Security Updates for Tor Browser

Monday, April 24, 2017 @ 04:04 PM gHale


Tor Project released the second and probably the last scheduled point release of the Tor Browser 6.5 stable series of the anonymous web browser based on Mozilla Firefox.

Tor Browser 6.5.2 is out for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows, and it looks like it incorporates all the important security updates that Mozilla implemented in the Firefox 45.9.0 ESR (Extended Support Release), along with HTTPS-Everywhere 5.2.14 and NoScript 5.0.2.

RELATED STORIES
Chrome Updated with Security Fixes
Firefox Zero Day Mitigated
Google Release Chrome 57
Tor Browser 6.5 Update Releases

“This should be the last minor release in the 6.5 series,” said officials in the release. “Moreover, we included a fix for the broken Twitter experience and worked around a Windows related crash bug. To improve our censorship resistance, we additionally updated the bridges we ship.”

As with any new point release of an open-source project, several of the issues reported by users lately have been addressed. And it looks like Tor Browser 6.5.2 no longer removes the Authorization header on subdomains for various websites, such as Twitter, and moves meek-amazon to the d2cly7j4zqgua7.cloudfront.net backend.

Another bug, affecting only Windows users, made Tor Browser crash when visiting the github.com website. This issue ended up fixed, along with the problem that would not allow Windows updates to deal with the SSE2 requirement. Other than that, Tor Browser 6.5.2 adds new obfs4 bridges.

Tor Project is now working on Tor Browser 7.0 major release, which received a third Alpha build.

Tor Browser 7.0 will be based on the current ESR branch of Firefox, namely Mozilla Firefox 52, and is shipping with some of the latest technologies, including Tor 0.3.0.5, Torbutton 1.9.7.2, Tor Launcher 0.2.12, HTTPS-Everywhere 5.2.14, NoScript 5.0.2, sandboxed-tor-browser 0.0.6, and Go 1.7.5.



Leave a Reply

You must be logged in to post a comment.