- tor-announce - lists.torproject.org

New Release: Tor Browser 15.0.11 (Android, Windows, macOS, Linux)
by Giorgio Maone 28 Apr '26

28 Apr '26

Hi everyone, Tor Browser 15.0.11 has now been published for all platforms. For details please see our blog post <https://blog.torproject.org/new-release-tor-browser-15011/>. * All Platforms o Updated NoScript to 13.6.18.1984 o Bug tor-browser#44907 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44907>: Rebase Tor Browser onto 140.10.1esr * Windows + macOS + Linux o Updated Firefox to 140.10.1esr * Android o Updated GeckoView to 140.10.1esr -- ma1

1 0

New Release: Tor Browser 15.0.10 (Android, Windows, macOS, Linux)
by Giorgio Maone 21 Apr '26

21 Apr '26

Hi everyone, Tor Browser 15.0.10 has now been published for all platforms. For details please see our blog post <https://blog.torproject.org/new-release-tor-browser-15010/>. * All Platforms o Updated OpenSSL to 3.5.6 o Bug tor-browser#44749 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44749>: Check search engines parameter replacements o Bug tor-browser#44852 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44852>: Rebase Tor Browser stable onto 140.10.0esr o Bug tor-browser#44859 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44859>: Backport Bugzilla 1666613: Display XML error pages in the browser directionality while force LTRing the XML code itself, without the use of intl.css o Bug tor-browser#44863 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44863>: Backport Security Fixes from Firefox 150 o Bug tor-browser-build#41775 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Update list of Snowflake STUN servers in default bridge line, 2026 edition * Windows + macOS + Linux o Updated Firefox to 140.10.0esr o Bug tor-browser#44288 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44288>: New identity fails to block loading a custom home page * Android o Updated GeckoView to 140.10.0esr * Build System o All Platforms + Bug tor-browser-build#41767 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Add jwilde to allowed signer for browser projects o Windows + Linux + Android + Updated Go to 1.25.9 -- ma1

1 0

New Release: Tor Browser 15.0.9 (Android, Windows, macOS, Linux)
by Pier Angelo Vendrame 07 Apr '26

07 Apr '26

Hi everyone, Tor Browser ${TOR_BROWSER_VERSION} has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1509/ Changelog: > Tor Browser 15.0.9 - April 07 2026 > * All Platforms > * Updated Tor to 0.4.9.6 > * Updated NoScript to 13.6.15.1984 > * Bug 44837: Rebase Tor Browser stable onto 140.9.1esr [tor-browser] > * Windows + macOS + Linux > * Updated Firefox to 140.9.1esr > * Android > * Updated GeckoView to 140.9.1esr > * Build System > * All Platforms > * Bug 41758: Rename `tools/signing/deploy-legacy` to > `tools/signing/redeploy-update_responses-release` [tor-browser-build] > * Windows + macOS > * Bug 41741: Create a 13.5-specific update path [tor-browser-build] Best, Pier Angelo Vendrame

1 0

New Release: Tor Browser 16.0a5 (Android, Windows, macOS, Linux)
by Giorgio Maone 01 Apr '26

01 Apr '26

Hi everyone, Tor Browser 16.0a5 has now been published for all platforms. For details please see our blog post <https://blog.torproject.org/new-alpha-release-tor-browser-160a5/>. * All Platforms o Updated NoScript to 13.6.14.90101984 o Updated Tor to 0.4.9.6 o Bug tor-browser#43858 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43858>: Clean out deprecated or unused methods in TorConnect o Bug tor-browser#44251 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44251>: Drop pt_config.json meek-azure migration logic o Bug tor-browser#44546 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44546>: Rename |appearance-chooser-item| to |setting-chooser-item| after we reach nightly 149 o Bug tor-browser#44621 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44621>: Move about:torconnect back to browser o Bug tor-browser#44702 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44702>: Rebase alpha onto 149.0a1 o Bug tor-browser#44720 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44720>: Migrate New Identity commit to Tor Browser o Bug tor-browser#44753 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44753>: Drop TorProvider.isBootstrapDone o Bug tor-browser#44755 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44755>: Trusted Types (Firefox 148 and above) + Web Workers broken on Safer Level o Bug rebase-149#44757 <https://gitlab.torproject.org/tpo/applications/rebase-149/-/issues/44757>: Update tests for removed Services.search [tor-browser] o Bug tor-browser#44761 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44761>: Safer Level's worker patching filters out Worker constructor options o Bug tor-browser#44763 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44763>: Disable WebGPU until audited o Bug tor-browser#44764 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44764>: Review Mozilla 2012344: Hide main AI settings when the feature is blocked o Bug tor-browser#44765 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44765>: Review Mozilla 1972073: Convert Sidebar to config-based prefs o Bug tor-browser#44767 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44767>: Safer Level's worker patching throws on new about:blank frames with Trusted Types o Bug tor-browser#44772 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44772>: Review Mozilla 1980264: Canvas randomization is too slow o Bug tor-browser#44778 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44778>: Safer Level: xray causes patched TrustedTypePolicy instances to be unusable by content. o Bug tor-browser#44801 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44801>: Redact onion origins from Location.ancestorOrigins. o Bug tor-browser#44814 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44814>: Disable trustpanel until our new designs are ready * Windows + macOS + Linux o Updated Firefox to 149.0a1 o Bug tor-browser#44714 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44714>: The browser opens a new about:blank tab in 148 o Bug tor-browser#44780 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44780>: AIFeature.sys.mjs failures in 149 desktop builds o Bug tor-browser#44781 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44781>: Use a static page title for about:torconnect o Bug tor-browser#44793 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44793>: |privacy.spoof_english| console error in about:preferences o Bug tor-browser#44797 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44797>: Clean up |about:torconnect| styling o Bug tor-browser#44799 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44799>: Onionize toggle in |about:tor| uses blue text color * Android o Updated GeckoView to 149.0a1 o Bug tor-browser#43790 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43790>: Address "Various android workarounds" commit introduced in the 138 rebase o Bug tor-browser#44332 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44332>: Fix android tor logs screen issues presented in 144 rebase o Bug tor-browser#44594 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44594>: DoH is visible on Android o Bug tor-browser#44653 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44653>: Disable "Allow search suggestions in private sessions" prompt presented in RR 148 android o Bug tor-browser#44694 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44694>: Remove new "Tab bar" feature on Android o Bug tor-browser#44698 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44698>: Clean up comments in AccountSettingsFragment.kt. FIXME: Update A-S o Bug tor-browser#44700 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44700>: Untracked change to |HomepageHeader.kt| o Bug tor-browser#44751 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44751>: Noscript (and likely any extension) can be accidently turned off on Android alpha o Bug tor-browser#44752 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44752>: Remove new expanded toolbar option on Android due to fingerprintability o Bug tor-browser#44785 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44785>: Fix SiteSecurityRobot.kt after the 149 rebase o Bug tor-browser#44788 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44788>: Extensions are unreachable via 3 dot menu in alpha (android) o Bug tor-browser#44789 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44789>: Icon of "New Circuit" is not centered but lies in top left corner * Build System o All Platforms + Bug tor-browser#43180 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43180>: Remove translation CI 13.5 legacy extension + Bug tor-browser-build#41758 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Rename |tools/signing/deploy-legacy| to |tools/signing/redeploy-update_responses-release| + Bug tor-browser-build#41766 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Use gzip for all platforms for Go vendoring o Windows + macOS + Bug tor-browser-build#41741 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Create a 13.5-specific update path o macOS + Bug tor-browser-build#41753 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Allow running custom commands when vendoring Go dependencies -- ma1

1 0

[SECURITY RELEASE] Tor stable 0.4.8.23 and 0.4.9.6
by David Goulet 25 Mar '26

25 Mar '26

Greetings, We just released today 0.4.8.23 and 0.4.9.6. Here is the announcement: https://forum.torproject.org/t/security-release-0-4-8-23-and-0-4-9-6/21386 Please upgrade as soon as possible if you are running a relay. Change log: Changes in version 0.4.8.23 - 2026-03-25 This is a security release fixing major bugfixes that could possibly lead to remote crashing relays. We strongly recommend upgrading as soon as possible. o Major bugfix (security, conflux): - Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem. TROVE-2026-004. Fixes bug 41232; bugfix on 0.4.8.1-alpha. o Minor bugfixes (security): - Fix a series of defense in depth security issues found across the codebase. Fixes bug 41228; bugfix on 0.3.5.1-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on March 25, 2026. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2026/03/25. Changes in version 0.4.9.6 - 2026-03-25 This is a security release fixing major bugfixes that could possibly lead to remote crashing relays. We strongly recommend upgrading as soon as possible. o Major bugfix (security): - Fix a stack overflow of 11 bytes on malicious CREATED2. This lead to a remote crash. TROVE-2026-003. Reported-by: Anas Cherni of Calif.io. Fixes bug 41231; bugfix on 0.4.9.1-alpha. o Major bugfix (security, conflux): - Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem. TROVE-2026-004. Fixes bug 41232; bugfix on 0.4.8.1-alpha. o Minor bugfixes (security): - Fix a series of defense in depth security issues found across the codebase. Fixes bug 41228; bugfix on 0.3.5.1-alpha. o Minor bugfixes (portability): - (Hopefully) fix our polyval implementation on big-endian platforms. Fixes bug 41215; bugfix on 0.4.9.3-alpha. o Minor features (fallbackdir): - Regenerate fallback directories generated on March 25, 2026. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2026/03/25. Cheers! David -- 7Cse8G921+pZrNTPQ6t2z5h5ZO83kH17z68vTK0aSQM=

1 0

New Release: Tor Browser 15.0.8 (Android, Windows, macOS, Linux)
by Giorgio Maone 24 Mar '26

24 Mar '26

Hi everyone, Tor Browser 15.0.8 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1508 Changelog: # All Platforms * Updated NoScript to 13.6.12.1984 * Bug tor-browser#44663 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44663>: NoScript behavior on “Safer” security level prevents integrity checks for dynamically loaded javascript * Bug tor-browser#44680 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44680>: Properly handle subdocuments created by data: URLs * Bug tor-browser#44761 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44761>: Safer Level's worker patching filters out Worker constructor options * Bug tor-browser#44771 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44771>: Rebase Tor Browser stable onto 140.9.0esr * Bug tor-browser#44784 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44784>: Backport Security Fixes from Firefox 149 * Bug tor-browser-build#41738 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Allow to specify an unsupportedURL on update responses # Windows + macOS + Linux * Updated Firefox to 140.9.0esr * Bug tor-browser#44327 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44327>: ERROR: Your Tor Browser profile cannot be loaded. It may be missing or inaccessible * Bug tor-browser#44386 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44386>: Firefox profiles no longer work in Tor Browser 15.0 # Linux * Bug tor-browser#44657 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44657>: Backport tor-browser#44394: Do not read default prefs from /etc/firefox # Android * Updated GeckoView to 140.9.0esr # Build System * Windows + Linux + Android o Updated Go to 1.25.8 o Bug tor-browser#44249 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44249>: Backport tor-browser-build#41580: Update Go major to 1.25.x -- ma1

1 0

New Release: Tor Browser 16.0a4 (Android, Windows, macOS, Linux)
by Giorgio Maone 11 Mar '26

11 Mar '26

Hi everyone, Tor Browser 16.0a4 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-160a4/ <https://blog.torproject.org/new-alpha-release-tor-browser-160a4/> Changelog: # All Platforms * Updated NoScript to 13.6.6.90401984 * Updated zlib to 1.3.2 * Bug tor-browser#44663 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44663>: NoScript behavior on “Safer” security level prevents integrity checks for dynamically loaded javascript * Bug tor-browser#44675 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44675>: Restore "BB 43850: Modify the Contrast Control settings for RFP" dropped during the 148.0a1 rebase * Bug tor-browser#44679 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44679>: Review Mozilla 2006066: Credit cards autofill settings are not visible * Bug tor-browser#44680 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44680>: Properly handle subdocuments created by data: URLs * Bug tor-browser#44687 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44687>: Security level requires a restart in a new profile after 148 update * Bug tor-browser#44689 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44689>: Forwardport tor-browser#44668 from legacy to alpha: Set detailsURL in update XML to be useful for 13.5 users * Bug tor-browser#44701 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44701>: Unexpected change to |netwerk/url-classifier/components.conf| * Bug tor-browser#44706 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44706>: creating a new profiles causes crash ENOTTY * Bug tor-browser-build#41738 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Allow to specify an unsupportedURL on update responses # Windows + macOS + Linux * Updated Firefox to 148.0a1 * Bug tor-browser#42664 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42664>: Use mozilla token sizes in CSS * Bug tor-browser#44634 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44634>: Review Mozilla 2006250: add ai window about:preferences section within ai features * Bug tor-browser#44682 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44682>: Wrong pid in the exit log * Bug tor-browser#44709 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44709>: Hide the AI settings panel * Bug tor-browser#44710 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44710>: Hide about:preferences#translations * Bug tor-browser#44713 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44713>: The about dialog is missing some padding in 148.0a1 * Bug tor-browser#44717 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44717>: Search suggestion settings are visible in 148 # Windows + Linux * Bug tor-browser-build#40892 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Move torrc-defaults, geoip and geoip6 on Windows and Linux # Windows * Bug tor-browser#44461 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44461>: Window controls are missing on Windows * Bug tor-browser#44633 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44633>: Move D3D11 function from local webrtc changes to tbb webrtc patches # Linux * Bug tor-browser#44394 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44394>: Do not read default prefs from /etc/firefox # Android * Updated GeckoView to 148.0a1 * Bug tor-browser#43349 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43349>: Add user feedback for when Tor connects (Android) * Bug tor-browser#43909 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43909>: Review Mozilla: TBD: new Android tab-strip feature * Bug tor-browser#44226 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44226>: Disable all link sharing functionality * Bug tor-browser#44274 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44274>: Review Mozilla 1986534: Disable screenshots in PBM * Bug tor-browser#44469 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44469>: Fix branding on Android RR * Bug tor-browser#44506 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44506>: Remove more sync from 147 * Bug tor-browser#44582 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44582>: Fix or remove new settings search functionality on Android * Bug tor-browser#44661 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44661>: Restore or fix new rebase-148 uses of moz assets instead of TB ones * Bug tor-browser#44718 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44718>: Fix splash screen branding and other issues in RR * Bug tor-browser#44721 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44721>: Android build failure in nightlyOssLicensesTask: missing dependencies.json file # Build System * All Platforms o Bug tor-browser-build#41690 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Merge list_toolchain_updates-firefox-* commands into one o Bug tor-browser-build#41725 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Update toolchains for Firefox 148 o Bug tor-browser-build#41726 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Check in list_toolchain_updates that the sha512sum we have for the macOS SDK is the same as Mozilla o Bug tor-browser-build#41727 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Split the list_toolchain_updates_checks script in two o Bug tor-browser-build#41728 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Update projects/application-services/list_toolchain_updates_checks to check nss sha256sum * Windows + macOS + Linux o Bug tor-browser#44406 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44406>: Fix CSS linting issues introduced by 146 * Windows + Linux + Android o Updated Go to 1.25.8 * Android o Bug tor-browser-build#41736 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Add generate_gradle_dependencies_list-$project makefile targets o Bug tor-browser-build#41737 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Remove comment from gen-gradle-deps-file.py saying var/gradle_dependencies_version should be updated o Bug tor-browser-build#41743 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Make an error if gradle-dependencies-list is missing in the input files o Bug tor-browser-build#41744 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Reduce duplication between projects/geckoview/build and projects/geckoview/build_apk o Bug tor-browser-build#41745 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Add .sh file extension to included build_* scripts in projects/geckoview o Bug tor-browser-build#41751 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Fix the NDK path -- ma1

1 0

New Release (EOL): Tor Browser 13.5.29 (ONLY Windows Windows 7/8/8.1, macOS 10.12-10.14)
by Giorgio Maone 25 Feb '26

25 Feb '26

Hi everyone, Tor Browser 13.5.29, end of life for the 13.5.x legacy series, has now been published for legacy Windows and macOS platforms ONLY. For details please see our blog post https://blog.torproject.org/new-release-tor-browser-13529/ Changelog: Tor Browser 13.5.29 - February 24 2026 * All Platforms * Updated Firefox to 115.33.0esr * Updated NoScript to 13.5.14.1984 * Updated zlib to 1.3.2 * Bug 43168: Review ESR 115 expiry date for legacy OS message [tor-browser] * Bug 44667: 13.5 EOL support link is 404 [tor-browser] * Bug 44668: Set detailsURL in update XML to be useful for 13.5 users [tor-browser] * Bug 44681: Backport Security Fixes from Firefox 148 [tor-browser] -- ma1

1 0

New Release: Tor Browser 15.0.7 (Android, Windows, macOS, Linux)
by Giorgio Maone 24 Feb '26

24 Feb '26

Hi everyone, Tor Browser 15.0.7 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1507 Changelog: Tor Browser 15.0.7 - February 24 2026 * All Platforms * Updated NoScript to 13.5.14.1984 * Updated zlib to 1.3.2 * Bug 44656: Rebase Tor Browser release onto 140.8.0esr [tor-browser] * Bug 44681: Backport Security Fixes from Firefox 148 [tor-browser] * Windows + macOS + Linux * Updated Firefox to 140.8.0esr * Android * Updated GeckoView to 140.8.0esr * Bug 44620: Move the Android IPC directory [tor-browser] -- ma1

1 0

New Release: Tor Browser 16.0a3 (Android, Windows, macOS, Linux)
by Giorgio Maone 17 Feb '26

17 Feb '26

Hi everyone, Tor Browser 16.0a3 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-160a3/ Changelog: Tor Browser 16.0a3 - February 17 2026 # All Platforms * Updated Tor to 0.4.9.5 * Updated NoScript to 13.5.12.90301984 * Bug tor-browser#44562 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44562>: Set the new online Suggest prefs to false * Bug tor-browser#44571 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44571>: Disable restrict_to_adults for potential fingerprintability * Bug tor-browser#44619 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44619>: Add custom logs to Tor logs * Bug tor-browser#44625 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44625>: metamask.io won't load on Safer security level * Bug tor-browser#44626 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44626>: Propagate WASM blocking to workers * Bug tor-browser#44647 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44647>: Clean up patch for |SearchEngineSelector.sys.mjs|. * Bug tor-browser#44652 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44652>: Backport fix for Firefox Bug 2014390 * Bug tor-browser-build#41713 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Try to find a component for bugs found with commits in triage spreadsheets # Windows + macOS + Linux * Bug tor-browser#43560 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43560>: Add "UTC" to the end of the timestamp on tor logs (Desktop) * Bug tor-browser#44459 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44459>: Letterboxing content alignment setting is missing styling * Bug tor-browser#44520 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44520>: Make sure "Firefox labs" is hidden by default # Windows * Bug tor-browser#44623 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44623>: 16.0a2: about:preferences#privacy is empty # Linux * Bug tor-browser#44050 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44050>: Consider changing the domain in DBus interfaces # Android * Bug tor-browser#43403 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/43403>: Add "UTC" to the end of the timestamp on tor logs (Android) * Bug tor-browser#44057 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44057>: Drop about:torconnect from android * Bug tor-browser#44620 <https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/44620>: Move the Android IPC directory * Bug tor-browser-build#28595 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/2…>: Remove the need to update var/gradle_dependencies_version # Build System * All Platforms o Bug tor-browser-build#40338 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Running |make release| multiple times fails o Bug tor-browser-build#41660 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Add a Firefox target to build unpatched Firefox in tor-browser-build o Bug tor-browser-build#41693 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Drop base-browser targets o Bug tor-browser-build#41720 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: cp -l in release/build fails when crossing file systems o Bug rbm#40093 <https://gitlab.torproject.org/tpo/applications/rbm/-/issues/40093>: Make it easy to get the sha256sum of an input_files file o Bug rbm#40103 <https://gitlab.torproject.org/tpo/applications/rbm/-/issues/40103>: Allow having multiple tmp_dir values * Windows + Linux + Android o Updated Go to 1.25.7 * Android o Bug tor-browser-build#41719 <https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/issues/4…>: Enable network when var/generate_gradle_dependencies_list is set in geckoview -- ma1

1 0