Bug 19706: Store browser data in the app home directory.Bug 19725: Remove old updater files left on disk after upgrade to 6.x.Bug 20040: Add update support for unpacked HTTPS Everywhere.Bug 20092: Rotate ports for default obfs4 bridges.Bug 19906: "Maximizing Tor Browser" Notification can exist multiple times.Bug 19995: Clear site security settings during New Identity.Here is the full changelog since Tor Browser 6.0.4: Until then users are strongly encouraged to use Tor Browser 6.0.5.Īpart from fixing Firefox vulnerabilities this release comes with a new Tor stable version (0.2.8.7), an updated HTTPS-Everywhere (5.2.4), and fixes minor bugs. We expect them to get released at the beginning of next week. We are currently building the alpha and hardened bundles (6.5a3 and 6.5a3-hardened) that will contain the fix for alpha/hardened channel users. Thanks to everyone who helped investigating this bug and getting a bugfix release out as fast as possible. Obtaining such a certificate is not an easy task, but it's within reach of powerful adversaries (e.g. Moreover, other built-in certificate pinnings are affected as well. This could lead to arbitrary code execution. That vulnerability allows an attacker who is able to obtain a valid certificate for to impersonate Mozilla's servers and to deliver a malicious extension update, e.g. All users should upgrade as soon as possible. This release features important security updates to Firefox including the recently disclosed extension update vulnerability. Tor Browser 6.0.5 is now available from the Tor Browser Project page and also from our distribution directory.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |