Tor 0.0.8pre2 is out
Roger Dingledine
arma at mit.edu
Wed Aug 4 07:42:12 UTC 2004
We've fixed a few more bugs from 0.0.7.2, including a pair of security
issues.
tarball: http://freehaven.net/tor/dist/tor-0.0.8pre2.tar.gz
signature: http://freehaven.net/tor/dist/tor-0.0.8pre2.tar.gz.asc
(use -t tor-0_0_8pre2 if you want to check out from cvs)
---Note to 0.0.7.x server operators---
When you upgrade your server, the 0.0.8 code will rename your
$datadirectory/keys/identity.key file to secret_id_key.
If you downgrade to 0.0.7, you'll have to rename it back manually.
---Note to server operators---
Changes from 0.0.7.2:
o Security fixes:
- Check directory signature _before_ you decide whether you're
you're running an obsolete version and should exit.
- Check directory signature _before_ you parse the running-routers
list to decide who's running or verified.
o Bugfixes and features:
- Check return value of fclose while writing to disk, so we don't
end up with broken files when servers run out of disk space.
- Log a warning if the user uses an unsafe socks variant, so people
are more likely to learn about privoxy or socat.
- Dirservers now include RFC1123-style dates in the HTTP headers,
which one day we will use to better detect clock skew.
Changes from 0.0.8pre1:
o Make it compile without warnings again on win32.
o Log a warning if you're running an unverified server, to let you
know you might want to get it verified.
o Only pick a default nickname if you plan to be a server.
More information about the tor-dev
mailing list