I'm sending this message to announce that we will be releasing new stable and versions of Tor tomorrow, to fix 5 security bugs. I apologise for the short notice; we've had to move up our intended release date in order to try to match with release deadlines for downstream projects.
We have classified 3 of these bugs as Medium and 2 as High, per draft security process at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/Security... . The most serious bugs are a pair of denial-of-service issues, which we treat as high security because of the possibility of escalating them for traffic-analysis purposes.
Note that only the following series are supported, and only they will receive updates: 0.2.5, 0.2.8, 0.2.9, 0.3.0, 0.3.1, and 0.3.2. 0.2.8 and 0.3.0 will become unsupported in January; 0.2.5 will become unsupported in May.
best wishes, -- Nick