Hello!
There are new tor releases in all supported series today. You can download them from https://dist.torproject.org/. Please remember to check the signatures!
These releases fix a bunch of issues, including a remote denial of service attack that we are tracking as TROVE-2020-001 (and also as CVE-2020-15572). This DoS attack affects Tor relays and clients that have been compiled to use the NSS library. If you're using OpenSSL (the default) then it doesn't affect you.
You can read the changelogs for the individual releases here:
https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.11 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.2.8 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.3.6 https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.4.2-alpha
yrs, -- Nick