Below are the major changes of the released versions and links to more detailed release notes.
Quick note: This is the very last release of the 0.4.6.x series which has been end of life (EOL) since August 1st, 2022. Do upgrade to the 0.4.7.x series as soon as possible.
Finally, we STRONGLY urge everyone to upgrade to our latest stable (0.4.7.9) if possible considering the importance of the fixes we are releasing today.
These releases have multiple minor fixes that were backported for 0.4.5.x and 0.4.6.x. The rest of the fixes aim at helping with the ongoing DDoS on the network mainly to reduce memory pressure on the relays and improve our DoS mitigation measures.
As for 0.4.7.x new stable release, the major bugfixes are explained below.
We’ve implemented RFC3742 (Limited Slow Start). In short, congestion control was overshooting the congestion window during slow start, particularly for onion service activity.
With this fix, we now update the congestion window more often during slow start, as well as dampen the exponential growth when the congestion window grows above a capping parameter. This should reduce the memory increases guard relays were seeing, as well as allow us to set lower queue limit to defend against ongoing DoS attacks.
We’ve also made several major fixes in an attempt to limit memory pressure at relays. In that process, we’ve also eliminated a theoretical possible side-channel for extra safety. Please see the release notes for more details.
We’ve also added several
torrc options in order to help us tune the
Guard flag assignation algorithm. This is especially important in a situation where the network loses Guard relays due to ongoing large scale attacks. We now have knobs to help us tweak the algorithm depending on network conditions which our Network Health team is constantly monitoring.