tor-announce

tor-announce@lists.torproject.org

264 discussions

[tor-project] Reminder: mailman 3 upgrade imminent (TPA-RFC-71)
by Antoine Beaupré 29 Oct '24

29 Oct '24

Hi, As mentioned in early October, we're in the process of upgrading our main mail server, which includes upgrading to the shiny new Mailman 3 platform. We have, right now, a prototype mailman 3 server available at: https://lists-01.torproject.org/ It's hidden behind the usual "trivial" authentication (ask us on IRC if you don't remember what it is), but should otherwise work normally. I'm going to start by migrating the TPA mailing list and we'll be testing this for a couple of days, but, next week, I'll start migrating the other mailing lists (including this one!). If people want to jump in front of that train early and be part of the beta testers, then by all means I'm happy to have your mailing list be part of the early adopters. Be warned that Mailman 3 is a significant upgrade from Mailman 2. There are some great things (like unified authentication), and some less great things (like a more complex design and "shinier" web interface that might not be everyone's taste). As a reminder, we're doing this upgrade a little rushed because the main mail server is now unsupported for security upgrades. See the details of the proposal here: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-71-emerge… ... with the milestone tracking actual work issues in: https://gitlab.torproject.org/groups/tpo/tpa/-/milestones/16 (Sorry for cross-posting this, but this seems like it warrants wider distribution. As a rule of thumb, I selected mailing lists with public archives that had posts in October 2024, removing duplicates like anti-censorship-team and -alerts. I also suspect many of those mailing lists will refuse my message because I'm not subscribed, but I will have tried. :)) Phew! a. -- Antoine Beaupré torproject.org system administration _______________________________________________ tor-project mailing list tor-project(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project

1 0

New Release: Tor Browser 14.0.1 (Android, Windows, macOS, Linux)
by Morgan 29 Oct '24

29 Oct '24

Hi everyone, Tor Browser 14.0.1 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1401/ Changelog: > Tor Browser 14.0.1 - October 29 2024 > * All Platforms > * Updated Tor to 0.4.8.13 > * Bug 43231: Rebase Tor Browser 128-based stable and alpha onto 128.4.0esr [tor-browser] > * Bug 43240: Backport security fixes from Firefox 132 [tor-browser] > * Windows + macOS + Linux > * Updated Firefox to 128.4.0esr > * Android > * Updated GeckoView to 128.4.0esr > * Build System > * All Platforms > * Bug 41289: Fix single-browser in relprep.py [tor-browser-build] > * Linux > * Bug 41282: Add SSL to our custom Python for MozBug 1924022 [tor-browser-build] best, -morgan

1 0

New Release: Tor Browser 13.5.9 (Windows, macOS)
by Morgan 29 Oct '24

29 Oct '24

Hi everyone, Tor Browser 13.5.9 has now been published for legacy Windows and macOS platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1359/ Changelog: > Tor Browser 13.5.9 - October 28 2024 > * Windows + macOS + Linux > * Updated Tor to 0.4.8.13 > * Bug 43240: Backport security fixes from Firefox 132 [tor-browser] > * Bug 41273: relprep.py: bump Firefox and GV to a (yet) non-existing tag when the last one does not match HEAD [tor-browser-build] > * Updated Firefox to 115.17.0esr > * Bug 42280: Weird connection attempt to multicast IPv6 ff00:::443 on "New identity" [tor-browser] > * Bug 43104: Local files and extensions can't be loaded in new windows before bootstrap [tor-browser] > * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] > * Bug 43174: Issue with custom home page on local filesystem [tor-browser] > * Bug 43207: Backport Mozbug 1886222 [tor-browser] > * Windows + macOS > * Bug 41252: Disable updating update_responses in 13.5-legacy branch [tor-browser-build] > * Windows > * Bug 43206: Hide Snowflake UX in legacy Tor Browser on Windows [tor-browser] > * Android > * Updated GeckoView to 115.17.0esr > * Build System > * All Platforms > * Bug 41278: Hide legacy 13.5 Tor Browser blog posts after 13.5.7 [tor-browser-build] > * Windows + macOS > * Bug 41269: Simplify projects/go/config and friends once maint-13.5 is legacy Windows and macOS only [tor-browser-build] best, -morgan

1 0

[RELEASE] Tor stable 0.4.8.13
by David Goulet 24 Oct '24

24 Oct '24

Greetings, We just released tor 0.4.8.13: https://forum.torproject.org/t/new-tor-stable-release-0-4-8-13/15397 We strongly recommend to update due to a major bugfix in this release. Here is the ChangeLog: Changes in version 0.4.8.13 - 2024-10-24 This is minor release fixing an important client circuit building (Conflux related) bug which lead to performance degradation and extra load on the network. Some minor memory leaks fixes as well as an important minor feature for pluggable transports. We strongly recommend to update as soon as possible for clients in order to neutralize this conflux bug. o Major bugfixes (circuit building): - Conflux circuit building was ignoring the "predicted ports" feature, which aims to make Tor stop building circuits if there have been no user requests lately. This bug led to every idle Tor on the network building and discarding circuits every 30 seconds, which added overall load to the network, used bandwidth and battery from clients that weren't actively using their Tor, and kept sockets open on guards which added connection padding essentially forever. Fixes bug 40981; bugfix on 0.4.8.1-alpha; o Minor feature (bridges, pluggable transport): - Add STATUS TYPE=version handler for Pluggable Transport. This allows us to gather version statistics on Pluggable Transport usage from bridge servers on our metrics portal. Closes ticket 11101. o Minor features (fallbackdir): - Regenerate fallback directories generated on October 24, 2024. o Minor features (geoip data): - Update the geoip files to match the IPFire Location Database, as retrieved on 2024/10/24. o Minor bugfixes (memleak, authority): - Fix a small memleak when computing a new consensus. This only affects directory authorities. Fixes bug 40966; bugfix on 0.3.5.1-alpha. o Minor bugfixes (memory): - Fix memory leaks of the CPU worker code during shutdown. Fixes bug 833; bugfix on 0.3.5.1-alpha. Cheers! David -- L+wOtrRlwXJVm4cv4kLjRYuXCp0FLSHoPmm2nZt2fxg=

1 0

New Release: Tor Browser 14.0 (Android, Windows, macOS, Linux)
by Morgan 22 Oct '24

22 Oct '24

Hi everyone, Tor Browser 14.0 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-140/ Changelog: > Tor Browser 14.0 - October 17 2024 > * All Platforms > * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] > * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser] > * Bug 41328: Follow firefox ESMify for Bug 1308512 [tor-browser] > * Bug 42054: ESR128: investigate - thorin's list [tor-browser] > * Bug 42220: Flip all the possible preferences to prevent any automatic download [tor-browser] > * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser] > * Bug 42356: Review 000-tor-browser.js and 001-base-profile.js for 128 [tor-browser] > * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser] > * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser] > * Bug 42646: Drop patch for tor-browser#40166 [tor-browser] > * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser] > * Bug 42684: Disable network prefetch [tor-browser] > * Bug 42685: compat: ESR128: enable textmetrics [tor-browser] > * Bug 42716: Disable unwanted about:* pages [tor-browser] > * Bug 42730: Make RemoteSettings use only local dumps [tor-browser] > * Bug 42746: Extend prefers-contrast rules to include forced-colors [tor-browser] > * Bug 42759: CI: remove localization file names that are in neither 14.0 nor 13.5 branches [tor-browser] > * Bug 42814: Opt out from Firefox relay by default. [tor-browser] > * Bug 42830: Enable WebAudio APIs [tor-browser] > * Bug 42831: Remove the shopping components [tor-browser] > * Bug 42867: Disable contentRelevancy component [tor-browser] > * Bug 43011: Ship only one copy of the MIT license, like upstream. [tor-browser] > * Bug 43012: Mixed content: browser requests HTTPS images from onion domain accessed via HTTP [tor-browser] > * Bug 43013: security.mixed_content.upgrade_display_content.image is true by default [tor-browser] > * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser] > * Bug 43074: Pass the browser to TorDomainIsolator.newCircuitForBrowser [tor-browser] > * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser] > * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] > * Bug 43170: Disable user-agent spoofing in HTTP header [tor-browser] > * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] > * Bug 43184: Backport Bugzilla 1922294: RFP: fixup square spoofed orientation [tor-browser] > * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] > * Windows + macOS + Linux > * Updated Firefox to 128.3.0esr > * Updated NoScript to 11.4.42 > * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser] > * Bug 41309: Re-enable screenshots component [tor-browser] > * Bug 41811: Primary buttons that result in a connection attempt should be purple [tor-browser] > * Bug 41817: Add more color aliases that take dark mode into account [tor-browser] > * Bug 41820: Downloads warning styling improvements (use moz-message-bar) [tor-browser] > * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] > * Bug 42212: Fluent migration: onion services [tor-browser] > * Bug 42362: "New window" missing from File menu [tor-browser] > * Bug 42441: Evaluate RR version-by-RR version rebases instead of ESR-to-ESR [tor-browser] > * Bug 42488: ESR 128: Remove role="code" from tor circuit panel [tor-browser] > * Bug 42603: Remove safebrowsing URLs [tor-browser] > * Bug 42612: Re-implement moz-toggle customizations for ESR 128 [tor-browser] > * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser] > * Bug 42629: Tweak `isOnNewTabPage` patch [tor-browser] > * Bug 42630: Review LaterRun in 128 [tor-browser] > * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser] > * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser] > * Bug 42643: downloads panel separator has mismatched margin [tor-browser] > * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser] > * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser] > * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser] > * Bug 42662: Use data-hidden-from-search for hiding the firefox connection settings [tor-browser] > * Bug 42663: Tor Browser "Connection" settings missing a tooltip [tor-browser] > * Bug 42665: Drop "Learn More" spacing [tor-browser] > * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser] > * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser] > * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser] > * Bug 42695: Use `--arrowpanel-` variables for tor circuit panel spacing [tor-browser] > * Bug 42698: Bridge card background contrast is low for bridge-moji [tor-browser] > * Bug 42699: Drop level="top" attribute from panels [tor-browser] > * Bug 42700: Remove !nodes condition from gTorCircuitPanel._updateCurrentBrowser [tor-browser] > * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser] > * Bug 42705: Update our preferences to account for new line height [tor-browser] > * Bug 42713: Some --in-content CSS variables were renamed/removed [tor-browser] > * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser] > * Bug 42735: Disable recent search suggestions [tor-browser] > * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser] > * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] > * Bug 42743: Invalid onion sites are shown as secure in the page info window [tor-browser] > * Bug 42744: Light theme override for "about:tor" is inherited by chrome error pages. [tor-browser] > * Bug 42745: Remove some residuals from update scripts [tor-browser] > * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser] > * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser] > * Bug 42803: Lost focus styling for built-in bridges radio options [tor-browser] > * Bug 42806: Use the `lh` CSS unit [tor-browser] > * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser] > * Bug 43015: Missing region-name-skr fluent entry when fetching TorConnect country names [tor-browser] > * Bug 43067: Use html:link rather than xml-stylesheet in our dialogs [tor-browser] > * Bug 43071: Make sure "tor-button" elements that are also "primary" still use the tor colors [tor-browser] > * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser] > * Bug 43075: Should we drop link spacing in about:tor [tor-browser] > * Bug 43081: Remove hard-coded CSS `line-height` [tor-browser] > * Bug 43082: Search engine icon is not shown while typing in the address bar [tor-browser] > * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser] > * Bug 43087: Onion pattern on about:torconnect needs a dark theme asset [tor-browser] > * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser] > * Bug 43104: Local files and extensions can't be loaded in new windows before bootstrap [tor-browser] > * Bug 43105: Migrating Disconnect is not needed anymore [tor-browser] > * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser] > * Bug 43115: Height of search bar has collapsed on about:tor [tor-browser] > * Bug 43117: Hide 'Always underline links' option [tor-browser] > * Bug 43118: hide CFR [tor-browser] > * Bug 43131: Reduce layout jank when loading about:tor [tor-browser] > * Bug 43134: Backport Bugzilla 1436226 Hardcode VP8/VP9 [tor-browser] > * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] > * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] > * Bug 43174: Issue with custom home page on local filesystem [tor-browser] > * Bug 43209: UI freezes when clipboard is empty after screen lock [tor-browser] > * Bug 43217: Fullscreen videos have rounded letterboxing corners [tor-browser] > * Bug 43218: Switch to browser.reload, since Browser:Reload signal was dropped upstream [tor-browser] > * Bug 41248: Check and update bundled font versions [tor-browser-build] > * Windows + macOS > * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser] > * macOS + Linux > * Bug 42467: Make OS HTTP User-Agent OS spoofing configurable by pref [tor-browser] > * Windows > * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser] > * macOS > * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser] > * Linux > * Bug 42702: Cannot access the clipboard for the crypto address check (wayland) [tor-browser] > * Bug 42773: Replace ~ with the original HOME [tor-browser] > * Bug 43092: Disable Wayland by default in 14.0 [tor-browser] > * Bug 43101: Security features warning links to Firefox installation support page with incomplete info [tor-browser] > * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser] > * Bug 43196: Remove the vendor name from the "is playing media" notification on Linux [tor-browser] > * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build] > * Android > * Updated GeckoView to 128.3.0esr > * Bug 41550: Remove unused extensions from Tor Browser for Android [tor-browser] > * Bug 42386: Remove unused assets to reduce APK size [tor-browser] > * Bug 42590: “Tor browser” text in top left of home fragment/new tab view gets cut off with larger text sizes [tor-browser] > * Bug 42655: Implement "New circuit for this site" on Android [tor-browser] > * Bug 42660: Review the patch on Android's ProxySelector [tor-browser] > * Bug 42731: Verify `privacy.spoof_english` still works once we have Android builds [tor-browser] > * Bug 42954: Remove product recommendation API integration (Review Mozilla 1857215) [tor-browser] > * Bug 43006: Disable RFP for Font Visibility on Android [tor-browser] > * Bug 43016: Re-disable Nimbus [tor-browser] > * Bug 43043: Remove credit card autofill UI elements from menu [tor-browser] > * Bug 43048: Firefox logo on splash [tor-browser] > * Bug 43050: Center text in connect buttons [tor-browser] > * Bug 43052: Remove non private tabs icon and "other device tabs" from tab view [tor-browser] > * Bug 43057: fenix/.../search/list.json failing linting [tor-browser] > * Bug 43078: Disable Sharing Links to TBA [tor-browser] > * Bug 43088: Query stripping is disabled on Android [tor-browser] > * Bug 43094: Remove "Open in regular tab" button [tor-browser] > * Bug 43097: NoScript fails to install on Android [tor-browser] > * Bug 43102: Android notifications tell to make Firefox your default browser [tor-browser] > * Bug 43108: Backport Android fullscreen notifications refactoring on ESR128 [tor-browser] > * Bug 43114: Reader view uses the catch-all circuit on Android [tor-browser] > * Bug 43116: The lack of GeoIP databases produces a lot of spam in the console on Android [tor-browser] > * Bug 43128: Use DuckDuckGo HTML on the Safest security level for Android [tor-browser] > * Bug 43129: about:neterror cannot display SVG on Android with Security Level Safest [tor-browser] > * Bug 43132: Enable extensions installation on Tor Browser 14 for Android. [tor-browser] > * Bug 43146: Update the icon of DuckDuckGo onion search engine on Android [tor-browser] > * Bug 43147: Remove unused search plugins from the apk files [tor-browser] > * Bug 43151: MOZ_DATA_REPORTING, MOZ_TELEMETRY_REPORTING, MOZ_CRASHREPORTER, and MOZ_BACKGROUNDTASKS enabled on Android [tor-browser] > * Bug 43172: remove remote settings and SERPTelemetry [tor-browser] > * Bug 43202: Extensions page unnecessarily fetches recommended addons on Android [tor-browser] > * Bug 43223: Hide option to open bookmarks in non-private tabs on Android [tor-browser] > * Bug 43225: Hide non-private tab settings and history search on Android [tor-browser] > * Bug 43227: Hide the Firefox Suggest label above search suggestions on Android [tor-browser] > * Bug 43228: Fix the "What's new" URL and text on Android [tor-browser] > * Bug 41223: Tor Browser Alpha version not displayed correctly [tor-browser-build] > * Build System > * All Platforms > * Updated Go to 1.22.8 > * Bug 42722: clang-format and localization linters are not running [tor-browser] > * Bug 42799: Do not run lint pipelines on new tag [tor-browser] > * Bug 43014: Add purgecaches to the dev build [tor-browser] > * Bug 43156: Update translation CI to account for the extended 13.5 release [tor-browser] > * Bug 43157: Move tb-dev to base-browser [tor-browser] > * Bug 43181: Run translation CI if there is a change in a string.xml file [tor-browser] > * Bug 41013: Add a README to each project [tor-browser-build] > * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build] > * Bug 41155: Update toolchains for ESR128 [tor-browser-build] > * Bug 41156: Split the Rust configuration options [tor-browser-build] > * Bug 41180: Some files do not need to be copied when building tor-expert-bundle [tor-browser-build] > * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build] > * Bug 41189: Add matzfan to list of downstream projects in alpha release-prep template [tor-browser-build] > * Bug 41195: Update Go to 1.22 [tor-browser-build] > * Bug 41198: Update release-prep issue template to include notifiying anti-censorship team of package name changes for GetTor distributor [tor-browser-build] > * Bug 41203: Tor Blog generation script uses the wrong url scheme for alpha releases [tor-browser-build] > * Bug 41236: Remove binutils when not needed [tor-browser-build] > * Bug 41273: relprep.py: bump Firefox and GV to a (yet) non-existing tag when the last one does not match HEAD [tor-browser-build] > * Bug 41274: Improve fetch_changelogs.py for major releases [tor-browser-build] > * Bug 40078: Update tools/tb-build-06-start-nightly-build after tor-browser-build#40829 [tor-browser-bundle-testsuite] > * Windows + macOS + Linux > * Bug 42668: Drop torconnect rule in eslint-plugin-mozilla [tor-browser] > * Bug 41247: Adapt tools/update-responses/update_responses to support multiple versions in the same xml files [tor-browser-build] > * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] > * Bug 41259: Don't try to generate incrementals for versions which don't set incremental_from [tor-browser-build] > * Bug 41270: Add updater rewriterules to make 13.5.7 a watershed [tor-browser-build] > * Windows + macOS > * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build] > * Windows > * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build] > * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build] > * Bug 41185: Drop Windows 7 support for 14.0 from build tools [tor-browser-build] > * Bug 41201: Bump the Windows version checked by the installer [tor-browser-build] > * macOS > * Bug 41267: Go dropping support for macOS <= 11.0 in Go 1.23 [tor-browser-build] > * Android > * Bug 42480: Use translation CI in android [tor-browser] > * Bug 40544: Bump Java 8 version to something more recent [tor-browser-build] > * Bug 41106: Non matching builds after application-services not being rebuilt in a long time [tor-browser-build] > * Bug 41123: Drop the firefox-android project [tor-browser-build] > * Bug 41171: Switch Android containers to Debian bookworm [tor-browser-build] > * Bug 41172: Refactor the android-toolchain project [tor-browser-build] > * Bug 41178: Force IPv4 when downloading in fix_gradle_deps.py [tor-browser-build] > * Bug 41200: Remove allowed_addons.json and the related tools [tor-browser-build] > * Bug 41210: Use tor-expert-bundle-aar in geckoview/build_apk [tor-browser-build] > * Bug 41211: The Android license file is not deterministic anymore [tor-browser-build] > * Bug 41214: Update geckoview/config to be more like firefox/config [tor-browser-build] > * Bug 41217: Update realprep.py script to handle Firefox 128-based Tor Browser Android [tor-browser-build] > * Bug 41224: Do not ship Conjure and GeoIP databases on Android x86, x86-64 to save some space [tor-browser-build] > * Bug 41232: Re-implement single-arch builds after the monorepo migration [tor-browser-build] > * Bug 41234: More dependencies are needed when building Android as a release [tor-browser-build] > * Bug 41261: Use an uncompressed NoScript xpi file to improve apk compression [tor-browser-build] best, -morgan

1 0

New Release: Tor Browser 13.5.8 (Android only)
by Morgan 14 Oct '24

14 Oct '24

Hi everyone, Tor Browser 13.5.8 has now been published for Android. This is an unscheduled release which includes the Android-specific security backports missed in 13.5.7. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1358/ Changelog: > Tor Browser 13.5.8 - October 14 2024 > * Android > * Updated NoScript to 11.4.42 > * Bug 43099: YEC 2024 Takeover for Android Stable [tor-browser] > * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] best, -morgan

1 0

New Release: Tor Browser 14.0a9 (Android, Windows, macOS, Linux)
by Morgan 10 Oct '24

10 Oct '24

Hi everyone, Tor Browser 14.0a9 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-140a9/ Changelog: > Tor Browser 14.0a9 - October 08 2024 > * All Platforms > * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] > * Bug 43201: Security fixes from Firefox 131.0.2 [tor-browser] > * Android > * Bug 43132: Enable extensions installation on Tor Browser 14 for Android. [tor-browser] best, -morgan

1 0

New Release: Tor Browser 13.5.7 (Android, Windows, macOS, Linux)
by Nicolas Vigier 09 Oct '24

09 Oct '24

Hi everyone, Tor Browser 13.5.7 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1357/ Changelog: * All Platforms * Bug 43201: Security fixes from Firefox 131.0.2 [tor-browser] * Bug 361: SSL_ERROR_NO_CYPHER_OVERLAP on some Brazilian government websites [mullvad-browser] * Build System * Windows + macOS + Linux * Bug 41254: Drop cryptoSafetyPrompt.properties line [tor-browser-build]

1 0

New Release: Tor Browser 14.0a8 (Android, Windows, macOS, Linux)
by Morgan 08 Oct '24

08 Oct '24

Hi everyone, Tor Browser 14.0a8 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-alpha-release-tor-browser-140a8/ Changelog: > Tor Browser 14.0a8 - October 07 2024 > * All Platforms > * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] > * Bug 42054: ESR128: investigate - thorin's list [tor-browser] > * Bug 42716: Disable unwanted about:* pages [tor-browser] > * Bug 43170: Disable user-agent spoofing in HTTP header [tor-browser] > * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] > * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] > * Windows + macOS + Linux > * Updated Firefox to 128.3.0esr > * Bug 43098: YEC 2024 Takeover for Desktop Stable [tor-browser] > * Bug 43149: Update donate URL in YEC 2024 desktop [tor-browser] > * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] > * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] > * Android > * Updated GeckoView to 128.3.0esr > * Bug 42660: Review the patch on Android's ProxySelector [tor-browser] > * Bug 43102: Android notifications tell to make Firefox your default browser > * Bug 43151: MOZ_DATA_REPORTING, MOZ_TELEMETRY_REPORTING, MOZ_CRASHREPORTER, and MOZ_BACKGROUNDTASKS enabled on Android [tor-browser] > * Build System > * All Platforms > * Updated Go to 1.23.2 > * Bug 43156: Update translation CI to account for the extended 13.5 release [tor-browser] > * Bug 43157: Move tb-dev to base-browser [tor-browser] > * Bug 43181: Run translation CI if there is a change in a string.xml file [tor-browser] > * Windows + macOS + Linux > * Bug 41247: Adapt tools/update-responses/update_responses to support multiple versions in the same xml files [tor-browser-build] > * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] > * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] best, -morgan

1 0

New Release: Tor Browser 13.5.6 (Android, Windows, macOS, Linux)
by Morgan 01 Oct '24

01 Oct '24

Hi everyone, Tor Browser 13.5.6 has now been published for all platforms. For details please see our blog post: - https://blog.torproject.org/new-release-tor-browser-1356/ Changelog: > Tor Browser 13.5.6 - September 30 2024 > * All Platforms > * Updated NoScript to 11.4.40 > * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] > * Bug 43167: Rebase Tor Browser Stable onto 115.16.0esr [tor-browser] > * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] > * Windows + macOS + Linux > * Updated Firefox to 115.16.0esr > * Bug 42737: Drop the hash check on updates [tor-browser] > * Bug 43098: YEC 2024 Takeover for Desktop Stable [tor-browser] > * Windows + macOS > * Bug 42747: Windows 7/8 and macOS 10.12-10.14 Legacy/Maintenance [tor-browser] > * Android > * Updated GeckoView to 115.16.0esr > * Bug 43099: YEC 2024 Takeover for Android Stable [tor-browser] best, -morgan

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-announce