Tor Changelog

New in version RC

November 18th, 2013
  • Tor is the fourth release candidate for the Tor 0.2.4.x series. It takes a variety of fixes from the 0.2.5.x branch to improve stability, performance, and better handling of edge cases.
  • Major features:
  • Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later. Resolves ticket 6055. (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2, and OpenSSL from 1.0.1 through 1.0.1d had bugs that prevented renegotiation from working with TLS 1.1 or 1.2, so we had disabled them to solve bug 6033.)
  • Major bug fixes:
  • No longer stop reading or writing on cpuworker connections when our rate limiting buckets go empty. Now we should handle circuit handshake requests more promptly. Resolves bug 9731.
  • If we are unable to save a microdescriptor to the journal, do not drop it from memory and then reattempt downloading it. Fixes bug 9645; bugfix on
  • Stop trying to bootstrap all our directory information from only our first guard. Discovered while fixing bug 9946; bugfix on
  • The new channel code sometimes lost track of in-progress circuits, causing long-running clients to stop building new circuits. The fix is to always call circuit_n_chan_done(chan, 0) from channel_closed(). Fixes bug 9776; bugfix on
  • Minor bug fixes (on 0.2.4.x):
  • Correctly log long IPv6 exit policies, instead of truncating them or reporting an error. Fixes bug 9596; bugfix on
  • Our default TLS ecdhe groups were backwards: we meant to be using P224 for relays (for performance win) and P256 for bridges (since it is more common in the wild). Instead we had it backwards. After reconsideration, we decided that the default should be P256 on all hosts, since its security is probably better, and since P224 is reportedly used quite little in the wild. Found by "skruffy" on IRC. Fix for bug 9780; bugfix on
  • Free directory authority certificate download statuses on exit rather than leaking them. Fixes bug 9644; bugfix on
  • Minor bug fixes (on 0.2.3.x and earlier):
  • If the guard we choose first doesn't answer, we would try the second guard, but once we connected to the second guard we would abandon it and retry the first one, slowing down bootstrapping. The fix is to treat all our initially chosen guards as acceptable to use. Fixes bug 9946; bugfix on
  • Fix an assertion failure that would occur when disabling the ORPort setting on a running Tor process while accounting was enabled. Fixes bug 6979; bugfix on
  • When examining the list of network interfaces to find our address, do not consider non-running or disabled network interfaces. Fixes bug 9904; bugfix on Patch from "hantwister".
  • Avoid an off-by-one error when checking buffer boundaries when formatting the exit status of a pluggable transport helper. This is probably not an exploitable bug, but better safe than sorry. Fixes bug 9928; bugfix on Bug found by Pedro Ribeiro.
  • Minor features (protecting client timestamps):
  • Clients no longer send timestamps in their NETINFO cells. These were not used for anything, and they provided one small way for clients to be distinguished from each other as they moved from network to network or behind NAT. Implements part of proposal 222.
  • Clients now round timestamps in INTRODUCE cells down to the nearest 10 minutes. If a new Support022HiddenServices option is set to 0, or if it's set to "auto" and the feature is disabled in the consensus, the timestamp is sent as 0 instead. Implements part of proposal 222.
  • Stop sending timestamps in AUTHENTICATE cells. This is not such a big deal from a security point of view, but it achieves no actual good purpose, and isn't needed. Implements part of proposal 222.
  • Reduce down accuracy of timestamps in hidden service descriptors. Implements part of proposal 222.
  • Minor features (other):
  • Improve the circuit queue out-of-memory handler. Previously, when we ran low on memory, we'd close whichever circuits had the most queued cells. Now, we close those that have the *oldest* queued cells, on the theory that those are most responsible for us running low on memory. Based on analysis from a forthcoming paper by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
  • Generate bootstrapping status update events correctly when fetching microdescriptors. Fixes bug 9927.
  • Update to the October 2 2013 Maxmind GeoLite Country database.
  • Documentation fixes:
  • Clarify the usage and risks of setting the ContactInfo torrc line for your relay or bridge. Resolves ticket 9854.
  • Add anchors to the manpage so we can link to the html version of the documentation for specific options. Resolves ticket 9866.
  • Replace remaining references to DirServer in man page and log entries. Resolves ticket 10124.

New in version Alpha (October 10th, 2013)

  • This version introduces experimental support for syscall sandboxing on Linux, allows bridges that offer pluggable transports to report usage statistics, fixes many issues to make testing easier, and provides a pile of minor features and bugfixes that have been waiting for a release of the new branch.

New in version RC (August 14th, 2013)

  • This release candidate fixes several crash bugs in the 0.2.4 branch.

New in version Alpha (March 13th, 2013)

  • This version makes relay measurement by directory authorities more robust, makes hidden service authentication work again, and resolves a DPI fingerprint for Tor's SSL transport.

New in version Alpha (September 27th, 2012)

  • This version fixes another opportunity for a remotely triggerable assertion, resumes letting relays test reachability of their DirPort, and cleans up a bunch of smaller bugs.

New in version 2.2.35-11 (May 4th, 2012)

  • Security release to stop TorBrowser from bypassing SOCKS proxy DNS configuration
  • New Firefox patches:
  • Prevent WebSocket DNS leak (closes: #5741)
  • Fix a race condition that could be used to link browsing sessions together when using new identity from Tor Browser (closes: #5715)
  • Remove extraneous BetterPrivacy settings from prefs.js (closes: #5722)
  • Fix the mozconfig options for OS X so that it really builds everything with clang instead of llvm-gcc (closes: #5740)

New in version Alpha (May 1st, 2012)

  • This version fixes a variety of smaller bugs.
  • The development branch now builds on Windows again.

New in version Alpha (April 25th, 2012)

  • This version fixes yet more bugs to get closer to a release candidate.
  • It also dramatically speeds up AES: fast relays should consider switching to the newer OpenSSL library.

New in version Alpha (February 15th, 2012)

  • This version lets fast exit relays scale better, allows clients to use bridges that run Tor 0.2.2.x, and resolves several big bugs when Tor is configured to use a pluggable transport like obfsproxy.