New Tor Browser Bundles
The Tor Browser Bundles have all been updated to the latest OpenSSL 1.0.1c. All users are strongly encouraged to update.
Tor Browser Bundle (2.2.35-12)
- Update OpenSSL to 1.0.1c
- Update Libevent to 2.0.19-stable
- Update zlib to 1.2.7
- Update NoScript to 2.4.1
"When I start TBB 2.2.35-12, the start page still says I have to upgrade."
Same here on Vistx64. If I then get check.torproject.org from torproject.org, the briowser displays without the upgrade notice. A bug?
First, TBB 2.2.35-13 is out, so it is right that you should upgrade.
As for the bug, Torbutton in TBB loads https://check.torproject.org/RecommendedTBBVersions and checks if its version is in the list. It then sends you to the "you need to update" page if needed. So Torbutton in TBB is the one checking if you're up to date, not some magic run on the check.torproject.org side.
"So Torbutton in TBB is the one checking if you're up to date, not some magic run on the check.torproject.org side."
Gee, that "magic" sounds crabby... I was mystified by the removal of the "check Tor" link on the home page, to which we peasants were referred to previously. As I said in my prev. comment, when I ran check.torproject from there it returned a clean browser screen, That's what led me astray - I wasted time looking for the link to check.torproject.org rather than going to the download page.
I generally run my bridge from the vidalia bridge bundle, so lose track of the TBB updates. I run the bridge from the TBB only when I need the browser, and it seemed to me that ver .13 came along right quick after .12.
BTW, the ver. no. doesn't seem to be included somewhere in the documentation of each version. Maybe it shows up in the program list in Windows control panel - I wouldn't know as I don't install either of these packages to the default locations & so they don't show up in the list.
Anyway, this blog thread has eased my overactive securityitis. live & learn.,,