1. The Topic of the Month for October is "Make this the Perfect Bugout Location". Please join the discussion in the TOTM forum.

TOR Tor Browser 6.5a3-hardened is released

Discussion in 'TOR | TAILS' started by survivalmonkey, Sep 20, 2016.

  1. survivalmonkey

    survivalmonkey Monkey+++

    A new hardened Tor Browser release is available. It can be found in the 6.5a3-hardened distribution directory and on the download page for hardened builds.

    This release features important security updates to Firefox including the recently disclosed extension update vulnerability. All users should upgrade as soon as possible.

    In addition to the changes from Tor Browser 6.5a3, the creation of incremental MARs for hardened builds is now fixed.

    Note: Due to bug 20185 Tor Browser will not work correctly if the path where it is installed is too long. As a workaround you may need to move it to a directory with a shorter path.

    • All Platforms
    • Update Firefox to 45.4.0esr
    • Update Tor to
    • Update OpenSSL to 1.0.2h (bug 20095)
    • Update Torbutton to
      • Bug 17334: Move referrer spoofing for .onion domains into tor-browser.git
      • Bug 17767: Make "JavaScript disabled" more visible in Security Slider
      • Bug 19995: Clear site security settings during New Identity
      • Bug 19906: "Maximizing Tor Browser" Notification can exist multiple times
      • Bug 19837: Whitelist internal URLs that Firefox requires for media
      • Bug 15852: Remove/synchronize Torbutton SOCKS pref logic
      • Bug 19733: GETINFO response parser doesn't handle AF_UNIX entries + IPv6
      • Bug 14271: Make Torbutton work with Unix Domain Socket option
      • Translation updates
    • Update Tor Launcher to 0.2.11
      • Bug 14272: Make Tor Launcher work with Unix Domain Socket option
      • Bug 19568: Set CurProcD for Thunderbird/Instantbird
      • Bug 19432: Remove special handling for Instantbird/Thunderbird
      • Translation updates
    • Update HTTPS-Everywhere to 5.2.4
    • Update NoScript to
    • Bug 19851: Fix ASan error by upgrading GCC to 5.4.0
    • Bug 17858: Fix creation of incremental MARs for hardened builds
    • Bug 14273: Backport patches for Unix Domain Socket support
    • Bug 19890: Disable installation of system addons
    • Bug 17334: Spoof referrer when leaving a .onion domain
    • Bug 20092: Rotate ports for default obfs4 bridges
    • Bug 20040: Add update support for unpacked HTTPS Everywhere
    • Bug 20118: Don't unpack HTTPS Everywhere anymore
    • Bug 19336 rel="nofollow">+19835: Enhance about:tbupdate page

    Continue reading...
    Ganado likes this.
survivalmonkey SSL seal        survivalmonkey.com warrant canary