Download Tor 0.2.1.21

Tor is a network that can be used to surf the Internet anonymously. All users’ tcp traffic is routed through different Tor routers, after which it is no longer possible for the recipient to trace who the original sender was. This information is still present within the Tor network, so that answers – of course also via the system of routers – eventually arrive at the right place. The developers have released version 0.2.1.21 with the following announcement:

Tor 0.2.1.21 has been released

Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL library. If you use Tor on Linux / Unix and you’re getting SSL renegotiation errors, upgrading should help. We also recommend an upgrade if you’re an exit relay.

Major bug fixes:

• Work around a security feature in OpenSSL 0.9.8l that prevents our handshake from working unless we explicitly tell OpenSSL that we are using SSL renegotiation safely. We are, of course, but OpenSSL 0.9.8l won’t work unless we say we are.
• Avoid crashing if the client is trying to upload many bytes and the circuit gets torn down at the same time, or if the flip side happens on the exit relay. Bug fix on 0.2.0.1 alpha; fixes bug 1150.

Minor bug fixes:

• Do not refuse to learn about authority certs and v2 networkstatus documents that are older than the latest consensus. This bug might have degraded client bootstrapping. Bug fix on 0.2.0.10-alpha. Spotted and fixed by xmux.
• Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-trigger platform-specific option misparsing case found by Coverity Scan.
• Fix a compilation warning on Fedora 12 by removing an impossible-to-trigger assert. Fix bug 1173.