1. We are sorrowed to report that one of the Founding Members has passed on. Dee (Righthand) is well remembered as contributing much to the operation of SurvivalMonkey, and is already greatly missed. Little lady, big person.

TOR Tor is released, with important fixes

Discussion in 'TOR | TAILS' started by survivalmonkey, Aug 24, 2016.

  1. survivalmonkey

    survivalmonkey Monkey+++

    Tor continues development of the 0.2.9 series with several new features and bugfixes. It also includes an important authority update and an important bugfix from Everyone who sets the ReachableAddresses option, and all bridges, are strongly encouraged to upgrade to, or to

    You can download the source from the usual place on the website.
    Packages should be available over the next several days. Remember
    to check the signatures!

    Please note: This is an alpha release. You should only try this one if you are interested in tracking Tor development, testing new features, making sure that Tor still builds on unusual platforms, or generally trying to hunt down bugs. If you want a stable experience, please stick to the stable releases.

    Below are the changes since

    Changes in version - 2016-08-24

    • Directory authority changes (also in
      • The "Tonga" bridge authority has been retired; the new bridge authority is "Bifroest". Closes tickets 19728 and 19690.
    • Major bugfixes (client, security, also in
      • Only use the ReachableAddresses option to restrict the first hop in a path. In earlier versions of 0.2.8.x, it would apply to every hop in the path, with a possible degradation in anonymity for anyone using an uncommon ReachableAddress setting. Fixes bug 19973; bugfix on

      • Major features (user interface):
        • Tor now supports the ability to declare options deprecated, so that we can recommend that people stop using them. Previously, this was done in an ad-hoc way. Closes ticket 19820.
      • Major bugfixes (directory downloads):
        • Avoid resetting download status for consensuses hourly, since we already have another, smarter retry mechanism. Fixes bug 8625; bugfix on
      • Minor features (config):
        • Warn users when descriptor and port addresses are inconsistent. Mitigates bug 13953; patch by teor.
      • Minor features (geoip):
        • Update geoip and geoip6 to the August 2 2016 Maxmind GeoLite2 Country database.
      • Minor features (user interface):
        • There is a new --list-deprecated-options command-line option to list all of the deprecated options. Implemented as part of ticket 19820.
      • Minor bugfixes (code style):
        • Fix an integer signedness conversion issue in the case conversion tables. Fixes bug 19168; bugfix on
      • Minor bugfixes (compilation):
        • Build correctly on versions of libevent2 without support for evutil_secure_rng_add_bytes(). Fixes bug 19904; bugfix on
        • Fix a compilation warning on GCC versions before 4.6. Our ENABLE_GCC_WARNING macro used the word "warning" as an argument, when it is also required as an argument to the compiler pragma. Fixes bug 19901; bugfix on
      • Minor bugfixes (compilation, also in
        • Remove an inappropriate "inline" in tortls.c that was causing warnings on older versions of GCC. Fixes bug 19903; bugfix on
      • Minor bugfixes (fallback directories, also in
        • Avoid logging a NULL string pointer when loading fallback directory information. Fixes bug 19947; bugfix on and Report and patch by "rubiate".
      • Minor bugfixes (logging):
        • Log a more accurate message when we fail to dump a microdescriptor. Fixes bug 17758; bugfix on Patch from Daniel Pinto.
      • Minor bugfixes (memory leak):
        • Fix a series of slow memory leaks related to parsing torrc files and options. Fixes bug 19466; bugfix on
      • Deprecated features:
        • A number of DNS-cache-related sub-options for client ports are now deprecated for security reasons, and may be removed in a future version of Tor. (We believe that client-side DNS cacheing is a bad idea for anonymity, and you should not turn it on.) The options are: CacheDNS, CacheIPv4DNS, CacheIPv6DNS, UseDNSCache, UseIPv4Cache, and UseIPv6Cache.
        • A number of options are deprecated for security reasons, and may be removed in a future version of Tor. The options are: AllowDotExit, AllowInvalidNodes, AllowSingleHopCircuits, AllowSingleHopExits, ClientDNSRejectInternalAddresses, CloseHSClientCircuitsImmediatelyOnTimeout, CloseHSServiceRendCircuitsImmediatelyOnTimeout, ExcludeSingleHopRelays, FastFirstHopPK, TLSECGroup, UseNTorHandshake, and WarnUnsafeSocks.
        • The *ListenAddress options are now deprecated as unnecessary: the corresponding *Port options should be used instead. These options may someday be removed. The affected options are: ControlListenAddress, DNSListenAddress, DirListenAddress, NATDListenAddress, ORListenAddress, SocksListenAddress, and TransListenAddress.
      • Documentation:
        • Correct the IPv6 syntax in our documentation for the VirtualAddrNetworkIPv6 torrc option. Closes ticket 19743.
      • Removed code:
        • We no longer include the (dead, deprecated) bufferevent code in Tor. Closes ticket 19450. Based on a patch from U+039b.

    Continue reading...
survivalmonkey SSL seal        survivalmonkey.com warrant canary