Minor bugfixes (compilation): – Fix a compilation warning within the unit exams on techniques the place char is signed. The majority of the channel unit assessments have been rewritten and the code coverage has now been raised to 83.6% for channel.c. And even if you happen to simply have to wait in a broken car! Major bugfixes (safety, relay): – When running as a relay, make sure that we never construct a path by means of ourselves, even within the case the place we’ve got by some means misplaced the version of our descriptor showing within the consensus. Major bugfixes (security, onion service v2): – Fix a use-after-free error that would crash v2 Tor onion companies once they failed to open circuits while expiring introduction factors. Fixes bug 24480; bugfix on 0.2.5.16. o Minor bugfixes (correctness): – Fix several places in our codebase where a C compiler could be more likely to eradicate a verify, based on assuming that undefined behavior had not happened elsewhere in the code. Closes ticket 21151. – Document the default habits of NumEntryGuards and NumDirectoryGuards correctly. Implements ticket 24681. o Minor options (geoip): – Update geoip and geoip6 to the January 5 2018 Maxmind GeoLite2 Country database. Just a day after the release of Ubuntu 20.04.5 LTS, which ships with Linux kernel 5.15 LTS from Ubuntu 22.04 LTS by default, a new kernel update is now available to address several security issues, including CVE-2022-1729, a race condition found by Norbert Slusarek in the perf subsystem that could allow a privileged local attacker to trigger a denial of service (system crash) or probably execute arbitrary code.

Closes ticket 24394. o Minor bugfixes (client): – By default, don’t allow storage of shopper-aspect DNS values. Closes ticket 23709. – Remove other useless code from the channel subsystem: All collectively, this cleanup has eliminated greater than 1500 strains of code general and adding very little except for unit check. Code simplification and refactoring (circuit rendezvous): – Split the consumer-facet rendezvous circuit lookup into two functions: one which returns only established circuits and one other that returns all sorts of circuits. Fixes bug 22895; bugfix on 0.2.7.2-alpha. o Minor bugfixes (logging, relay shutdown, annoyance, backport from 0.3.2.2-alpha): – When a circuit is marked for shut, do not attempt to package any cells for channels on that circuit. Fixes bug 24425; bugfix on 0.3.2.1-alpha. o Minor bugfixes (memory utilization): – When queuing DESTROY cells on a channel, solely queue the circuit-id and motive fields: not all the 514-byte cell. Fixes bug 18859; bugfix on 0.2.3.3-alpha. o Minor features (logging): – Provide better warnings when the getrandom() syscall fails. Minor features (safety, reminiscence erasure, backport from 0.2.8.1-alpha): – Make memwipe() do nothing when passed a NULL pointer or buffer of zero measurement.

Fixes bug 23693; bugfix on 0.2.6.3-alpha. o Minor bugfixes (testing, backport from 0.3.1.6-rc): – Fix an undersized buffer in check-memwipe.c. Because the OOM handler cleans up circuit queues, we are better off at conserving them in that queue as an alternative of the connection’s buffer. This change should make Tor purchasers extra responsive by enhancing their chances of having a pre-created circuit ready for use when a request arrives. If you are shopping and you see one thing you want at an excellent price, buy tons of it, chances are high you won’t be seeing it again in your subsequent visit (flip-arounds are quick in some stores, think my dog ate insulation and won’t re-stock the same gadgets again). Related to bug 16248. o Minor features (DoS-resistance, backport from 0.2.7.1-alpha): – Make it harder for attackers to overload hidden companies with introductions, by blocking multiple introduction requests on the identical circuit. Major bugfixes (circuit prediction): – Fix circuit prediction logic so that a consumer doesn’t deal with a port as being “handled” by a circuit if that circuit already has isolation settings on it. Fixes a part of bug 19969; bugfix on 0.2.8.1-alpha. o Major bugfixes (client efficiency, backport from 0.2.9.5-alpha): – Clients now reply to new software stream requests instantly after they arrive, relatively than ready up to at least one second before beginning to handle them.

Fixes bug 24671; bugfix on 0.3.2.1-alpha. Changes in model 0.3.2.7-rc – 2017-12-14 Tor 0.3.2.7-rc fixes various bugs in earlier versions of Tor, together with some that might have an effect on reliability or correctness. Changes in version 0.2.8.17 – 2017-12-01 Tor 0.2.8.17 backports necessary security and stability bugfixes from later Tor releases. Changes in version 0.2.9.14 – 2017-12-01 Tor 0.3.0.13 backports necessary security and stability bugfixes from later Tor releases. Fixes bug 23696; bugfix on 0.3.2.1-alpha. Changes in version 0.3.2.6-alpha – 2017-12-01 This version of Tor is the latest in the 0.3.2 alpha collection. Implements ticket 24489. Changes in model 0.3.2.9 – 2018-01-09 Tor 0.3.2.9 is the first stable release within the 0.3.2 collection. That is the first launch candidate within the 0.3.2 series. Note: the Tor 0.2.Eight collection will no longer be supported after 1 Jan 2018. When you want a release with lengthy-time period support, please persist with the 0.2.9 collection. Instead, enable the consensus cache directory to develop larger, to carry information that may need to stay around longer.