[tor-bugs] #24138 [Applications/Tor Browser]: Older version of Tor Browser not updating

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 6 20:44:12 UTC 2017

#24138: Older version of Tor Browser not updating
 Reporter:  lizzard                   |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_information
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by gk):

 Replying to [comment:4 mcs]:
 > It may be difficult to fix this now. Opening Tor Browser 4.5.3, using
 about:config to set `app.update.log = true`, and opening the Browser
 Console reveals that the update URL used is:
 > An update check results in this error:
 > Expected certificate attribute 'issuerName' value incorrect, expected:
 'CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert
 Inc,C=US', got: 'CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US'.
 > This happens because 4.5.3 includes some built-in checks to ensure that
 the browser is talking to the correct update server, but unfortunately we
 have switched from a DigiCert issued certificate to one from Let's
 Encrypt. I am not sure how to avoid this problem without running a server
 that uses a certificate from the older CA... forever.

 So, 2) is even worse than I assumed without checking, *sigh*. But there is
 still 1). Could we do something about the false feedback in the About Tor
 Browser menu?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24138#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list