New release candidate: 0.4.4.4-rc

New release candidate: 0.4.4.4-rc

New release candidate: 0.4.4.4-rc New release candidate: 0.4.4.4-rc png base64 iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAAA1BMVEUAAP KeNJXAAAAAXRSTlMAQObYZgAAAAlwSFlzAAAOxAAADsQBlSsOGwAAAApJREFUCNdjYAAAAAIAAeIhvDMAAAAASUVORK5CYII

nickm
August 13, 2020

There’s a new alpha release available for download. If you build Tor from source, you can download the source code for 0.4.4.4-rc from the download page. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely in the coming weeks.

Remember, this is a release candidate, not a a stable release: you should only run this if you’d like to find and report more bugs than usual.

Tor 0.4.4.4-rc is the first release candidate in its series. It fixes several bugs in previous versions, including some that caused annoying behavior for relay and bridge operators.

Changes in version 0.4.4.4-rc – 2020-08-13

  • Minor features (security):
    • Channels using obsolete versions of the Tor link protocol are no longer allowed to circumvent address-canonicity checks. (This is only a minor issue, since such channels have no way to set ed25519 keys, and therefore should always be rejected for circuits that specify ed25519 identities.) Closes ticket 40081.
  • Minor features (defense in depth):
    • Wipe more data from connection address fields before returning them to the memory heap. Closes ticket 6198.

 

  • Minor bugfixes (correctness, buffers):
    • Fix a correctness bug that could cause an assertion failure if we ever tried using the buf_move_all() function with an empty input buffer. As far as we know, no released versions of Tor do this. Fixes bug 40076; bugfix on 0.3.3.1-alpha.
  • Minor bugfixes (linux seccomp2 sandbox):
    • Fix startup crash with seccomp sandbox enabled when tor tries to open the data directory. Patch from Daniel Pinto. Fixes bug 40072; bugfix on 0.4.4.3-alpha-dev.
  • Minor bugfixes (onion service v3):
    • Remove a BUG() warning that could trigger in certain unlikely edge-cases. Fixes bug 34086; bugfix on 0.3.2.1-alpha.
  • Minor bugfixes (rate limiting, bridges, pluggable transports):
    • On a bridge, treat all connections from an ExtORPort as remote by default for the purposes of rate-limiting. Previously, bridges would treat the connection as local unless they explicitly received a “USERADDR” command. ExtORPort connections still count as local if there is a USERADDR command with an explicit local address. Fixes bug 33747; bugfix on 0.2.5.1-alpha.
  • Minor bugfixes (relay, self-testing):
    • When starting up as a relay, if we haven’t been able to verify that we’re reachable, only launch reachability tests at most once a minute. Previously, we had been launching tests up to once a second, which was needlessly noisy. Fixes bug 40083; bugfix on 0.2.8.1-alpha.
  • Minor bugfixes (testing):
    • When running the subsystem order check, use the Python binary configured with the PYTHON environment variable. Fixes bug 40095; bugfix on 0.4.4.1-alpha.
  • Minor bugfixes (windows):
    • Fix a bug that prevented Tor from starting if its log file grew above 2GB. Fixes bug 31036; bugfix on 0.2.1.8-alpha.
Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts