update to upstream release 0.3.1.9.
    
    Fixes:
    
    * CVE-2017-8819: Replay-cache ineffective for v2 onion services
    * CVE-2017-8820: Remote DoS attack against directory authorities
    * CVE-2017-8821: An attacker can make Tor ask for a password
    * CVE-2017-8822: Relays can pick themselves in a circuit path
    * CVE-2017-8823: Use-after-free in onion service v2