Hi,
Tor Browser 5.5a4 is ready for testing. Binaries can be found on
https://people.torproject.org/~gk/builds/5.5a4-build2/
It features an updated Firefox (38.4.0esr) and Tor 0.2.7.4-rc + a number of other improvements. Most notably, we included Yan Zhu's fix for not leaking the Referer header when leaving a .onion domain and finally sorted out the HTTPS-Everywhere build problems allowing us to ship its latest version in our bundles again. We fixed usability issues coming with our font fingerprinting patches and included a new defense against figerprinting users via available MIME types and plugins. Finally, besides additional minor bug fixes and clean-ups, we included an updated NoScript version.
The full changelog for build2[1] is:
Tor Browser 5.5a4 -- November 3 2015 * All Platforms * Update Firefox to 38.4.0esr * Update Tor to 0.2.7.4-rc * Update NoScript to 2.6.9.39 * Update HTTPS-Everywhere to 5.1.1 * Update Torbutton to 1.9.4.1 * Bug 9263: Spoof Referer when leaving a .onion domain * Bug 16620: Remove old window.name handling code * Bug 17164: Don't show text-select cursor on circuit display * Bug 17351: Remove unused code * Translation updates * Bug 17207: Hide MIME types and plugins from websites * Bug 16909+17383: Adapt to HTTPS-Everywhere build changes * Bug 16620: Move window.name handling into a Firefox patch * Bug 17220: Support math symbols in font whitelist * Bug 10599+17305: Include updater and build patches needed for hardened builds * Bug 17318: Remove dead ScrambleSuit bridge * Bug 17428: Remove default Flashproxy bridges * Windows * Bug 17250: Add localized font names to font whitelist * OS X * Bug 17122: Rename Japanese OS X bundle * Linux * Bug 17329: Ensure that non-ASCII characters can be typed (fixup of #5926)
Georg
[1] We are currently in the process of rebundling to include an updated meek-amazon fingerprint in the final 5.5a4 (bug 17473).
Georg Koppen:
Hi,
Tor Browser 5.5a4 is ready for testing. Binaries can be found on
https://people.torproject.org/~gk/builds/5.5a4-build4/
with the additional fix for bug 17473.
Georg
https://people.torproject.org/~gk/builds/5.5a4-build2/
It features an updated Firefox (38.4.0esr) and Tor 0.2.7.4-rc + a number of other improvements. Most notably, we included Yan Zhu's fix for not leaking the Referer header when leaving a .onion domain and finally sorted out the HTTPS-Everywhere build problems allowing us to ship its latest version in our bundles again. We fixed usability issues coming with our font fingerprinting patches and included a new defense against figerprinting users via available MIME types and plugins. Finally, besides additional minor bug fixes and clean-ups, we included an updated NoScript version.
The full changelog for build2[1] is:
Tor Browser 5.5a4 -- November 3 2015
- All Platforms
- Update Firefox to 38.4.0esr
- Update Tor to 0.2.7.4-rc
- Update NoScript to 2.6.9.39
- Update HTTPS-Everywhere to 5.1.1
- Update Torbutton to 1.9.4.1
- Bug 9263: Spoof Referer when leaving a .onion domain
- Bug 16620: Remove old window.name handling code
- Bug 17164: Don't show text-select cursor on circuit display
- Bug 17351: Remove unused code
- Translation updates
- Bug 17207: Hide MIME types and plugins from websites
- Bug 16909+17383: Adapt to HTTPS-Everywhere build changes
- Bug 16620: Move window.name handling into a Firefox patch
- Bug 17220: Support math symbols in font whitelist
- Bug 10599+17305: Include updater and build patches needed for
hardened builds
- Bug 17318: Remove dead ScrambleSuit bridge
- Bug 17428: Remove default Flashproxy bridges
- Windows
- Bug 17250: Add localized font names to font whitelist
- OS X
- Bug 17122: Rename Japanese OS X bundle
- Linux
- Bug 17329: Ensure that non-ASCII characters can be typed (fixup of
#5926)
Georg
[1] We are currently in the process of rebundling to include an updated meek-amazon fingerprint in the final 5.5a4 (bug 17473).
tor-qa mailing list tor-qa@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-qa
-
Georg Koppen