Skip to main content
Home

The Tor Project

Enter the terms you wish to search for.

Main menu

  • About Tor
  • Donate

Tor Browser 3.5.1 is released

by mikeperry | January 27, 2014

The 3.5.1 release of the Tor Browser Bundle is now available on the Download page.

  • 90 comments

Tor Browser Bundle 3.5 is released

by mikeperry | December 18, 2013

Update 12/20: Test builds of Pluggable Transport bundles are now available. See inline and see the FAQ link for more details.

  • 442 comments

Tor Browser Bundle 3.5rc1 Released

by mikeperry | December 12, 2013

The first release candidate in the 3.5 series of the Tor Browser Bundle is now available from the Tor Package Archive:

  • 160 comments

Tor Browser Bundle 3.0rc1 Released

by mikeperry | November 21, 2013

The first release candidate in the 3.0 series of the Tor Browser Bundle is now available from the Tor Package Archive:

  • 42 comments

Tor Browser Bundle 3.0beta1 Released

by mikeperry | November 06, 2013

The first beta release in the 3.0 series of the Tor Browser Bundle is now available from the Tor Package Archive:

  • 30 comments

Tor Browser Bundle 3.0alpha4 Released

by mikeperry | September 26, 2013

The third alpha release in the 3.0 series of the Tor Browser Bundle is now available from the Tor Package Archive:

  • 56 comments

Tor Browser Bundle 3.0alpha3 Released

by mikeperry | August 09, 2013

The third alpha release in the 3.0 series of the Tor Browser Bundle is now available from the Tor Package Archive:

  • 66 comments

Tor Browser Bundle 3.0alpha2 Released

by mikeperry | June 30, 2013

The second alpha release in the 3.0 series of the Tor Browser Bundle is now available from the

  • 28 comments

Announcing Tor Browser Bundle 3.0alpha1

by mikeperry | June 17, 2013

Update 2013/6/28: Describe workaround for the Windows d2d1.dll crash.

  • 44 comments

Upcoming Events

July 12, 2021 - July 16, 2021
Privacy Enhancing Technologies Symposium (PETS)
August 27, 2021
Free and Open Communications on the Internet (FOCI) workshop
See All Upcoming Events

Recent Updates

Internet Freedom, Privacy, & LGBTQIA+ Human Rights

by alsmith | June 14, 2021

Every June, we recognize Pride month because internet freedom and the human rights of LGBTQIA+ people go hand in hand.

New stable security releases: 0.3.5.15, 0.4.4.9, 0.4.5.9, 0.4.6.5

by nickm | June 14, 2021

After months of work, we have a new stable release series! If you build Tor from source, you can download the source code for 0.4.6.5 on the download page. Packages should be available within the next several weeks, with a new Tor Browser around the end of the week.

Because this release includes security fixes, we are also releasing updates for our other supported releases. You can find their source at https://dist.torproject.org:

  • 0.3.5.15 (gpg signature) (ChangeLog)
  • 0.4.4.9 (gpg signature) (ChangeLog) [Note that 0.4.4.9 hits end-of-life tomorrow; this is the last supported 0.4.4.9 release.]
  • 0.4.5.9 (gpg signature) (ChangeLog)

Tor 0.4.6.5 is the first stable release in its series. The 0.4.6.x series includes numerous features and bugfixes, including a significant improvement to our circuit timeout algorithm that should improve observed client performance, and a way for relays to report when they are overloaded.

This release also includes security fixes for several security issues, including a denial-of-service attack against onion service clients, and another denial-of-service attack against relays. Everybody should upgrade to one of 0.3.5.15, 0.4.4.9, 0.4.5.9, or 0.4.6.5.

Below are the changes since 0.4.5.8. For a list of changes since 0.4.6.4-rc, see the ChangeLog file.

Changes in version 0.4.6.5 - 2021-06-14

  • Major bugfixes (security):
    • Don't allow relays to spoof RELAY_END or RELAY_RESOLVED cell on half-closed streams. Previously, clients failed to validate which hop sent these cells: this would allow a relay on a circuit to end a stream that wasn't actually built with it. Fixes bug 40389; bugfix on 0.3.5.1-alpha. This issue is also tracked as TROVE-2021- 003 and CVE-2021-34548.
  • Major bugfixes (security, defense-in-depth):
    • Detect more failure conditions from the OpenSSL RNG code. Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself. Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Fixes bug 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.

 

New Release: Tor Browser 10.5a16

by sysrqb | June 11, 2021

Tor Browser 10.5a16 is now available from the Tor Browser download page and also from our

New Release: Tor Browser 10.0.17

by sysrqb | June 02, 2021

Tor Browser 10.0.17 is now available from the Tor Browser download page and also from our

© 2021 The Tor Project

Footer

  • The Tor Project
  • RSS
  • Donate