[tor-packagers] New releases: 0.3.5.11, 0.4.2.8, 0.4.3.6, and 0.4.4.2-alpha

Nick Mathewson nickm at torproject.org
Thu Jul 9 17:21:39 UTC 2020


Hello!

There are new tor releases in all supported series today.  You can
download them from https://dist.torproject.org/. Please remember to
check the signatures!

These releases fix a bunch of issues, including a remote denial of
service attack that we are tracking as TROVE-2020-001 (and also as
CVE-2020-15572). This DoS attack affects Tor relays and clients that
have been compiled to use the NSS library. If you're using OpenSSL
(the default) then it doesn't affect you.

You can read the changelogs for the individual releases here:

https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.3.5.11
https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.2.8
https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.3.6
https://gitweb.torproject.org/tor.git/tree/ChangeLog?h=tor-0.4.4.2-alpha

yrs,
--
Nick


More information about the tor-packagers mailing list