[tor-announce] Tor Browser 6.0.7 is released

Nicolas Vigier boklm at torproject.org
Wed Nov 30 20:25:26 UTC 2016

Tor Browser 6.0.7 is now available from the Tor Browser Project page [1]
and also from our distribution directory [2].

    1: https://www.torproject.org/download/download-easy.html
    2: https://www.torproject.org/dist/torbrowser/6.0.7/

This release features an important security update to Firefox and
contains, in addition to that, an update to NoScript (

The security flaw responsible for this urgent release is already
actively exploited on Windows systems. Even though there is currently,
to the best of our knowledge, no similar exploit for OS X or Linux
users available the underlying bug affects those platforms as well.
Thus we strongly recommend that all users apply the update to their
Tor Browser immediately. A restart is required for it to take effect.

Tor Browser users who had set their security slider to "High" are
believed to have been safe from this vulnerability.

We will have alpha and hardened Tor Browser updates out shortly. In the
meantime, users of these series can mitigate the security flaw in at
least two ways:

1) Set the security slider to "High" as this is preventing the exploit
   from working.
2) Switch to the stable series until updates for alpha and hardened are
   available, too.

Here is the full changelog since 6.0.6:

 * All Platforms
   * Update Firefox to 45.5.1esr
   * Update NoScript to

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1554 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-announce/attachments/20161130/31dd2d4b/attachment.sig>

More information about the tor-announce mailing list