[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Tor is released

Tor changes the addresses of two directory authorities (this
change especially affects those who serve or use hidden services),
and fixes several other crash- and security-related bugs.

We'll put out in the next week or so for people who absolutely
can't upgrade -- but really, please upgrade to if you can. Those
still running 0.1.0.x should now consider it obsolete and unsupported.


Changes in version - 2007-05-25
  o Directory authority changes:
    - Two directory authorities (moria1 and moria2) just moved to new
      IP addresses. This change will particularly affect those who serve
      or use hidden services.

  o Major bugfixes (crashes):
    - If a directory server runs out of space in the connection table
      as it's processing a begin_dir request, it will free the exit stream
      but leave it attached to the circuit, leading to unpredictable
      behavior. (Reported by seeess, fixes bug 425.)
    - Fix a bug in dirserv_remove_invalid() that would cause authorities
      to corrupt memory under some really unlikely scenarios.
    - Tighten router parsing rules. (Bugs reported by Benedikt Boss.)
    - Avoid segfaults when reading from mmaped descriptor file. (Reported
      by lodger.)

  o Major bugfixes (security):
    - When choosing an entry guard for a circuit, avoid using guards
      that are in the same family as the chosen exit -- not just guards
      that are exactly the chosen exit. (Reported by lodger.)

  o Major bugfixes (resource management):
    - If a directory authority is down, skip it when deciding where to get
      networkstatus objects or descriptors. Otherwise we keep asking
      every 10 seconds forever. Fixes bug 384.
    - Count it as a failure if we fetch a valid network-status but we
      don't want to keep it. Otherwise we'll keep fetching it and keep
      not wanting to keep it. Fixes part of bug 422.
    - If all of our dirservers have given us bad or no networkstatuses
      lately, then stop hammering them once per minute even when we
      think they're failed. Fixes another part of bug 422.

  o Minor bugfixes:
    - Actually set the purpose correctly for descriptors inserted with
    - When we have k non-v2 authorities in our DirServer config,
      we ignored the last k authorities in the list when updating our
    - Correctly back-off from requesting router descriptors that we are
      having a hard time downloading.
    - Read resolv.conf files correctly on platforms where read() returns
      partial results on small file reads.
    - Don't rebuild the entire router store every time we get 32K of
      routers: rebuild it when the journal gets very large, or when
      the gaps in the store get very large.

  o Minor features:
    - When routers publish SVN revisions in their router descriptors,
      authorities now include those versions correctly in networkstatus
    - Warn when using a version of libevent before 1.3b to run a server on
      OSX or BSD: these versions interact badly with userspace threads.

Attachment: signature.asc
Description: Digital signature