Skip to content

GitLab

T
Tor

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Commit 4806aa5d authored by Nick Mathewson's avatar Nick Mathewson 🥄
Browse files
Options

Copy ChangeLog and ReleaseNotes from today's releases to master branch

parent 9306ac5a
Pipeline #1644 failed with stage
    in 50 minutes and 35 seconds
    Hide whitespace changes
    Inline Side-by-side
    Showing with 568 additions and 1 deletion
    ChangeLog
    View file @ 4806aa5d
    Changes in version 0.4.4.6 - 2020-11-12
    Tor 0.4.4.6 is the second stable release in the 0.4.4.x series. It
    backports fixes from later releases, including a fix for TROVE-2020-
    005, a security issue that could be used, under certain cases, by an
    adversary to observe traffic patterns on a limited number of circuits
    intended for a different relay.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Minor features (directory authorities, backport from 0.4.5.1-alpha):
    - Authorities now list a different set of protocols as required and
    recommended. These lists have been chosen so that only truly
    recommended and/or required protocols are included, and so that
    clients using 0.2.9 or later will continue to work (even though
    they are not supported), whereas only relays running 0.3.5 or
    later will meet the requirements. Closes ticket 40162.
    - Make it possible to specify multiple ConsensusParams torrc lines.
    Now directory authority operators can for example put the main
    ConsensusParams config in one torrc file and then add to it from a
    different torrc file. Closes ticket 40164.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (compilation, backport from 0.4.5.1-alpha):
    - Fix compiler warnings that would occur when building with
    "--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
    same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
    - Resolve a compilation warning that could occur in
    test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
    - For HSFETCH commands on v2 onion services addresses, check the
    length of bytes decoded, not the base32 length. Fixes bug 34400;
    bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
    Changes in version 0.4.3.7 - 2020-11-12
    Tor 0.4.3.7 backports several bugfixes from later releases. It
    includes a fix for TROVE-2020-005, a security issue that could be
    used, under certain cases, by an adversary to observe traffic patterns
    on a limited number of circuits intended for a different relay.
    Please be aware that support for the 0.4.3.x series will end on 15
    January 2020. Please upgrade to 0.4.4.x or 0.4.5.x before then, or
    downgrade to 0.3.5.x, which will be supported until at least 1
    February 2022.
    o Major features (fallback directory list, backport form 0.4.4.3-alpha):
    - Replace the 148 fallback directories originally included in Tor
    0.4.1.4-rc (of which around 105 are still functional) with a list
    of 144 fallbacks generated in July 2020. Closes ticket 40061.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Major bugfixes (NSS, backport from 0.4.4.3-alpha):
    - When running with NSS enabled, make sure that NSS knows to expect
    nonblocking sockets. Previously, we set our TCP sockets as
    nonblocking, but did not tell NSS, which in turn could lead to
    unexpected blocking behavior. Fixes bug 40035; bugfix
    on 0.3.5.1-alpha.
    o Minor features (security, backport from 0.4.4.4-rc):
    - Channels using obsolete versions of the Tor link protocol are no
    longer allowed to circumvent address-canonicity checks. (This is
    only a minor issue, since such channels have no way to set ed25519
    keys, and therefore should always be rejected for circuits that
    specify ed25519 identities.) Closes ticket 40081.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, backport from 0.4.4.5):
    - Our "make check" target now runs the unit tests in 8 parallel
    chunks. Doing this speeds up hardened CI builds by more than a
    factor of two. Closes ticket 40098.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (correctness, buffers, backport from 0.4.4.4-rc):
    - Fix a correctness bug that could cause an assertion failure if we
    ever tried using the buf_move_all() function with an empty input
    buffer. As far as we know, no released versions of Tor do this.
    Fixes bug 40076; bugfix on 0.3.3.1-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (rate limiting, bridges, pluggable transports, backport from 0.4.4.4-rc):
    - On a bridge, treat all connections from an ExtORPort as remote by
    default for the purposes of rate-limiting. Previously, bridges
    would treat the connection as local unless they explicitly
    received a "USERADDR" command. ExtORPort connections still count
    as local if there is a USERADDR command with an explicit local
    address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (relay, usability, backport from 0.4.4.3-alpha):
    - Adjust the rules for when to warn about having too many
    connections to other relays. Previously we'd tolerate up to 1.5
    connections per relay on average. Now we tolerate more connections
    for directory authorities, and raise the number of total
    connections we need to see before we warn. Fixes bug 33880; bugfix
    on 0.3.1.1-alpha.
    o Minor bugfixes (tests, 0.4.4.5):
    - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run
    on its own. Previously, it would exit with an error. Fixes bug
    40099; bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
    - For HSFETCH commands on v2 onion services addresses, check the
    length of bytes decoded, not the base32 length. Fixes bug 34400;
    bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
    o Minor bugfixes (windows, backport from 0.4.4.4-rc):
    - Fix a bug that prevented Tor from starting if its log file grew
    above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
    o Deprecated features (onion service v2, backport form 0.4.4.2-alpha):
    - Add a deprecation warning for version 2 onion services. Closes
    ticket 40003.
    o Removed features (backport from 0.4.4.3-alpha):
    - Our "check-local" test target no longer tries to use the
    Coccinelle semantic patching tool parse all the C files. While it
    is a good idea to try to make sure Coccinelle works on our C
    before we run a Coccinelle patch, doing so on every test run has
    proven to be disruptive. You can still run this tool manually with
    "make check-cocci". Closes ticket 40030. ticket 40030.
    Changes in version 0.3.5.12 - 2020-11-12
    Tor 0.4.3.7 backports several bugfixes from later releases. It
    includes a fix for TROVE-2020-005, a security issue that could be
    used, under certain cases, by an adversary to observe traffic patterns
    on a limited number of circuits intended for a different relay.
    o Major features (fallback directory list, backport form 0.4.4.3-alpha):
    - Replace the 148 fallback directories originally included in Tor
    0.4.1.4-rc (of which around 105 are still functional) with a list
    of 144 fallbacks generated in July 2020. Closes ticket 40061.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Major bugfixes (NSS, backport from 0.4.4.3-alpha):
    - When running with NSS enabled, make sure that NSS knows to expect
    nonblocking sockets. Previously, we set our TCP sockets as
    nonblocking, but did not tell NSS, which in turn could lead to
    unexpected blocking behavior. Fixes bug 40035; bugfix
    on 0.3.5.1-alpha.
    o Minor features (security, backport from 0.4.4.4-rc):
    - Channels using obsolete versions of the Tor link protocol are no
    longer allowed to circumvent address-canonicity checks. (This is
    only a minor issue, since such channels have no way to set ed25519
    keys, and therefore should always be rejected for circuits that
    specify ed25519 identities.) Closes ticket 40081.
    o Minor features (debugging, directory system):
    - Don't crash when we find a non-guard with a guard-fraction value
    set. Instead, log a bug warning, in an attempt to figure out how
    this happened. Diagnostic for ticket 32868.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, backport from 0.4.4.5):
    - Our "make check" target now runs the unit tests in 8 parallel
    chunks. Doing this speeds up hardened CI builds by more than a
    factor of two. Closes ticket 40098.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (correctness, buffers, backport from 0.4.4.4-rc):
    - Fix a correctness bug that could cause an assertion failure if we
    ever tried using the buf_move_all() function with an empty input
    buffer. As far as we know, no released versions of Tor do this.
    Fixes bug 40076; bugfix on 0.3.3.1-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (rate limiting, bridges, pluggable transports, backport from 0.4.4.4-rc):
    - On a bridge, treat all connections from an ExtORPort as remote by
    default for the purposes of rate-limiting. Previously, bridges
    would treat the connection as local unless they explicitly
    received a "USERADDR" command. ExtORPort connections still count
    as local if there is a USERADDR command with an explicit local
    address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (relay, usability, backport from 0.4.4.3-alpha):
    - Adjust the rules for when to warn about having too many
    connections to other relays. Previously we'd tolerate up to 1.5
    connections per relay on average. Now we tolerate more connections
    for directory authorities, and raise the number of total
    connections we need to see before we warn. Fixes bug 33880; bugfix
    on 0.3.1.1-alpha.
    o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
    - Stop advertising incorrect IPv6 ORPorts in relay and bridge
    descriptors, when the IPv6 port was configured as "auto". Fixes
    bug 32588; bugfix on 0.2.3.9-alpha.
    o Minor bugfixes (tests, 0.4.4.5):
    - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run
    on its own. Previously, it would exit with an error. Fixes bug
    40099; bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (windows, backport from 0.4.4.4-rc):
    - Fix a bug that prevented Tor from starting if its log file grew
    above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
    o Deprecated features (onion service v2, backport form 0.4.4.2-alpha):
    - Add a deprecation warning for version 2 onion services. Closes
    ticket 40003.
    Changes in version 0.4.5.1-alpha - 2020-11-01
    Tor 0.4.5.1-alpha is the first alpha release in the 0.4.5.x series. It
    improves support for IPv6, address discovery and self-testing, code
    ......@@ -26,7 +311,6 @@ Changes in version 0.4.5.1-alpha - 2020-11-01
    the moment, the only supported output format is Prometheus data
    model. Closes ticket 40063. See the manual page for more
    information and security considerations.
    o Major features (relay, IPv6):
    - The torrc option Address now supports IPv6. This unifies our
    address discovery interface to support IPv4, IPv6, and hostnames.
    ReleaseNotes
    View file @ 4806aa5d
    ......@@ -2,6 +2,289 @@ This document summarizes new features and bugfixes in each stable
    release of Tor. If you want to see more detailed descriptions of the
    changes in each development snapshot, see the ChangeLog file.
    Changes in version 0.4.4.6 - 2020-11-12
    Tor 0.4.4.6 is the second stable release in the 0.4.4.x series. It
    backports fixes from later releases, including a fix for TROVE-2020-
    005, a security issue that could be used, under certain cases, by an
    adversary to observe traffic patterns on a limited number of circuits
    intended for a different relay.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Minor features (directory authorities, backport from 0.4.5.1-alpha):
    - Authorities now list a different set of protocols as required and
    recommended. These lists have been chosen so that only truly
    recommended and/or required protocols are included, and so that
    clients using 0.2.9 or later will continue to work (even though
    they are not supported), whereas only relays running 0.3.5 or
    later will meet the requirements. Closes ticket 40162.
    - Make it possible to specify multiple ConsensusParams torrc lines.
    Now directory authority operators can for example put the main
    ConsensusParams config in one torrc file and then add to it from a
    different torrc file. Closes ticket 40164.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (compilation, backport from 0.4.5.1-alpha):
    - Fix compiler warnings that would occur when building with
    "--enable-all-bugs-are-fatal" and "--disable-module-relay" at the
    same time. Fixes bug 40129; bugfix on 0.4.4.1-alpha.
    - Resolve a compilation warning that could occur in
    test_connection.c. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
    - For HSFETCH commands on v2 onion services addresses, check the
    length of bytes decoded, not the base32 length. Fixes bug 34400;
    bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
    Changes in version 0.4.3.7 - 2020-11-12
    Tor 0.4.3.7 backports several bugfixes from later releases. It
    includes a fix for TROVE-2020-005, a security issue that could be
    used, under certain cases, by an adversary to observe traffic patterns
    on a limited number of circuits intended for a different relay.
    Please be aware that support for the 0.4.3.x series will end on 15
    January 2020. Please upgrade to 0.4.4.x or 0.4.5.x before then, or
    downgrade to 0.3.5.x, which will be supported until at least 1
    February 2022.
    o Major features (fallback directory list, backport form 0.4.4.3-alpha):
    - Replace the 148 fallback directories originally included in Tor
    0.4.1.4-rc (of which around 105 are still functional) with a list
    of 144 fallbacks generated in July 2020. Closes ticket 40061.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Major bugfixes (NSS, backport from 0.4.4.3-alpha):
    - When running with NSS enabled, make sure that NSS knows to expect
    nonblocking sockets. Previously, we set our TCP sockets as
    nonblocking, but did not tell NSS, which in turn could lead to
    unexpected blocking behavior. Fixes bug 40035; bugfix
    on 0.3.5.1-alpha.
    o Minor features (security, backport from 0.4.4.4-rc):
    - Channels using obsolete versions of the Tor link protocol are no
    longer allowed to circumvent address-canonicity checks. (This is
    only a minor issue, since such channels have no way to set ed25519
    keys, and therefore should always be rejected for circuits that
    specify ed25519 identities.) Closes ticket 40081.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, backport from 0.4.4.5):
    - Our "make check" target now runs the unit tests in 8 parallel
    chunks. Doing this speeds up hardened CI builds by more than a
    factor of two. Closes ticket 40098.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (correctness, buffers, backport from 0.4.4.4-rc):
    - Fix a correctness bug that could cause an assertion failure if we
    ever tried using the buf_move_all() function with an empty input
    buffer. As far as we know, no released versions of Tor do this.
    Fixes bug 40076; bugfix on 0.3.3.1-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (rate limiting, bridges, pluggable transports, backport from 0.4.4.4-rc):
    - On a bridge, treat all connections from an ExtORPort as remote by
    default for the purposes of rate-limiting. Previously, bridges
    would treat the connection as local unless they explicitly
    received a "USERADDR" command. ExtORPort connections still count
    as local if there is a USERADDR command with an explicit local
    address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (relay, usability, backport from 0.4.4.3-alpha):
    - Adjust the rules for when to warn about having too many
    connections to other relays. Previously we'd tolerate up to 1.5
    connections per relay on average. Now we tolerate more connections
    for directory authorities, and raise the number of total
    connections we need to see before we warn. Fixes bug 33880; bugfix
    on 0.3.1.1-alpha.
    o Minor bugfixes (tests, 0.4.4.5):
    - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run
    on its own. Previously, it would exit with an error. Fixes bug
    40099; bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (v2 onion services, backport from 0.4.5.1-alpha):
    - For HSFETCH commands on v2 onion services addresses, check the
    length of bytes decoded, not the base32 length. Fixes bug 34400;
    bugfix on 0.4.1.1-alpha. Patch by Neel Chauhan.
    o Minor bugfixes (windows, backport from 0.4.4.4-rc):
    - Fix a bug that prevented Tor from starting if its log file grew
    above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
    o Deprecated features (onion service v2, backport form 0.4.4.2-alpha):
    - Add a deprecation warning for version 2 onion services. Closes
    ticket 40003.
    o Removed features (backport from 0.4.4.3-alpha):
    - Our "check-local" test target no longer tries to use the
    Coccinelle semantic patching tool parse all the C files. While it
    is a good idea to try to make sure Coccinelle works on our C
    before we run a Coccinelle patch, doing so on every test run has
    proven to be disruptive. You can still run this tool manually with
    "make check-cocci". Closes ticket 40030. ticket 40030.
    Changes in version 0.3.5.12 - 2020-11-12
    Tor 0.4.3.7 backports several bugfixes from later releases. It
    includes a fix for TROVE-2020-005, a security issue that could be
    used, under certain cases, by an adversary to observe traffic patterns
    on a limited number of circuits intended for a different relay.
    o Major features (fallback directory list, backport form 0.4.4.3-alpha):
    - Replace the 148 fallback directories originally included in Tor
    0.4.1.4-rc (of which around 105 are still functional) with a list
    of 144 fallbacks generated in July 2020. Closes ticket 40061.
    o Major bugfixes (security, backport from 0.4.5.1-alpha):
    - When completing a channel, relays now check more thoroughly to
    make sure that it matches any pending circuits before attaching
    those circuits. Previously, address correctness and Ed25519
    identities were not checked in this case, but only when extending
    circuits on an existing channel. Fixes bug 40080; bugfix on
    0.2.7.2-alpha. Resolves TROVE-2020-005.
    o Major bugfixes (NSS, backport from 0.4.4.3-alpha):
    - When running with NSS enabled, make sure that NSS knows to expect
    nonblocking sockets. Previously, we set our TCP sockets as
    nonblocking, but did not tell NSS, which in turn could lead to
    unexpected blocking behavior. Fixes bug 40035; bugfix
    on 0.3.5.1-alpha.
    o Minor features (security, backport from 0.4.4.4-rc):
    - Channels using obsolete versions of the Tor link protocol are no
    longer allowed to circumvent address-canonicity checks. (This is
    only a minor issue, since such channels have no way to set ed25519
    keys, and therefore should always be rejected for circuits that
    specify ed25519 identities.) Closes ticket 40081.
    o Minor features (debugging, directory system):
    - Don't crash when we find a non-guard with a guard-fraction value
    set. Instead, log a bug warning, in an attempt to figure out how
    this happened. Diagnostic for ticket 32868.
    o Minor features (subprotocol versions, backport from 0.4.5.1-alpha):
    - Tor no longer allows subprotocol versions larger than 63.
    Previously version numbers up to UINT32_MAX were allowed, which
    significantly complicated our code. Implements proposal 318;
    closes ticket 40133.
    o Minor features (tests, backport from 0.4.4.5):
    - Our "make check" target now runs the unit tests in 8 parallel
    chunks. Doing this speeds up hardened CI builds by more than a
    factor of two. Closes ticket 40098.
    o Minor features (tests, v2 onion services, backport from 0.4.5.1-alpha):
    - Fix a rendezvous cache unit test that was triggering an underflow
    on the global rend cache allocation. Fixes bug 40125; bugfix
    on 0.2.8.1-alpha.
    - Fix another rendezvous cache unit test that was triggering an
    underflow on the global rend cache allocation. Fixes bug 40126;
    bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (correctness, buffers, backport from 0.4.4.4-rc):
    - Fix a correctness bug that could cause an assertion failure if we
    ever tried using the buf_move_all() function with an empty input
    buffer. As far as we know, no released versions of Tor do this.
    Fixes bug 40076; bugfix on 0.3.3.1-alpha.
    o Minor bugfixes (logging, backport from 0.4.5.1-alpha):
    - Remove a debug logging statement that uselessly spammed the logs.
    Fixes bug 40135; bugfix on 0.3.5.0-alpha.
    o Minor bugfixes (rate limiting, bridges, pluggable transports, backport from 0.4.4.4-rc):
    - On a bridge, treat all connections from an ExtORPort as remote by
    default for the purposes of rate-limiting. Previously, bridges
    would treat the connection as local unless they explicitly
    received a "USERADDR" command. ExtORPort connections still count
    as local if there is a USERADDR command with an explicit local
    address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
    o Minor bugfixes (relay configuration, crash, backport from 0.4.5.1-alpha):
    - Avoid a fatal assert() when failing to create a listener
    connection for an address that was in use. Fixes bug 40073; bugfix
    on 0.3.5.1-alpha.
    o Minor bugfixes (relay, usability, backport from 0.4.4.3-alpha):
    - Adjust the rules for when to warn about having too many
    connections to other relays. Previously we'd tolerate up to 1.5
    connections per relay on average. Now we tolerate more connections
    for directory authorities, and raise the number of total
    connections we need to see before we warn. Fixes bug 33880; bugfix
    on 0.3.1.1-alpha.
    o Minor bugfixes (relays, backport from 0.4.4.1-alpha):
    - Stop advertising incorrect IPv6 ORPorts in relay and bridge
    descriptors, when the IPv6 port was configured as "auto". Fixes
    bug 32588; bugfix on 0.2.3.9-alpha.
    o Minor bugfixes (tests, 0.4.4.5):
    - Fix the behavior of the rend_cache/clean_v2_descs_as_dir when run
    on its own. Previously, it would exit with an error. Fixes bug
    40099; bugfix on 0.2.8.1-alpha.
    o Minor bugfixes (windows, backport from 0.4.4.4-rc):
    - Fix a bug that prevented Tor from starting if its log file grew
    above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
    o Deprecated features (onion service v2, backport form 0.4.4.2-alpha):
    - Add a deprecation warning for version 2 onion services. Closes
    ticket 40003.
    Changes in version 0.4.4.5 - 2020-09-15
    Tor 0.4.4.5 is the first stable release in the 0.4.4.x series. This
    Markdown is supported
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment