- tor-announce - lists.torproject.org

New Release: Tor Browser 11.5.5 (Android, Windows, macOS, Linux)
by Richard Pospesel 27 Oct '22

27 Oct '22

Tor Browser 11.5.6 is now available from the Tor Browser download page and also from our distribution directory. This is an emergency release resolving an issue with Tor Browser 11.5.5's integration of the Snowflake pluggable transport. Users of 11.5.5 will be unable to connect to the Tor Network via the built-in Snowflake bridge until they update to 11.5.6. If you applied the following workaround to add a working Snowflake bridge manually, you may revert back to using the "Built-in" Snowflake bridge option after updating to 11.5.6. The full changelog since Tor Browser 11.5.5 is: All Plaforms Bug tor-browser-build#40665: Shorten snowflake bridge line

1 0

New Release: Tor Browser 11.5.5 (Android, Windows, macOS, Linux)
by Richard Pospesel 25 Oct '22

25 Oct '22

Tor Browser 11.5.5 is now available from the Tor Browser download page and also from our distribution directory. Tor Browser 11.5.5 backports the following security updates from Firefox ESR 102.4 to to Firefox ESR 91.13 on Windows, macOS and Linux: CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c CVE-2022-42927: Same-origin policy violation could have leaked cross-origin URLs CVE-2022-42928: Memory Corruption in JS Engine CVE-2022-42929: Denial of Service via window.print CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4 Tor Browser 11.5.5 updates GeckoView on Android to 102.4.0esr and includes important security updates. There were no Android-specific security updates to backport from the Firefox 106 release. The full changelog since Tor Browser 11.5.4 is: All Platforms Update Translations Bug tor-browser-build#40649: Update meek default bridge Bug tor-browser-build#40654: Enable uTLS and use the full bridge line for snowflake Windows + macOS + Linux Update Manual Bug tor-browser#40465: Onion Authentication fails when connecting to a subdomain Bug tor-browser#41355: Amends to YEC 2022 Takeover Desktop Stable 11.5.5 Bug tor-browser#41359: Backport ESR 102.4 security fixes to 91.13-based Tor Browser Bug tor-browser#41364: Continued amends to YEC 2022 Takeover Desktop Stable 11.5.5 Android Bug tor-browser-build#40650: Rebase geckoview-102.3.0esr-11.5-1 to ESR 102.4 Bug tor-browser#41360: Backport Android-specific Firefox 106 to ESR 102.4-based Tor Browser Bug tor-browser#41365: Amends to YEC 2022 Takeover on Android Build Windows + macOS + Linux Update Go to 1.18.7 Bug tor-browser-build#40464: go 1.18 fails to build on macOS

1 0

New Release: Tor Browser 11.5.4 (Android, Windows, macOS, Linux)
by Richard Pospesel 12 Oct '22

12 Oct '22

Tor Browser 11.5.4 is now available from the Tor Browser download page and also from our distribution directory. Our Android release follows our alpha branch to the ESR 102 release train. Please see the 12.0a2 blog post for details. Tor Browser 11.5.4 backports the following security updates from Firefox ESR 102.3 to to Firefox ESR 91.13 on Windows, macOS and Linux: CVE-2022-40959 CVE-2022-40960 CVE-2022-40958 CVE-2022-40956 CVE-2022-40962 Tor Browser 11.5.4 updates GeckoView on Android to 102.3.0esr. We also backport the following Android-specific security updates from Firefox 104 and 105: CVE-2022-36317 CVE-2022-38474 CVE-2022-40961 The full changelog since Tor Browser 11.5.3 is: All Platforms Bug tor-browser-build#40629: Bump snowflake version to 9ce1de4eee4e Bug tor-browser-build#40633: Remove Team Cymru hard-coded bridges Bug tor-browser#41326: Update preference for remoteRecipes Windows + macOS + Linux Bug tor-browser-build#40624: Change placeholder bridge addresses to make snowflake and meek work with ReachableAddresses/FascistFirewall Bug tor-browser#41303: YEC 2022 Takeover for Desktop Stable Bug tor-browser#41310: Backport ESR 102.3 security fixes to 91.13-based Tor Browser Bug tor-browser#41323: Tor-ify notification bar gradient colors (branding) Bug tor-browser#41338: The arrow on the search bar should be flipped for RTL languages Windows + macOS Bug tor-browser#41307: font whitelist typos Android Updated GeckoView to 102.3.0esr Bug tor-browser#41089: Add tor-browser build scripts + Makefile to tor-browser Bug tor-browser#41094: Enable HTTPS-Only Mode by default in Tor Browser Android Bug tor-browser#41159: Remove HTTPS-Everywhere extension from esr102-based Tor Browser Android Bug tor-browser#41166: Backport fix for CVE-2022-36317: Long URL would hang Firefox for Android (Bug 1759951) Bug tor-browser#41167: Backport fix for CVE-2022-38474: Recording notification not shown when microphone was recording on Android (Bug 1719511) Bug tor-browser#41302: YEC 2022 Takeover for Android Stable Bug tor-browser#41312: Backport Firefox 105 Android security fixes to 102.3-based Tor Browser Bug tor-browser#41314: Add YEC 2022 strings to torbutton and fenix Build System Android Update Go to 1.18.7

1 0

Tor Browser 12.0a3 is released (Android, Windows, macOS, Linux)
by Richard Pospesel 30 Sep '22

30 Sep '22

Tor Browser 12.0a3 is now available from the Tor Browser download page and also from our distribution directory. Tor Browser 12.0a3 updates Firefox on Android, Windows, macOS, and Linux to 102.3.0esr. We use this opportunity to update various other components of Tor Browser as well : NoScript 11.4.11 This version includes important security updates to Firefox. We also backport the following Android-specific security updates from Firefox 105: CVE-2022-40961 Additionally, the HTTPS-Everywhere extension has been removed and its functionality replaced with HTTP-Only mode on Android. The full changelog since Tor Browser 12.0a2 is: All Platforms Update Firefox to 102.3.0esr Update NoScript to 11.4.11 Update Translations Bug tor-browser-build#40624: Change placeholder bridge addresses to make snowflake and meek work with ReachableAddresses/FascistFirewall Bug tor-browser#41125: Review Mozilla 1732792: retry polling requests without proxy Windows + macOS + Linux Bug tor-browser#41116: Review Mozilla 1226042: add support for the new 'system-ui' generic font family Bug tor-browesr#41283: Toolbar buttons missing their label attribute Bug tor-browser#41284: Stray security-level- fluent ids Bug tor-browser#41287: New identity button inactive if added after customization Bug tor-browser#41292: moreFromMozilla pane in about:preferences in 12.0a2 Bug tor-browser#41307: font whitelist typos Linux Bug tor-browser-build#40626: Define the replacements for generic families on Linux Bug tor-browser#41163: Fixing loading of bundled fonts on linux Android Bug tor-browser#41159: Remove HTTPS-Everywhere extension from esr102-based Tor Browser Android Bug tor-browser#41312: Backport Firefox 105 Android security fixes to 102.3-based Tor Browser Build System All Platforms Bug tor-browser-build#40587: Migrate tor-browser-build configs from gitolite to gitlab repos Bug tor-browser#41321: Delete various master branches after automated build/testing scripts are updated Linux Bug tor-browser-build#40621: Update namecoin patches for linted TorButton Android Bug tor-browser#41304: Add Android-specific targets to makefiles

1 0

Tor Browser 12.0a2 released
by Richard Pospesel 10 Sep '22

10 Sep '22

Tor Browser 12.0a2 is now available from the Tor Browser download page and also from our distribution directory. This marks our first alpha on the Firefox ESR 102 series, and our first Android released based on the Firefox ESR (Extended Support Release) series. In the past, our Tor Browser for Android releases have been based on the Firefox Rapid Release schedule. Going forward, Tor Browser for Android will be based on the latest Firefox ESR (same as our Windows, macOS and Linux releases) and we will be back-porting Android-specific security updates from the Rapid Release branches. This updated release schedule should allow us to improve the general stability of Tor Browser for Android and be more confident in our releases going forward. Tor Browser 12.0a2 updates Firefox on Android, Windows, macOS, and Linux to 102.2.0esr. We use this opportunity to update various other components of Tor Browser as well : Tor 0.4.7.10 Tor Launcher 0.2.39 (Desktop only) NoScript 11.4.10 Go 1.18.5 (Android only) This version includes important security updates to Firefox. We also backport the following Android-specific security updates: CVE-2022-36317 CVE-2022-38474 Notably, we have also enabled HTTPS-Only mode for Tor Browser for Android (this feature is already enabled for Desktop). This feature, when enabled, overrides HTTPS-Everywhere functionality. For now this can be reverted in the 'Settings > Privacy and security' pane( see: https://gitlab.torproject.org/tpo/applications/fenix/-/merge_requests/151 ). The full changelog since Tor Browser 12.0a1 is: All Platforms Update Firefox to 102.2.0esr Update Tor to 0.4.7.10 Update NoScript to 11.4.10 Update Translations Bug tor-browser#40242: Tor Browser has two default bridges that share a fingerprint, and Tor ignores one Windows + macOS + Linux Update Tor-Launcher to 0.2.39 Update Manual Bug tor-browser-build#40580: Add support for uk (ukranian) locale Bug tor-browser-buid#40595: Migrate to 102 on desktop Bug tor-browser#41075: The Tor Browser is showing caution sign but your document said it won't Bug tor-browser#41089: Add tor-browser build scripts + Makefile to tor-browser macOS Bug tor-browser#41108: Remove privileged macOS installation from 102 Android Bug fenix#40225: Bundled extensions don't get updated with Android Tor Browser updates (they stay stuck at the first installed version) Bug tor-browser#41094: Enable HTTPS-Only Mode by default in Tor Browser Android Bug tor-browser#41156: User-installed addons are broken on Android Bug tor-browser#41166: Backport fix for CVE-2022-36317: Long URL would hang Firefox for Android (Bug 1759951) Bug tor-browser#41167: Backport fix for CVE-2022-38474: Recording notification not shown when microphone was recording on Android (Bug 1719511) Build System All Platforms Bug tor-browser-build#40407: Bump binutils version to pick up security improvements for Windows users Bug tor-browser-build#40591: Rust 1.60 not working to build 102 on Debian Jessie Bug tor-browser-build#40592: Consider re-using our LLVM/Clang to build Rust Bug tor-browser-build#40593: Update signing scripts to take into account new project names and layout Bug tor-browser-build#40607: Add alpha-specific release prep template Bug tor-browser-build#40610: src-*.tar.xz tarballs are missing in https://dist.torproject.org/torbrowser/12.0a1/ Bug tor-browser-build#40612: Migrate Release Prep template to Release Prep - Stable Windows + macOS + Linux Bug tor-browser#41099: Update+comment the update channels in update_responses.config.yaml Windows Bug tor-browser-buid#29318: Use Clang for everything on Windows Bug tor-browser-build#29321: Use mingw-w64/clang toolchain to build tor Bug tor-browser-build#29322: Use mingw-w64/clang toolchain to build OpenSSL Bug tor-browser-build#40409: Upgrade NSIS to 3.08 macOS Bug tor-browser-build#40605: Reworked the macOS toolchain creation Bug tor-browser-build#40620: Update macosx-sdk to 11.0 Linux Bug tor-browser-build#31321: Add cc -> gcc link to projects/gcc Android Update Go to 1.18.5 Bug tor-browser-build#40574: Improve tools/signing/android-signing Bug tor-browser-build#40582: Prepared TBA to use Mozilla 102 components Bug tor-browser-build#40604: Bug 40604: Fix binutils build on android

1 0

Tor Browser 11.5.2 released
by Richard Pospesel 29 Aug '22

29 Aug '22

Tor Browser 11.5.2 is now available from the Tor Browser download page and also from our distribution directory. Tor Browser 11.5.2 updates Firefox on Windows, macOS, and Linux to 91.13.0esr. This version includes important security updates to Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2022-35/ We use the opportunity as well to update various other components of Tor Browser: Tor 0.4.7.10 NoScript 11.4.9 The full changelog since Tor Browser 11.5.1 is: All Platforms Update Tor to 0.4.7.10 Update NoScript to 11.4.9 Windows + macOS + Linux Update Firefox to 91.13.0esr Bug tor-browser#27719: Treat unsafe renegotiation as broken Bug tor-browser#40242: Tor Browser has two default bridges that share a fingerprint, and Tor ignores one Bug tor-browser#41067: Cherry-pick fixes for HTTPS-Only mode Bug tor-browser#41070: Google vanished from default search options from 11.0.10 onwards Bug tor-browser#41075: The Tor Browser is showing caution sign but your document said it won't Bug tor-browser#41089: Add tor-browser build scripts + Makefile to tor-browser Bug tor-browser#41095: "Learn more" link in onboarding slideshow still points to 11.0 release post Build System Windows + macOS + Linux Update Go to 1.17.3 Android Update Go to 1.18.5

1 0

Urgent: Release 0.4.5.14, 0.4.6.12 and 0.4.7.10
by David Goulet 12 Aug '22

12 Aug '22

Greetings, We had to do an emergency release due to an IPFire GeoIP database bug they informed us about. Announcement: https://forum.torproject.net/t/urgent-stable-release-0-4-5-14-0-4-6-12-and-… Dear packagers, sorry about the inconvenience but we had no choice. ChangeLog below. Cheers! David Changes in version 0.4.7.10 - 2022-08-12 This version updates the geoip cache that we generate from IPFire location database to use the August 9th, 2022 one. Everyone MUST update to this latest release else circuit path selection and relay metrics are badly affected. o Major bugfixes (geoip data): - IPFire informed us on August 12th that databases generated after (including) August 10th did not have proper ARIN network allocations. We are updating the database to use the one generated on August 9th, 2022. Fixes bug 40658; bugfix on 0.4.7.9. -- 3CBm2Bbvakv+fCJGDKJrAZGUoUfOOQOqR7XrrPOT9n8=

1 0

Tor stable release 0.4.5.13, 0.4.6.11 and 0.4.7.9
by David Goulet 11 Aug '22

11 Aug '22

Greetings, We just released 3 new stable versions which, in part, will help with the ongoing DoS attack on the network. Announcement: https://forum.torproject.net/t/stable-release-0-4-5-13-0-4-6-11-and-0-4-7-9… We strongly urge everyone to upgrade to the latest stable! Also, this is the very last release of the 0.4.6.x series as it is end of life since August 1st 2022. Below is the ChangeLog for all 3 versions Cheers! David -- Changes in version 0.4.7.9 - 2022-08-11 This version contains several major fixes aimed at reducing memory pressure on relays and possible side-channel. It also contains a major bugfix related to congestion control also aimed at reducing memory pressure on relays. Finally, there is last one major bugfix related to Vanguard L2 layer node selection. We strongly recommend to upgrade to this version especially for Exit relays in order to help the network defend against this ongoing DDoS. o Major bugfixes (congestion control): - Implement RFC3742 Limited Slow Start. Congestion control was overshooting the congestion window during slow start, particularly for onion service activity. With this fix, we now update the congestion window more often during slow start, as well as dampen the exponential growth when the congestion window grows above a capping parameter. This should reduce the memory increases guard relays were seeing, as well as allow us to set lower queue limits to defend against ongoing DoS attacks. Fixes bug 40642; bugfix on 0.4.7.5-alpha. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Major bugfixes (vanguards): - We had omitted some checks for whether our vanguards (second layer guards from proposal 333) overlapped. Now make sure to pick each of them to be independent. Also, change the design to allow them to come from the same family. Fixes bug 40639; bugfix on 0.4.7.1-alpha. o Minor features (dirauth): - Add a torrc option to control the Guard flag bandwidth threshold percentile. Closes ticket 40652. - Add an AuthDirVoteGuard torrc option that can allow authorities to assign the Guard flag to the given fingerprints/country code/IPs. This is a needed feature mostly for defense purposes in case a DoS hits the network and relay start losing the Guard flags too fast. - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE, TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable from torrc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor bugfixes (congestion control): - Add a check for an integer underflow condition that might happen in cases where the system clock is stopped, the ORconn is blocked, and the endpoint sends more than a congestion window worth of non- data control cells at once. This would cause a large congestion window to be calculated instead of a small one. No security impact. Fixes bug 40644; bugfix on 0.4.7.5-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. Changes in version 0.4.6.11 - 2022-08-11 This version contains two major fixes aimed at reducing memory pressure on relays and possible side-channel. The rest of the fixes were backported for stability or safety purposes. This is the very LAST version of this series. As of August 1st 2022, it is end-of-life (EOL). We thus strongly recommend to upgrade to the latest stable of the 0.4.7.x series. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor features (linux seccomp2 sandbox): - Permit the clone3 syscall, which is apparently used in glibc-2.34 and later. Closes ticket 40590. o Minor bugfixes (controller, path bias): - When a circuit's path is specified, in full or in part, from the controller API, do not count that circuit towards our path-bias calculations. (Doing so was incorrect, since we cannot tell whether the controller is selecting relays randomly.) Resolves a "Bug" warning. Fixes bug 40515; bugfix on 0.2.4.10-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (metrics port, onion service): - The MetricsPort line for an onion service with multiple ports are now unique that is one line per port. Before this, all ports of an onion service would be on the same line which violates the Prometheus rules of unique labels. Fixes bug 40581; bugfix on 0.4.5.1-alpha. o Minor bugfixes (onion service, client): - Fix a fatal assert due to a guard subsystem recursion triggered by the onion service client. Fixes bug 40579; bugfix on 0.3.5.1-alpha. o Minor bugfixes (performance, DoS): - Fix one case of a not-especially viable denial-of-service attack found by OSS-Fuzz in our consensus-diff parsing code. This attack causes a lot small of memory allocations and then immediately frees them: this is only slow when running with all the sanitizers enabled. Fixes one case of bug 40472; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. Changes in version 0.4.5.13 - 2022-08-11 This version contains two major fixes aimed at reducing memory pressure on relays and possible side-channel. The rest of the fixes were backported for stability or safety purposes. We strongly recommend to upgrade your relay to this version or, ideally, to the latest stable of the 0.4.7.x series. o Major bugfixes (relay): - Remove OR connections btrack subsystem entries when the connections close normally. Before this, we would only remove the entry on error and thus leaking memory for each normal OR connections. Fixes bug 40604; bugfix on 0.4.0.1-alpha. - Stop sending TRUNCATED cell and instead close the circuit from which we received a DESTROY cell. This makes every relay in the circuit path to stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc. o Minor features (fallbackdir): - Regenerate fallback directories generated on August 11, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/08/11. o Minor features (linux seccomp2 sandbox): - Permit the clone3 syscall, which is apparently used in glibc-2.34 and later. Closes ticket 40590. o Minor bugfixes (controller, path bias): - When a circuit's path is specified, in full or in part, from the controller API, do not count that circuit towards our path-bias calculations. (Doing so was incorrect, since we cannot tell whether the controller is selecting relays randomly.) Resolves a "Bug" warning. Fixes bug 40515; bugfix on 0.2.4.10-alpha. o Minor bugfixes (defense in depth): - Change a test in the netflow padding code to make it more _obviously_ safe against remotely triggered crashes. (It was safe against these before, but not obviously so.) Fixes bug 40645; bugfix on 0.3.1.1-alpha. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (metrics port, onion service): - The MetricsPort line for an onion service with multiple ports are now unique that is one line per port. Before this, all ports of an onion service would be on the same line which violates the Prometheus rules of unique labels. Fixes bug 40581; bugfix on 0.4.5.1-alpha. o Minor bugfixes (onion service, client): - Fix a fatal assert due to a guard subsystem recursion triggered by the onion service client. Fixes bug 40579; bugfix on 0.3.5.1-alpha. o Minor bugfixes (performance, DoS): - Fix one case of a not-especially viable denial-of-service attack found by OSS-Fuzz in our consensus-diff parsing code. This attack causes a lot small of memory allocations and then immediately frees them: this is only slow when running with all the sanitizers enabled. Fixes one case of bug 40472; bugfix on 0.3.1.1-alpha. o Minor bugfixes (relay): - Do not propagate either forward or backward a DESTROY remote reason when closing a circuit in order to avoid a possible side channel. Fixes bug 40649; bugfix on 0.1.2.4-alpha. -- m2jOdc71eksaeTawBhtVwkp+r1hg+dcgIW1GrSON+pY=

1 0

Tor stable release 0.4.7.8 - Security Fix
by David Goulet 17 Jun '22

17 Jun '22

Hello everyone! We have released tor 0.4.7.8 earlier today, a new stable version for the 0.4.7.x series containing an important High severity security fix. The affected tor are only those of the 0.4.7.x series as in from tor-0.4.7.1-alpha to tor-0.4.7.7. https://forum.torproject.net/t/stable-release-0-4-7-8/3679 As stated in the announcement (link above), we strongly recommend that everyone upgrades to 0.4.7.8. Packages are being updated and released for OS distributions so keep an eye out! Our beloved packagers are hard at work! Also, I will repeat it here, the security issue is categorized as a Denial of Service so it is not affecting the security of the host machine running "tor". Nevertheless, again, we strongly encourage you to upgrade. Here is the ChangeLog for this version: Changes in version 0.4.7.8 - 2022-06-17 This version fixes several bugfixes including a High severity security issue categorized as a Denial of Service. Everyone running an earlier version should upgrade to this version. o Major bugfixes (congestion control, TROVE-2022-001): - Fix a scenario where RTT estimation can become wedged, seriously degrading congestion control performance on all circuits. This impacts clients, onion services, and relays, and can be triggered remotely by a malicious endpoint. Tracked as CVE-2022-33903. Fixes bug 40626; bugfix on 0.4.7.5-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on June 17, 2022. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2022/06/17. o Minor bugfixes (linux seccomp2 sandbox): - Allow the rseq system call in the sandbox. This solves a crash issue with glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on 0.3.5.11. o Minor bugfixes (logging): - Demote a harmless warn log message about finding a second hop to from warn level to info level, if we do not have enough descriptors yet. Leave it at notice level for other cases. Fixes bug 40603; bugfix on 0.4.7.1-alpha. - Demote a notice log message about "Unexpected path length" to info level. These cases seem to happen arbitrarily, and we likely will never find all of them before the switch to arti. Fixes bug 40612; bugfix on 0.4.7.5-alpha. o Minor bugfixes (relay, logging): - Demote a harmless XOFF log message to from notice level to info level. Fixes bug 40620; bugfix on 0.4.7.5-alpha. Cheers! David -- 2T22ifd4rhYVbSbjDNppIEIrp1Iz0lnUkfbKzkbn8s4=

1 0

Network Team - New Support and Release Policy
by David Goulet 11 May '22

11 May '22

Greetings everyone! This is, for now, the last policy change from the network team after the Deprecating C Patches policy from couple days ago[0]. However, this one has a bit more impact especially on the relay operators and thus the network. We are changing the C-tor support and release policy which essentially changes "for how long" we will maintain stable releases. This will particularly affect relay operators that are using the tor stable package of their OS distribution. It is very important to use a more "current" update channel like deb.torproject.org for Debian/Ubuntu. As for BSDs, since they have a faster stable release cycle, keeping the OS updated should help getting the latest stable of tor. Here is the new policy: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/SupportPoli… There are lots of changes but three in particular are worth highlighting and explaining: 1. No More LTS Apart from being a burden because in part due to backports complexity, they are actually a bit of a problem on the relay side with regards to the network itself. We need an healthy network and that implies, in part, to have up to date relays. Both for security reasons, but also to take advantage of the new features and defenses we roll out in the latest stable releases. We are currently suffering around 3 years upgrade path due to LTS versions that lingers in the stable OS distributions (Debian, Ubuntu, ...) for a long time. Tor is in a constant arms race against powerful adversaries, evolving technologies and resource restrictions. Fast network upgrades is instrumental to keep us in this race and provide the best security and anonymity for our users. 2. Drop the 6 months fixed stable release With 0.4.7.x series, we needed more time to roll out a version that we were satisfied with quality-wise due to not only its awesomness and complexity but because we had less people to work on the C implementation of Tor than before (some engineering power shifted to Arti development). It lead to having a much better and thoroughly tested tor without having an intermediary release with half backed features forcing us to maintain for months while being a torn in the network foot. 3. Faster End-Of-Life Path We will now only support for 3 months the previous stable once a new stable comes out. In other words, a stable version is maintained until a new stable is released plus 3 months to the date. This will also make our rejection of EOL relays from the network faster tying this to the importance of the network health with updated relays. These changes also fall into our overall efforts to shift our resources towards arti development. C-tor is not going away anytime soon, we are simply slowing down its development pace. Please, don't hesitate to ask questions and comments. We know this might not be ideal for everyone but we believe this is the best route to the sustainability of C-tor, health of the network and security for our users. Cheers! Network Team [0] https://lists.torproject.org/pipermail/tor-dev/2022-May/014731.html -- G1nLmyQttfczv2rHXvhgktvgPessxMCOKSOe/VwGY/Y=

1 0