase the resolution of the circuit build time<br> histogram from 50ms bin widths to 10ms bin widths. Additionally,<br> we alter our estimate Xm by taking the maximum of the top 10 most<br> common build time values of the 10ms histogram, and compute Xm as<br> the average of these. Fixes bug 40168; bugfix on 0.2.2.14-alpha.<br> - Remove max_time calculation and associated warning from circuit<br> build timeout 'alpha' parameter estimation, as this is no longer<br> needed by our new estimator from 40168. Fixes bug 34088; bugfix<br> on 0.2.2.9-alpha.<br><br> o Major bugfixes (signing key):<br> - In the tor-gencert utility, give an informative error message if<br> the passphrase given in `--create-identity-key` is too short.<br> Fixes bug 40189; bugfix on 0.2.0.1-alpha. Patch by Neel Chauhan.<br><br> o Minor features (bridge):<br> - We now announce the URL to Tor's new bridge status at<br> <a href="https://bridges.torproject.org/">https://bridges.torproject.org/</a> when Tor is configured to run as a<br> bridge relay. Closes ticket 30477.<br><br> o Minor features (build system):<br> - New "make lsp" command to auto generate the compile_commands.json<br> file used by the ccls server. The "bear" program is needed for<br> this. Closes ticket 40227.<br><br> o Minor features (client):<br> - Clients now check whether their streams are attempting to re-enter<br> the Tor network (i.e. to send Tor traffic over Tor), and close<br> them preemptively if they think exit relays will refuse them for<br> this reason. See ticket 2667 for details. Closes ticket 40271.<br><br> o Minor features (command line):<br> - Add long format name "--torrc-file" equivalent to the existing<br> command-line option "-f". Closes ticket 40324. Patch by<br> Daniel Pinto.<br><br> o Minor features (command-line interface):<br> - Add build informations to `tor --version` in order to ease<br> reproducible builds. Closes ticket 32102.<br> - When parsing command-line flags that take an optional argument,<br> treat the argument as absent if it would start with a '-'<br> character. Arguments in that form are not intelligible for any of<br> our optional-argument flags. Closes ticket 40223.<br> - Allow a relay operator to list the ed25519 keys on the command<br> line by adding the `rsa` and `ed25519` arguments to the<br> --list-fingerprint flag to show the respective RSA and ed25519<br> relay fingerprint. Closes ticket 33632. Patch by Neel Chauhan.<br><br> o Minor features (compatibility):<br> - Remove an assertion function related to TLS renegotiation. It was<br> used nowhere outside the unit tests, and it was breaking<br> compilation with recent alpha releases of OpenSSL 3.0.0. Closes<br> ticket 40399.<br><br> o Minor features (control port, stream handling):<br> - Add the stream ID to the event line in the ADDRMAP control event.<br> Closes ticket 40249. Patch by Neel Chauhan.<br><br> o Minor features (dormant mode):<br> - Add a new 'DormantTimeoutEnabled' option to allow coarse-grained<br> control over whether the client ever becomes dormant from<br> inactivity. Most people won't need this. Closes ticket 40228.<br> - Add a new 'DormantTimeoutEnabled' option for coarse-grained<br> control over whether the client can become dormant from<br> inactivity. Most people won't need this. Closes ticket 40228.<br><br> o Minor features (geoip data):<br> - Update the geoip files to match the IPFire Location Database, as<br> retrieved on 2021/06/10.<br><br> o Minor features (logging):<br> - Edit heartbeat log messages so that more of them begin with the<br> string "Heartbeat: ". Closes ticket 40322; patch<br> from 'cypherpunks'.<br> - Change the DoS subsystem heartbeat line format to be more clear on<br> what has been detected/rejected, and which option is disabled (if<br> any). Closes ticket 40308.<br> - In src/core/mainloop/mainloop.c and src/core/mainloop/connection.c,<br> put brackets around IPv6 addresses in log messages. Closes ticket<br> 40232. Patch by Neel Chauhan.<br><br> o Minor features (logging, diagnostic):<br> - Log decompression failures at a higher severity level, since they<br> can help provide missing context for other warning messages. We<br> rate-limit these messages, to avoid flooding the logs if they<br> begin to occur frequently. Closes ticket 40175.<br><br> o Minor features (onion services):<br> - Add a warning message when trying to connect to (no longer<br> supported) v2 onion services. Closes ticket 40373.<br><br> o Minor features (performance, windows):<br> - Use SRWLocks to implement locking on Windows. Replaces the<br> "critical section" locking implementation with the faster<br> SRWLocks, available since Windows Vista. Closes ticket 17927.<br> Patch by Daniel Pinto.<br><br> o Minor features (protocol, proxy support, defense in depth):<br> - Close HAProxy connections if they somehow manage to send us data<br> before we start reading. Closes another case of ticket 40017.<br><br> o Minor features (tests, portability):<br> - Port the hs_build_address.py test script to work with recent<br> versions of python. Closes ticket 40213. Patch from<br> Samanta Navarro.<br><br> o Minor features (vote document):<br> - Add a "stats" line to directory authority votes, to report various<br> statistics that authorities compute about the relays. This will<br> help us diagnose the network better. Closes ticket 40314.<br><br> o Minor bugfixes (build):<br> - The configure script now shows whether or not lzma and zstd have<br> been used, not just if the enable flag was passed in. Fixes bug<br> 40236; bugfix on 0.4.3.1-alpha.<br><br> o Minor bugfixes (compatibility):<br> - Fix a failure in the test cases when running on the "hppa"<br> architecture, along with a related test that might fail on other<br> architectures in the future. Fixes bug 40274; bugfix<br> on 0.2.5.1-alpha.<br><br> o Minor bugfixes (compilation):<br> - Fix a compilation warning about unused functions when building<br> with a libc that lacks the GLOB_ALTDIRFUNC constant. Fixes bug<br> 40354; bugfix on 0.4.5.1-alpha. Patch by Daniel Pinto.<br><br> o Minor bugfixes (consensus handling):<br> - Avoid a set of bugs that could be caused by inconsistently<br> preferring an out-of-date consensus stored in a stale directory<br> cache over a more recent one stored on disk as the latest<br> consensus. Fixes bug 40375; bugfix on 0.3.1.1-alpha.<br><br> o Minor bugfixes (control, sandbox):<br> - Allow the control command SAVECONF to succeed when the seccomp<br> sandbox is enabled, and make SAVECONF keep only one backup file to<br> simplify implementation. Previously SAVECONF allowed a large<br> number of backup files, which made it incompatible with the<br> sandbox. Fixes bug 40317; bugfix on 0.2.5.4-alpha. Patch by<br> Daniel Pinto.<br><br> o Minor bugfixes (directory authorities, voting):<br> - Add a new consensus method (31) to support any future changes that<br> authorities decide to make to the value of bwweightscale or<br> maxunmeasuredbw. Previously, there was a bug that prevented the<br> authorities from parsing these consensus parameters correctly under<br> most circumstances. Fixes bug 19011; bugfix on 0.2.2.10-alpha.<br><br> o Minor bugfixes (ipv6):<br> - Allow non-SOCKSPorts to disable IPv4, IPv6, and PreferIPv4. Some<br> rare configurations might break, but in this case you can disable<br> NoIPv4Traffic and NoIPv6Traffic as needed. Fixes bug 33607; bugfix<br> on 0.4.1.1-alpha. Patch by Neel Chauhan.<br><br> o Minor bugfixes (key generation):<br> - Do not require a valid torrc when using the `--keygen` argument to<br> generate a signing key. This allows us to generate keys on systems<br> or users which may not run Tor. Fixes bug 40235; bugfix on<br> 0.2.7.2-alpha. Patch by Neel Chauhan.<br><br> o Minor bugfixes (logging, relay):<br> - Emit a warning if an Address is found to be internal and tor can't<br> use it. Fixes bug 40290; bugfix on 0.4.5.1-alpha.<br><br> o Minor bugfixes (metrics port):<br> - Fix a bug that made tor try to re-bind() on an already open<br> MetricsPort every 60 seconds. Fixes bug 40370; bugfix<br> on 0.4.5.1-alpha.<br><br> o Minor bugfixes (onion services, logging):<br> - Downgrade the severity of a few rendezvous circuit-related<br> warnings from warning to info. Fixes bug 40207; bugfix on<br> 0.3.2.1-alpha. Patch by Neel Chauhan.<br><br> o Minor bugfixes (relay):<br> - Reduce the compression level for data streaming from HIGH to LOW.<br> This should reduce the CPU and memory burden for directory caches.<br> Fixes bug 40301; bugfix on 0.3.5.1-alpha.<br><br> o Minor bugfixes (testing, BSD):<br> - Fix pattern-matching errors when patterns expand to invalid paths<br> on BSD systems. Fixes bug 40318; bugfix on 0.4.5.1-alpha. Patch by<br> Daniel Pinto.<br><br> o Code simplification and refactoring:<br> - Remove the orconn_ext_or_id_map structure and related functions.<br> (Nothing outside of unit tests used them.) Closes ticket 33383.<br> Patch by Neel Chauhan.<br><br> o Removed features:<br> - Remove unneeded code for parsing private keys in directory<br> documents. This code was only used for client authentication in v2<br> onion services, which are now unsupported. Closes ticket 40374.<br> - As of this release, Tor no longer supports the old v2 onion<br> services. They were deprecated last July for security, and support<br> will be removed entirely later this year. We strongly encourage<br> everybody to migrate to v3 onion services. For more information,<br> see <a href="https://blog.torproject.org/v2-deprecation-timeline">https://blog.torproject.org/v2-deprecation-timeline</a> . Closes<br> ticket 40266. (NOTE: We accidentally released an earlier version<br> of the 0.4.6.1-alpha changelog without this entry. Sorry for<br> the confusion!)<br><br> o Code simplification and refactoring (metrics, DoS):<br> - Move the DoS subsystem into the subsys manager, including its<br> configuration options. Closes ticket 40261.<br><br> o Documentation (manual):<br> - Move the ServerTransport* options to the "SERVER OPTIONS" section.<br> Closes issue 40331.<br> - Indicate that the HiddenServiceStatistics option also applies to<br> bridges. Closes ticket 40346.<br> - Move the description of BridgeRecordUsageByCountry to the section<br> "STATISTICS OPTIONS". Closes ticket 40323.<br><br> o Removed features (relay):<br> - Because DirPorts are only used on authorities, relays no longer<br> advertise them. Similarly, self-testing for DirPorts has been<br> disabled, since an unreachable DirPort is no reason for a relay<br> not to advertise itself. (Configuring a DirPort will still work,<br> for now.) Closes ticket 40282.<br><br><br></p><p><br></p><p><br></p></div>