firefox updates
New Tor Browser Bundles with Firefox 17.0.10esr
Posted November 1st, 2013 by erinnFirefox 17.0.10esr has been released with several security fixes and all of the Tor Browser Bundles have been updated. All users are encouraged to upgrade.
https://www.torproject.org/projects/torbrowser.html.en#downloads
Tor Browser Bundle (2.3.25-14)
- Update Firefox to 17.0.10esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f... - Update LibPNG to 1.6.6
- Update NoScript to 2.6.8.4
- Update HTTPS-Everywhere to 3.4.2
- Firefox patch changes:
- Hide infobar for missing plugins. (closes: #9012)
- Change the default entry page for the addons tab to the installed addons page. (closes: #8364)
- Make flash objects really be click-to-play if flash is enabled. (closes: #9867)
- Make getFirstPartyURI log+handle errors internally to simplify caller usage of the API. (closes: #3661)
- Remove polipo and privoxy from the banned ports list. (closes: #3661)
- misc: Fix a potential memory leak in the Image Cache isolation
- misc: Fix a potential crash if OS theme information is ever absent
Tor Browser Bundle (2.4.17-rc-1)
- Update Firefox to 17.0.10esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f... - Update LibPNG to 1.6.6
- Update NoScript to 2.6.8.4
- Downgrade HTTPS-Everywhere to 3.4.2 in preparation for this becoming the stable bundle
- Firefox patch changes:
- Hide infobar for missing plugins. (closes: #9012)
- Change the default entry page for the addons tab to the installed addons page. (closes: #8364)
- Make flash objects really be click-to-play if flash is enabled. (closes: #9867)
- Make getFirstPartyURI log+handle errors internally to simplify caller usage of the API. (closes: #3661)
- Remove polipo and privoxy from the banned ports list. (closes: #3661)
- misc: Fix a potential memory leak in the Image Cache isolation
- misc: Fix a potential crash if OS theme information is ever absent
New Tor Browser Bundles with Firefox 17.0.9esr
Posted September 20th, 2013 by erinnThe stable and beta Tor Browser Bundles have been updated with Firefox 17.0.9esr. This release of Firefox has many important security updates and all users are strongly encouraged to upgrade.
The beta version includes an updated HTTPS Everywhere which fixes the problems many users were having with the google.com OCSP meltdown.
https://www.torproject.org/projects/torbrowser.html.en#downloads
Tor Browser Bundle (2.3.25-13)
- Update Firefox to 17.0.9esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f... - Update HTTPS Everywhere to 3.4.1
- Update NoScript to 2.6.7.1
- Remove extraneous libevent libraries (closes: #9727)
- Enable GCC hardening for Tor
- Firefox patch changes:
- - Disable filtered results in Startpage omnibox (closes: #8839)
Tor Browser Bundle (2.4.17-beta-2)
- Update Firefox to 17.0.9esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#f... - Update LibPNG to 1.6.3
- Update HTTPS Everywhere to 4.0development.12
- Update NoScript to 2.6.7.1
- Remove extraneous libevent libraries (closes: #9727)
- Enable GCC hardening for Tor
- Firefox patch changes:
- - Disable filtered results in Startpage omnibox (closes: #8839)
- Add missing geoip file to Linux bundle
(entry missing from regular changelog)
New Tor Browser Bundles with Firefox 17.0.6esr
Posted May 14th, 2013 by erinnThere is a new Firefox 17.0.6esr out and all of the Tor Browser Bundles (stable and alpha branches) have been updated. The new stable TBBs have a lot of new and updated Firefox patches, so those of you who were experiencing crashes should no longer be seeing that behavior. Please let us know if you do by opening a ticket with details.
The stable Tor Browser Bundles are available at their normal location.
The alpha Tor Browser Bundles are available here.
Tor Browser Bundle (2.3.25-8)
- Update Firefox to 17.0.6esr
- Update HTTPS Everywhere to 3.2
- Update Torbutton to 1.5.2
- Update libpng to 1.5.15
- Update NoScript to 2.6.6.1
- Firefox patch changes:
- Apply font limits to @font-face local() fonts and disable fallback
rendering for @font-face. (closes: #8455) - Use Optimistic Data SOCKS handshake (improves page load performance).
(closes: #3875) - Honor the Windows theme for inverse text colors (without leaking those
colors to content). (closes: #7920) - Increase pipeline randomization and try harder to batch pipelined
requests together. (closes: #8470) - Fix an image cache isolation domain key misusage. May fix several image
cache related crash bugs with New Identity, exit, and certain websites.
(closes: #8628) - Torbutton changes:
- Allow session restore if the user allows disk actvity (closes: #8457)
- Remove the Display Settings panel and associated locales (closes: #8301)
- Fix "Transparent Torification" option. (closes: #6566)
- Fix a hang on New Identity. (closes: #8642)
- Build changes:
- Fetch our source deps from an https mirror (closes: #8286)
- Create watch scripts for syncing mirror sources and monitoring mirror
integrity (closes: #8338) - Update Firefox to 17.0.6esr
- Update NoScript to 2.6.6.1
Tor Browser Bundle (2.4.12-alpha-2)
New Firefox 17 and Tor alpha bundles
Posted January 28th, 2013 by erinnWe have some test Tor Browser Bundles available for testing! They contain Firefox 17.0.2esr which we're planning to switch to in February. Just as a reminder: these are alpha bundles. We're still testing them ourselves but we want to get them out for wider circulation so we can find out about any dealbreaker bugs before moving Firefox 17 into the stable bundles. For the more sophisticated users out there, we'd love it if you could run Wireshark with the bundles and let us know if you see anything untoward.
Alpha Tor Browser Bundles can be downloaded here:
https://www.torproject.org/projects/torbrowser.html.en
All of the Tor packages have been updated with Tor 0.2.4.9-alpha as well.
https://www.torproject.org/download/download-easy
Tor Browser Bundle (2.4.9-alpha-1)
- Update Firefox to 17.0.2esr
- Update Tor to 0.2.4.9-alpha
- Update Torbutton to 1.5.0pre-alpha
- Update NoScript to 2.6.4.3
- Update HTTPS-Everywhere to 4.0development.5
- Add Mozilla's PDF.js extension to give people the ability to read PDFs in
TBB - Prevent TBB from trying to access the X session manager (closes: #5261)
- Firefox patch changes:
- Isolate image cache to url bar domain (closes: #5742 and #6539)
- Enable DOM storage and isolate it to url bar domain (closes: #6564)
- Include nsIHttpChannel.redirectTo API for HTTPS-Everywhere (closes: #5477)
- Misc preference changes:
- Disable DOM performance timers (dom.enable_performance) (closes: #6204)
- Disable HTTP connection retry timeout (network.http.connection-retry-timeout) (closes: #7656)
- Disable full path information for plugins (plugin.expose_full_path) (closes: #6210)
- Disable NoScript's block of remote WebFonts (noscript.forbidFonts) (closes: #7937)
New Tor Browser Packages with Tor 0.2.3 upgrade
Posted December 3rd, 2012 by erinnAfter a year of testing, new tor browser bundles which include the new stable branch of Tor are now available. A full changelog is available for every operating system.
The Tor 0.2.3.x stable branch represents over a year of work on improvements to the core Tor technology behind Tor Browser.
Tor Browser is available for download at https://www.torproject.org/download/download-easy.html.en
Software updates included in this release are:
Tor Browser Bundle (2.3.25-1)
- Update Tor to 0.2.3.25
- Update Firefox 10.0.11esr
- Update Vidalia to 0.2.21
- Update NoScript to 2.6.2
New Tor Browser Bundles and alpha bundles
Posted October 29th, 2012 by erinnAll of the Tor Browser Bundles have been updated with the latest Firefox 10.0.10esr release and all of the alpha packages, including the alpha Tor Browser Bundles, have been updated with the latest release of Tor 0.2.3.24-rc.
https://www.torproject.org/download
Further notes about Tor Browser Bundle updates:
Tor Browser Bundle (2.2.39-5)
- Update Firefox to 10.0.10esr
- Update NoScript to 2.5.9
Tor Browser Bundle (2.3.24-alpha-1)
- Update Tor to 0.2.3.24-rc
- Update Firefox to 10.0.10esr
- Update NoScript to 2.5.9
- Update HTTPS Everywhere to 4.0development.2
New Tor Browser Bundles and alpha bundles
Posted October 23rd, 2012 by erinnThe stable Tor Browser Bundles have been updated to fix a crash bug that existed in the previous version. If you were experiencing problems, please update and let us know if you have any further problems.
All alpha bundles have also been updated to Tor 0.2.3.23-rc. We've downgraded the Firefox version in the alpha Tor Browser Bundles to 10.0.9esr and will continue to keep the same version of Firefox in both bundles for the foreseeable future. In addition to that, the Linux and OS X versions have automatic port selection re-enabled, so those of you who were experiencing trouble running a concurrent system Tor on those systems should no longer have any issues.
All users who were using Tor 0.2.3.22-rc are strongly encouraged to upgrade.
https://www.torproject.org/download
Further notes about Tor Browser Bundle updates:
Tor Browser Bundle (2.2.39-4)
- Update Firefox patches to prevent crashing (closes: #7128)
- Update HTTPS Everywhere to 3.0.2
- Update NoScript to 2.5.8
Tor Browser Bundle (2.3.23-alpha-1)
- Update Tor to 0.2.3.23-rc
- Update Firefox to 10.0.9esr
- Update HTTPS Everywhere to 4.0development.1
- Update NoScript to 2.5.8
- Re-enable automatic Control and SOCKS port selection on Linux and OSX
New Tor Browser Bundles
Posted August 29th, 2012 by erinnThe stable Tor Browser Bundles have all been updated to the latest Firefox 10.0.07esr release.
https://www.torproject.org/download
Tor Browser Bundle (2.2.38-2)
- Update Firefox to 10.0.7esr
- Update Libevent to 2.0.20-stable
- Update NoScript to 2.5.2
- Update HTTPS Everywhere to 2.2.1
New Tor Browser Bundles
Posted April 28th, 2012 by erinnThe Tor Browser Bundles have all been updated to the latest Firefox 12.0 as well as a number of other software updates, bugfixes, and new features. We've rebranded Firefox so it should now be more easy to distinguish between it and your normal Firefox. We've also added Korean and Vietnamese to the available languages.
UPDATE: The Mac OS X 64-bit bundles had a minor Vidalia problem that prevented TorBrowser from being launched. They have been updated to 2.2.35-9.1 and are now available on the website.
https://www.torproject.org/download
Tor Browser Bundle (2.2.35-9)
- Update Firefox to 12.0
- Update OpenSSL to 1.0.1b
- Update Libevent to 2.0.18-stable
- Update Qt to 4.8.1
- Update Libpng to 1.5.10
- Update HTTPS Everywhere to 2.0.2
- Update NoScript to 2.3.9
- Rebrand Firefox to TorBrowser (closes: #2176)
- New Firefox patches
- Make Download Manager memory-only (closes: #4017)
- Add DuckDuckGo and Startpage to Omnibox (closes: #4902)
- Add Steven Michaud's OS X crash fix patch. It doesn't fix #5021 but will hopefully help us debug further. See also:
https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35 - Make the 32-bit Tor Browser Bundle compatible with OS X 10.5
New Tor Browser Bundles for Linux
Posted February 20th, 2012 by SebastianThe Tor Browser Bundles for Linux have all been updated to really include the latest Firefox, 10.0.2.
https://www.torproject.org/download
Tor Browser Bundle for Linux (2.2.35-7.2)
- Really update Firefox to 10.0.2
- Update libpng to 1.5.9
Please note that this time around, I made and signed the bundles as Erinn is travelling. I hope all the previous issues have been fixed, and would like to apologize for taking so long to get updated Linux bundles out. Please report any issues you find on our bugtracker.
You can find my gpg key's fingerprint on the signing keys page.
