+Changes in version 0.4.8.17 - 2025-06-30
+ This is a minor providing a series of minor features especially in the realm
+ of TLS. It also brings a new set of recommended and required sub protocols.
+ And finally, few minor bugfixes, nothing major. As always, we strongly
+ recommend you upgrade as soon as possible.
+
+ o Minor features (security, TLS):
+ - When we are running with OpenSSL 3.5.0 or later, support using the
+ ML-KEM768 for post-quantum key agreement. Closes ticket 41041.
+
+ o Minor feature (client, TLS):
+ - Set the TLS 1.3 cipher list instead of falling back on the
+ default value.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on June 30, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/06/30.
+
+ o Minor features (hsdesc POW):
+ - Tolerate multiple PoW schemes in onion service descriptors, for
+ future extensibility. Implements torspec ticket 272.
+
+ o Minor features (performance TLS):
+ - When running with with OpenSSL 3.0.0 or later, support using
+ X25519 for TLS key agreement. (This should slightly improve
+ performance for TLS session establishment.)
+
+ o Minor features (portability):
+ - Fix warnings when compiling with GCC 15. Closes ticket 41079.
+
+ o Minor features (recommended protocols):
+ - Directory authorities now vote to recommend that clients support
+ certain protocols beyond those that are required. These include
+ improved support for connecting to relays on IPv6, NtorV3, and
+ congestion control. Part of ticket 40836.
+
+ o Minor features (required protocols):
+ - Directory authorities now vote to require clients to support the
+ authenticated SENDME feature, which was introduced in
+ 0.4.1.1-alpha. Part of ticket 40836.
+ - Directory authorities now vote to require relays to support
+ certain protocols, all of which have been implemented since
+ 0.4.7.4-alpha or earlier. These include improved support for
+ connecting to relays on IPv6, NtorV3, running as a rate-limited
+ introduction point, authenticated SENDMEs, and congestion control.
+ Part of ticket 40836.
+
+ o Minor bugfix (conflux):
+ - Avoid a non fatal assert when describing a conflux circuit on the
+ control port after being prepped to be freed. Fixes bug 41037;
+ bugfix on 0.4.8.15.
+
+ o Minor bugfixes (circuit handling):
+ - Prevent circuit_mark_for_close() from being called twice on the
+ same circuit. Fixes bug 40951; bugfix on 0.4.8.16-dev.
+
+ o Minor bugfixes (compiler warnings):
+ - Make sure the two bitfields in the half-closed edge struct are
+ unsigned, as we're using them for boolean values and assign 1 to
+ them. Fixes bug 40911; bugfix on 0.4.7.2-alpha.
+
+ o Minor bugfixes (threads, memory):
+ - Improvements in cleanup of resources used by threads. Fixes bug
+ 40991; bugfix on 0.4.8.13-dev.
+ - Rework start and exit of worker threads.
+
+
Changes in version 0.4.9.2-alpha - 2025-04-02
This is the second alpha of the 0.4.9.x series. We have several new minor
features and a big one, the happy families that was long awaited by relay
Closes ticket 41020.
+Changes in version 0.4.8.16 - 2025-03-24
+ This is quick second release since 0.4.8.15 due to a typo in a directory
+ authority rule file. This only affects directory authorities. Regardless,
+ upgrading to latest stable is always desired.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/03/24.
+
+ o Minor bugfix (dirauth):
+ - Fix typo in flag assignment approved-routers file. Fixes bug
+ 41035; bugfix on 0.4.8.15
+
+
+Changes in version 0.4.8.15 - 2025-03-20
+ This is a minor release fixing a sandbox issue for bandwidth authority and a
+ conflux issue on the control port. It also has a client fix about relay flag
+ usage. We strongly recommend to update as soon as possible as usual.
+
+ o Minor feature (testing, CI):
+ - Use a fixed version of chutney (be881a1e) instead of its current
+ HEAD. This version should also be preferred when testing locally.
+
+ o Minor features (continuous integration):
+ - Upgrade CI runners to use Debian Bookworm instead of Bullseye.
+ Closes ticket 41029.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on March 20, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/03/20.
+
+ o Minor bugfixes (control port):
+ - Correctly report conflux pair information to controller fields
+ Fixes bug 40872; bugfix on 0.4.8.1-alpha
+
+ o Minor bugfixes (relay flag usage):
+ - Fix client usage of the MiddleOnly flag so that MiddleOnly relays
+ are not used as HS IP or RP by clients or services. Additionally,
+ give dirauths the ability to remove specific flags, as an
+ alternative to MiddleOnly. Fixes bug 41023; bugfix on 0.4.7.2-alpha
+
+ o Minor bugfixes (sandbox, bwauth):
+ - Fix sandbox to work for bandwidth authority. Fixes bug 40933;
+ bugfix on 0.2.2.1-alpha
+
+
+Changes in version 0.4.8.14 - 2025-02-05
+ Minor release fixing a major bug affecting onion service directory cache,
+ also known as HSDir. Furthermore, the fallbackdir list had more than 25% of
+ its entries unreachable or gone from the consensus. As usual, we strongly
+ recommend to update to this version as soon as possible.
+
+ o Major bugfixes (onion service directory cache):
+ - When the OOM killer kicks in, cleanup the descriptor cache of an
+ HSDir by looking at the lowest downloaded count instead of time in
+ cache. Fixes bug 40996; bugfix on 0.3.5.1-alpha.
+
+ o Minor feature (testing):
+ - test-network now unconditionally includes IPv6 instead of trying
+ to detect IPv6 support.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on February 05, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/02/05.
+
+ o Minor bugfixes (memory):
+ - Fix a pointer free that wasn't set to NULL afterwards which could
+ be reused by calling back in the free all function. Fixes bug
+ 40989; bugfix on 0.4.8.13.
+
+
Changes in version 0.4.9.1-alpha - 2024-12-03
This is the first alpha of the 0.4.9.x series. This release mostly consists
of bugfixes including some major ones. There are several minor features in
release of Tor. If you want to see more detailed descriptions of the
changes in each development snapshot, see the ChangeLog file.
+Changes in version 0.4.8.17 - 2025-06-30
+ This is a minor providing a series of minor features especially in the realm
+ of TLS. It also brings a new set of recommended and required sub protocols.
+ And finally, few minor bugfixes, nothing major. As always, we strongly
+ recommend you upgrade as soon as possible.
+
+ o Minor features (security, TLS):
+ - When we are running with OpenSSL 3.5.0 or later, support using the
+ ML-KEM768 for post-quantum key agreement. Closes ticket 41041.
+
+ o Minor feature (client, TLS):
+ - Set the TLS 1.3 cipher list instead of falling back on the
+ default value.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on June 30, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/06/30.
+
+ o Minor features (hsdesc POW):
+ - Tolerate multiple PoW schemes in onion service descriptors, for
+ future extensibility. Implements torspec ticket 272.
+
+ o Minor features (performance TLS):
+ - When running with with OpenSSL 3.0.0 or later, support using
+ X25519 for TLS key agreement. (This should slightly improve
+ performance for TLS session establishment.)
+
+ o Minor features (portability):
+ - Fix warnings when compiling with GCC 15. Closes ticket 41079.
+
+ o Minor features (recommended protocols):
+ - Directory authorities now vote to recommend that clients support
+ certain protocols beyond those that are required. These include
+ improved support for connecting to relays on IPv6, NtorV3, and
+ congestion control. Part of ticket 40836.
+
+ o Minor features (required protocols):
+ - Directory authorities now vote to require clients to support the
+ authenticated SENDME feature, which was introduced in
+ 0.4.1.1-alpha. Part of ticket 40836.
+ - Directory authorities now vote to require relays to support
+ certain protocols, all of which have been implemented since
+ 0.4.7.4-alpha or earlier. These include improved support for
+ connecting to relays on IPv6, NtorV3, running as a rate-limited
+ introduction point, authenticated SENDMEs, and congestion control.
+ Part of ticket 40836.
+
+ o Minor bugfix (conflux):
+ - Avoid a non fatal assert when describing a conflux circuit on the
+ control port after being prepped to be freed. Fixes bug 41037;
+ bugfix on 0.4.8.15.
+
+ o Minor bugfixes (circuit handling):
+ - Prevent circuit_mark_for_close() from being called twice on the
+ same circuit. Fixes bug 40951; bugfix on 0.4.8.16-dev.
+
+ o Minor bugfixes (compiler warnings):
+ - Make sure the two bitfields in the half-closed edge struct are
+ unsigned, as we're using them for boolean values and assign 1 to
+ them. Fixes bug 40911; bugfix on 0.4.7.2-alpha.
+
+ o Minor bugfixes (threads, memory):
+ - Improvements in cleanup of resources used by threads. Fixes bug
+ 40991; bugfix on 0.4.8.13-dev.
+ - Rework start and exit of worker threads.
+
+
+Changes in version 0.4.8.16 - 2025-03-24
+ This is quick second release since 0.4.8.15 due to a typo in a directory
+ authority rule file. This only affects directory authorities. Regardless,
+ upgrading to latest stable is always desired.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/03/24.
+
+ o Minor bugfix (dirauth):
+ - Fix typo in flag assignment approved-routers file. Fixes bug
+ 41035; bugfix on 0.4.8.15
+
+
+Changes in version 0.4.8.15 - 2025-03-20
+ This is a minor release fixing a sandbox issue for bandwidth authority and a
+ conflux issue on the control port. It also has a client fix about relay flag
+ usage. We strongly recommend to update as soon as possible as usual.
+
+ o Minor feature (testing, CI):
+ - Use a fixed version of chutney (be881a1e) instead of its current
+ HEAD. This version should also be preferred when testing locally.
+
+ o Minor features (continuous integration):
+ - Upgrade CI runners to use Debian Bookworm instead of Bullseye.
+ Closes ticket 41029.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on March 20, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/03/20.
+
+ o Minor bugfixes (control port):
+ - Correctly report conflux pair information to controller fields
+ Fixes bug 40872; bugfix on 0.4.8.1-alpha
+
+ o Minor bugfixes (relay flag usage):
+ - Fix client usage of the MiddleOnly flag so that MiddleOnly relays
+ are not used as HS IP or RP by clients or services. Additionally,
+ give dirauths the ability to remove specific flags, as an
+ alternative to MiddleOnly. Fixes bug 41023; bugfix on 0.4.7.2-alpha
+
+ o Minor bugfixes (sandbox, bwauth):
+ - Fix sandbox to work for bandwidth authority. Fixes bug 40933;
+ bugfix on 0.2.2.1-alpha
+
+
+Changes in version 0.4.8.14 - 2025-02-05
+ Minor release fixing a major bug affecting onion service directory cache,
+ also known as HSDir. Furthermore, the fallbackdir list had more than 25% of
+ its entries unreachable or gone from the consensus. As usual, we strongly
+ recommend to update to this version as soon as possible.
+
+ o Major bugfixes (onion service directory cache):
+ - When the OOM killer kicks in, cleanup the descriptor cache of an
+ HSDir by looking at the lowest downloaded count instead of time in
+ cache. Fixes bug 40996; bugfix on 0.3.5.1-alpha.
+
+ o Minor feature (testing):
+ - test-network now unconditionally includes IPv6 instead of trying
+ to detect IPv6 support.
+
+ o Minor features (fallbackdir):
+ - Regenerate fallback directories generated on February 05, 2025.
+
+ o Minor features (geoip data):
+ - Update the geoip files to match the IPFire Location Database, as
+ retrieved on 2025/02/05.
+
+ o Minor bugfixes (memory):
+ - Fix a pointer free that wasn't set to NULL afterwards which could
+ be reused by calling back in the free all function. Fixes bug
+ 40989; bugfix on 0.4.8.13.
+
+
Changes in version 0.4.8.13 - 2024-10-24
This is minor release fixing an important client circuit building (Conflux
related) bug which lead to performance degradation and extra load on the
projects / thirdparty / tor.git / commitdiff
