UPDATE: Don't upgrade to these bundles. The version of OpenSSL in these bundles -- even though it fixes some bugs -- introduces new bugs that will prevent Tor from working on many computers. See the following links for more information:
- Watch out for openssl 1.0.1d if you're using AESNI
- stitched aes-ni ciphers in openssl 1.0.1d seems to break SSL Handshakes/Renegotiations
Please continue using the old bundles. All of the download links have been downgraded to the previous version. We will release updated bundles in a few days. Thanks.
All of the bundles have been updated. The alpha bundles contain the latest Tor 0.2.4.10-alpha and all of the bundles have received an OpenSSL update (1.0.1d for everything except the PPC Vidalia bundles which have 0.9.8y). The regular obfsproxy bundles have been discontinued but pyobfsproxy/flashproxy bundles are available from the obfsproxy page. We plan to begin shipping these as part of the regular release cycle within the next month or two.
Tor Browser Bundle (2.3.25-3)
- Update OpenSSL to 1.0.1d
- Update HTTPS Everywhere to 3.1.3
- Update NoScript to 188.8.131.52
Tor Browser Bundle (2.4.10-alpha-1)
- Update Tor to 0.2.4.10-alpha
- Update OpenSSL to 1.0.1d
- Update NoScript to 184.108.40.206
- Add PDF Viewer (PDF.js) to README
The Tor Browser Bundles have all been updated to the latest Firefox 12.0 as well as a number of other software updates, bugfixes, and new features. We've rebranded Firefox so it should now be more easy to distinguish between it and your normal Firefox. We've also added Korean and Vietnamese to the available languages.
UPDATE: The Mac OS X 64-bit bundles had a minor Vidalia problem that prevented TorBrowser from being launched. They have been updated to 2.2.35-9.1 and are now available on the website.
Tor Browser Bundle (2.2.35-9)
- Update Firefox to 12.0
- Update OpenSSL to 1.0.1b
- Update Libevent to 2.0.18-stable
- Update Qt to 4.8.1
- Update Libpng to 1.5.10
- Update HTTPS Everywhere to 2.0.2
- Update NoScript to 2.3.9
- Rebrand Firefox to TorBrowser (closes: #2176)
- New Firefox patches
- Make Download Manager memory-only (closes: #4017)
- Add DuckDuckGo and Startpage to Omnibox (closes: #4902)
- Add Steven Michaud's OS X crash fix patch. It doesn't fix #5021 but will hopefully help us debug further. See also:
- Make the 32-bit Tor Browser Bundle compatible with OS X 10.5
The Tor Browser Bundles have all been updated to the latest Firefox (10.0) as well as a number of other software version updates.
Tor Browser Bundle (2.2.35-5)
- Update Firefox to 10.0
- Update Qt to 4.7.4
- Update OpenSSL to 1.0.0g
- Update zlib to 1.2.6
- Update HTTPS Everywhere to 1.2.2
- Update NoScript to 2.2.8
- New Firefox patches
- Limit the number of fonts per document
- Put documentation in remove-shared-lib-symlinks debug dumps (closes: #4984)
- Make sure mozconfig always gets copied into the Firefox build directory
Yet another OpenSSL security patch broke its compatibility with Tor:
Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b.
The original announcement is at http://archives.seul.org/or/talk/Nov-2010/msg00172.html
Changes in version 0.2.2.19-alpha - 2010-11-21
- Resolve an incompatibility with openssl 0.9.8p and openssl 1.0.0b:
No longer set the tlsext_host_name extension on server SSL objects;
but continue to set it on client SSL objects. Our goal in setting
it was to imitate a browser, not a vhosting server. Fixes bug 2204;
bugfix on 0.2.1.1-alpha.
- Try harder not to exceed the maximum length of 50 KB when writing
Minor bugfixes: read more »
There's a new buffer overflow vulnerability in versions of OpenSSL from 0.9.8f through 0.9.8o, and 1.0.0 through 1.0.0a. You can read the security advisory for the whole story.
So far as we can tell from our current analysis, Tor is not affected. Here's why:
The advisory says:
Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are NOT affected.
Tor qualifies for both of the safe cases: Tor does disable OpenSSL's internal session caching. This happens in the file src/common/tortls.c, when we call SSL_CTX_set_session_cache_mode(result->ctx,SSL_SESS_CACHE_OFF). Tor has done this since since version 0.0.2pre6 back in 2003. read more »
Apple responded to my bug report about a broken openssl. I've since built test packages for OS X 10.5 and 10.6 users. Their response is:
Thank you for your report of this issue with Tor.
The issue you're seeing is because the current versions of the development tools were created before the OpenSSL security fix, and so do not include the "SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION" definition in the OpenSSL headers.
You can work around this issue by supplying the definition to Tor directly, for example by compiling Tor using
CPPFLAGS='-DSSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION=0x0010' ./configure && make
This will work on both Leopard and Snow Leopard.
If you have an Intel (i386) Mac, use the normal i386 packages for Tor 0.2.2.8-alpha release at https://www.torproject.org/download.
If you have a PowerPC (ppc) Mac AND are running OS X 10.5 or 10.6, use these packages: read more »
Apple OS X Security Update 2010-001 removes OpenSSL renegotation, http://support.apple.com/kb/HT1222. We've filed a bug report with Apple on this issue. Their standard response so far is http://support.apple.com/kb/HT4004.
In the meanwhile, we have bug #1225 open, https://bugs.torproject.org/flyspray/index.php?do=details&id=1225. Add yourself to the Notifications if you want updates as they happen. A fine explanation of why Tor is not affected by the TLS renegotiation bug can be found at https://bugs.torproject.org/flyspray/index.php?do=details&id=1225&area=c...
Packages for testing are available at:
READ THIS FINE PRINT: read more »
- These will only work on OSX 10.5 and 10.6 (both i386 and powerpc). Tor fails to compile when using the 10.4 libraries and static openssl.
- Tor-0.2.2.8-alpha-i386-Bundle.dmg is compiled to replace the tor
On November 19, we released the latest in the Tor alpha series, version 0.2.2.6-alpha. This release lays the groundwork for many upcoming features:
support for the new lower-footprint "microdescriptor" directory design,
future-proofing our consensus format against new hash functions or
other changes, and an Android port. It also makes Tor compatible with
the upcoming OpenSSL 0.9.8l release, and fixes a variety of bugs.
It can be downloaded at https://www.torproject.org/download.html.en
- Directory authorities can now create, vote on, and serve multiple
parallel formats of directory data as part of their voting process.
Partially implements Proposal 162: "Publish the consensus in
- Directory authorities can now agree on and publish small summaries
of router information that clients can use in place of regular
server descriptors. This transition will eventually allow clients read more »
Torbutton 1.2.0rc1 (released June 1), the first release candidate for the next stable series of the security-enhanced Torbutton Firefox extension, features functional support for Firefox 3. However, this support has not been extensively tested. In particular, timezone masking does not work at all. The workaround is to manually set the environment variable 'TZ' to 'UTC' before starting Firefox. This works on both Linux and Windows:
Tor 0.2.0.27-rc (released June 3) adds a few features we left out of the earlier release candidates. In particular, we now include an IP-to-country GeoIP database, so controllers can easily look up what country a given relay is in, and so bridge relays can give us some sanitized summaries about which countries are making use of bridges. (See proposal 126-geoip-fetching.txt for details.)
Torbutton 1.2.0rc2 (released June 8) features a fix for an annoying bug on MacOS, and adds much clamored for options to start Firefox in a specific Tor state:
Tor 0.2.0.28-rc (released June 13) fixes an anonymity-related bug, fixes a hidden-service performance bug, and fixes a bunch of smaller bugs.
Tor 0.2.1.1-alpha (released June 13) fixes a lot of memory fragmentation problems that were making the Tor process bloat especially on Linux; makes our TLS handshake blend in better; sends "bootstrap phase" status events to the controller, so it can keep the user informed of progress (and problems) fetching directory information and establishing circuits; and adds a variety of smaller features. http://archives.seul.org/or/talk/Jun-2008/msg00185.html
Vidalia 0.1.4 (released June 13) adds a bootstrap progress bar, UPnP support, a new set of freely licensed GUI icons, and fixes a few bugs. read more »