Tor: Update to 0.4.7.10

Changes in version 0.4.7.10 - 2022-08-12
  This version updates the geoip cache that we generate from IPFire location
  database to use the August 9th, 2022 one. Everyone MUST update to this
  latest release else circuit path selection and relay metrics are badly
  affected.

  o Major bugfixes (geoip data):
    - IPFire informed us on August 12th that databases generated after
      (including) August 10th did not have proper ARIN network allocations. We
      are updating the database to use the one generated on August 9th, 2022.
      Fixes bug 40658; bugfix on 0.4.7.9.

Changes in version 0.4.7.9 - 2022-08-11
  This version contains several major fixes aimed at reducing memory pressure on
  relays and possible side-channel. It also contains a major bugfix related to
  congestion control also aimed at reducing memory pressure on relays.
  Finally, there is last one major bugfix related to Vanguard L2 layer node
  selection.

  We strongly recommend to upgrade to this version especially for Exit relays
  in order to help the network defend against this ongoing DDoS.

  o Major bugfixes (congestion control):
    - Implement RFC3742 Limited Slow Start. Congestion control was
      overshooting the congestion window during slow start, particularly
      for onion service activity. With this fix, we now update the
      congestion window more often during slow start, as well as dampen
      the exponential growth when the congestion window grows above a
      capping parameter. This should reduce the memory increases guard
      relays were seeing, as well as allow us to set lower queue limits
      to defend against ongoing DoS attacks. Fixes bug 40642; bugfix
      on 0.4.7.5-alpha.

  o Major bugfixes (relay):
    - Remove OR connections btrack subsystem entries when the connections
      close normally. Before this, we would only remove the entry on error and
      thus leaking memory for each normal OR connections. Fixes bug 40604;
      bugfix on 0.4.0.1-alpha.
    - Stop sending TRUNCATED cell and instead close the circuit from which we
      received a DESTROY cell. This makes every relay in the circuit path to
      stop queuing cells. Fixes bug 40623; bugfix on 0.1.0.2-rc.

  o Major bugfixes (vanguards):
    - We had omitted some checks for whether our vanguards (second layer
      guards from proposal 333) overlapped. Now make sure to pick each
      of them to be independent. Also, change the design to allow them
      to come from the same family. Fixes bug 40639; bugfix
      on 0.4.7.1-alpha.

  o Minor features (dirauth):
    - Add a torrc option to control the Guard flag bandwidth threshold
      percentile. Closes ticket 40652.
    - Add an AuthDirVoteGuard torrc option that can allow authorities to
      assign the Guard flag to the given fingerprints/country code/IPs.
      This is a needed feature mostly for defense purposes in case a DoS
      hits the network and relay start losing the Guard flags too fast.
    - Make UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE,
      TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD tunable
      from torrc.

  o Minor features (fallbackdir):
    - Regenerate fallback directories generated on August 11, 2022.

  o Minor features (geoip data):
    - Update the geoip files to match the IPFire Location Database, as
      retrieved on 2022/08/11.

  o Minor bugfixes (congestion control):
    - Add a check for an integer underflow condition that might happen
      in cases where the system clock is stopped, the ORconn is blocked,
      and the endpoint sends more than a congestion window worth of non-
      data control cells at once. This would cause a large congestion
      window to be calculated instead of a small one. No security
      impact. Fixes bug 40644; bugfix on 0.4.7.5-alpha.

  o Minor bugfixes (defense in depth):
    - Change a test in the netflow padding code to make it more
      _obviously_ safe against remotely triggered crashes. (It was safe
      against these before, but not obviously so.) Fixes bug 40645;
      bugfix on 0.3.1.1-alpha.

  o Minor bugfixes (relay):
    - Do not propagate either forward or backward a DESTROY remote reason when
      closing a circuit in order to avoid a possible side channel. Fixes bug
      40649; bugfix on 0.1.2.4-alpha.

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>

diff --git a/lfs/tor b/lfs/tor
index 3c1194ac630422491ea83dbdda3d10d67df80441..c41b6dbeda176a6f39d29fd0dbc21697b0b3b2d7 100644 (file)
--- a/lfs/tor
+++ b/lfs/tor
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = Anonymizing overlay network for TCP (The onion router)
 
-VER        = 0.4.7.8
+VER        = 0.4.7.10
 
 THISAPP    = tor-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 40f6eab453d95a09e4531ce7cdb59715a21b84e1d0b1045d107add6a443fb7563a5747734b23e0e1dfda6490a5a7659f912e38c11cdb5fa635535dcff6169eeb
+$(DL_FILE)_BLAKE2 = 46a9d932e7451bcc683e18d296d7a26bb4b544767cf4622910ebf90d82715718451ec3e0d6cd215eff5fe2cc3ae8441b8e6065c5877d7fc92c2f26ab5c7fa0cb
 
 install : $(TARGET)