Tor Browser 6.0a3-hardened is released
This release features important security updates to Firefox.
This release bumps the versions of several of our components, e.g.: Firefox to 38.7.0esr, Tor to 0.2.8.1-alpha, OpenSSL to 1.0.1s, NoScript to 184.108.40.206 and HTTPS-Everywhere to 5.1.4.
Additionally, we fixed long-standing bugs in our Tor circuit display and window resizing code, and improved the usability of our font fingerprinting defense further.
Note: There is no incremental update from 6.0a2-hardened available due to bug 17858. The internal updater should work, though, doing a complete update.
Here is the complete changelog since 6.0a2-hardened:
Tor Browser 6.0a3-hardened -- March 8
- All Platforms
- Update Firefox to 38.7.0esr
- Update Tor to 0.2.8.1-alpha
- Update OpenSSL to 1.0.1s
- Update NoScript to 220.127.116.11
- Update HTTPS Everywhere to 5.1.4
- Update Torbutton to 18.104.22.168
- Bug 18030: Isolate favicon requests on Page Info dialog
- Bug 18297: Use separate Noto JP,KR,SC,TC fonts
- Bug 18170: Make sure the homepage is shown after an update as well
- Bug 16728: Add test cases for favicon isolation
- Bug 18292: Disable staged updates on Windows