A new hardened Tor Browser release is available. It can be found in the 6.0a2-hardened distribution directory and on the download page for hardened builds. This release features important security updates to Firefox. Users on the security level "High" or "Medium-High" were not affected by the bugs in the Graphite font rendering library. Additionally, we fixed a number of issues found with the release of Tor Browser 5.5, which already got addressed in Tor Browser 5.5.1, and we switched to a Debian Wheezy system for building the hardened series as well. Note: There is no incremental update from 6.0a1-hardened available due to bug 17858. The internal updater should work, though, doing a complete update. Here is the complete changelog since 6.0a1-hardened: Tor Browser 6.0a2-hardened -- February 15 2016 All Platforms Update Firefox to 38.6.1esr Update NoScript to 2.9.0.3 Bug 18168: Don't clear an iframe's window.name (fix of #16620) Bug 18137: Add two new obfs4 default bridges Windows Bug 18169: Whitelist zh-CN UI font OS X Bug 18172: Add Emoji support Linux Bug 18172: Add Emoji support Build System Linux Bug 15578: Switch to Debian Wheezy guest VMs (10.04 LTS is EOL) Bug 18198: Building the hardened Tor Browser in a Debian Wheezy VM is broken Continue reading...