Tor Browser 10.5a16 is now available from the Tor Browser download page and also from our distribution directory.

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.6.4-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely next week.

Remember, this is a not a stable release yet: but we still hope that people will try it out and look for bugs before the official stable release comes out in June.

Tor 0.4.6.4-rc fixes a few bugs from previous releases. This, we hope, the final release candidate in its series: unless major new issues are found, the next release will be stable.

Changes in version 0.4.6.4-rc - 2021-05-28

• Minor features (compatibility):
  • Remove an assertion function related to TLS renegotiation. It was used nowhere outside the unit tests, and it was breaking compilation with recent alpha releases of OpenSSL 3.0.0. Closes ticket 40399.
• Minor bugfixes (consensus handling):
  • Avoid a set of bugs that could be caused by inconsistently preferring an out-of-date consensus stored in a stale directory cache over a more recent one stored on disk as the latest consensus. Fixes bug 40375; bugfix on 0.3.1.1-alpha.

Welcome to the onion space. We've been here since 2014, and we grow every day. In a few months, some onions will rot, while others will blossom. Dusk was the first onion; now there are hundreds of thousands. In an entirely different corner of the universe, where smart contracts thrive, Dusk is being auctioned. You can bid for it by interacting with functions living in a chain of blocks.

We have a new stable release today. If you build Tor from source, you can download the source code for Tor 0.4.5.8 on the download page. Packages should be available within the next several weeks, with a new Tor Browser likely next week.

Tor 0.4.5.8 fixes several bugs in earlier version, backporting fixes from the 0.4.6.x series.

Changes in version 0.4.5.8 - 2021-05-10

• Minor features (compatibility, Linux seccomp sandbox, backport from 0.4.6.3-rc):
  • Add a workaround to enable the Linux sandbox to work correctly with Glibc 2.33. This version of Glibc has started using the fstatat() system call, which previously our sandbox did not allow. Closes ticket 40382; see the ticket for a discussion of trade-offs.
• Minor features (compilation, backport from 0.4.6.3-rc):
  • Make the autoconf script build correctly with autoconf versions 2.70 and later. Closes part of ticket 40335.

There's a new release candidate available for download. If you build Tor from source, you can download the source code for Tor 0.4.6.3-rc from the download page on the website. Packages should be available over the coming weeks, with a new Tor Browser release likely next week.

Tor 0.4.6.3-rc is the first release candidate in its series. It fixes a few small bugs from previous versions, and adds a better error message when trying to use (no longer supported) v2 onion services.

Though we anticipate that we'll be doing a bit more clean-up between now and the stable release, we expect that our remaining changes will be fairly simple. There will likely be at least one more release candidate before 0.4.6.x is stable.

Changes in version 0.4.6.3-rc - 2021-05-10

• Major bugfixes (onion service, control port):
  • Make the ADD_ONION command properly configure client authorization. Before this fix, the created onion failed to add the client(s). Fixes bug 40378; bugfix on 0.4.6.1-alpha.
• Minor features (compatibility, Linux seccomp sandbox):
  • Add a workaround to enable the Linux sandbox to work correctly with Glibc 2.33. This version of Glibc has started using the fstatat() system call, which previously our sandbox did not allow. Closes ticket 40382; see the ticket for a discussion of trade-offs.

Guest post by Glencora Borradaile