July 2020 - tor-packagers - lists.torproject.org

Tor 0.4.4.3-alpha is available for download
by Nick Mathewson 27 Jul '20

27 Jul '20

Hi! You can download tor-0.4.4.3-alpha at https://dist.torproject.org. The changelog is at https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.4.3-alpha No major changes in this release; just some bugfixes and preparation for the release candidate, which I hope will come out in mid-august. Official announcements to follow after the website is updated. cheers, -- Nick

1 0

Package wiki discontinuation
by Damian Johnson 18 Jul '20

18 Jul '20

Hi all. Just a quick friendly head's up that now that Trac is read-only the packages wiki I've maintained these last three years will be discontinued... https://trac.torproject.org/projects/tor/wiki/doc/packages I suspect hardly anyone used it, but if anyone would care to create a GitLab replacement the script to keep such a page up to date is located at... https://gitweb.torproject.org/doctor.git/tree/package_versions.py Cheers! -Damian

1 0

New releases: 0.3.5.11, 0.4.2.8, 0.4.3.6, and 0.4.4.2-alpha
by Nick Mathewson 09 Jul '20

09 Jul '20

Hello! There are new tor releases in all supported series today. You can download them from https://dist.torproject.org/. Please remember to check the signatures! These releases fix a bunch of issues, including a remote denial of service attack that we are tracking as TROVE-2020-001 (and also as CVE-2020-15572). This DoS attack affects Tor relays and clients that have been compiled to use the NSS library. If you're using OpenSSL (the default) then it doesn't affect you. You can read the changelogs for the individual releases here: https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.11 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.2.8 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.3.6 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.4.2-alpha yrs, -- Nick

1 0

Upcoming releases this week, all series, with security fix
by Nick Mathewson 06 Jul '20

06 Jul '20

Hello! There will be a series of Tor releases later this week -- I'm aiming for Thursday or Friday. They will fix a security issue that we are ranking at "Medium" per our security policy at [1]. The issue is a denial-of-service attack that affects a comparatively uncommon configuration. We are tracking the security issue as TROVE-2020-001. We have requested a CVE, and will include it when we release on Friday. [1] https://gitlab.torproject.org/legacy/trac/-/wikis/org/teams/NetworkTeam/Sec… -- Nick

1 0