headers
Roger Dingledine | 17 Jan 16:58
Picon
Favicon

Tor 0.2.1.29 is released (security patches)

Tor 0.2.1.29 continues our recent code security audit work. The main
fix resolves a remote heap overflow vulnerability that can allow remote
code execution. Other fixes address a variety of assert and crash bugs,
most of which we think are hard to exploit remotely.

All Tor users should upgrade.

https://www.torproject.org/download/download

Changes in version 0.2.1.29 - 2011-01-15
  o Major bugfixes (security):
    - Fix a heap overflow bug where an adversary could cause heap
      corruption. This bug probably allows remote code execution
      attacks. Reported by "debuger". Fixes CVE-2011-0427. Bugfix on
      0.1.2.10-rc.
    - Prevent a denial-of-service attack by disallowing any
      zlib-compressed data whose compression factor is implausibly
      high. Fixes part of bug 2324; reported by "doorss".
    - Zero out a few more keys in memory before freeing them. Fixes
      bug 2384 and part of bug 2385. These key instances found by
      "cypherpunks", based on Andrew Case's report about being able
      to find sensitive data in Tor's memory space if you have enough
      permissions. Bugfix on 0.0.2pre9.

  o Major bugfixes (crashes):
    - Prevent calls to Libevent from inside Libevent log handlers.
      This had potential to cause a nasty set of crashes, especially
      if running Libevent with debug logging enabled, and running
      Tor with a controller watching for low-severity log messages.
      Bugfix on 0.1.0.2-rc. Fixes bug 2190.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 20 Dec 14:58
Picon
Favicon

Tor 0.2.1.28 is released (security patches)

Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
exploitable bugs. Thanks to Willem Pinckaers for notifying us of the
issue. The Common Vulnerabilities and Exposures project has assigned
CVE-2010-1676 to this issue.

We also took this opportunity to change the IP address for one of our
directory authorities, and to update the geoip database we ship.

All Tor users should upgrade.

https://www.torproject.org/download/download

Changes in version 0.2.1.28 - 2010-12-17
  o Major bugfixes:
    - Fix a remotely exploitable bug that could be used to crash instances
      of Tor remotely by overflowing on the heap. Remote-code execution
      hasn't been confirmed, but can't be ruled out. Everyone should
      upgrade. Bugfix on the 0.1.1 series and later.

  o Directory authority changes:
    - Change IP address and ports for gabelmoo (v3 directory authority).

  o Minor features:
    - Update to the December 1 2010 Maxmind GeoLite Country database.

------------------------------------------------------------------------

This is the Tor announcements list. If you want to unsubscribe, send
mail to majordomo <at> seul.org with "unsubscribe or-announce" as your message.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Roger Dingledine | 26 Nov 09:27
Picon
Favicon

Tor 0.2.1.27 is released

Tor 0.2.1.27 makes relays work with OpenSSL 0.9.8p and 1.0.0.b --
yet another OpenSSL security patch broke its compatibility with Tor.
We also took this opportunity to fix several crash bugs, integrate a
new directory authority, and update the bundled GeoIP database.

If you operate a relay, please upgrade.

https://www.torproject.org/download/download

Changes in version 0.2.1.27 - 2010-11-23
  o Major bugfixes:
    - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b:
      No longer set the tlsext_host_name extension on server SSL objects;
      but continue to set it on client SSL objects. Our goal in setting
      it was to imitate a browser, not a vhosting server. Fixes bug 2204;
      bugfix on 0.2.1.1-alpha.
    - Do not log messages to the controller while shrinking buffer
      freelists. Doing so would sometimes make the controller connection
      try to allocate a buffer chunk, which would mess up the internals
      of the freelist and cause an assertion failure. Fixes bug 1125;
      fixed by Robert Ransom. Bugfix on 0.2.0.16-alpha.
    - Learn our external IP address when we're a relay or bridge, even if
      we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha,
      where we introduced bridge relays that don't need to publish to
      be useful. Fixes bug 2050.
    - Do even more to reject (and not just ignore) annotations on
      router descriptors received anywhere but from the cache. Previously
      we would ignore such annotations at first, but cache them to disk
      anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer.
    - When you're using bridges and your network goes away and your
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 11 Jun 23:43
Picon
Favicon

Tor 0.2.1.26 is released

Tor 0.2.1.26 addresses the recent connection and memory overload problems
we've been seeing on relays, especially relays with their DirPort open. If
your relay has been crashing, or you turned it off because it used too
many resources, give this release a try.

This release also fixes yet another instance of broken OpenSSL libraries
that was causing some relays to drop out of the consensus.

People running Tor as a relay should upgrade:
https://www.torproject.org/download

Changes in version 0.2.1.26 - 2010-05-02
  o Major bugfixes:
    - Teach relays to defend themselves from connection overload. Relays
      now close idle circuits early if it looks like they were intended
      for directory fetches. Relays are also more aggressive about closing
      TLS connections that have no circuits on them. Such circuits are
      unlikely to be re-used, and tens of thousands of them were piling
      up at the fast relays, causing the relays to run out of sockets
      and memory. Bugfix on 0.2.0.22-rc (where clients started tunneling
      their directory fetches over TLS).
    - Fix SSL renegotiation behavior on OpenSSL versions like on Centos
      that claim to be earlier than 0.9.8m, but which have in reality
      backported huge swaths of 0.9.8m or 0.9.8n renegotiation
      behavior. Possible fix for some cases of bug 1346.
    - Directory mirrors were fetching relay descriptors only from v2
      directory authorities, rather than v3 authorities like they should.
      Only 2 v2 authorities remain (compared to 7 v3 authorities), leading
      to a serious bottleneck. Bugfix on 0.2.0.9-alpha. Fixes bug 1324.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 30 Mar 18:51
Picon
Favicon

End of life for Tor 0.2.0.x

We have declared end-of-life for Tor 0.2.0.x. Those Tor versions have
several known flaws, and nobody should be using them. You should upgrade.

Specifically, the big flaw in Tor <= 0.2.0.35 is that its list of
directory authorities is out of date, so you'll find it hard to learn
about the network. We're signing the network status consensus with the
old signatures for now, but we're going to stop doing that in a few weeks,
which means your Tor 0.2.0.x will fail to find the current network.

The only exception is people using Debian Lenny -- our nice Debian
packager is trying to keep that package maintained for you.

As a bonus, if you move to a newer Tor you'll get significant performance
boosts as a client, and you'll improve the performance for others as
a relay.

Thanks,
--Roger

------------------------------------------------------------------------

This is the Tor announcements list. If you want to unsubscribe, send
mail to majordomo <at> seul.org with "unsubscribe or-announce" as your message.
Permalink | Reply | 0 comments |
headers
Roger Dingledine | 30 Mar 17:50
Picon
Favicon

Tor 0.2.1.25 is released

Tor 0.2.1.25 fixes a regression introduced in 0.2.1.23 that could
prevent relays from guessing their IP address correctly. It also fixes
several minor potential security bugs.

People running Tor as a relay should upgrade:
https://www.torproject.org/download

Changes in version 0.2.1.25 - 2010-03-16
  o Major bugfixes:
    - Fix a regression from our patch for bug 1244 that caused relays
      to guess their IP address incorrectly if they didn't set Address
      in their torrc and/or their address fails to resolve. Bugfix on
      0.2.1.23; fixes bug 1269.
    - When freeing a session key, zero it out completely. We only zeroed
      the first ptrsize bytes. Bugfix on 0.0.2pre8. Discovered and
      patched by ekir. Fixes bug 1254.

  o Minor bugfixes:
    - Fix a dereference-then-NULL-check sequence when publishing
      descriptors. Bugfix on 0.2.1.5-alpha. Discovered by ekir; fixes
      bug 1255.
    - Fix another dereference-then-NULL-check sequence. Bugfix on
      0.2.1.14-rc. Discovered by ekir; fixes bug 1256.
    - Make sure we treat potentially not NUL-terminated strings correctly.
      Bugfix on 0.1.1.13-alpha. Discovered by rieo; fixes bug 1257.

------------------------------------------------------------------------

This is the Tor announcements list. If you want to unsubscribe, send
mail to majordomo <at> seul.org with "unsubscribe or-announce" as your message.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 1 Mar 05:38
Picon
Favicon

Tor 0.2.1.23 and 0.2.1.24 are released

Tor 0.2.1.23 fixes a huge client-side performance bug, makes Tor work
again on the latest OS X, and updates the location of a directory
authority.

Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
for sure!

The Windows and OS X bundles also come with a newer version of Polipo
that fixes some stability and security problems.

People using Tor as a client should upgrade:
https://www.torproject.org/easy-download

Changes in version 0.2.1.23 - 2010-02-13
  o Major bugfixes (performance):
    - We were selecting our guards uniformly at random, and then weighting
      which of our guards we'd use uniformly at random. This imbalance
      meant that Tor clients were severely limited on throughput (and
      probably latency too) by the first hop in their circuit. Now we
      select guards weighted by currently advertised bandwidth. We also
      automatically discard guards picked using the old algorithm. Fixes
      bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.

  o Major bugfixes:
    - Make Tor work again on the latest OS X: when deciding whether to
      use strange flags to turn TLS renegotiation on, detect the OpenSSL
      version at run-time, not compile time. We need to do this because
      Apple doesn't update its dev-tools headers when it updates its
      libraries in a security patch.
    - Fix a potential buffer overflow in lookup_last_hid_serv_request()
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 21 Jan 06:18
Picon
Favicon

Tor 0.2.1.22 is released (security fix)

Tor 0.2.1.22 rotates two of the seven v3 directory authority keys and
locations, due to a security breach of some of the Torproject servers:
http://archives.seul.org/or/talk/Jan-2010/msg00161.html

It also fixes a privacy problem in bridge directory authorities -- it
would tell you its whole history of bridge descriptors if you make the
right directory request.

Everybody should upgrade:
https://www.torproject.org/easy-download
(Tor Browser Bundle updates coming in the next few days, hopefully.)

Changes in version 0.2.1.22 - 2010-01-19
  o Directory authority changes:
    - Rotate keys (both v3 identity and relay identity) for moria1
      and gabelmoo.

  o Major bugfixes:
    - Stop bridge directory authorities from answering dbg-stability.txt
      directory queries, which would let people fetch a list of all
      bridge identities they track. Bugfix on 0.2.1.6-alpha.

------------------------------------------------------------------------

This is the Tor announcements list. If you want to unsubscribe, send
mail to majordomo <at> seul.org with "unsubscribe or-announce" as your message.
Permalink | Reply | 0 comments |
headers
Roger Dingledine | 29 Dec 16:23
Picon
Favicon

Tor 0.2.1.21 is released

Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
library. If you use Tor on Linux / Unix and you're getting SSL
renegotiation errors, upgrading should help. We also recommend an
upgrade if you're an exit relay.

https://www.torproject.org/easy-download

Changes in version 0.2.1.21 - 2009-12-21
  o Major bugfixes:
    - Work around a security feature in OpenSSL 0.9.8l that prevents our
      handshake from working unless we explicitly tell OpenSSL that we
      are using SSL renegotiation safely. We are, of course, but OpenSSL
      0.9.8l won't work unless we say we are.
    - Avoid crashing if the client is trying to upload many bytes and the
      circuit gets torn down at the same time, or if the flip side
      happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.

  o Minor bugfixes:
    - Do not refuse to learn about authority certs and v2 networkstatus
      documents that are older than the latest consensus. This bug might
      have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
      Spotted and fixed by xmux.
    - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
      trigger platform-specific option misparsing case found by Coverity
      Scan.
    - Fix a compilation warning on Fedora 12 by removing an impossible-to-
      trigger assert. Fixes bug 1173.

------------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 12 Nov 16:14
Picon
Favicon

Tor 0.2.1.20 is released

Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden services
at once, prepares for more performance improvements, and fixes a bunch
of smaller bugs.

The Windows and OS X bundles also include a more recent Vidalia, and
switch from Privoxy to Polipo.

The OS X installers are now drag and drop. It's best to un-install
Tor/Vidalia and then install this new bundle, rather than upgrade. If
you want to upgrade, you'll need to update the paths for Tor and Polipo
in the Vidalia Settings window.

https://www.torproject.org/easy-download

Changes in version 0.2.1.20 - 2009-10-15
  o Major bugfixes:
    - Send circuit or stream sendme cells when our window has decreased
      by 100 cells, not when it has decreased by 101 cells. Bug uncovered
      by Karsten when testing the "reduce circuit window" performance
      patch. Bugfix on the 54th commit on Tor -- from July 2002,
      before the release of Tor 0.0.0. This is the new winner of the
      oldest-bug prize.
    - Fix a remotely triggerable memory leak when a consensus document
      contains more than one signature from the same voter. Bugfix on
      0.2.0.3-alpha.
    - Avoid segfault in rare cases when finishing an introduction circuit
      as a client and finding out that we don't have an introduction key
      for it. Fixes bug 1073. Reported by Aaron Swartz.

  o Major features:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Roger Dingledine | 6 Aug 07:51
Picon
Favicon

Tor 0.2.1.18 and 0.2.1.19 are released

Tor 0.2.1.18 lays the foundations for performance improvements, adds
status events to help users diagnose bootstrap problems, adds optional
authentication/authorization for hidden services, fixes a variety of
potential anonymity problems, and includes a huge pile of other features
and bug fixes.

Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
services.

https://www.torproject.org/easy-download

Changes in version 0.2.1.19 - 2009-07-28
  o Major bugfixes:
    - Make accessing hidden services on 0.2.1.x work right again.
      Bugfix on 0.2.1.3-alpha; workaround for bug 1038. Diagnosis and
      part of patch provided by "optimist".

  o Minor features:
    - When a relay/bridge is writing out its identity key fingerprint to
      the "fingerprint" file and to its logs, write it without spaces. Now
      it will look like the fingerprints in our bridges documentation,
      and confuse fewer users.

  o Minor bugfixes:
    - Relays no longer publish a new server descriptor if they change
      their MaxAdvertisedBandwidth config option but it doesn't end up
      changing their advertised bandwidth numbers. Bugfix on 0.2.0.28-rc;
      fixes bug 1026. Patch from Sebastian.
    - Avoid leaking memory every time we get a create cell but we have
      so many already queued that we refuse it. Bugfix on 0.2.0.19-alpha;
(Continue reading)

Permalink | Reply | 0 comments |

Gmane