Path to this page:
Subject: CVS commit: pkgsrc/net/tor
From: Thomas Klausner
Date: 2023-11-09 08:56:37
Message id: 20231109075637.A0CB2FA2F@cvs.NetBSD.org
Log Message:
tor: update to 0.4.8.8.
Changes in version 0.4.8.8 - 2023-11-03
We are releasing today a fix for a high security issue, TROVE-2023-004, that
is affecting relays. Also a few minor bugfixes detailed below. Please upgrade
as soon as posssible.
o Major bugfixes (TROVE-2023-004, relay):
- Mitigate an issue when Tor compiled with OpenSSL can crash during
handshake with a remote relay. Fixes bug 40874; bugfix
on 0.2.7.2-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on November 03, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/11/03.
o Minor bugfixes (directory authority):
- Look at the network parameter "maxunmeasuredbw" with the correct
spelling. Fixes bug 40869; bugfix on 0.4.6.1-alpha.
o Minor bugfixes (vanguards addon support):
- Count the conflux linked cell as valid when it is successfully
processed. This will quiet a spurious warn in the vanguards addon.
Fixes bug 40878; bugfix on 0.4.8.1-alpha.
Changes in version 0.4.8.7 - 2023-09-25
This version fixes a single major bug in the Conflux subsystem on the client
side. See below for more information. The upcoming Tor Browser 13 stable will
pick this up.
o Major bugfixes (conflux):
- Fix an issue that prevented us from pre-building more conflux sets
after existing sets had been used. Fixes bug 40862; bugfix
on 0.4.8.1-alpha.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on September 25, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/09/25.
Changes in version 0.4.8.6 - 2023-09-18
This version contains an important fix for onion service regarding congestion
control and its reliability. Apart from that, uneeded BUG warnings have been
suppressed especially about a compression bomb seen on relays. We strongly
recommend, in particular onion service operators, to upgrade as soon as
possible to this latest stable.
o Major bugfixes (onion service):
- Fix a reliability issue where services were expiring their
introduction points every consensus update. This caused
connectivity issues for clients caching the old descriptor and
intro points. Bug reported and fixed by gitlab user
@hyunsoo.kim676. Fixes bug 40858; bugfix on 0.4.7.5-alpha.
o Minor features (debugging, compression):
- Log the input and output buffer sizes when we detect a potential
compression bomb. Diagnostic for ticket 40739.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on September 18, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/09/18.
o Minor bugfix (defensive programming):
- Disable multiple BUG warnings of a missing relay identity key when
starting an instance of Tor compiled without relay support. Fixes
bug 40848; bugfix on 0.4.3.1-alpha.
o Minor bugfixes (bridge authority):
- When reporting a pseudo-networkstatus as a bridge authority, or
answering "ns/purpose/*" controller requests, include accurate
published-on dates from our list of router descriptors. Fixes bug
40855; bugfix on 0.4.8.1-alpha.
o Minor bugfixes (compression, zstd):
- Use less frightening language and lower the log-level of our run-
time ABI compatibility check message in our Zstd compression
subsystem. Fixes bug 40815; bugfix on 0.4.3.1-alpha.
Changes in version 0.4.8.5 - 2023-08-30
Quick second release after the first stable few days ago fixing minor
annoying bugfixes creating log BUG stacktrace. We also fix BSD compilation
failures and PoW unit test.
o Minor features (fallbackdir):
- Regenerate fallback directories generated on August 30, 2023.
o Minor features (geoip data):
- Update the geoip files to match the IPFire Location Database, as
retrieved on 2023/08/30.
o Minor bugfix (NetBSD, compilation):
- Fix compilation issue on NetBSD by avoiding an unnecessary
dependency on "huge" page mappings in Equi-X. Fixes bug 40843;
bugfix on 0.4.8.1-alpha.
o Minor bugfix (NetBSD, testing):
- Fix test failures in "crypto/hashx" and \
"slow/crypto/equix" on
x86_64 and aarch64 NetBSD hosts, by adding support for
PROT_MPROTECT() flags. Fixes bug 40844; bugfix on 0.4.8.1-alpha.
o Minor bugfixes (conflux):
- Demote a relay-side warn about too many legs to ProtocolWarn, as
there are conditions that it can briefly happen during set
construction. Also add additional set logging details for all
error cases. Fixes bug 40841; bugfix on 0.4.8.1-alpha.
- Prevent non-fatal assert stacktrace caused by using conflux sets
during their teardown process. Fixes bug 40842; bugfix
on 0.4.8.1-alpha.
Files: