- tor-announce - lists.torproject.org

New Release: Tor Browser 12.5.5 (Android, Windows, macOS, Linux)
by richard 26 Sep '23

26 Sep '23

Hi everyone, Tor Browser 12.5.5 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1255/ best, -richard

1 0

[RELEASE] Tor 0.4.8.7 stable
by David Goulet 25 Sep '23

25 Sep '23

Greetings, We have just released 0.4.8.7. Here is the announcement: https://forum.torproject.org/t/stable-release-0-4-8-7/9398 ChangLog follows. Cheers! David Changes in version 0.4.8.7 - 2023-09-25 This version fixes a single major bug in the Conflux subsystem on the client side. See below for more information. The upcoming Tor Browser 13 stable will pick this up. o Major bugfixes (conflux): - Fix an issue that prevented us from pre-building more conflux sets after existing sets had been used. Fixes bug 40862; bugfix on 0.4.8.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on September 25, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/09/25. -- q7T6mD1nbFk9Jyq4XrI3UyeWs0AZbQIAhaHpiWYf6Dg=

1 0

New Release: Tor Browser 13.0a5 (Android, Windows, macOS, Linux)
by richard 24 Sep '23

24 Sep '23

Hi everyone, Tor Browser 13.0a5 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-130a5/ best, -richard

1 0

[RELEASE] Tor stable 0.4.7.15 and 0.4.8.6
by David Goulet 18 Sep '23

18 Sep '23

Greetings, We just released two new stables that is 0.4.7.15 and 0.4.8.6 containing an important fix for onion services affecting congestion control. Here is the announcement: https://forum.torproject.org/t/stable-release-0-4-7-15-and-0-4-8-6/9292 Below the ChangeLog for both releases. Cheers! Changes in version 0.4.7.15 - 2023-09-18 This version contains an important fix for onion service regarding congestion control and its reliability. Apart from that, very minor bugfixes. We strongly recommend all onion service operators to update immediately. o Major bugfixes (onion service): - Fix a reliability issue where services were expiring their introduction points every consensus update. This caused connectivity issues for clients caching the old descriptor and intro points. Bug reported and fixed by gitlab user @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on September 18, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/09/18. o Minor features (testing): - Enable Doxygen and Stem tests for 0.4.8 and clean-up some logic for handling versions of Tor that are no longer supported. Closes ticket 40859. o Minor bugfixes (compression): - Right after compression/decompression work is done, check for errors. Before this, we would consider compression bomb before that and then looking for errors leading to false positive on that log warning. Fixes bug 40739; bugfix on 0.3.5.1-alpha. Patch by "cypherpunks". o Minor bugfixes (compression, zstd): - Use less frightening language and lower the log-level of our run- time ABI compatibility check message in our Zstd compression subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha. Changes in version 0.4.8.6 - 2023-09-18 This version contains an important fix for onion service regarding congestion control and its reliability. Apart from that, uneeded BUG warnings have been suppressed especially about a compression bomb seen on relays. We strongly recommend, in particular onion service operators, to upgrade as soon as possible to this latest stable. o Major bugfixes (onion service): - Fix a reliability issue where services were expiring their introduction points every consensus update. This caused connectivity issues for clients caching the old descriptor and intro points. Bug reported and fixed by gitlab user @hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha. o Minor features (debugging, compression): - Log the input and output buffer sizes when we detect a potential compression bomb. Diagnostic for ticket 40739. o Minor features (fallbackdir): - Regenerate fallback directories generated on September 18, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/09/18. o Minor bugfix (defensive programming): - Disable multiple BUG warnings of a missing relay identity key when starting an instance of Tor compiled without relay support. Fixes bug 40848; bugfix on 0.4.3.1-alpha. o Minor bugfixes (bridge authority): - When reporting a pseudo-networkstatus as a bridge authority, or answering "ns/purpose/*" controller requests, include accurate published-on dates from our list of router descriptors. Fixes bug 40855; bugfix on 0.4.8.1-alpha. o Minor bugfixes (compression, zstd): - Use less frightening language and lower the log-level of our run- time ABI compatibility check message in our Zstd compression subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha. -- F+IRkBdyPvUEHZV3ctcJ/vEeoQpBTIsT3aVD9KfRtfo=

1 0

New Release: Tor Browser 13.0a4 (Android, Windows, macOS, Linux)
by richard 14 Sep '23

14 Sep '23

Hi everyone, Tor Browser 13.0a4 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-130a4/ best, -richard

1 0

New Release: Tor Browser 12.5.4 (Android, Windows, macOS, Linux)
by richard 14 Sep '23

14 Sep '23

Hi everyone, Tor Browser 12.5.4 has now been published for all platforms. This is an unplanned security release to resolve a critical bug in Firefox's webp imge decoder. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1254/ best, -richard

1 0

[RELEASE] Tor stable 0.4.8.5
by David Goulet 30 Aug '23

30 Aug '23

Greetings, We have just released a new tor 0.4.8.5 stable. Here is the announcement: https://forum.torproject.org/t/stable-release-0-4-8-5/8996 Here is the ChangeLog: Changes in version 0.4.8.5 - 2023-08-30 Quick second release after the first stable few days ago fixing minor annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation failures and PoW unit test. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 30, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/08/30. o Minor bugfix (NetBSD, compilation): - Fix compilation issue on NetBSD by avoiding an unnecessary dependency on "huge" page mappings in Equi-X. Fixes bug 40843; bugfix on 0.4.8.1-alpha. o Minor bugfix (NetBSD, testing): - Fix test failures in "crypto/hashx" and "slow/crypto/equix" on x86_64 and aarch64 NetBSD hosts, by adding support for PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha. o Minor bugfixes (conflux): - Demote a relay-side warn about too many legs to ProtocolWarn, as there are conditions that it can briefly happen during set construction. Also add additional set logging details for all error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha. - Prevent non-fatal assert stacktrace caused by using conflux sets during their teardown process. Fixes bug 40842; bugfix on 0.4.8.1-alpha. Cheers! David -- PXPuaYe4CON9t6360/W4a+SK92kS1rd6tNjWHZJHIdE=

1 0

New Release: Tor Browser 12.5.3 (Android, Windows, macOS, Linux)
by richard 29 Aug '23

29 Aug '23

Hi everyone, Tor Browser 12.5.3 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1253 best, -richard

1 0

Tor Browser 13.0a3 (Android, Windows, macOS, Linux)
by richard 24 Aug '23

24 Aug '23

Hi everyone, Tor Browser 13.0a3 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-130a3/ best, -richard

1 0

[RELEASE] Tor 0.4.8.4 stable release
by David Goulet 23 Aug '23

23 Aug '23

Greetings, We just released the first stable version of the 0.4.8.x series. Here is the announcement: https://forum.torproject.org/t/stable-release-0-4-8-4/8884 The ChangeLog (changes from 0.4.8.3-rc) and ReleaseNotes (all the things in 0.4.8) below: ChangeLog: Changes in version 0.4.8.4 - 2023-08-23 Finally, this is the very first stable release of the 0.4.8.x series making Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire network. Some major bugfixes since the release candidate detailed below. o Major feature (denial of service): - Extend DoS protection to partially opened channels and known relays. Because re-entry is not allowed anymore, we can apply DoS protections onto known IP namely relays. Fixes bug 40821; bugfix on 0.3.5.1-alpha. o Major bugfixes (conflux): - Fix a relay-side crash caused by side effects of the fix for bug 40827. Reverts part of that fix that caused the crash and adds additional log messages to help find the root cause. Fixes bug 40834; bugfix on 0.4.8.3-rc. o Major bugfixes (proof of work, onion service, hashx): - Fix a very rare buffer overflow in hashx, specific to the dynamic compiler on aarch64 platforms. Fixes bug 40833; bugfix on 0.4.8.2-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 23, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/08/23. o Minor features (testing): - All Rust code is now linted (cargo clippy) as part of GitLab CI, and existing warnings have been fixed. - Any unit tests written in Rust now run as part of GitLab CI. o Minor bugfix (FreeBSD, compilation): - Fix compilation issue on FreeBSD by properly importing sys/param.h. Fixes bug 40825; bugfix on 0.4.8.1-alpha. o Minor bugfixes (compression): - Right after compression/decompression work is done, check for errors. Before this, we would consider compression bomb before that and then looking for errors leading to false positive on that log warning. Fixes bug 40739; bugfix on 0.3.5.1-alpha. Patch by "cypherpunks". ReleaseNotes: Changes in version 0.4.8.4 - 2023-08-23 Finally, this is the very first stable release of the 0.4.8.x series making, among other features, Proof-of-Work (prop#327) and Conflux (prop#329) available to the entire network. Several new features and a lot of bugfixes detailed below. o Major feature (denial of service): - Extend DoS protection to partially opened channels and known relays. Because re-entry is not allowed anymore, we can apply DoS protections onto known IP namely relays. Fixes bug 40821; bugfix on 0.3.5.1-alpha. o Major features (onion service, proof-of-work): - Implement proposal 327 (Proof-Of-Work). This is aimed at thwarting introduction flooding DoS attacks by introducing a dynamic Proof-Of-Work protocol that occurs over introduction circuits. This introduces several torrc options prefixed with "HiddenServicePoW" in order to control this feature. By default, this is disabled. Closes ticket 40634. o Major features (conflux): - Implement Proposal 329 (conflux traffic splitting). Conflux splits traffic across two circuits to Exits that support the protocol. These circuits are pre-built only, which means that if the pre- built conflux pool runs out, regular circuits will then be used. When using conflux circuit pairs, clients choose the lower-latency circuit to send data to the Exit. When the Exit sends data to the client, it maximizes throughput, by fully utilizing both circuits in a multiplexed fashion. Alternatively, clients can request that the Exit optimize for latency when transmitting to them, by setting the torrc option 'ConfluxClientUX latency'. Onion services are not currently supported, but will be in arti. Many other future optimizations will also be possible using this protocol. Closes ticket 40593. o Major features (dirauth): - Directory authorities and relays now interact properly with directory authorities if they change addresses. In the past, they would continue to upload votes, signatures, descriptors, etc to the hard-coded address in the configuration. Now, if the directory authority is listed in the consensus at a different address, they will direct queries to this new address. Implements ticket 40705. o Major bugfixes (conflux): - Fix a relay-side crash caused by side effects of the fix for bug 40827. Reverts part of that fix that caused the crash and adds additional log messages to help find the root cause. Fixes bug 40834; bugfix on 0.4.8.3-rc. o Major bugfixes (conflux): - Fix a relay-side assert crash caused by attempts to use a conflux circuit between circuit close and free, such that no legs were on the conflux set. Fixed by nulling out the stream's circuit back- pointer when the last leg is removed. Additional checks and log messages have been added to detect other cases. Fixes bug 40827; bugfix on 0.4.8.1-alpha. o Major bugfixes (proof of work, onion service, hashx): - Fix a very rare buffer overflow in hashx, specific to the dynamic compiler on aarch64 platforms. Fixes bug 40833; bugfix on 0.4.8.2-alpha. o Major bugfixes (vanguards): - Rotate to a new L2 vanguard whenever an existing one loses the Stable or Fast flag. Previously, we would leave these relays in the L2 vanguard list but never use them, and if all of our vanguards end up like this we wouldn't have any middle nodes left to choose from so we would fail to make onion-related circuits. Fixes bug 40805; bugfix on 0.4.7.1-alpha. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/08/23. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 23, 2023. o Minor features (testing): - All Rust code is now linted (cargo clippy) as part of GitLab CI, and existing warnings have been fixed. - Any unit tests written in Rust now run as part of GitLab CI. o Minor feature (CI): - Update CI to use Debian Bullseye for runners. o Minor feature (client, IPv6): - Make client able to pick IPv6 relays by default now meaning ClientUseIPv6 option now defaults to 1. Closes ticket 40785. o Minor feature (compilation): - Fix returning something other than "Unknown N/A" as libc version if we build tor on an O.S. like DragonFlyBSD, FreeBSD, OpenBSD or NetBSD. o Minor feature (cpuworker): - Always use the number of threads for our CPU worker pool to the number of core available but cap it to a minimum of 2 in case of a single core. Fixes bug 40713; bugfix on 0.3.5.1-alpha. o Minor feature (lzma): - Fix compiler warnings for liblzma >= 5.3.1. Closes ticket 40741. o Minor feature (MetricsPort, relay): - Expose time until online keys expires on the MetricsPort. Closes ticket 40546. o Minor feature (MetricsPort, relay, onion service): - Add metrics for the relay side onion service interactions counting seen cells. Closes ticket 40797. Patch by "friendly73". o Minor features (directory authorities): - Directory authorities now include their AuthDirMaxServersPerAddr config option in the consensus parameter section of their vote. Now external tools can better predict how they will behave. Implements ticket 40753. o Minor features (directory authority): - Add a new consensus method in which the "published" times on router entries in a microdesc consensus are all set to a meaningless fixed date. Doing this will make the download size for compressed microdesc consensus diffs much smaller. Part of ticket 40130; implements proposal 275. o Minor features (network documents): - Clients and relays no longer track the "published on" time declared for relays in any consensus documents. When reporting this time on the control port, they instead report a fixed date in the future. Part of ticket 40130. o Minor features (fallbackdir): - Regenerate fallback directories generated on June 01, 2023. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2023/06/01. o Minor features (hs, metrics): - Add tor_hs_rend_circ_build_time and tor_hs_intro_circ_build_time histograms to measure hidden service rend/intro circuit build time durations. Part of ticket 40757. o Minor features (metrics): - Add a `reason` label to the HS error metrics. Closes ticket 40758. - Add service side metrics for REND and introduction request failures. Closes ticket 40755. - Add support for histograms. Part of ticket 40757. o Minor features (pluggable transports): - Automatically restart managed Pluggable Transport processes when their process terminate. Resolves ticket 33669. o Minor features (portability, compilation): - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5 compatibility. Fixes issue 40630; patch by Alex Xu (Hello71). o Minor features (relay): - Do not warn about configuration options that may expose a non- anonymous onion service. Closes ticket 40691. o Minor features (relays): - Trigger OOS when bind fails with EADDRINUSE. This improves fairness when a large number of exit connections are requested, and properly signals exhaustion to the network. Fixes issue 40597; patch by Alex Xu (Hello71). o Minor features (tests): - Avoid needless key reinitialization with OpenSSL during unit tests, saving significant time. Patch from Alex Xu. o Minor bugfix (hs): - Fix compiler warnings in equix and hashx when building with clang. Closes ticket 40800. o Minor bugfix (FreeBSD, compilation): - Fix compilation issue on FreeBSD by properly importing sys/param.h. Fixes bug 40825; bugfix on 0.4.8.1-alpha. o Minor bugfixes (compression): - Right after compression/decompression work is done, check for errors. Before this, we would consider compression bomb before that and then looking for errors leading to false positive on that log warning. Fixes bug 40739; bugfix on 0.3.5.1-alpha. Patch by "cypherpunks". o Minor bugfixes (compilation): - Fix all -Werror=enum-int-mismatch warnings. No behavior change. Fixes bug 40824; bugfix on 0.3.5.1-alpha. o Minor bugfixes (protocol warn): - Wrap a handful of cases where ProtocolWarning logs could emit IP addresses. Fixes bug 40828; bugfix on 0.3.5.1-alpha. o Minor bugfix (congestion control): - Reduce the accepted range of a circuit's negotiated 'cc_sendme_inc' to be +/- 1 from the consensus parameter value. Fixes bug 40569; bugfix on 0.4.7.4-alpha. - Remove unused congestion control algorithms and BDP calculation code, now that we have settled on and fully tuned Vegas. Fixes bug 40566; bugfix on 0.4.7.4-alpha. - Update default congestion control parameters to match consensus. Fixes bug 40709; bugfix on 0.4.7.4-alpha. o Minor bugfixes (compilation): - Fix "initializer is not a constant" compilation error that manifests itself on gcc versions < 8.1 and MSVC. Fixes bug 40773; bugfix on 0.4.8.1-alpha o Minor bugfixes (conflux): - Count leg launch attempts prior to attempting to launch them. This avoids inifinite launch attempts due to internal circuit building failures. Additionally, double-check that we have enough exits in our consensus overall, before attempting to launch conflux sets. Fixes bug 40811; bugfix on 0.4.8.1-alpha. - Fix a case where we were resuming reading on edge connections that were already marked for close. Fixes bug 40801; bugfix on 0.4.8.1-alpha. - Fix stream attachment order when creating conflux circuits, so that stream attachment happens after finishing the full link handshake, rather than upon set finalization. Fixes bug 40801; bugfix on 0.4.8.1-alpha. - Handle legs being closed or destroyed before computing an RTT (resulting in warns about too many legs). Fixes bug 40810; bugfix on 0.4.8.1-alpha. - Remove a "BUG" warning from conflux_pick_first_leg that can be triggered by broken or malicious clients. Fixes bug 40801; bugfix on 0.4.8.1-alpha. o Minor bugfixes (KIST): - Prevent KISTSchedRunInterval from having values of 0 or 1, neither of which work properly. Additionally, make a separate KISTSchedRunIntervalClient parameter, so that the client and relay KIST values can be set separately. Set the default of both to 2ms. Fixes bug 40808; bugfix on 0.3.2.1-alpha. o Minor bugfix (relay, logging): - The wrong max queue cell size was used in a protocol warning logging statement. Fixes bug 40745; bugfix on 0.4.7.1-alpha. o Minor bugfixes (logging): - Avoid ""double-quoting"" strings in several log messages. Fixes bug 22723; bugfix on 0.1.2.2-alpha. - Correct a log message when cleaning microdescriptors. Fixes bug 40619; bugfix on 0.2.5.4-alpha. o Minor bugfixes (metrics): - Decrement hs_intro_established_count on introduction circuit close. Fixes bug 40751; bugfix on 0.4.7.12. o Minor bugfixes (pluggable transports, windows): - Remove a warning `BUG()` that could occur when attempting to execute a non-existing pluggable transport on Windows. Fixes bug 40596; bugfix on 0.4.0.1-alpha. o Minor bugfixes (relay): - Remove a "BUG" warning for an acceptable race between a circuit close and considering that circuit active. Fixes bug 40647; bugfix on 0.3.5.1-alpha. - Remove a harmless "Bug" log message that can happen in relay_addr_learn_from_dirauth() on relays during startup. Finishes fixing bug 40231. Fixes bug 40523; bugfix on 0.4.5.4-rc. o Minor bugfixes (sandbox): - Allow membarrier for the sandbox. And allow rt_sigprocmask when compiled with LTTng. Fixes bug 40799; bugfix on 0.3.5.1-alpha. - Fix sandbox support on AArch64 systems. More "*at" variants of syscalls are now supported. Signed 32 bit syscall parameters are checked more precisely, which should lead to lower likelihood of breakages with future compiler and libc releases. Fixes bug 40599; bugfix on 0.4.4.3-alpha. o Minor bugfixes (state file): - Avoid a segfault if the state file doesn't contains TotalBuildTimes along CircuitBuildAbandonedCount being above 0. Fixes bug 40437; bugfix on 0.3.5.1-alpha. o Removed features: - Remove the RendPostPeriod option. This was primarily used in Version 2 Onion Services and after its deprecation isn't needed anymore. Closes ticket 40431. Patch by Neel Chauhan. -- NV16FOhQmS/xhGS8zRUf4+1+nzadUNIEt3cE3ntqkDo=

1 0