[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Tor source code is released!

Hi, all!

There's a new Tor release candidate available as source code! Because it's
an release candidate, you should only run it if you're ready to find bugs,
and report them on trac.torproject.org.

The source code is available from the usual place on www.torproject.org; if
you build Tor from source, why not give it a try?  And if you don' t build
Tor from source, packages should be ready over the coming days, with a Tor
Browser alpha release likely some time this week.

Here's what's new:

Changes in version - 2018-04-15
  Tor fixes various bugs in earlier versions of Tor,
  including some that could affect reliability or correctness.

  This is the first release candidate in the 0.3.3 series. If we find no
  new bugs or regression here, then the first stable 0.3.3 release will
  be nearly identical to this one.

  o Major bugfixes (security, protover, voting):
    - Revise Rust implementation of protover to use a more memory-
      efficient voting algorithm and corresponding data structures, thus
      avoiding a potential memory-based DoS attack where specially
      crafted protocol strings would expand to fill available memory.
      Fixes bug 24031; bugfix on

  o Major bugfixes (performance, load balancing):
    - Directory authorities no longer vote in favor of the Guard flag
      for relays without directory support. Starting in Tor, clients have been avoiding using such relays in the
      Guard position, leading to increasingly broken load balancing for
      the 5%-or-so of Guards that don't advertise directory support.
      Fixes bug 22310; bugfix on

  o Minor feature (continuous integration):
    - Update the Travis CI configuration to use the stable Rust channel,
      now that we have decided to require that. Closes ticket 25714.

  o Minor features (config options):
    - Change the way the default value for MaxMemInQueues is calculated.
      We now use 40% of the hardware RAM if the system has 8 GB RAM or
      more. Otherwise we use the former value of 75%. Closes
      ticket 24782.

  o Minor features (geoip):
    - Update geoip and geoip6 to the April 3 2018 Maxmind GeoLite2
      Country database. Closes ticket 25718.

  o Minor bugfixes (client):
    - When using a listed relay as a bridge, and also using
      microdescriptors, and considering that relay as a non-bridge in a
      circuit, treat its microdescriptor as a valid source of
      information about that relay. This change should prevent a non-
      fatal assertion error. Fixes bug 25691; bugfix on

  o Minor bugfixes (controller):
    - Restore the correct operation of the RESOLVE command, which had
      been broken since we added the ability to enable/disable DNS on
      specific listener ports. Fixes bug 25617; bugfix on

  o Minor bugfixes (distribution, compilation, rust):
    - Build correctly when the rust dependencies submodule is loaded,
      but the TOR_RUST_DEPENDENCIES environment variable is not set.
      Fixes bug 25679; bugfix on
    - Actually include all of our Rust source in our source
      distributions. (Previously, a few of the files were accidentally
      omitted.) Fixes bug 25732; bugfix on

  o Minor bugfixes (documentation):
    - Document that the PerConnBW{Rate,Burst} options will fall back to
      their corresponding consensus parameters only if those parameters
      are set. Previously we had claimed that these values would always
      be set in the consensus. Fixes bug 25296; bugfix on
    - Revert a misformatting issue in the ExitPolicy documentation.
      Fixes bug 25582; bugfix on

  o Minor bugfixes (exit node DNS retries):
    - Re-attempt timed-out DNS queries 3 times before failure, since our
      timeout is 5 seconds for them, but clients wait 10-15. Also allow
      slightly more timeouts per resolver when an exit has multiple
      resolvers configured. Fixes bug 21394; bugfix on

  o Minor bugfixes (onion services):
    - Re-instate counting the client HSDir fetch circuits against the
      MaxClientCircuitsPending rate limit. Fixes bug 24989; bugfix
    - Remove underscores from the _HSLayer{2,3}Nodes options. This
      expert-user configuration can now be enabled as HSLayer{2,3}Nodes.
      Fixes bug 25581; bugfix on

  o Code simplification and refactoring:
    - Move the list of default directory authorities to its own file.
      Closes ticket 24854. Patch by "beastr0".

  o Documentation (manpage, denial of service):
    - Provide more detail about the denial-of-service options, by
      listing each mitigation and explaining how they relate. Closes
      ticket 25248.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to