[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Tor is released

Hi, all!  There is a new alpha release of the Tor source code, with
fixes for several important bugs, and numerous other updates.

(If you are about to reply saying "please take me off this list",
instead please follow these instructions:
.  You will have to enter the actual email address you used to subscribe.)

You can download the source from the usual place on the website.
Packages should be up in a few days.

(There is also a concurrent release of Tor 0.2.8-7; for stable
announcements, please see tor-announce@ or the blog.)


Changes in version - 2016-08-24
  Tor continues development of the 0.2.9 series with
  several new features and bugfixes. It also includes an important
  authority update and an important bugfix from Everyone who
  sets the ReachableAddresses option, and all bridges, are strongly
  encouraged to upgrade to, or to

  o Directory authority changes (also in
    - The "Tonga" bridge authority has been retired; the new bridge
      authority is "Bifroest". Closes tickets 19728 and 19690.

  o Major bugfixes (client, security, also in
    - Only use the ReachableAddresses option to restrict the first hop
      in a path. In earlier versions of 0.2.8.x, it would apply to
      every hop in the path, with a possible degradation in anonymity
      for anyone using an uncommon ReachableAddress setting. Fixes bug
      19973; bugfix on

  o Major features (user interface):
    - Tor now supports the ability to declare options deprecated, so
      that we can recommend that people stop using them. Previously,
      this was done in an ad-hoc way. Closes ticket 19820.

  o Major bugfixes (directory downloads):
    - Avoid resetting download status for consensuses hourly, since we
      already have another, smarter retry mechanism. Fixes bug 8625;
      bugfix on

  o Minor features (config):
    - Warn users when descriptor and port addresses are inconsistent.
      Mitigates bug 13953; patch by teor.

  o Minor features (geoip):
    - Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2
      Country database.

  o Minor features (user interface):
    - There is a new --list-deprecated-options command-line option to
      list all of the deprecated options. Implemented as part of
      ticket 19820.

  o Minor bugfixes (code style):
    - Fix an integer signedness conversion issue in the case conversion
      tables. Fixes bug 19168; bugfix on

  o Minor bugfixes (compilation):
    - Build correctly on versions of libevent2 without support for
      evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix
    - Fix a compilation warning on GCC versions before 4.6. Our
      ENABLE_GCC_WARNING macro used the word "warning" as an argument,
      when it is also required as an argument to the compiler pragma.
      Fixes bug 19901; bugfix on

  o Minor bugfixes (compilation, also in
    - Remove an inappropriate "inline" in tortls.c that was causing
      warnings on older versions of GCC. Fixes bug 19903; bugfix

  o Minor bugfixes (fallback directories, also in
    - Avoid logging a NULL string pointer when loading fallback
      directory information. Fixes bug 19947; bugfix on
      and Report and patch by "rubiate".

  o Minor bugfixes (logging):
    - Log a more accurate message when we fail to dump a microdescriptor.
      Fixes bug 17758; bugfix on Patch from Daniel Pinto.

  o Minor bugfixes (memory leak):
    - Fix a series of slow memory leaks related to parsing torrc files
      and options. Fixes bug 19466; bugfix on

  o Deprecated features:
    - A number of DNS-cache-related sub-options for client ports are now
      deprecated for security reasons, and may be removed in a future
      version of Tor. (We believe that client-side DNS cacheing is a bad
      idea for anonymity, and you should not turn it on.) The options
      are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache,
      UseIPv4Cache, and UseIPv6Cache.
    - A number of options are deprecated for security reasons, and may
      be removed in a future version of Tor. The options are:
      AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits,
      AllowSingleHopExits, ClientDNSRejectInternalAddresses,
      ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup,
      UseNTorHandshake, and WarnUnsafeSocks.
    - The *ListenAddress options are now deprecated as unnecessary: the
      corresponding *Port options should be used instead. These options
      may someday be removed. The affected options are:
      ControlListenAddress, DNSListenAddress, DirListenAddress,
      NATDListenAddress, ORListenAddress, SocksListenAddress,
      and TransListenAddress.

  o Documentation:
    - Correct the IPv6 syntax in our documentation for the
      VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.

  o Removed code:
    - We no longer include the (dead, deprecated) bufferevent code in
      Tor. Closes ticket 19450. Based on a patch from U+039b.
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to