Tor 0.2.1.11-alpha finishes fixing the "if your Tor is off for a week it will take a long time to bootstrap again" bug. It also fixes an important security-related bug reported by Ilja van Sprundel. You should upgrade. (We'll send out more details about the bug once people have had some time to upgrade.) https://www.torproject.org/download.html.en Changes in version 0.2.1.11-alpha - 2009-01-20 o Security fixes: - Fix a heap-corruption bug that may be remotely triggerable on some platforms. Reported by Ilja van Sprundel. o Major bugfixes: - Discard router descriptors as we load them if they are more than five days old. Otherwise if Tor is off for a long time and then starts with cached descriptors, it will try to use the onion keys in those obsolete descriptors when building circuits. Bugfix on 0.2.0.x. Fixes bug 887. o Minor features: - Try to make sure that the version of Libevent we're running with is binary-compatible with the one we built with. May address bug 897 and others. - Make setting ServerDNSRandomizeCase to 0 actually work. Bugfix for bug 905. Bugfix on 0.2.1.7-alpha. - Add a new --enable-local-appdata configuration switch to change the default location of the datadir on win32 from APPDATA to LOCAL_APPDATA. In the future, we should migrate to LOCAL_APPDATA entirely. Patch from coderman. o Minor bugfixes: - Make outbound DNS packets respect the OutboundBindAddress setting. Fixes the bug part of bug 798. Bugfix on 0.1.2.2-alpha. - When our circuit fails at the first hop (e.g. we get a destroy cell back), avoid using that OR connection anymore, and also tell all the one-hop directory requests waiting for it that they should fail. Bugfix on 0.2.1.3-alpha. - In the torify(1) manpage, mention that tsocks will leak your DNS requests.
Description: Digital signature