tor-announce

tor-announce@lists.torproject.org

287 discussions

Tor Browser 9.0.9 is released
by Nicolas Vigier 10 Apr '20

10 Apr '20

Tor Browser 9.0.9 is now available from the Tor Browser download page [1] and also from our distribution directory [2]. 1: https://www.torproject.org/download/ 2: https://www.torproject.org/dist/torbrowser/9.0.9/ This release updates Firefox to 68.7.0esr, NoScript to 11.0.23, and OpenSSL to 1.1.1f. Also, this release features important security updates [3] to Firefox. 3: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/ The full changelog since Tor Browser 9.0.8 is: * All Platforms * Update Firefox to 68.7.0esr * Bump NoScript to 11.0.23 * Bug 33630: Remove noisebridge01 default bridge * Windows + OS X + Linux * Bug 33771: Update some existing licenses and add Libevent license * Bug 33723: Bump openssl version to 1.1.1f * Windows * Bug 33805: Remove escape-openssldir.patch

1 0

New stable Tor releases: 0.3.5.10, 0.4.1.9, and 0.4.2.7
by Nick Mathewson 18 Mar '20

18 Mar '20

Hello! (If you are about to reply saying "please take me off this list", instead please follow these instructions: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce/ . If you have trouble, it is probably because you subscribed using a different address than the one you are trying to unsubscribe with. You will have to enter the actual email address you used when you subscribed.) Source code for Tor 0.4.2.7 is now available; you can download the source code from the download place on the website. Packages should be available within the next several days, including a new Tor browser release. (For source code for 0.3.5.10 and 0.4.1.9 , see https://dist.torproject.org/ . There is also a new alpha release today, but those are announced on the tor-talk@ mailing list.) These releases fix a couple of denial-of-service vulnerabilities. Everybody running an older version should upgrade as packages become available. Below is the full changelog for 0.4.2.7. You can find the changelogs for the other releases at: 0.3.5.10: https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.10 0.4.1.9: https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.1.9 Changes in version 0.4.2.7 - 2020-03-18 This is the third stable release in the 0.4.2.x series. It backports numerous fixes from later releases, including a fix for TROVE-2020- 002, a major denial-of-service vulnerability that affected all released Tor instances since 0.2.1.5-alpha. Using this vulnerability, an attacker could cause Tor instances to consume a huge amount of CPU, disrupting their operations for several seconds or minutes. This attack could be launched by anybody against a relay, or by a directory cache against any client that had connected to it. The attacker could launch this attack as much as they wanted, thereby disrupting service or creating patterns that could aid in traffic analysis. This issue was found by OSS-Fuzz, and is also tracked as CVE-2020-10592. We do not have reason to believe that this attack is currently being exploited in the wild, but nonetheless we advise everyone to upgrade as soon as packages are available. o Major bugfixes (security, denial-of-service, backport from 0.4.3.3-alpha): - Fix a denial-of-service bug that could be used by anyone to consume a bunch of CPU on any Tor relay or authority, or by directories to consume a bunch of CPU on clients or hidden services. Because of the potential for CPU consumption to introduce observable timing patterns, we are treating this as a high-severity security issue. Fixes bug 33119; bugfix on 0.2.1.5-alpha. Found by OSS-Fuzz. We are also tracking this issue as TROVE-2020-002 and CVE-2020-10592. o Major bugfixes (circuit padding, memory leak, backport from 0.4.3.3-alpha): - Avoid a remotely triggered memory leak in the case that a circuit padding machine is somehow negotiated twice on the same circuit. Fixes bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls. This is also tracked as TROVE-2020-004 and CVE-2020-10593. o Major bugfixes (directory authority, backport from 0.4.3.3-alpha): - Directory authorities will now send a 503 (not enough bandwidth) code to clients when under bandwidth pressure. Known relays and other authorities will always be answered regardless of the bandwidth situation. Fixes bug 33029; bugfix on 0.1.2.5-alpha. o Minor features (continuous integration, backport from 0.4.3.2-alpha): - Stop allowing failures on the Travis CI stem tests job. It looks like all the stem hangs we were seeing before are now fixed. Closes ticket 33075. o Minor bugfixes (bridges, backport from 0.4.3.1-alpha): - Lowercase the configured value of BridgeDistribution before adding it to the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha. o Minor bugfixes (logging, backport from 0.4.3.2-alpha): - If we encounter a bug when flushing a buffer to a TLS connection, only log the bug once per invocation of the Tor process. Previously we would log with every occurrence, which could cause us to run out of disk space. Fixes bug 33093; bugfix on 0.3.2.2-alpha. o Minor bugfixes (onion services v3, backport from 0.4.3.3-alpha): - Fix an assertion failure that could result from a corrupted ADD_ONION control port command. Found by Saibato. Fixes bug 33137; bugfix on 0.3.3.1-alpha. This issue is also tracked as TROVE-2020-003. o Minor bugfixes (rust, build, backport from 0.4.3.2-alpha): - Fix a syntax warning given by newer versions of Rust that was creating problems for our continuous integration. Fixes bug 33212; bugfix on 0.3.5.1-alpha. o Testing (Travis CI, backport from 0.4.3.3-alpha): - Remove a redundant distcheck job. Closes ticket 33194. - Sort the Travis jobs in order of speed: putting the slowest jobs first takes full advantage of Travis job concurrency. Closes ticket 33194. - Stop allowing the Chutney IPv6 Travis job to fail. This job was previously configured to fast_finish (which requires allow_failure), to speed up the build. Closes ticket 33195. - When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool to produce detailed diagnostic output. Closes ticket 32792.

1 0

New stable releases: Tor 0.4.1.8 and 0.4.2.6
by Nick Mathewson 30 Jan '20

30 Jan '20

1 0

Tor Browser 9.0.4 is released
by Nicolas Vigier 10 Jan '20

10 Jan '20

Tor Browser 9.0.4 is now available from the Tor Browser download page [1] and also from our distribution directory [2]. 1: https://www.torproject.org/download/ 2: https://www.torproject.org/dist/torbrowser/9.0.4/ This release fixes a critical security issue in Firefox [3]: CVE-2019-17026. 3: https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ Note: There was no email sent on this list for version 9.0.3, which was released just before 9.0.4. You can find the announce for 9.0.3 on our blog [4]. 4: https://blog.torproject.org/new-release-tor-browser-903 The full changelog since Tor Browser 9.0.3 is: * All Platforms * Update Firefox to 68.4.1esr

1 0

New stable releases: 0.4.1.7, 0.4.0.6, and 0.3.5.9
by Nick Mathewson 09 Dec '19

09 Dec '19

Hello, everyone! (If you are about to reply saying "please take me off this list", instead please follow these instructions: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce/ . If you have trouble, it is probably because you subscribed using a different address than the one you are trying to unsubscribe with. You will have to enter the actual email address you used when you subscribed.) Along with 0.4.2.5, which also comes out today, we're releasing updates to several of our old series, including the LTS (long-term support) series 0.3.5.x. The new releases are 0.4.1.7, 0.4.0.6, and 0.3.5.9 . Source code is available at https://dist.torproject.org/ . Note that 0.2.9.x will no longer be supported as of January 1, 2020, and 0.4.0.x will no longer be supported after February 1, 2020. If you are running one of those versions, you should make a plan to upgrade. For more information on our supported release calendar, see https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… . Changes in version 0.4.1.7 - 2019-12-09 This release backports several bugfixes to improve stability and correctness. Anyone experiencing build problems or crashes with 0.4.1.6, including all relays relying on AccountingMax, should upgrade. o Major features (directory authorities, backport from 0.4.2.2-alpha): - Directory authorities now reject relays running all currently deprecated release series. The currently supported release series are: 0.2.9, 0.3.5, 0.4.0, 0.4.1, and 0.4.2. Closes ticket 31549. o Major bugfixes (embedded Tor, backport from 0.4.2.2-alpha): - Avoid a possible crash when restarting Tor in embedded mode and enabling a different set of publish/subscribe messages. Fixes bug 31898; bugfix on 0.4.1.1-alpha. o Major bugfixes (relay, backport from 0.4.2.3-alpha): - Relays now respect their AccountingMax bandwidth again. When relays entered "soft" hibernation (which typically starts when we've hit 90% of our AccountingMax), we had stopped checking whether we should enter hard hibernation. Soft hibernation refuses new connections and new circuits, but the existing circuits can continue, meaning that relays could have exceeded their configured AccountingMax. Fixes bug 32108; bugfix on 0.4.0.1-alpha. o Major bugfixes (torrc parsing, backport from 0.4.2.2-alpha): - Stop ignoring torrc options after an %include directive, when the included directory ends with a file that does not contain any config options (but does contain comments or whitespace). Fixes bug 31408; bugfix on 0.3.1.1-alpha. o Major bugfixes (v3 onion services, backport from 0.4.2.3-alpha): - Onion services now always use the exact number of intro points configured with the HiddenServiceNumIntroductionPoints option (or fewer if nodes are excluded). Before, a service could sometimes pick more intro points than configured. Fixes bug 31548; bugfix on 0.3.2.1-alpha. o Minor features (continuous integration, backport from 0.4.2.2-alpha): - When building on Appveyor and Travis, pass the "-k" flag to make, so that we are informed of all compilation failures, not just the first one or two. Closes ticket 31372. o Minor features (geoip, backport from 0.4.2.5): - Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2 Country database. Closes ticket 32685. o Minor bugfixes (Appveyor CI, backport from 0.4.2.2-alpha): - Avoid spurious errors when Appveyor CI fails before the install step. Fixes bug 31884; bugfix on 0.3.4.2-alpha. o Minor bugfixes (client, onion service v3, backport from 0.4.2.4-rc): - Fix a BUG() assertion that occurs within a very small race window between when a client intro circuit opens and when its descriptor gets cleaned up from the cache. The circuit is now closed early, which will trigger a re-fetch of the descriptor and continue the connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha. o Minor bugfixes (connections, backport from 0.4.2.3-rc): - Avoid trying to read data from closed connections, which can cause needless loops in Libevent and infinite loops in Shadow. Fixes bug 30344; bugfix on 0.1.1.1-alpha. o Minor bugfixes (error handling, backport from 0.4.2.1-alpha): - On abort, try harder to flush the output buffers of log messages. On some platforms (macOS), log messages could be discarded when the process terminates. Fixes bug 31571; bugfix on 0.3.5.1-alpha. - Report the tor version whenever an assertion fails. Previously, we only reported the Tor version on some crashes, and some non-fatal assertions. Fixes bug 31571; bugfix on 0.3.5.1-alpha. - When tor aborts due to an error, close log file descriptors before aborting. Closing the logs makes some OSes flush log file buffers, rather than deleting buffered log lines. Fixes bug 31594; bugfix on 0.2.5.2-alpha. o Minor bugfixes (logging, backport from 0.4.2.2-alpha): - Add a missing check for HAVE_PTHREAD_H, because the backtrace code uses mutexes. Fixes bug 31614; bugfix on 0.2.5.2-alpha. - Disable backtrace signal handlers when shutting down tor. Fixes bug 31614; bugfix on 0.2.5.2-alpha. - Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha. o Minor bugfixes (logging, protocol violations, backport from 0.4.2.2-alpha): - Do not log a nonfatal assertion failure when receiving a VERSIONS cell on a connection using the obsolete v1 link protocol. Log a protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha. o Minor bugfixes (mainloop, periodic events, in-process API, backport from 0.4.2.3-alpha): - Reset the periodic events' "enabled" flag when Tor is shut down cleanly. Previously, this flag was left on, which caused periodic events not to be re-enabled when Tor was relaunched in-process with tor_api.h after a shutdown. Fixes bug 32058; bugfix on 0.3.3.1-alpha. o Minor bugfixes (multithreading, backport from 0.4.2.2-alpha): - Avoid some undefined behaviour when freeing mutexes. Fixes bug 31736; bugfix on 0.0.7. o Minor bugfixes (process management, backport from 0.4.2.3-alpha): - Remove overly strict assertions that triggered when a pluggable transport failed to launch. Fixes bug 31091; bugfix on 0.4.0.1-alpha. - Remove an assertion in the Unix process backend. This assertion would trigger when we failed to find the executable for a child process. Fixes bug 31810; bugfix on 0.4.0.1-alpha. o Minor bugfixes (relay, backport from 0.4.2.2-alpha): - Avoid crashing when starting with a corrupt keys directory where the old ntor key and the new ntor key are identical. Fixes bug 30916; bugfix on 0.2.4.8-alpha. o Minor bugfixes (testing, backport from 0.4.2.3-alpha): - When testing port rebinding, don't busy-wait for tor to log. Instead, actually sleep for a short time before polling again. Also improve the formatting of control commands and log messages. Fixes bug 31837; bugfix on 0.3.5.1-alpha. o Minor bugfixes (tests, SunOS, backport from 0.4.2.2-alpha): - Avoid a map_anon_nofork test failure due to a signed/unsigned integer comparison. Fixes bug 31897; bugfix on 0.4.1.1-alpha. o Minor bugfixes (tls, logging, backport from 0.4.2.3-alpha): - Log bugs about the TLS read buffer's length only once, rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc. o Documentation (backport from 0.4.2.2-alpha): - Explain why we can't destroy the backtrace buffer mutex. Explain why we don't need to destroy the log mutex. Closes ticket 31736. o Testing (continuous integration, backport from 0.4.2.3-alpha): - Disable all but one Travis CI macOS build, to mitigate slow scheduling of Travis macOS jobs. Closes ticket 32177. - Run the chutney IPv6 networks as part of Travis CI. Closes ticket 30860. - Simplify the Travis CI build matrix, and optimise for build time. Closes ticket 31859. - Use Windows Server 2019 instead of Windows Server 2016 in our Appveyor builds. Closes ticket 32086. o Testing (continuous integration, backport from 0.4.2.4-rc): - In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241. - Use Ubuntu Bionic images for our Travis CI builds, so we can get a recent version of coccinelle. But leave chutney on Ubuntu Trusty, until we can fix some Bionic permissions issues (see ticket 32240). Related to ticket 31919. - Install the mingw OpenSSL package in Appveyor. This makes sure that the OpenSSL headers and libraries match in Tor's Appveyor builds. (This bug was triggered by an Appveyor image update.) Fixes bug 32449; bugfix on 0.3.5.6-rc. o Testing (continuous integration, backport from 0.4.2.5): - Require C99 standards-conforming code in Travis CI, but allow GNU gcc extensions. Also activates clang's -Wtypedef-redefinition warnings. Build some jobs with -std=gnu99, and some jobs without. Closes ticket 32500. Changes in version 0.4.0.6 - 2019-12-09 This is the second stable release in the 0.4.0.x series. This release backports several bugfixes to improve stability and correctness. Anyone experiencing build problems or crashes with 0.4.0.5, including all relays relying on AccountingMax, should upgrade. Note that, per our support policy, support for the 0.4.0.x series will end on 2 Feb 2020. Anyone still running 0.4.0.x should plan to upgrade to the latest stable release, or downgrade to 0.3.5.x, which will get long-term support until 1 Feb 2022. o Directory authority changes (backport from 0.4.1.5): - The directory authority "dizum" has a new IP address. Closes ticket 31406. o Major bugfixes (bridges, backport from 0.4.1.2-alpha): - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. o Major bugfixes (circuit build, guard, backport from 0.4.1.4-rc): - When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Otherwise, we can end up in the situation where a subsystem is notified that a closing circuit has just opened, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha. o Major bugfixes (Onion service reachability, backport from 0.4.1.3-alpha): - Properly clean up the introduction point map when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some service-side instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. o Major bugfixes (onion service v3, backport from 0.4.1.1-alpha): - Fix an unreachable bug in which an introduction point could try to send an INTRODUCE_ACK with a status code that Trunnel would refuse to encode, leading the relay to assert(). We've consolidated the ABI values into Trunnel now. Fixes bug 30454; bugfix on 0.3.0.1-alpha. - Clients can now handle unknown status codes from INTRODUCE_ACK cells. (The NACK behavior will stay the same.) This will allow us to extend status codes in the future without breaking the normal client behavior. Fixes another part of bug 30454; bugfix on 0.3.0.1-alpha. o Major bugfixes (relay, backport from 0.4.2.3-alpha): - Relays now respect their AccountingMax bandwidth again. When relays entered "soft" hibernation (which typically starts when we've hit 90% of our AccountingMax), we had stopped checking whether we should enter hard hibernation. Soft hibernation refuses new connections and new circuits, but the existing circuits can continue, meaning that relays could have exceeded their configured AccountingMax. Fixes bug 32108; bugfix on 0.4.0.1-alpha. o Major bugfixes (torrc parsing, backport from 0.4.2.2-alpha): - Stop ignoring torrc options after an %include directive, when the included directory ends with a file that does not contain any config options (but does contain comments or whitespace). Fixes bug 31408; bugfix on 0.3.1.1-alpha. o Major bugfixes (v3 onion services, backport from 0.4.2.3-alpha): - Onion services now always use the exact number of intro points configured with the HiddenServiceNumIntroductionPoints option (or fewer if nodes are excluded). Before, a service could sometimes pick more intro points than configured. Fixes bug 31548; bugfix on 0.3.2.1-alpha. o Minor features (compile-time modules, backport from version 0.4.1.1-alpha): - Add a "--list-modules" command to print a list of which compile- time modules are enabled. Closes ticket 30452. o Minor features (continuous integration, backport from 0.4.1.1-alpha): - Remove sudo configuration lines from .travis.yml as they are no longer needed with current Travis build environment. Resolves issue 30213. o Minor features (continuous integration, backport from 0.4.1.4-rc): - Our Travis configuration now uses Chutney to run some network integration tests automatically. Closes ticket 29280. o Minor features (continuous integration, backport from 0.4.2.2-alpha): - When building on Appveyor and Travis, pass the "-k" flag to make, so that we are informed of all compilation failures, not just the first one or two. Closes ticket 31372. o Minor features (fallback directory list, backport from 0.4.1.4-rc): - Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc in December 2018 (of which ~122 were still functional), with a list of 148 fallbacks (70 new, 78 existing, 79 removed) generated in June 2019. Closes ticket 28795. o Minor features (geoip, backport from 0.4.2.5): - Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2 Country database. Closes ticket 32685. o Minor features (stem tests, backport from 0.4.2.1-alpha): - Change "make test-stem" so it only runs the stem tests that use tor. This change makes test-stem faster and more reliable. Closes ticket 31554. o Minor bugfixes (Appveyor CI, backport from 0.4.2.2-alpha): - Avoid spurious errors when Appveyor CI fails before the install step. Fixes bug 31884; bugfix on 0.3.4.2-alpha. o Minor bugfixes (build system, backport form 0.4.2.1-alpha): - Do not include the deprecated <sys/sysctl.h> on Linux or Windows systems. Fixes bug 31673; bugfix on 0.2.5.4-alpha. o Minor bugfixes (circuit isolation, backport from 0.4.1.3-alpha): - Fix a logic error that prevented the SessionGroup sub-option from being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha. o Minor bugfixes (circuit padding, backport from 0.4.1.4-rc): - On relays, properly check that a padding machine is absent before logging a warning about it being absent. Fixes bug 30649; bugfix on 0.4.0.1-alpha. o Minor bugfixes (client, onion service v3, backport from 0.4.2.4-rc): - Fix a BUG() assertion that occurs within a very small race window between when a client intro circuit opens and when its descriptor gets cleaned up from the cache. The circuit is now closed early, which will trigger a re-fetch of the descriptor and continue the connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha. o Minor bugfixes (clock skew detection, backport from 0.4.1.5): - Don't believe clock skew results from NETINFO cells that appear to arrive before we sent the VERSIONS cells they are responding to. Previously, we would accept them up to 3 minutes "in the past". Fixes bug 31343; bugfix on 0.2.4.4-alpha. o Minor bugfixes (compilation warning, backport from 0.4.1.5): - Fix a compilation warning on Windows about casting a function pointer for GetTickCount64(). Fixes bug 31374; bugfix on 0.2.9.1-alpha. o Minor bugfixes (compilation, backport from 0.4.1.5): - Avoid using labs() on time_t, which can cause compilation warnings on 64-bit Windows builds. Fixes bug 31343; bugfix on 0.2.4.4-alpha. o Minor bugfixes (compilation, backport from 0.4.2.1-alpha): - Suppress spurious float-conversion warnings from GCC when calling floating-point classifier functions on FreeBSD. Fixes part of bug 31687; bugfix on 0.3.1.5-alpha. o Minor bugfixes (compilation, unusual configurations, backport from 0.4.1.1-alpha): - Avoid failures when building with the ALL_BUGS_ARE_FATAL option due to missing declarations of abort(), and prevent other such failures in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha. o Minor bugfixes (configuration, proxies, backport from 0.4.1.2-alpha): - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha. o Minor bugfixes (connections, backport from 0.4.2.3-rc): - Avoid trying to read data from closed connections, which can cause needless loops in Libevent and infinite loops in Shadow. Fixes bug 30344; bugfix on 0.1.1.1-alpha. o Minor bugfixes (continuous integration, backport from 0.4.1.3-alpha): - Allow the test-stem job to fail in Travis, because it sometimes hangs. Fixes bug 30744; bugfix on 0.3.5.4-alpha. - Skip test_rebind on macOS in Travis, because it is unreliable on macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha. - Skip test_rebind when the TOR_SKIP_TEST_REBIND environment variable is set. Fixes bug 30713; bugfix on 0.3.5.1-alpha. o Minor bugfixes (crash on exit, backport from 0.4.1.4-rc): - Avoid a set of possible code paths that could try to use freed memory in routerlist_free() while Tor was exiting. Fixes bug 31003; bugfix on 0.1.2.2-alpha. o Minor bugfixes (directory authorities, backport from 0.4.1.3-alpha): - Stop crashing after parsing an unknown descriptor purpose annotation. We think this bug can only be triggered by modifying a local file. Fixes bug 30781; bugfix on 0.2.0.8-alpha. o Minor bugfixes (directory authority, backport from 0.4.1.2-alpha): - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. o Minor bugfixes (error handling, backport from 0.4.2.1-alpha): - On abort, try harder to flush the output buffers of log messages. On some platforms (macOS), log messages could be discarded when the process terminates. Fixes bug 31571; bugfix on 0.3.5.1-alpha. - Report the tor version whenever an assertion fails. Previously, we only reported the Tor version on some crashes, and some non-fatal assertions. Fixes bug 31571; bugfix on 0.3.5.1-alpha. o Minor bugfixes (FreeBSD, PF-based proxy, IPv6, backport from 0.4.2.1-alpha): - When extracting an IPv6 address from a PF-based proxy, verify that we are actually configured to receive an IPv6 address, and log an internal error if not. Fixes part of bug 31687; bugfix on 0.2.3.4-alpha. o Minor bugfixes (guards, backport from 0.4.2.1-alpha): - When tor is missing descriptors for some primary entry guards, make the log message less alarming. It's normal for descriptors to expire, as long as tor fetches new ones soon after. Fixes bug 31657; bugfix on 0.3.3.1-alpha. o Minor bugfixes (logging, backport from 0.4.1.1-alpha): - Do not log a warning when running with an OpenSSL version other than the one Tor was compiled with, if the two versions should be compatible. Previously, we would warn whenever the version was different. Fixes bug 30190; bugfix on 0.2.4.2-alpha. o Minor bugfixes (logging, backport from 0.4.2.1-alpha): - Change log level of message "Hash of session info was not as expected" to LOG_PROTOCOL_WARN. Fixes bug 12399; bugfix on 0.1.1.10-alpha. o Minor bugfixes (logging, backport from 0.4.2.2-alpha): - Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha. o Minor bugfixes (logging, protocol violations, backport from 0.4.2.2-alpha): - Do not log a nonfatal assertion failure when receiving a VERSIONS cell on a connection using the obsolete v1 link protocol. Log a protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha. o Minor bugfixes (mainloop, periodic events, in-process API, backport from 0.4.2.3-alpha): - Reset the periodic events' "enabled" flag when Tor is shut down cleanly. Previously, this flag was left on, which caused periodic events not to be re-enabled when Tor was relaunched in-process with tor_api.h after a shutdown. Fixes bug 32058; bugfix on 0.3.3.1-alpha. o Minor bugfixes (memory leak, backport from 0.4.1.1-alpha): - Avoid a minor memory leak that could occur on relays when failing to create a "keys" directory. Fixes bug 30148; bugfix on 0.3.3.1-alpha. o Minor bugfixes (memory leak, backport from 0.4.1.4-rc): - Fix a trivial memory leak when parsing an invalid value from a download schedule in the configuration. Fixes bug 30894; bugfix on 0.3.4.1-alpha. o Minor bugfixes (NetBSD, backport from 0.4.1.2-alpha): - Fix usage of minherit() on NetBSD and other platforms that define MAP_INHERIT_{ZERO,NONE} instead of INHERIT_{ZERO,NONE}. Fixes bug 30614; bugfix on 0.4.0.2-alpha. Patch from Taylor Campbell. o Minor bugfixes (onion services, backport from 0.4.1.1-alpha): - Avoid a GCC 9.1.1 warning (and possible crash depending on libc implemenation) when failing to load an onion service client authorization file. Fixes bug 30475; bugfix on 0.3.5.1-alpha. o Minor bugfixes (out-of-memory handler, backport from 0.4.1.2-alpha): - When purging the DNS cache because of an out-of-memory condition, try purging just the older entries at first. Previously, we would always purge the whole thing. Fixes bug 29617; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability, backport from 0.4.1.2-alpha): - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. o Minor bugfixes (process management, backport from 0.4.2.3-alpha): - Remove overly strict assertions that triggered when a pluggable transport failed to launch. Fixes bug 31091; bugfix on 0.4.0.1-alpha. - Remove an assertion in the Unix process backend. This assertion would trigger when we failed to find the executable for a child process. Fixes bug 31810; bugfix on 0.4.0.1-alpha. o Minor bugfixes (relay, backport from 0.4.2.2-alpha): - Avoid crashing when starting with a corrupt keys directory where the old ntor key and the new ntor key are identical. Fixes bug 30916; bugfix on 0.2.4.8-alpha. o Minor bugfixes (rust, backport from 0.4.2.1-alpha): - Correctly exclude a redundant rust build job in Travis. Fixes bug 31463; bugfix on 0.3.5.4-alpha. o Minor bugfixes (testing, backport from 0.4.2.3-alpha): - When testing port rebinding, don't busy-wait for tor to log. Instead, actually sleep for a short time before polling again. Also improve the formatting of control commands and log messages. Fixes bug 31837; bugfix on 0.3.5.1-alpha. o Minor bugfixes (tls, logging, backport from 0.4.2.3-alpha): - Log bugs about the TLS read buffer's length only once, rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc. o Minor bugfixes (v2 single onion services, backport from 0.4.2.1-alpha): - Always retry v2 single onion service intro and rend circuits with a 3-hop path. Previously, v2 single onion services used a 3-hop path when rendezvous circuits were retried after a remote or delayed failure, but a 1-hop path for immediate retries. Fixes bug 23818; bugfix on 0.2.9.3-alpha. - Make v3 single onion services fall back to a 3-hop intro, when all intro points are unreachable via a 1-hop path. Previously, v3 single onion services failed when all intro nodes were unreachable via a 1-hop path. Fixes bug 23507; bugfix on 0.3.2.1-alpha. o Documentation (backport from 0.4.2.1-alpha): - Use RFC 2397 data URL scheme to embed an image into tor-exit- notice.html so that operators no longer have to host it themselves. Closes ticket 31089. o Testing (backport from 0.4.1.2-alpha): - Specify torrc paths (with empty files) when launching tor in integration tests; refrain from reading user and system torrcs. Resolves issue 29702. o Testing (continuous integration, backport from 0.4.1.1-alpha): - In Travis, show stem's tor log after failure. Closes ticket 30234. o Testing (continuous integration, backport from 0.4.1.5): - In Travis, make stem log a controller trace to the console, and tail stem's tor log after failure. Closes ticket 30591. - In Travis, only run the stem tests that use a tor binary. Closes ticket 30694. o Testing (continuous integration, backport from 0.4.2.3-alpha): - Disable all but one Travis CI macOS build, to mitigate slow scheduling of Travis macOS jobs. Closes ticket 32177. - Run the chutney IPv6 networks as part of Travis CI. Closes ticket 30860. - Simplify the Travis CI build matrix, and optimise for build time. Closes ticket 31859. - Use Windows Server 2019 instead of Windows Server 2016 in our Appveyor builds. Closes ticket 32086. o Testing (continuous integration, backport from 0.4.2.4-rc): - Use Ubuntu Bionic images for our Travis CI builds, so we can get a recent version of coccinelle. But leave chutney on Ubuntu Trusty, until we can fix some Bionic permissions issues (see ticket 32240). Related to ticket 31919. - Install the mingw OpenSSL package in Appveyor. This makes sure that the OpenSSL headers and libraries match in Tor's Appveyor builds. (This bug was triggered by an Appveyor image update.) Fixes bug 32449; bugfix on 0.3.5.6-rc. - In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241. o Testing (continuous integration, backport from 0.4.2.5): - Require C99 standards-conforming code in Travis CI, but allow GNU gcc extensions. Also activates clang's -Wtypedef-redefinition warnings. Build some jobs with -std=gnu99, and some jobs without. Closes ticket 32500. Changes in version 0.3.5.9 - 2019-12-09 Tor 0.3.5.9 backports serveral fixes from later releases, including several that affect bridge users, relay stability, onion services, and much more. o Directory authority changes (backport from 0.4.1.5): - The directory authority "dizum" has a new IP address. Closes ticket 31406. o Major bugfixes (bridges, backport from 0.4.1.2-alpha): - Consider our directory information to have changed when our list of bridges changes. Previously, Tor would not re-compute the status of its directory information when bridges changed, and therefore would not realize that it was no longer able to build circuits. Fixes part of bug 29875. - Do not count previously configured working bridges towards our total of working bridges. Previously, when Tor's list of bridges changed, it would think that the old bridges were still usable, and delay fetching router descriptors for the new ones. Fixes part of bug 29875; bugfix on 0.3.0.1-alpha. o Major bugfixes (circuit build, guard, backport from 0.4.1.4-rc): - When considering upgrading circuits from "waiting for guard" to "open", always ignore circuits that are marked for close. Otherwise, we can end up in the situation where a subsystem is notified that a closing circuit has just opened, leading to undesirable behavior. Fixes bug 30871; bugfix on 0.3.0.1-alpha. o Major bugfixes (NSS, relay, backport from 0.4.0.4-rc): - When running with NSS, disable TLS 1.2 ciphersuites that use SHA384 for their PRF. Due to an NSS bug, the TLS key exporters for these ciphersuites don't work -- which caused relays to fail to handshake with one another when these ciphersuites were enabled. Fixes bug 29241; bugfix on 0.3.5.1-alpha. o Major bugfixes (Onion service reachability, backport from 0.4.1.3-alpha): - Properly clean up the introduction point map when circuits change purpose from onion service circuits to pathbias, measurement, or other circuit types. This should fix some service-side instances of introduction point failure. Fixes bug 29034; bugfix on 0.3.2.1-alpha. o Major bugfixes (onion service v3, backport from 0.4.1.1-alpha): - Fix an unreachable bug in which an introduction point could try to send an INTRODUCE_ACK with a status code that Trunnel would refuse to encode, leading the relay to assert(). We've consolidated the ABI values into Trunnel now. Fixes bug 30454; bugfix on 0.3.0.1-alpha. - Clients can now handle unknown status codes from INTRODUCE_ACK cells. (The NACK behavior will stay the same.) This will allow us to extend status codes in the future without breaking the normal client behavior. Fixes another part of bug 30454; bugfix on 0.3.0.1-alpha. o Major bugfixes (torrc parsing, backport from 0.4.2.2-alpha): - Stop ignoring torrc options after an %include directive, when the included directory ends with a file that does not contain any config options (but does contain comments or whitespace). Fixes bug 31408; bugfix on 0.3.1.1-alpha. o Major bugfixes (v3 onion services, backport from 0.4.2.3-alpha): - Onion services now always use the exact number of intro points configured with the HiddenServiceNumIntroductionPoints option (or fewer if nodes are excluded). Before, a service could sometimes pick more intro points than configured. Fixes bug 31548; bugfix on 0.3.2.1-alpha. o Minor features (address selection, backport from 0.4.0.3-alpha): - Treat the subnet 100.64.0.0/10 as public for some purposes; private for others. This subnet is the RFC 6598 (Carrier Grade NAT) IP range, and is deployed by many ISPs as an alternative to RFC 1918 that does not break existing internal networks. Tor now blocks SOCKS and control ports on these addresses and warns users if client ports or ExtORPorts are listening on a RFC 6598 address. Closes ticket 28525. Patch by Neel Chauhan. o Minor features (bandwidth authority, backport from 0.4.0.4-rc): - Make bandwidth authorities ignore relays that are reported in the bandwidth file with the flag "vote=0". This change allows us to report unmeasured relays for diagnostic reasons without including their bandwidth in the bandwidth authorities' vote. Closes ticket 29806. o Minor features (compile-time modules, backport from version 0.4.1.1-alpha): - Add a "--list-modules" command to print a list of which compile- time modules are enabled. Closes ticket 30452. o Minor features (continuous integration, backport from 0.4.0.4-rc): - On Travis Rust builds, cleanup Rust registry and refrain from caching the "target/" directory to speed up builds. Resolves issue 29962. o Minor features (continuous integration, backport from 0.4.0.5): - In Travis, tell timelimit to use stem's backtrace signals, and launch python directly from timelimit, so python receives the signals from timelimit, rather than make. Closes ticket 30117. o Minor features (continuous integration, backport from 0.4.1.1-alpha): - Remove sudo configuration lines from .travis.yml as they are no longer needed with current Travis build environment. Resolves issue 30213. o Minor features (continuous integration, backport from 0.4.1.4-rc): - Our Travis configuration now uses Chutney to run some network integration tests automatically. Closes ticket 29280. o Minor features (continuous integration, backport from 0.4.2.2-alpha): - When building on Appveyor and Travis, pass the "-k" flag to make, so that we are informed of all compilation failures, not just the first one or two. Closes ticket 31372. o Minor features (fallback directory list, backport from 0.4.1.4-rc): - Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc in December 2018 (of which ~122 were still functional), with a list of 148 fallbacks (70 new, 78 existing, 79 removed) generated in June 2019. Closes ticket 28795. o Minor features (geoip, backport from 0.4.2.5): - Update geoip and geoip6 to the December 3 2019 Maxmind GeoLite2 Country database. Closes ticket 32685. o Minor features (NSS, diagnostic, backport from 0.4.0.4-rc): - Try to log an error from NSS (if there is any) and a more useful description of our situation if we are using NSS and a call to SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241. o Minor features (stem tests, backport from 0.4.2.1-alpha): - Change "make test-stem" so it only runs the stem tests that use tor. This change makes test-stem faster and more reliable. Closes ticket 31554. o Minor bugfixes (security, backport from 0.4.0.4-rc): - Verify in more places that we are not about to create a buffer with more than INT_MAX bytes, to avoid possible OOB access in the event of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and fixed by Tobias Stoeckmann. - Fix a potential double free bug when reading huge bandwidth files. The issue is not exploitable in the current Tor network because the vulnerable code is only reached when directory authorities read bandwidth files, but bandwidth files come from a trusted source (usually the authorities themselves). Furthermore, the issue is only exploitable in rare (non-POSIX) 32-bit architectures, which are not used by any of the current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found and fixed by Tobias Stoeckmann. o Minor bugfix (continuous integration, backport from 0.4.0.4-rc): - Reset coverage state on disk after Travis CI has finished. This should prevent future coverage merge errors from causing the test suite for the "process" subsystem to fail. The process subsystem was introduced in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15. - Terminate test-stem if it takes more than 9.5 minutes to run. (Travis terminates the job after 10 minutes of no output.) Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha. o Minor bugfixes (Appveyor CI, backport from 0.4.2.2-alpha): - Avoid spurious errors when Appveyor CI fails before the install step. Fixes bug 31884; bugfix on 0.3.4.2-alpha. o Minor bugfixes (build system, backport form 0.4.2.1-alpha): - Do not include the deprecated <sys/sysctl.h> on Linux or Windows systems. Fixes bug 31673; bugfix on 0.2.5.4-alpha. o Minor bugfixes (C correctness, backport from 0.4.0.4-rc): - Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug 29824; bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119. o Minor bugfixes (circuit isolation, backport from 0.4.1.3-alpha): - Fix a logic error that prevented the SessionGroup sub-option from being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha. o Minor bugfixes (client, onion service v3, backport from 0.4.2.4-rc): - Fix a BUG() assertion that occurs within a very small race window between when a client intro circuit opens and when its descriptor gets cleaned up from the cache. The circuit is now closed early, which will trigger a re-fetch of the descriptor and continue the connection. Fixes bug 28970; bugfix on 0.3.2.1-alpha. o Minor bugfixes (clock skew detection, backport from 0.4.1.5): - Don't believe clock skew results from NETINFO cells that appear to arrive before we sent the VERSIONS cells they are responding to. Previously, we would accept them up to 3 minutes "in the past". Fixes bug 31343; bugfix on 0.2.4.4-alpha. o Minor bugfixes (compilation warning, backport from 0.4.1.5): - Fix a compilation warning on Windows about casting a function pointer for GetTickCount64(). Fixes bug 31374; bugfix on 0.2.9.1-alpha. o Minor bugfixes (compilation, backport from 0.4.0.2-alpha): - Silence a compiler warning in test-memwipe.c on OpenBSD. Fixes bug 29145; bugfix on 0.2.9.3-alpha. Patch from Kris Katterjohn. o Minor bugfixes (compilation, backport from 0.4.1.5): - Avoid using labs() on time_t, which can cause compilation warnings on 64-bit Windows builds. Fixes bug 31343; bugfix on 0.2.4.4-alpha. o Minor bugfixes (compilation, backport from 0.4.2.1-alpha): - Suppress spurious float-conversion warnings from GCC when calling floating-point classifier functions on FreeBSD. Fixes part of bug 31687; bugfix on 0.3.1.5-alpha. o Minor bugfixes (compilation, unusual configurations, backport from 0.4.1.1-alpha): - Avoid failures when building with the ALL_BUGS_ARE_FATAL option due to missing declarations of abort(), and prevent other such failures in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha. o Minor bugfixes (configuration, proxies, backport from 0.4.1.2-alpha): - Fix a bug that prevented us from supporting SOCKS5 proxies that want authentication along with configured (but unused!) ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha. o Minor bugfixes (connections, backport from 0.4.2.3-rc): - Avoid trying to read data from closed connections, which can cause needless loops in Libevent and infinite loops in Shadow. Fixes bug 30344; bugfix on 0.1.1.1-alpha. o Minor bugfixes (continuous integration, backport from 0.4.1.3-alpha): - Allow the test-stem job to fail in Travis, because it sometimes hangs. Fixes bug 30744; bugfix on 0.3.5.4-alpha. - Skip test_rebind on macOS in Travis, because it is unreliable on macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha. - Skip test_rebind when the TOR_SKIP_TEST_REBIND environment variable is set. Fixes bug 30713; bugfix on 0.3.5.1-alpha. o Minor bugfixes (crash on exit, backport from 0.4.1.4-rc): - Avoid a set of possible code paths that could try to use freed memory in routerlist_free() while Tor was exiting. Fixes bug 31003; bugfix on 0.1.2.2-alpha. o Minor bugfixes (directory authorities, backport from 0.4.1.3-alpha): - Stop crashing after parsing an unknown descriptor purpose annotation. We think this bug can only be triggered by modifying a local file. Fixes bug 30781; bugfix on 0.2.0.8-alpha. o Minor bugfixes (directory authority, backport from 0.4.1.2-alpha): - Move the "bandwidth-file-headers" line in directory authority votes so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on 0.3.5.1-alpha. o Minor bugfixes (error handling, backport from 0.4.2.1-alpha): - On abort, try harder to flush the output buffers of log messages. On some platforms (macOS), log messages could be discarded when the process terminates. Fixes bug 31571; bugfix on 0.3.5.1-alpha. - Report the tor version whenever an assertion fails. Previously, we only reported the Tor version on some crashes, and some non-fatal assertions. Fixes bug 31571; bugfix on 0.3.5.1-alpha. o Minor bugfixes (FreeBSD, PF-based proxy, IPv6, backport from 0.4.2.1-alpha): - When extracting an IPv6 address from a PF-based proxy, verify that we are actually configured to receive an IPv6 address, and log an internal error if not. Fixes part of bug 31687; bugfix on 0.2.3.4-alpha. o Minor bugfixes (guards, backport from 0.4.2.1-alpha): - When tor is missing descriptors for some primary entry guards, make the log message less alarming. It's normal for descriptors to expire, as long as tor fetches new ones soon after. Fixes bug 31657; bugfix on 0.3.3.1-alpha. o Minor bugfixes (logging, backport from 0.4.0.2-alpha): - Avoid logging that we are relaxing a circuit timeout when that timeout is fixed. Fixes bug 28698; bugfix on 0.2.4.7-alpha. o Minor bugfixes (logging, backport from 0.4.0.3-alpha): - Correct a misleading error message when IPv4Only or IPv6Only is used but the resolved address can not be interpreted as an address of the specified IP version. Fixes bug 13221; bugfix on 0.2.3.9-alpha. Patch from Kris Katterjohn. - Log the correct port number for listening sockets when "auto" is used to let Tor pick the port number. Previously, port 0 was logged instead of the actual port number. Fixes bug 29144; bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn. - Stop logging a BUG() warning when Tor is waiting for exit descriptors. Fixes bug 28656; bugfix on 0.3.5.1-alpha. o Minor bugfixes (logging, backport from 0.4.1.1-alpha): - Do not log a warning when running with an OpenSSL version other than the one Tor was compiled with, if the two versions should be compatible. Previously, we would warn whenever the version was different. Fixes bug 30190; bugfix on 0.2.4.2-alpha. o Minor bugfixes (logging, backport from 0.4.2.1-alpha): - Change log level of message "Hash of session info was not as expected" to LOG_PROTOCOL_WARN. Fixes bug 12399; bugfix on 0.1.1.10-alpha. o Minor bugfixes (logging, backport from 0.4.2.2-alpha): - Rate-limit our the logging message about the obsolete .exit notation. Previously, there was no limit on this warning, which could potentially be triggered many times by a hostile website. Fixes bug 31466; bugfix on 0.2.2.1-alpha. o Minor bugfixes (logging, protocol violations, backport from 0.4.2.2-alpha): - Do not log a nonfatal assertion failure when receiving a VERSIONS cell on a connection using the obsolete v1 link protocol. Log a protocol_warn instead. Fixes bug 31107; bugfix on 0.2.4.4-alpha. o Minor bugfixes (mainloop, periodic events, in-process API, backport from 0.4.2.3-alpha): - Reset the periodic events' "enabled" flag when Tor is shut down cleanly. Previously, this flag was left on, which caused periodic events not to be re-enabled when Tor was relaunched in-process with tor_api.h after a shutdown. Fixes bug 32058; bugfix on 0.3.3.1-alpha. o Minor bugfixes (memory leak, backport from 0.4.1.1-alpha): - Avoid a minor memory leak that could occur on relays when failing to create a "keys" directory. Fixes bug 30148; bugfix on 0.3.3.1-alpha. o Minor bugfixes (memory leak, backport from 0.4.1.4-rc): - Fix a trivial memory leak when parsing an invalid value from a download schedule in the configuration. Fixes bug 30894; bugfix on 0.3.4.1-alpha. o Minor bugfixes (memory management, backport from 0.4.0.3-alpha): - Refactor the shared random state's memory management so that it actually takes ownership of the shared random value pointers. Fixes bug 29706; bugfix on 0.2.9.1-alpha. o Minor bugfixes (memory management, testing, backport from 0.4.0.3-alpha): - Stop leaking parts of the shared random state in the shared-random unit tests. Fixes bug 29599; bugfix on 0.2.9.1-alpha. o Minor bugfixes (onion services, backport from 0.4.1.1-alpha): - Avoid a GCC 9.1.1 warning (and possible crash depending on libc implemenation) when failing to load an onion service client authorization file. Fixes bug 30475; bugfix on 0.3.5.1-alpha. o Minor bugfixes (out-of-memory handler, backport from 0.4.1.2-alpha): - When purging the DNS cache because of an out-of-memory condition, try purging just the older entries at first. Previously, we would always purge the whole thing. Fixes bug 29617; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability, backport from 0.4.1.2-alpha): - Avoid crashing in our tor_vasprintf() implementation on systems that define neither vasprintf() nor _vscprintf(). (This bug has been here long enough that we question whether people are running Tor on such systems, but we're applying the fix out of caution.) Fixes bug 30561; bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann. o Minor bugfixes (relay, backport from 0.4.2.2-alpha): - Avoid crashing when starting with a corrupt keys directory where the old ntor key and the new ntor key are identical. Fixes bug 30916; bugfix on 0.2.4.8-alpha. o Minor bugfixes (rust, backport from 0.4.0.5): - Abort on panic in all build profiles, instead of potentially unwinding into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha. o Minor bugfixes (rust, backport from 0.4.2.1-alpha): - Correctly exclude a redundant rust build job in Travis. Fixes bug 31463; bugfix on 0.3.5.4-alpha. o Minor bugfixes (single onion services, backport from 0.4.0.3-alpha): - Allow connections to single onion services to remain idle without being disconnected. Previously, relays acting as rendezvous points for single onion services were mistakenly closing idle rendezvous circuits after 60 seconds, thinking that they were unused directory-fetching circuits that had served their purpose. Fixes bug 29665; bugfix on 0.2.1.26. o Minor bugfixes (stats, backport from 0.4.0.3-alpha): - When ExtraInfoStatistics is 0, stop including PaddingStatistics in relay and bridge extra-info documents. Fixes bug 29017; bugfix on 0.3.1.1-alpha. o Minor bugfixes (testing, backport from 0.4.0.3-alpha): - Downgrade some LOG_ERR messages in the address/* tests to warnings. The LOG_ERR messages were occurring when we had no configured network. We were failing the unit tests, because we backported 28668 to 0.3.5.8, but did not backport 29530. Fixes bug 29530; bugfix on 0.3.5.8. - Fix our gcov wrapper script to look for object files at the correct locations. Fixes bug 29435; bugfix on 0.3.5.1-alpha. o Minor bugfixes (testing, backport from 0.4.0.4-rc): - Backport the 0.3.4 src/test/test-network.sh to 0.2.9. We need a recent test-network.sh to use new chutney features in CI. Fixes bug 29703; bugfix on 0.2.9.1-alpha. - Fix a test failure on Windows caused by an unexpected "BUG" warning in our tests for tor_gmtime_r(-1). Fixes bug 29922; bugfix on 0.2.9.3-alpha. o Minor bugfixes (testing, backport from 0.4.2.3-alpha): - When testing port rebinding, don't busy-wait for tor to log. Instead, actually sleep for a short time before polling again. Also improve the formatting of control commands and log messages. Fixes bug 31837; bugfix on 0.3.5.1-alpha. o Minor bugfixes (TLS protocol, backport form 0.4.0.4-rc): - When classifying a client's selection of TLS ciphers, if the client ciphers are not yet available, do not cache the result. Previously, we had cached the unavailability of the cipher list and never looked again, which in turn led us to assume that the client only supported the ancient V1 link protocol. This, in turn, was causing Stem integration tests to stall in some cases. Fixes bug 30021; bugfix on 0.2.4.8-alpha. o Minor bugfixes (tls, logging, backport from 0.4.2.3-alpha): - Log bugs about the TLS read buffer's length only once, rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc. o Minor bugfixes (v2 single onion services, backport from 0.4.2.1-alpha): - Always retry v2 single onion service intro and rend circuits with a 3-hop path. Previously, v2 single onion services used a 3-hop path when rendezvous circuits were retried after a remote or delayed failure, but a 1-hop path for immediate retries. Fixes bug 23818; bugfix on 0.2.9.3-alpha. - Make v3 single onion services fall back to a 3-hop intro, when all intro points are unreachable via a 1-hop path. Previously, v3 single onion services failed when all intro nodes were unreachable via a 1-hop path. Fixes bug 23507; bugfix on 0.3.2.1-alpha. o Minor bugfixes (Windows, CI, backport from 0.4.0.3-alpha): - Skip the Appveyor 32-bit Windows Server 2016 job, and 64-bit Windows Server 2012 R2 job. The remaining 2 jobs still provide coverage of 64/32-bit, and Windows Server 2016/2012 R2. Also set fast_finish, so failed jobs terminate the build immediately. Fixes bug 29601; bugfix on 0.3.5.4-alpha. o Documentation (backport from 0.4.2.1-alpha): - Use RFC 2397 data URL scheme to embed an image into tor-exit- notice.html so that operators no longer have to host it themselves. Closes ticket 31089. o Testing (backport from 0.4.1.2-alpha): - Specify torrc paths (with empty files) when launching tor in integration tests; refrain from reading user and system torrcs. Resolves issue 29702. o Testing (continuous integration, backport from 0.4.1.1-alpha): - In Travis, show stem's tor log after failure. Closes ticket 30234. o Testing (continuous integration, backport from 0.4.1.5): - In Travis, make stem log a controller trace to the console, and tail stem's tor log after failure. Closes ticket 30591. - In Travis, only run the stem tests that use a tor binary. Closes ticket 30694. o Testing (continuous integration, backport from 0.4.2.3-alpha): - Disable all but one Travis CI macOS build, to mitigate slow scheduling of Travis macOS jobs. Closes ticket 32177. - Run the chutney IPv6 networks as part of Travis CI. Closes ticket 30860. - Simplify the Travis CI build matrix, and optimise for build time. Closes ticket 31859. - Use Windows Server 2019 instead of Windows Server 2016 in our Appveyor builds. Closes ticket 32086. o Testing (continuous integration, backport from 0.4.2.4-rc): - Use Ubuntu Bionic images for our Travis CI builds, so we can get a recent version of coccinelle. But leave chutney on Ubuntu Trusty, until we can fix some Bionic permissions issues (see ticket 32240). Related to ticket 31919. - Install the mingw OpenSSL package in Appveyor. This makes sure that the OpenSSL headers and libraries match in Tor's Appveyor builds. (This bug was triggered by an Appveyor image update.) Fixes bug 32449; bugfix on 0.3.5.6-rc. - In Travis, use Xcode 11.2 on macOS 10.14. Closes ticket 32241. o Testing (continuous integration, backport from 0.4.2.5): - Require C99 standards-conforming code in Travis CI, but allow GNU gcc extensions. Also activates clang's -Wtypedef-redefinition warnings. Build some jobs with -std=gnu99, and some jobs without. Closes ticket 32500.

1 0

New stable release: 0.4.2.5
by Nick Mathewson 09 Dec '19

09 Dec '19

1 0

Tor Browser 9.0.2 is released
by Nicolas Vigier 03 Dec '19

03 Dec '19

Tor Browser 9.0.2 is now available from the Tor Browser download page [1] and also from our distribution directory [2]. 1: https://www.torproject.org/download/ 2: https://www.torproject.org/dist/torbrowser/9.0.2/ This release features important security updates [3] to Firefox. 3: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/ This new stable release is picking up security fixes for Firefox 68.3.0esr and updating our external extensions (NoScript and HTTPS Everywhere) to their latest versions. Apart from backports for patches that already landed in alpha releases and fixing an error in our circuit display and improving our letterboxing support, Tor Browser 9.0.2 provides properly localized Android bundles again as well. _Reproducible Builds_ The issue with reproducible builds mentioned in the 9.0.1 blog post [4] is still present in this release. We however made progress on understanding the issue [5] and are getting closer to a fix. 4: https://blog.torproject.org/new-release-tor-browser-901 5: https://trac.torproject.org/projects/tor/ticket/32053 _ChangeLog_ The full changelog since Tor Browser 9.0.1 is: * All Platforms * Update Firefox to 68.3.0esr * Bump NoScript to 11.0.9 * Bug 32362: NoScript TRUSTED setting doesn't work * Bug 32429: Issues with about:blank and NoScript on .onion sites * Bump HTTPS Everywhere to 2019.11.7 * Bug 27268: Preferences clean-up in Torbutton code * Translations update * Windows + OS X + Linux * Bug 32125: Fix circuit display for bridge without a fingerprint * Bug 32250: Backport enhanced letterboxing support (bug 1546832 and 1556017) * Windows * Bug 31989: Backport backout of old mingw-gcc patch * Bug 32616: Disable GetSecureOutputDirectoryPath() functionality * Android * Bug 32365: Localization is broken in Tor Browser 9 on Android * Build System * All Platforms * Bug 32413: Bump Go version to 1.12.13

1 0

Tor Browser 9.0.1 is released
by Nicolas Vigier 08 Nov '19

08 Nov '19

Tor Browser 9.0.1 is now available from the Tor Browser download page [1] and also from our distribution directory [2]. 1: https://www.torproject.org/download/ 2: https://www.torproject.org/dist/torbrowser/9.0.1/ Tor Browser 9.0.1 is the first bugfix release in the 9.0 series and aims to mostly fix regressions and provide small improvements related to our 9.0 release. Additionally, we are adding a banner on the starting page for our fundraising campaign Take Back the Internet with Tor [3]. 3: https://blog.torproject.org/take-back-internet-us _Known Issue_ For each new release, two members from our team are building the release separately and compare the result to make sure that it is reproducible [4]. For the 9.0 and 9.0.1 releases, however, an issue [5] that we are still investigating is making our build not completely deterministic. As a workaround for this issue, we had to do multiple builds until we got matching builds. You might need to do the same if you are trying to reproduce our build [6]. 4: https://reproducible-builds.org/ 5: https://trac.torproject.org/projects/tor/ticket/32053 6: https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking#Buildi… _ChangeLog_ The full changelog since Tor Browser 9.0 is: * All Platforms * Update NoScript to 11.0.4 * Bug 21004: Don't block JavaScript on onion services on medium security * Bug 27307: NoScript marks HTTP onions as not secure * Bug 30783: Fundraising banner for EOY 2019 campain * Bug 32321: Don't ping Mozilla for Man-in-the-Middle-detection * Bug 27268: Preferences clean-up * Windows + OS X + Linux * Update Tor Launcher to 0.2.20.2 * Bug 32164: Trim each received log line from tor * Translations update * Bug 31803: Replaced about:debugging logo with flat version * Bug 31764: Fix for error when navigating via 'Paste and go' * Bug 32169: Fix TB9 Wikipedia address bar search * Bug 32210: Hide the tor pane when using a system tor * Bug 31658: Use builtin --panel-disabled-color for security level text * Bug 32188: Fix localization on about:preferences#tor * Bug 32184: Red dot is shown while downloading an update * Android * Bug 32342: Crash when changing the browser locale

1 0

Tor Browser 9.0 is released
by Nicolas Vigier 24 Oct '19

24 Oct '19

Tor Browser 9.0 is now available from the Tor Browser download page [1] and also from our distribution directory [2]. 1: https://www.torproject.org/download/ 2: https://www.torproject.org/dist/torbrowser/9.0/ This release features important security updates [3] to Firefox. 3: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/ Tor Browser 9.0 is the first stable release based on Firefox 68 ESR and contains a number of updates to other components as well (including Tor to 0.4.1.6 [4] and OpenSSL to 1.1.1d for desktop versions and Tor to 0.4.1.5 [5] for Android). 4: https://blog.torproject.org/new-release-tor-0416 5: https://blog.torproject.org/new-release-tor-0415 In addition to all the needed patch rebasing and toolchain updates, we made big improvements to make Tor Browser work better for you. We want everyone in the world to be able to enjoy the privacy and freedom online Tor provides, and that's why over the past couple years, we've been working hard to boost our UX and localization efforts, with the biggest gains first visible in Tor Browser 8.0 [6]. 6: https://blog.torproject.org/new-release-tor-browser-80 In Tor Browser 9.0, we continue to build upon those efforts with sleeker integration and additional localization support. _Goodbye, Onion Button_ We want your experience using Tor to be fully integrated within the browser so how you use Tor is more intuitive. That's why now, rather than using the onion button that was in the toolbar, you can see your path through the Tor network and request a New Circuit through the Tor network in [i] on the URL bar. Circuit display: https://blog.torproject.org/sites/default/files/inline-images/tor-circuit-d… _Hello, New Identity Button_ Instead of going into the onion button to request a New Identity, we've made this important feature easier to access by giving it its own button in the toolbar. You can also request a New Identity, and a New Circuit, from within the [=] menu on the toolbar. New Identity Button: https://blog.torproject.org/sites/default/files/inline-images/toolbar%20upd… New Identity Menu: https://blog.torproject.org/sites/default/files/inline-images/tor-new-ident… _Torbutton and Tor Launcher Integration_ Now that both extensions are tightly integrated into Tor Browser, they'll no longer be found on the about:addons page. about:preferences: https://blog.torproject.org/sites/default/files/inline-images/about-prefere… We redesigned the bridge and proxy configuration dialogs and include them directly into the browser's preference settings as well. Rather than being a submenu behind the onion button, Tor Network Settings, including the ability to fetch bridges to bypass censorship where Tor is blocked, are easier to access on about:preferences#tor. _Letterboxing_ Tor Browser in its default mode is starting with a content window rounded to a multiple of 200px x 100px  to prevent fingerprinting the screen dimensions. The strategy here is to put all users in a couple of buckets to make it harder to single them out. That worked so far until users started to resize their windows (e.g. by maximizing them or going into fullscreen mode). Tor Browser 9 ships with a fingerprinting defense for those scenarios as well, which is called Letterboxing [7], a technique developed by Mozilla and presented earlier this year [8]. It works by adding white margins to a browser window so that the window is as close as possible to the desired size while users are still in a couple of screen size buckets that prevent singling them out with the help of screen dimensions. 7: https://en.wikipedia.org/wiki/Letterboxing_(filming) 8: https://www.zdnet.com/article/firefox-to-add-tor-browser-anti-fingerprintin… _Better Localization Support_ If we want all people around the world to be able to use our software, then we need to make sure it's speaking their language. Since 8.0 [9], Tor Browser has been available in 25 languages and we added 5 locales more in Tor Browser 8.5. Today, we add support for two additional languages: Macedonian (mk) and Romanian (ro), bringing the number of supported languages to 32. 9: https://blog.torproject.org/new-release-tor-browser-80 We also fixed bugs in our previously shipped localized bundles (such as ar and ko). Many thanks to everyone who helped with these, in particular to our translators [10]. 10: https://blog.torproject.org/honoring-translators _Known Issue_ As usual when preparing Tor Browser releases, we verified that the build is bit-for-bit reproducible [11]. While we managed to get two matching builds, we found that in some occasions the builds differ (we found this happening on the Linux i686 [12] and macOS [13] bundles). We are still investigating the cause of this issue to fix it. 11: https://reproducible-builds.org/ 12: https://trac.torproject.org/projects/tor/ticket/32052 13: https://trac.torproject.org/projects/tor/ticket/32053 _Give Feedback_ If you find a bug or have a suggestion for how we could improve this release, please let us know [14]. Thanks to all of the teams across Tor [15], and the many volunteers, who contributed to this release. 14: https://support.torproject.org/misc/bug-or-feedback/ 15: https://trac.torproject.org/projects/tor/wiki/org/teams _Changelog_ The full changelog since Tor Browser 8.5.6 is: * All Platforms * Update Firefox to 68.2.0esr * Bug 31740: Remove some unnecessary RemoteSettings instances * Bug 13543: Spoof smooth and powerEfficient for Media Capabilities * Bug 28196: about:preferences is not properly translated anymore * Bug 19417: Disable asmjs on safer and safest security levels * Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING * Bug 31935: Disable profile downgrade protection * Bug 16285: Disable DRM/EME on Android and drop Adobe CDM * Bug 31602: Remove Pocket indicators in UI and disable it * Bug 31914: Fix eslint linter error * Bug 30429: Rebase patches for Firefox 68 ESR * Bug 31144: Review network code changes for Firefox 68 ESR * Bug 10760: Integrate Torbutton into Tor Browser directly * Bug 25856: Remove XUL overlays from Torbutton * Bug 31322: Fix about:tor assertion failure debug builds * Bug 29430: Add support for meek_lite bridges to bridgeParser * Bug 28561: Migrate "About Tor Browser" dialog to tor-browser * Bug 30683: Prevent detection of locale via some *.properties * Bug 31298: Backport patch for #24056 * Bug 9336: Odd wyswig schemes without isolation for browserspy.dk * Bug 27601: Browser notifications are not working anymore * Bug 30845: Make sure internal extensions are enabled * Bug 28896: Enable extensions in private browsing by default * Bug 31563: Reload search extensions if extensions.enabledScopes has changed * Bug 31396: Fix communication with NoScript for security settings * Bug 31142: Fix crash of tab and messing with about:newtab * Bug 29049: Backport JS Poison Patch * Bug 25214: Canvas data extraction on locale pdf file should be allowed * Bug 30657: Locale is leaked via title of link tag on non-html page * Bug 31015: Disabling SVG hides UI icons in extensions * Bug 30681: Set security.enterprise_roots.enabled to false * Bug 30538: Unable to comment on The Independent Newspaper * Bug 31209: View PDF in Tor Browser is fuzzy * Translations update * Windows + OS X + Linux * Update Tor to 0.4.1.6 * Update OpenSSL to 1.1.1d * Bug 31844: OpenSSL 1.1.1d fails to compile for some platforms/architectures * Update Tor Launcher to 0.2.20.1 * Bug 28044: Integrate Tor Launcher into tor-browser * Bug 32154: Custom bridge field only allows one line of input * Bug 31286: New strings for about:preferences#tor * Bug 31303: Do not launch tor in browser toolbox * Bug 32112: Fix bad & escaping in translations * Bug 31491: Clean up the old meek http helper browser profiles * Bug 29197: Remove use of overlays * Bug 31300: Modify Tor Launcher so it is compatible with ESR68 * Bug 31487: Modify moat client code so it is compatible with ESR68 * Bug 31488: Moat: support a comma-separated list of transports * Bug 30468: Add mk locale * Bug 30469: Add ro locale * Bug 30319: Remove FTE bits * Translations update * Bug 32092: Fix Tor Browser Support link in preferences * Bug 32111: Fixed issue parsing user-provided bridge strings * Bug 31749: Fix security level panel spawning events * Bug 31920: Fix Security Level panel when its toolbar button moves to overflow * Bug 31748+31961: Fix 'Learn More' links in Security Level preferences and panel * Bug 28044: Integrate Tor Launcher into tor-browser * Bug 31059: Enable Letterboxing * Bug 30468: Add mk locale * Bug 30469: Add ro locale * Bug 29430: Use obfs4proxy's meek_lite with utls instead of meek * Bug 31251: Security Level button UI polish * Bug 31344: Register SecurityLevelPreference's 'unload' callback * Bug 31286: Provide network settings on about:preferences#tor * Bug 31886: Fix ko bundle bustage * Bug 31768: Update onboarding for Tor Browser 9 * Bug 27511: Add new identity button to toolbar * Bug 31778: Support dark-theme for the Circuit Display UI * Bug 31910: Replace meek_lite with meek in circuit display * Bug 30504: Deal with New Identity related browser console errors * Bug 31929: Don't escape DTD entity in ar * Bug 31747: Some onboarding UI is always shown in English * Bug 32041: Replace = with real hamburguer icon ≡ * Bug 30304: Browser locale can be obtained via DTD strings * Bug 31065: Set network.proxy.allow_hijacking_localhost to true * Bug 24653: Merge securityLevel.properties into torbutton.dtd * Bug 31164: Set up default bridge at Karlstad University * Bug 15563: Disable ServiceWorkers on all platforms * Bug 31598: Disable warning on window resize if letterboxing is enabled * Bug 31562: Fix circuit display for error pages * Bug 31575: Firefox is phoning home during start-up * Bug 31491: Clean up the old meek http helper browser profiles * Bug 26345: Hide tracking protection UI * Bug 31601: Disable recommended extensions again * Bug 30662: Don't show Firefox Home when opening new tabs * Bug 31457: Disable per-installation profiles * Bug 28822: Re-implement desktop onboarding for ESR 68 * Windows * Bug 31942: Re-enable signature check for language packs * Bug 29013: Enable stack protection for Firefox on Windows * Bug 30800: ftp:// on Windows can be used to leak the system time zone * Bug 31547: Back out patch for Mozilla's bug 1574980 * Bug 31141: Fix typo in font.system.whitelist * Bug 30319: Remove FTE bits * OS X * Bug 30126: Make Tor Browser compatible with macOS 10.15 * Bug 31607: App menu items stop working on macOS * Bug 31955: On macOS avoid throwing inside nonBrowserWindowStartup() * Bug 29818: Adapt #13379 patch for 68esr * Bug 31464: Meek and moat are broken on macOS 10.9 with Go 1.12 * Linux * Bug 31942: Re-enable signature check for language packs * Bug 31646: Update abicheck to require newer libstdc++.so.6 * Bug 31968: Don't fail if /proc/cpuinfo is not readable * Bug 24755: Stop using a heredoc in start-tor-browser * Bug 31550: Put curly quotes inside single quotes * Bug 31394: Replace "-1" with "−1" in start-tor-browser.desktop * Bug 30319: Remove FTE bits * Android * Update Tor to 0.4.1.5 * Bug 31010: Rebase mobile patches for Fennec 68 * Bug 31010: Don't use addTrustedTab() on mobile * Bug 30607: Support Tor Browser running on Android Q * Bug 31192: Support x86_64 target on Android * Bug 30380: Cancel dormant by startup * Bug 30943: Show version number on mobile * Bug 31720: Enable website suggestions in address bar * Bug 31822: Security slider is not really visible on Android anymore * Bug 24920: Only create Private tabs in permanent Private Browsing Mode * Bug 31730: Revert aarch64-workaround against JIT-related crashes * Bug 32097: Fix conflicts in mobile onboarding while rebasing to 68.2.0esr * Build System * All Platforms * Bug 30585: Provide standalone clang 8 project across all platforms * Bug 30376: Use Rust 1.34 for Tor Browser 9 * Bug 30490: Add cbindgen project for building Firefox 68 ESR/Fennec 68 * Bug 30701: Add nodejs project for building Firefox 68 ESR/Fennec 68 * Bug 31621: Fix node bug that makes large writes to stdout fail * Bug 30734: Add nasm project for building Firefox 68 ESR/Fennec 68 * Bug 31293: Make sure the lo interface inside the containers is up * Bug 27493: Clean up mozconfig options * Bug 31308: Sync mozconfig files used in tor-browser over to tor-browser-build for esr68 * Windows * Bug 29307: Use Stretch for cross-compiling for Windows * Bug 29731: Remove faketime for Windows builds * Bug 30322: Windows toolchain update for Firefox 68 ESR * Bug 28716: Create mingw-w64-clang toolchain * Bug 28238: Adapt firefox and fxc2 projects for Windows builds * Bug 28716: Optionally omit timestamp in PE header * Bug 31567: NS_tsnprintf() does not handle %s correctly on Windows * Bug 31458: Revert patch for #27503 and bump mingw-w64 revision used * Bug 9898: Provide clean fix for strcmpi issue in NSPR * Bug 29013: Enable stack protection support for Firefox on Windows * Bug 30384: Use 64bit containers to build 32bit Windows Tor Browser * Bug 31538: Windows bundles based on ESR 68 are not built reproducibly * Bug 31584: Clean up mingw-w64 project * Bug 31596: Bump mingw-w64 version to pick up fix for #31567 * Bug 29187: Bump NSIS version to 3.04 * Bug 31732: Windows nightly builds are busted due to mingw-w64 commit bump * Bug 29319: Remove FTE support for Windows * OS X * Bug 30323: MacOS toolchain update for Firefox 68 ESR * Bug 31467: Switch to clang for cctools project * Bug 31465: Adapt tor-browser-build projects for macOS notarization * Linux * Bug 31448: gold and lld break linking 32bit Linux bundles * Bug 31618: Linux32 builds of Tor Browser 9.0a6 are not matching * Bug 31450: Still use GCC for our ASan builds * Bug 30321: Linux toolchain update for Firefox ESR 68 * Bug 30736: Install yasm from wheezy-backports * Bug 31447: Don't install Python just for Mach * Bug 30448: Strip Browser/gtk2/libmozgtk.so * Android * Bug 30324: Android toolchain update for Fennec 68 * Bug 31173: Update android-toolchain project to match Firefox * Bug 31389: Update Android Firefox to build with Clang * Bug 31388: Update Rust project for Android * Bug 30665: Get Firefox 68 ESR working with latest android toolchain * Bug 30460: Update TOPL project to use Firefox 68 toolchain * Bug 30461: Update tor-android-service project to use Firefox 68 toolchain * Bug 28753: Use Gradle with --offline when building the browser part * Bug 31564: Make Android bundles based on ESR 68 reproducible * Bug 31981: Remove require-api.patch * Bug 31979: TOPL: Sort dependency list * Bug 30665: Remove unnecessary build patches for Firefox

1 0

Tor 0.4.1.6 is released
by Nick Mathewson 19 Sep '19

19 Sep '19

1 0

← Newer
1
...
15
16
17
18
19
20
21
...
29
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-announce