security fixes | Tor Blog

New stable Tor releases, with security fixes: 0.3.1.9, 0.3.0.13, 0.2.9.14, 0.2.8.17, 0.2.5.16

There are new stable releases today, fixing the following security issues. For more information about the issues, follow the links from from https://trac.torproject.org/projects/tor/wiki/TROVE

New Tor Browser Bundles with Firefox 17.0.9esr

The stable and beta Tor Browser Bundles have been updated with Firefox 17.0.9esr.

73 comments

New bundles (security release)

New Bundles (security release)

78 comments

New Tor Browser Bundles (security release)

The Tor Browser Bundles have been updated with a very important security fix.

49 comments

New Tor Browser Bundles

The Tor Browser Bundles have been updated to Tor 0.2.2.35 which has a fix for a security critical bug.

50 comments

Tor 0.2.2.35 is released (security patches)

Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's
buffers code. Absolutely everybody should upgrade.

8 comments

Tor 0.2.3.10-alpha is out (security fix)

Tor 0.2.3.10-alpha fixes a critical heap-overflow security issue in
Tor's buffers code. Absolutely everybody should upgrade.

4 comments

Tor 0.2.2.34 is released (security patches)

Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker
can deanonymize Tor users. Everybody should upgrade.

50 comments

Tor 0.2.3.5-alpha is out

Tor 0.2.3.5-alpha fixes two bugs that make it possible to enumerate
bridge relays; fixes an assertion error that many users started hitting

3 comments

New Tor Browser Bundles

The Tor Browser Bundles have been updated again, this time with Firefox 6.0.2, Torbutton 1.4.2, and more privacy-enhancing patches.

76 comments

Upcoming Events

There are currently no upcoming events scheduled.

See All Upcoming Events

Recent Updates

New release candidate: Tor 0.4.5.4-rc

There's a new release candidate available for download. If you build Tor from source, you can download the source code for 0.4.5.4-rc from the download page on the website. Packages should be available over the coming weeks, with a new alpha Tor Browser release likely around this coming Tuesday.

Tor 0.4.5.4-rc is the second release candidate in its series. It fixes several bugs present in previous releases.

We expect that the stable release will be the same, or almost the same, as this release candidate, unless serious bugs are found.

Changes in version 0.4.5.4-rc - 2021-01-22

Major bugfixes (authority, IPv6):
- Do not consider multiple relays in the same IPv6 /64 network to be sybils. Fixes bug 40243; bugfix on 0.4.5.1-alpha.
Major bugfixes (directory cache, performance, windows):
- Limit the number of items in the consensus diff cache to 64 on Windows. We hope this will mitigate an issue where Windows relay operators reported Tor using 100% CPU, while we investigate better solutions. Fixes bug 24857; bugfix on 0.3.1.1-alpha.

New stable Tor releases, with security fixes: 0.3.1.9, 0.3.0.13, 0.2.9.14, 0.2.8.17, 0.2.5.16

New Tor Browser Bundles with Firefox 17.0.9esr

New bundles (security release)

New Tor Browser Bundles (security release)

New Tor Browser Bundles

Tor 0.2.2.35 is released (security patches)

Tor 0.2.3.10-alpha is out (security fix)

Tor 0.2.2.34 is released (security patches)

Tor 0.2.3.5-alpha is out

New Tor Browser Bundles

New release candidate: Tor 0.4.5.4-rc

Changes in version 0.4.5.4-rc - 2021-01-22

New Release: Tor Browser 10.5a7

The State of IPv6 support on the Tor network

New Release: Tor Browser 10.0.8