移动端 | 加入收藏 | 设为首页 | 最新ss | 赞助本站 | RSS
 

freefq.comfree——免费、自由fq——翻墙

困在墙内,请发邮件到freefqcom#gmail.com获得最新免费翻墙方法!
您当前的位置:首页 > 免费翻墙软件

Tor 0.3.0.2-alpha is released

时间:2017-02-02  来源:arma\'s blog  作者:arma 条评论

Tor 0.3.0.2-alpha fixes a denial-of-service bug where an attacker could cause relays and clients to crash, even if they were not built with the --enable-expensive-hardening option. This bug affects all 0.2.9.x versions, and also affects 0.3.0.1-alpha: all relays running an affected version should upgrade.BYl免费翻墙网

Tor 0.3.0.2-alpha also improves how exit relays and clients handle DNS time-to-live values, makes directory authorities enforce the 1-to-1 mapping of relay RSA identity keys to ED25519 identity keys, fixes a client-side onion service reachability bug, does better at selecting the set of fallback directories, and more.BYl免费翻墙网

You can download the source code from https://dist.torproject.org/ but most users should wait for the upcoming 7.0a Tor Browser alpha release, or for their upcoming system package updates.BYl免费翻墙网

Changes in version 0.3.0.2-alpha - 2017-01-23

  • Major bugfixes (security, also in 0.2.9.9):
    • Downgrade the "-ftrapv" option from "always on" to "only on when --enable-expensive-hardening is provided." This hardening option, like others, can turn survivable bugs into crashes--and having it on by default made a (relatively harmless) integer overflow bug into a denial-of-service bug. Fixes bug 21278 (TROVE-2017-001); bugfix on 0.2.9.1-alpha.
  • Major features (security):
    • Change the algorithm used to decide DNS TTLs on client and server side, to better resist DNS-based correlation attacks like the DefecTor attack of Greschbach, Pulls, Roberts, Winter, and Feamster. Now relays only return one of two possible DNS TTL values, and clients are willing to believe DNS TTL values up to 3 hours long. Closes ticket 19769.

 BYl免费翻墙网

  • Major features (directory authority, security):
    • The default for AuthDirPinKeys is now 1: directory authorities will reject relays where the RSA identity key matches a previously seen value, but the Ed25519 key has changed. Closes ticket 18319.
  • Major bugfixes (client, guard, crash):
    • In circuit_get_global_origin_list(), return the actual list of origin circuits. The previous version of this code returned the list of all the circuits, and could have caused strange bugs, including possible crashes. Fixes bug 21118; bugfix on 0.3.0.1-alpha.
  • Major bugfixes (client, onion service, also in 0.2.9.9):
    • Fix a client-side onion service reachability bug, where multiple socks requests to an onion service (or a single slow request) could cause us to mistakenly mark some of the service's introduction points as failed, and we cache that failure so eventually we run out and can't reach the service. Also resolves a mysterious "Remote server sent bogus reason code 65021" log warning. The bug was introduced in ticket 17218, where we tried to remember the circuit end reason as a uint16_t, which mangled negative values. Partially fixes bug 21056 and fixes bug 20307; bugfix on 0.2.8.1-alpha.
  • Major bugfixes (DNS):
    • Fix a bug that prevented exit nodes from caching DNS records for more than 60 seconds. Fixes bug 19025; bugfix on 0.2.4.7-alpha.
  • Minor features (controller):
    • Add "GETINFO sr/current" and "GETINFO sr/previous" keys, to expose shared-random values to the controller. Closes ticket 19925.
  • Minor features (entry guards):
    • Add UseEntryGuards to TEST_OPTIONS_DEFAULT_VALUES in order to not break regression tests.
    • Require UseEntryGuards when UseBridges is set, in order to make sure bridges aren't bypassed. Resolves ticket 20502.
  • Minor features (fallback directories):
    • Select 200 fallback directories for each release. Closes ticket 20881.
    • Allow 3 fallback relays per operator, which is safe now that we are choosing 200 fallback relays. Closes ticket 20912.
    • Exclude relays affected by bug 20499 from the fallback list. Exclude relays from the fallback list if they are running versions known to be affected by bug 20499, or if in our tests they deliver a stale consensus (i.e. one that expired more than 24 hours ago). Closes ticket 20539.
    • Reduce the minimum fallback bandwidth to 1 MByte/s. Part of ticket 18828.
    • Require fallback directories to have the same address and port for 7 days (now that we have enough relays with this stability). Relays whose OnionOO stability timer is reset on restart by bug 18050 should upgrade to Tor 0.2.8.7 or later, which has a fix for this issue. Closes ticket 20880; maintains short-term fix in 0.2.8.2-alpha.
    • Require fallbacks to have flags for 90% of the time (weighted decaying average), rather than 95%. This allows at least 73% of clients to bootstrap in the first 5 seconds without contacting an authority. Part of ticket 18828.
    • Annotate updateFallbackDirs.py with the bandwidth and consensus weight for each candidate fallback. Closes ticket 20878.
    • Make it easier to change the output sort order of fallbacks. Closes ticket 20822.
    • Display the relay fingerprint when downloading consensuses from fallbacks. Closes ticket 20908.
  • Minor features (geoip, also in 0.2.9.9):
    • Update geoip and geoip6 to the January 4 2017 Maxmind GeoLite2 Country database.
  • Minor features (next-gen onion service directories):
    • Remove the "EnableOnionServicesV3" consensus parameter that we introduced in 0.3.0.1-alpha: relays are now always willing to act as v3 onion service directories. Resolves ticket 19899.
  • Minor features (linting):
    • Enhance the changes file linter to warn on Tor versions that are prefixed with "tor-". Closes ticket 21096.
  • Minor features (logging):
    • In several places, describe unset ed25519 keys as "<unset>", rather than the scary "AAAAAAAA...AAA". Closes ticket 21037.
  • Minor bugfix (control protocol):
    • The reply to a "GETINFO config/names" request via the control protocol now spells the type "Dependent" correctly. This is a breaking change in the control protocol. (The field seems to be ignored by the most common known controllers.) Fixes bug 18146; bugfix on 0.1.1.4-alpha.
  • Minor bugfixes (bug resilience):
    • Fix an unreachable size_t overflow in base64_decode(). Fixes bug 19222; bugfix on 0.2.0.9-alpha. Found by Guido Vranken; fixed by Hans Jerry Illikainen.
  • Minor bugfixes (build):
    • Replace obsolete Autoconf macros with their modern equivalent and prevent similar issues in the future. Fixes bug 20990; bugfix on 0.1.0.1-rc.
  • Minor bugfixes (client, guards):
    • Fix bug where Tor would think that there are circuits waiting for better guards even though those circuits have been freed. Fixes bug 21142; bugfix on 0.3.0.1-alpha.
  • Minor bugfixes (config):
    • Don't assert on startup when trying to get the options list and LearnCircuitBuildTimeout is set to 0: we are currently parsing the options so of course they aren't ready yet. Fixes bug 21062; bugfix on 0.2.9.3-alpha.
  • Minor bugfixes (controller):
    • Make the GETINFO interface for inquiring about entry guards support the new guards backend. Fixes bug 20823; bugfix on 0.3.0.1-alpha.
  • Minor bugfixes (dead code):
    • Remove a redundant check for PidFile changes at runtime in options_transition_allowed(): this check is already performed regardless of whether the sandbox is active. Fixes bug 21123; bugfix on 0.2.5.4-alpha.
  • Minor bugfixes (documentation):
    • Update the tor manual page to document every option that can not be changed while tor is running. Fixes bug 21122.
  • Minor bugfixes (fallback directories):
    • Stop failing when a relay has no uptime data in updateFallbackDirs.py. Fixes bug 20945; bugfix on 0.2.8.1-alpha.
    • Avoid checking fallback candidates' DirPorts if they are down in OnionOO. When a relay operator has multiple relays, this prioritizes relays that are up over relays that are down. Fixes bug 20926; bugfix on 0.2.8.3-alpha.
    • Stop failing when OUTPUT_COMMENTS is True in updateFallbackDirs.py. Fixes bug 20877; bugfix on 0.2.8.3-alpha.
  • Minor bugfixes (guards, bootstrapping):
    • When connecting to a directory guard during bootstrap, do not mark the guard as successful until we receive a good-looking directory response from it. Fixes bug 20974; bugfix on 0.3.0.1-alpha.
  • Minor bugfixes (onion services):
    • Fix the config reload pruning of old vs new services so it actually works when both ephemeral and non-ephemeral services are configured. Fixes bug 21054; bugfix on 0.3.0.1-alpha.
    • Allow the number of introduction points to be as low as 0, rather than as low as 3. Fixes bug 21033; bugfix on 0.2.7.2-alpha.
  • Minor bugfixes (IPv6):
    • Make IPv6-using clients try harder to find an IPv6 directory server. Fixes bug 20999; bugfix on 0.2.8.2-alpha.
    • When IPv6 addresses have not been downloaded yet (microdesc consensus documents don't list relay IPv6 addresses), use hard- coded addresses for authorities, fallbacks, and configured bridges. Now IPv6-only clients can use microdescriptors. Fixes bug 20996; bugfix on b167e82 from 19608 in 0.2.8.5-alpha.
  • Minor bugfixes (memory leaks):
    • Fix a memory leak when configuring hidden services. Fixes bug 20987; bugfix on 0.3.0.1-alpha.
  • Minor bugfixes (portability, also in 0.2.9.9):
    • Avoid crashing when Tor is built using headers that contain CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on 0.2.9.1-alpha.
    • Fix Libevent detection on platforms without Libevent 1 headers installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
  • Minor bugfixes (relay):
    • Honor DataDirectoryGroupReadable when tor is a relay. Previously, initializing the keys would reset the DataDirectory to 0700 instead of 0750 even if DataDirectoryGroupReadable was set to 1. Fixes bug 19953; bugfix on 0.0.2pre16. Patch by "redfish".
  • Minor bugfixes (testing):
    • Remove undefined behavior from the backtrace generator by removing its signal handler. Fixes bug 21026; bugfix on 0.2.5.2-alpha.
  • Minor bugfixes (unit tests):
    • Allow the unit tests to pass even when DNS lookups of bogus addresses do not fail as expected. Fixes bug 20862 and 20863; bugfix on unit tests introduced in 0.2.8.1-alpha through 0.2.9.4-alpha.
  • Code simplification and refactoring:
    • Refactor code to manipulate global_origin_circuit_list into separate functions. Closes ticket 20921.
  • Documentation (formatting):
    • Clean up formatting of tor.1 man page and HTML doc, where <pre> blocks were incorrectly appearing. Closes ticket 20885.
  • Documentation (man page):
    • Clarify many options in tor.1 and add some min/max values for HiddenService options. Closes ticket 21058.

来自https://blog.torproject.org/blog/tor-0302-alpha-releasedBYl免费翻墙网

来顶一下
返回首页
返回首页
欢迎评论:免登录,输入验证码即可匿名评论 共有条评论
用户名: 密码:
验证码: 匿名发表

推荐资讯

Octohide VPN:快如闪电的免费VPN
Octohide VPN:快如闪
原子网络加速器 - 免费高速VPN 一键链接 方便快捷
原子网络加速器 - 免费
foxovpn绿狐VPN——即连即用、快速、安全
foxovpn绿狐VPN——即
Dubai VPN - Free, Fast & Secure VPN下载
Dubai VPN - Free, Fa
相关文章
栏目更新
栏目热门
墙外新闻
读者文摘

你可以访问真正的互联网了。You can access the real Internet.

管理员精中特别提醒:本网站域名、主机和管理员都在美国,且本站内容仅为非中国大陆网友服务。禁止中国大陆网友浏览本站!若中国大陆网友因错误操作打开本站网页,请立即关闭!中国大陆网友浏览本站存在法律风险,恳请立即关闭本站所有页面!对于您因浏览本站所遭遇的法律问题、安全问题和其他所有问题,本站均无法负责也概不负责。

特别警告:本站推荐各种免费科学上网软件、app和方法,不建议各位网友购买收费账号或服务。若您因付费购买而遭遇骗局,没有得到想要的服务,请把苦水往自己肚子里咽,本站无法承担也概不承担任何责任!

本站严正声明:各位翻墙的网友切勿将本站介绍的翻墙方法运用于违反当地法律法规的活动,本站对网友的遵纪守法行为表示支持,对网友的违法犯罪行为表示反对!

网站管理员定居美国,因此本站所推荐的翻墙软件及翻墙方法都未经测试,发布仅供网友测试和参考,但你懂的——翻墙软件或方法随时有可能失效,因此本站信息具有极强时效性,想要更多有效免费翻墙方法敬请阅读本站最新信息,建议收藏本站!本站为纯粹技术网站,支持科学与民主,支持宗教信仰自由,反对恐怖主义、邪教、伪科学与专制,不支持或反对任何极端主义的政治观点或宗教信仰。有注明出处的信息均为转载文章,转载信息仅供参考,并不表明本站支持其观点或行为。未注明出处的信息为本站原创,转载时也请注明来自本站。

鉴于各种免费翻墙软件甚至是收费翻墙软件可能存在的安全风险及个人隐私泄漏可能,本站提醒各位网友做好各方面的安全防护措施!本站无法对推荐的翻墙软件、应用或服务等进行全面而严格的安全测试,因此无法对其安全性做保证,无法对您因为安全问题或隐私泄漏等问题造成的任何损失承担任何责任!

S. Grand Ave.,Suite 3910,Los Angeles,CA 90071

知识共享许可协议
本作品采用知识共享署名-非商业性使用 4.0 国际许可协议进行许可。