security fixes | Tor Blog

New stable Tor releases, with security fixes: 0.3.1.9, 0.3.0.13, 0.2.9.14, 0.2.8.17, 0.2.5.16

There are new stable releases today, fixing the following security issues. For more information about the issues, follow the links from from https://trac.torproject.org/projects/tor/wiki/TROVE

The stable and beta Tor Browser Bundles have been updated with Firefox 17.0.9esr.

New Bundles (security release)

The Tor Browser Bundles have been updated with a very important security fix.

The Tor Browser Bundles have been updated to Tor 0.2.2.35 which has a fix for a security critical bug.

Tor 0.2.2.35 fixes a critical heap-overflow security issue in Tor's
buffers code. Absolutely everybody should upgrade.

Tor 0.2.3.10-alpha fixes a critical heap-overflow security issue in
Tor's buffers code. Absolutely everybody should upgrade.

Tor 0.2.2.34 fixes a critical anonymity vulnerability where an attacker
can deanonymize Tor users. Everybody should upgrade.

Tor 0.2.3.5-alpha fixes two bugs that make it possible to enumerate
bridge relays; fixes an assertion error that many users started hitting

The Tor Browser Bundles have been updated again, this time with Firefox 6.0.2, Torbutton 1.4.2, and more privacy-enhancing patches.