Tor 0.0.8pre2 is out

Roger Dingledine arma at mit.edu
Wed Aug 4 07:42:12 UTC 2004


We've fixed a few more bugs from 0.0.7.2, including a pair of security
issues.

tarball:   http://freehaven.net/tor/dist/tor-0.0.8pre2.tar.gz
signature: http://freehaven.net/tor/dist/tor-0.0.8pre2.tar.gz.asc
(use -t tor-0_0_8pre2 if you want to check out from cvs)

---Note to 0.0.7.x server operators---
When you upgrade your server, the 0.0.8 code will rename your
$datadirectory/keys/identity.key file to secret_id_key.
If you downgrade to 0.0.7, you'll have to rename it back manually.
---Note to server operators---

Changes from 0.0.7.2:
  o Security fixes:
    - Check directory signature _before_ you decide whether you're
      you're running an obsolete version and should exit.
    - Check directory signature _before_ you parse the running-routers
      list to decide who's running or verified.
  o Bugfixes and features:
    - Check return value of fclose while writing to disk, so we don't
      end up with broken files when servers run out of disk space.
    - Log a warning if the user uses an unsafe socks variant, so people
      are more likely to learn about privoxy or socat.
    - Dirservers now include RFC1123-style dates in the HTTP headers,
      which one day we will use to better detect clock skew.

Changes from 0.0.8pre1:
  o Make it compile without warnings again on win32.
  o Log a warning if you're running an unverified server, to let you
    know you might want to get it verified.
  o Only pick a default nickname if you plan to be a server.



More information about the tor-dev mailing list