Tor Browser

Tor Browser 13.0

Tor Browser 13.0 - October 12 2023

* All Platforms
* Updated tor to 0.4.8.7
* Updated OpenSSL to 3.0.11
* Bug 40050: FF103 Audit [tor-browser-spec]
* Bug 40051: FF104 Audit [tor-browser-spec]
* Bug 40052: FF105 Audit [tor-browser-spec]
* Bug 40053: FF106 Audit [tor-browser-spec]
* Bug 40054: FF107 Audit [tor-browser-spec]
* Bug 40055: FF108 Audit [tor-browser-spec]
* Bug 40056: FF109 Audit [tor-browser-spec]
* Bug 40057: FF110 Audit [tor-browser-spec]
* Bug 40058: FF111 Audit [tor-browser-spec]
* Bug 40059: FF112 Audit [tor-browser-spec]
* Bug 40060: FF113 Audit [tor-browser-spec]
* Bug 40061: FF114 Audit [tor-browser-spec]
* Bug 40062: FF115 Audit [tor-browser-spec]
* Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser]
* Bug 40577: Add "suggest url" in DDG onion's manifest [tor-browser]
* Bug 40938: Migrate remaining torbutton functionality to tor-browser [tor-browser]
* Bug 41092: Enable tracking query parameters stripping [tor-browser]
* Bug 41327: Disable UrlbarProviderInterventions [tor-browser]
* Bug 41399: Update Mozilla's patch for Bug 1675054 to enable brotli encoding for HTTP onions as well [tor-browser]
* Bug 41477: Review some extensions.* preferences [tor-browser]
* Bug 41496: Review 000-tor-browser.js and 001-base-profile.js for 115 [tor-browser]
* Bug 41576: ESR115: ensure no remote calls for weather & addon suggestions [tor-browser]
* Bug 41605: Remove unused assets from torbutton (preferences-mobile.css) [tor-browser]
* Bug 41675: Remove javascript.options.large_arraybuffers [tor-browser]
* Bug 41727: WebRTC privacy-hardening settings [tor-browser]
* Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser]
* Bug 41752: Review changes done by Bug 41565 [tor-browser]
* Bug 41796: Rebase Tor Browser to Firefox 115 [tor-browser]
* Bug 41797: Lock RFP in release builds [tor-browser]
* Bug 41934: Websocket raises DOMException on http onions in 13.0a1 [tor-browser]
* Bug 41936: Review Mozilla 1770158: Use double-conversion library instead of dtoa for string-to-double conversion [tor-browser]
* Bug 41937: Review Mozilla 1780014: Add specific telemetry for conservative and first-try handshakes [tor-browser]
* Bug 41938: Review Mozilla 1769994: On systems with IPv6 preferred DNS resolution clients will fail to connect when "localhost" is used as host for the WebSocket server [tor-browser]
* Bug 41939: Review Mozilla 1728871: Support fetching data from Remote Setting [tor-browser]
* Bug 41941: Review Mozilla 1775254: Improve Math.pow accuracy for large exponents [tor-browser]
* Bug 41943: Lock javascript.options.spectre.disable_for_isolated_content to false [tor-browser]
* Bug 41945: Review Mozilla 1783019: Add a cookie banner service to automatically handle website cookie banners [tor-browser]
* Bug 41946: Review Mozilla 1782579: Add a locale parameter to the text recognition API [tor-browser]
* Bug 41947: Review Mozilla 1779005: Broken since Firefox 102.0: no instant fallback to direct connection when proxy became unreachable while runtime [tor-browser]
* Bug 41950: Review Mozilla 1788668: Add the possibility to check that the clipboard contains some pdfjs stuff [tor-browser]
* Bug 41951: Review Mozilla 1790681: Enable separatePrivateDefault by default [tor-browser]
* Bug 41959: Review Mozilla 1795944: Remove descriptionheightworkaround [tor-browser]
* Bug 41960: Review Mozilla 1797896: Proxy environment variables should be upper case / case insensitive [tor-browser]
* Bug 41961: Review Mozilla 1798868: Hide cookie banner handling UI by default [tor-browser]
* Bug 41969: Review Mozilla 1746983: Re-enable pingsender2 [tor-browser]
* Bug 41970: Review Mozilla 17909270: WebRTC bypasses Network settings & proxy.onRequest [tor-browser]
* Bug 41984: Rename languageNotification.ftl to base-browser.ftl [tor-browser]
* Bug 42013: Review Mozilla 1834374: Do not call EmptyClipboard() in nsBaseClipboard destructor [tor-browser]
* Bug 42014: Review Mozilla 1832791: Implement a Remote Settings for the Quarantined Domains pref [tor-browser]
* Bug 42015: Review Mozilla 1830890: Keep a history window of WebRTC stats for about:webrtc [tor-browser]
* Bug 42019: Empty browser's clipboard on browser shutdown [tor-browser]
* Bug 42026: Disable cookie banner service and UI. [tor-browser]
* Bug 42029: Defense-in-depth: disable non-proxied UDP WebRTC [tor-browser]
* Bug 42034: aboutTBUpdate.dtd is duplicated [tor-browser]
* Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser]
* Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser]
* Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser]
* Bug 42085: NEWNYM signal missing on Whonix [tor-browser]
* Bug 42094: Disable `media.aboutwebrtc.hist.enabled` as security in-depth [tor-browser]
* Bug 42120: Use foursquare as domain front for snowflake [tor-browser]
* Bug 40887: Update Webtunnel version to 38eb5505 [tor-browser-build]
* Windows + macOS + Linux
* Updated Firefox to 115.3.1esr
* Bug 30556: Re-evaluate letterboxing dimension choices [tor-browser]
* Bug 32328: Improve error recovery from the red screen of death [tor-browser]
* Bug 33282: Increase the max width of new windows [tor-browser]
* Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser]
* Bug 40175: Connections in reader mode are not FPI [tor-browser]
* Bug 40982: Cleanup maps in tor-circuit-display [tor-browser]
* Bug 40983: Move not UI-related torbutton.js code to modules [tor-browser]
* Bug 41165: Crash with debug assertions enabled [tor-browser]
* Bug 41333: Modernize Tor Browser's new-tab page (about:tor) [tor-browser]
* Bug 41423: about:tor semantic and accessibility problems [tor-browser]
* Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser]
* Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser]
* Bug 41639: Fix the wordmark (title and background) of the "About Tor Browser" window [tor-browser]
* Bug 41642: Do not hide new PBM in the hamburger menu if auto PBM is not enabled [tor-browser]
* Bug 41651: Use moz-toggle in connection preferences [tor-browser]
* Bug 41691: "Firefox Suggest" text appearing in UI [tor-browser]
* Bug 41717: Bookmark toolbar visibility on new tabs is not honored when new tab page is not about:blank [tor-browser]
* Bug 41739: Remove "Website appearance" [tor-browser]
* Bug 41741: Refactor the domain isolator and new circuit [tor-browser]
* Bug 41765: TTP-02-006 WP1: Information leaks via custom homepage (Low) [tor-browser]
* Bug 41766: TTP-02-001 WP1: XSS in TorConnect's captive portal (Info) [tor-browser]
* Bug 41771: Decide what to do for firefoxview [tor-browser]
* Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser]
* Bug 41791: Copying page contents also puts the source URL on the clipboard [tor-browser]
* Bug 41812: Review layout for XUL elements [tor-browser]
* Bug 41813: Look out for links missing underlines in ESR 115-based alphas [tor-browser]
* Bug 41821: Fix the proxy type in the proxy modal of about:preferences in 13.0 [tor-browser]
* Bug 41822: The default browser button came back on 115 [tor-browser]
* Bug 41833: Reload extensions on new identity [tor-browser]
* Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser]
* Bug 41842: Remove the old removal logics from Torbutton [tor-browser]
* Bug 41844: Stop using the control port directly [tor-browser]
* Bug 41845: Stop forcing (bad) pref values for non-PBM users [tor-browser]
* Bug 41852: Review the Tor Check Service UX [tor-browser]
* Bug 41864: TOR_CONTROL_HOST and TOR_SOCKS_HOST do not work as expected when the browser launches tor [tor-browser]
* Bug 41865: Use --text-color-deemphasized rather than --panel-description-color [tor-browser]
* Bug 41874: Visual & A11 regressions in add-on badges [tor-browser]
* Bug 41876: Remove Firefox View from title bar [tor-browser]
* Bug 41877: NoScript seems to be blocking by default in the first 115-based testbuild [tor-browser]
* Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser]
* Bug 41886: Downloads drop-down panel has new-line/line-break between every word in the 'Be careful opening downloads' warning [tor-browser]
* Bug 41904: The log textarea doesn't resize anymore [tor-browser]
* Bug 41906: Hide about:preferences#privacy > DNS over HTTPS section [tor-browser]
* Bug 41907: The bootstrap is interrupted without any errors if the process becomes ready when already bootstrapping [tor-browser]
* Bug 41912: "Use Current Bridges" is shown for users even when there aren't any current bridges [tor-browser]
* Bug 41922: Unify the bridge line parsers [tor-browser]
* Bug 41923: The path normalization results in warnings [tor-browser]
* Bug 41924: Small refactors for TorProcess [tor-browser]
* Bug 41925: Remove the torbutton startup observer [tor-browser]
* Bug 41926: Refactor the control port client implementation [tor-browser]
* Bug 41931: Regression: new window leaks outer window [tor-browser]
* Bug 41935: Improve new window & letterboxing dimensions [tor-browser]
* Bug 41940: Review Mozilla 1739348: When a filetype is set to "always ask" and the user makes a save/open choice in the dialog, we should not also open the downloads panel [tor-browser]
* Bug 41949: Review Mozilla 1782578: Implement a context menu modal for text recognition [tor-browser]
* Bug 41954: Inputs in the request a bridge dialog are cut-off in 13.0 alpha [tor-browser]
* Bug 41957: Revert to Fx's default identity block style for internal pages [tor-browser]
* Bug 41958: Console error when closing tor browser with about:preferences open [tor-browser]
* Bug 41964: `emojiAnnotations` not defined in time in connection preferences [tor-browser]
* Bug 41965: TorConnect error when opening browser tools [tor-browser]
* Bug 41971: Update Tails URL in downloads warning [tor-browser]
* Bug 41973: Custom wingpanels don't line up with their toolbar icons in 13.0 alpha [tor-browser]
* Bug 41974: De-emphasized text in custom components is no longer gray in 13.0 alpha [tor-browser]
* Bug 41975: Downloads warning text too narrow in 13.0 alpha [tor-browser]
* Bug 41976: Bottom padding on collapsed bridge cards has increased in 13.0 alpha [tor-browser]
* Bug 41977: Hide the "Learn more" link in bridge cards [tor-browser]
* Bug 41980: Circuit display headline is misaligned in 13.0 alpha [tor-browser]
* Bug 41981: Review Mozilla 1800675: Add about:preferences entry for cookie banner handling [tor-browser]
* Bug 41983: Review Mozilla 1770447: Create a reusable "support-link" widget [tor-browser]
* Bug 41986: Fix the control port password handling [tor-browser]
* Bug 41994: CSS (and other assets) of some websites blocked in 13.0 alpha [tor-browser]
* Bug 42022: Prevent extension search engines from breaking the whole search system [tor-browser]
* Bug 42027: Create a Base Browser version of migrateUI [tor-browser]
* Bug 42037: Disable about:firefoxview [tor-browser]
* Bug 42041: TBB --allow-remote mixes up with plain Firefox [tor-browser]
* Bug 42045: Circuit panel overflows with long ipv6 addresses [tor-browser]
* Bug 42046: Remove XUL layout hacks from base browser [tor-browser]
* Bug 42047: Remove layout hacks from tor browser preferences [tor-browser]
* Bug 42050: Bring back Save As... dialog as default [tor-browser]
* Bug 42073: Add simplified onion pattern to the new homepage [tor-browser]
* Bug 42075: Fix link spacing and underline on new homepage [tor-browser]
* Bug 42079: TorConnect: handle switching from Bootstrapped to Configuring state [tor-browser]
* Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser]
* Bug 42091: Onion authorization prompt overflows [tor-browser]
* Bug 42092: Onion services key table display problems. [tor-browser]
* Bug 42098: Implement Windows installer icons [tor-browser]
* Bug 42100: Connect Assist dropdown text not centered [tor-browser]
* Bug 42102: TorProcess says the SOCKS port is not valid even though it is [tor-browser]
* Bug 42109: Onion services keys table has empty column headers. [tor-browser]
* Bug 42110: Add a utility module for shared UI methods needed for several tor browser components [tor-browser]
* Bug 42126: moat and connect assist broken for people who can't reach domain front [tor-browser]
* Bug 42129: Disable the Tor restart prompt if shouldStartAndOwnTor is false [tor-browser]
* Bug 42131: Tor Browser 13.0a5 does not track circuits created before Tor Browser started [tor-browser]
* Bug 42132: The new control port handling in Tor Browser 13 breaks a Tails security feature [tor-browser]
* Bug 42138: Disable apz.overscroll.enabled pref [tor-browser]
* Bug 42155: Drop the unused code for the old bridge removal warning [tor-browser]
* Bug 42159: Responsive Design Mode not working correctly [tor-browser]
* Bug 42160: Allow specifying a TOR_PROVIDER=none to configure only the proxy settings during the TorProviderBuilder initialization [tor-browser]
* Bug 42166: New identity dialog missing accessible name [tor-browser]
* Bug 42167: Make the preference auto-focus more reliable [tor-browser]
* Bug 40821: The update details URL is wrong in alphas [tor-browser-build]
* Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build]
* Bug 40924: Customize MOZ_APP_REMOTINGNAME instead of passing --name and --class [tor-browser-build]
* Bug 40938: Copy the new tor-browser.ftl file to the appropriate directory [tor-browser-build]
* Windows + Android
* Bug 40930: Upate zlib to 1.3 after 13.0a3 [tor-browser-build]
* Windows
* Bug 40737: Revert backout of Mozilla's fix for bug 1724777 [tor-browser]
* Bug 41658: Create new installer icons for Windows [tor-browser]
* Bug 41798: Stop building private_browsing.exe on Windows [tor-browser]
* Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser]
* Bug 41942: Review Mozilla 1682520: Use the WER runtime exception module to catch early crashes [tor-browser]
* Bug 41944: Review Mozilla 1774083: Add Surrogate COM Server to handle native Windows notifications when Firefox is closed. [tor-browser]
* Bug 42008: Review Mozilla 1808146: Copying images from Pixiv and pasting them in certain programs is broken [tor-browser]
* Bug 42010: Review Mozilla 1810641: Enable overscroll on Windows on all channels [tor-browser]
* Bug 42087: Implement Windows application icons [tor-browser]
* Bug 40954: Implement Windows installer icons [tor-browser-build]
* macOS
* Bug 41948: Review Mozilla 1782981: Hide the text recognition context menu if the macOS version doesn't support APIs [tor-browser]
* Bug 41955: Update macOS volume window background [tor-browser]
* Bug 41982: Review Mozilla 1762392: Add Cocoa platform support for paste files [tor-browser]
* Bug 42057: Disable Platform text-recognition functionality [tor-browser]
* Bug 42078: Implement MacOS application icons [tor-browser]
* Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile [tor-browser]
* Linux
* Bug 41509: After update, KDE Plasma identifies Tor Browser Nightly window group as "firefox-nightly" [tor-browser]
* Bug 41884: Linux: set browser.tabs.searchclipboardfor.middleclick to false [tor-browser]
* Bug 42088: Implement Linux application icons [tor-browser]
* Bug 40576: Fontconfig warning: remove 'blank' configuration [tor-browser-build]
* Android
* Updated GeckoView to 115.3.1esr
* Bug 41878: firefox-mobile: refactor tor bootstrap off deleted onboarding path [tor-browser]
* Bug 41882: Update DuckDuckGo icons [tor-browser]
* Bug 41911: Firefox-Android tor bootstrap connect button css broken [tor-browser]
* Bug 41928: Backport Android-specific security fixes from Firefox 116 to ESR 102.14 / 115.1 - based Tor Browser [tor-browser]
* Bug 41972: Disable Firefox onboarding in 13.0 [tor-browser]
* Bug 41990: Review Mozilla 1811531: Add 'site' query parameter to Pocket sponsored stories request [tor-browser]
* Bug 41991: Review Mozilla 1812518: Allow a custom View for 3rd party downloads [tor-browser]
* Bug 41993: Review Mozilla 1810761: Add API for saving a PDF [tor-browser]
* Bug 41996: App includes com.google.android.gms.permission.AD_ID permission [tor-browser]
* Bug 41997: com.adjust.sdk.Adjust library enables AD_ID permission even though we aren't using it [tor-browser]
* Bug 41999: TB13.0a2 android: center text on connect button [tor-browser]
* Bug 42001: Hide 'Open links in external app' settings option and force defaults [tor-browser]
* Bug 42002: Review Mozilla 1809305: Allow user to copy an image to the clipboard [tor-browser]
* Bug 42003: Review Mozilla 1819431: Reimplement default browser notification with Nimbus Messaging equivalent [tor-browser]
* Bug 42004: Review Mozilla 1818015: Use a custom tab or the view we use for Sync onboarding for the Privacy button [tor-browser]
* Bug 42005: Review Mozilla 1816932: Add Maps to app links common sub domains [tor-browser]
* Bug 42006: Review Mozilla 1817726: Allow sharing current tab URL from Android's Recents (App Overview) screen. [tor-browser]
* Bug 42007: Review Mozilla 1805450: Allow users to submit site support requests in Fenix [tor-browser]
* Bug 42012: Review Mozilla 1810629: add an Android shortcut to go straight to the login and passwords page [tor-browser]
* Bug 42016: Review Mozilla 1832069: Implement Google Play Referrer Library to fetch referrer URL [tor-browser]
* Bug 42018: Rebase Firefox for Android to 115.2.1 [tor-browser]
* Bug 42023: Remove FF what's new from Android [tor-browser]
* Bug 42038: TBA Alpha - inscriptions Tor Browser Alpha and FireFox Browser simultaneously on the start screen [tor-browser]
* Bug 42074: YEC 2023 Takeover for Android Stable [tor-browser]
* Bug 42076: Theme is visible in options, but shouldn't be [tor-browser]
* Bug 42089: Disable the Cookie Banner Reduction site support requests (Mozilla 1805450) [tor-browser]
* Bug 42114: Disable Allow sharing current tab URL from Android's Recents screen in private browsing mode [tor-browser]
* Bug 42115: Enhanced Tracking Protection can still be enabled [tor-browser]
* Bug 42122: playstore console crashes: java.lang.NoSuchMethodError [tor-browser]
* Bug 42133: Remove "Total Cookie Protection" popup [tor-browser]
* Bug 42134: Remove Android icon shortcuts [tor-browser]
* Bug 42156: Screenshot allowing still blocks homescreen (android) [tor-browser]
* Bug 42157: Fix Help button URL [tor-browser]
* Bug 42165: Remove "Add to shortcuts" and "Remove from shortcuts" buttons [tor-browser]
* Bug 42158: Remove "Customize Homepage" button [tor-browser]
* Bug 40740: Tor Browser for Android's snowflake ClientTransportPlugin seems to be out of date [tor-browser-build]
* Bug 40919: Fix nimbus-fml reproducibility of 13.0a2-build1 [tor-browser-build]
* Bug 40941: Remove PT process options on Android [tor-browser-build]
* Build System
* All Platforms
* Updated Go to 1.21.1
* Bug 42130: Add support for specifying the branch in `tb-dev rebase-on-default` [tor-browser]
* Bug 31588: Be smarter about vendoring for Rust projects [tor-browser-build]
* Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build]
* Bug 40410: Get rid of python2 [tor-browser-build]
* Bug 40487: Bump Python version [tor-browser-build]
* Bug 40741: Update browser and tor-android-service projects to pull data from pt_config.json [tor-browser-build]
* Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build]
* Bug 40829: Review and standardize naming scheme for browser installer/package artifacts [tor-browser-build]
* Bug 40854: Update to OpenSSL 3.0 [tor-browser-build]
* Bug 40855: Update toolchains for Mozilla 115 [tor-browser-build]
* Bug 40868: Bump Rust to 1.69.0 [tor-browser-build]
* Bug 40880: The README doesn't include some dependencies needed for building incrementals [tor-browser-build]
* Bug 40886: Update README with instructions for Arch linux [tor-browser-build]
* Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build]
* Bug 40908: Enable the --enable-gpl config flag in tor to bring in PoW functionality [tor-browser-build]
* Bug 40929: Update go to 1.21 series after 13.0a3 [tor-browser-build]
* Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build]
* Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build]
* Bug 40948: Remove lyrebird-vendor sha256sum in nightly [tor-browser-build]
* Bug 40957: Expired subkey warning on Tor Browser GPG verification [tor-browser-build]
* Bug 40972: Handle Mullvad Browser in the changelog script and group entries by project [tor-browser-build]
* Windows + macOS + Linux
* Bug 41967: Add a Makefile recipe to create multi-lingual dev builds [tor-browser]
* Bug 40149: Remove patching of nightly update URL [tor-browser-build]
* Bug 40615: Consider adding a readme to the fonts directory [tor-browser-build]
* Bug 40907: Sometimes debug information are not deterministic with Clang 16.0.4 [tor-browser-build]
* Bug 40922: Use base-browser.ftl instead of languageNotification.ftl [tor-browser-build]
* Bug 40931: Fix incrementals after tor-browser-build#40829 [tor-browser-build]
* Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build]
* Bug 40942: Use the branch to build Base Browser [tor-browser-build]
* Bug 40944: After #40931, updates_responses is using incremental.mar files as if they were non-incremental mar files [tor-browser-build]
* Bug 40947: Remove migrate_langs from tools/signing/nightly/update-responses-base-config.yml [tor-browser-build]
* Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build]
* Windows
* Bug 41995: Generated headers on Windows aren't reproducible [tor-browser]
* Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build]
* Bug 40940: Change position of the `install|portable` in the builds filenames [tor-browser-build]
* macOS
* Bug 42035: Update tools/torbrowser/ scripts to support macOS dev environment [tor-browser]
* Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build]
* Bug 40951: Firefox fails to build for macOS after tor-browser-build#40938 [tor-browser-build]
* Linux
* Bug 42071: tor-browser deployed format changed breaking fetch.sh [tor-browser]
* Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build]
* Bug 40971: Stop shipping Linux i686 debug archive until we actually produce the symbols [tor-browser-build]
* Android
* Bug 41899: Use LLD for Android [tor-browser]
* Bug 40867: Create a RBM project for the unified Android repository [tor-browser-build]
* Bug 40917: Remove the uniffi-rs project [tor-browser-build]
* Bug 40918: The commit hash is still not displayed about:buildconfig on Android [tor-browser-build]
* Bug 40920: Non-deterministic generation of baseline.profm file in Android apks [tor-browser-build]
* Bug 40963: Tor Browesr 13.0 torbrowser-testbuild-android* targets fail to build [tor-browser-build]
* Bug 40974: firefox-android fails to build in release [tor-browser-build]
Tor Browser 12.5.6 - September 29 2023

* All Platforms
* Bug 42135: Backport security fixes from Firefox 115.3.1 to 102.15.1 [tor-browser]
* Build System
* All Platforms
* Bug 40957: Update subkey expiration date for Tor Browser gpg key [tor-browser-build]
Tor Browser 12.5.5 - September 25 2023

* All Platforms
* Updated tor to 0.4.7.15
* Updated NoScript to 11.4.27
* Updated Translations
* Bug 42120: Use foursquare as domain front for snowflake [tor-browser]
* Bug 42123: Backport security fixes from Firefox 118 to ESR 102.15 / 115.3 - based Tor Browser [tor-browser]
* Windows + macOS + Linux
* Bug 42126: moat and connect assist broken for people who can't reach domain front [tor-browser]
Tor Browser 12.5.4 - September 12 2023
  • All Platforms
    • Updated Translations
    • Updated OpenSSL to 1.1.1w
    • Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser]
    • Bug 42090: Rebase release onto 102.15.1esr [tor-browser]
  • Windows + macOS + Linux
    • Updated Firefox to 102.15.1esr
  • Android
    • Updated GeckoView to 102.15.1esr
  • Build System
    • All Platforms
      • Updated Go to 1.20.8
Tor Browser 12.5.3 - August 28 2023

* All Platforms
* Updated Translations
* Updated OpenSSL to 1.1.1v
* Bug 42033: Rebase the releases onto 102.15.0esr [tor-browser]
* Bug 42053: Backport security fixes from Firefox 117 to ESR 102.15 - based Tor Browser [tor-browser]
* Windows + macOS + Linux
* Updated Firefox to 102.15.0esr
* Android
* Updated GeckoView to 102.15.0esr
* Build System
* All Platforms
* Updated Go to 1.20.7
* Bug 40740: Tor Browser for Android's snowflake ClientTransportPlugin seems to be out of date [tor-browser-build]
* Bug 40786: deploy_update_responses-*.sh requires +r permissions to run [tor-browser-build]
* Bug 40905: Go vendor archives ignore the nightly version override on testbuilds [tor-browser-build]
* Bug 40913: add boklm back to list of taggers in relevant projects [tor-browser-build]
* Bug 40921: staticiforme-prepare-cdn-dist-upload uses hardcoded torbrowser path for .htacess file generation [tor-browser-build]

Full changelog​

The full changelog since Tor Browser 12.5.1 is:

  • All Platforms
    • Updated Translations
    • Updated NoScript to 11.4.26
    • Bug tor-browser#41908: Rebase stable 12.5 to 102.14esr
  • Windows + macOS + Linux
    • Updated Firefox to 102.14.0esr
  • Windows
    • Bug tor-browser#41761: xul.dll win crash tor-browser 12.5.1 (based on Mozilla Firefox 102.13.0esr) (64-Bit)
  • Android
    • Updated GeckoView to 102.14.0esr
    • Bug tor-browser#41928: Backport Android-specific security fixes from Firefox 116 to ESR 102.14 / 115.1 - based Tor Browser
  • Build System
The full changelog since Tor Browser 12.5 is:

  • All Platforms
    • Updated Translations
    • Updated NoScript to 11.4.24
    • Bug tor-browser#41860: Rebase 12.5 stable to 102.13esr
  • Windows + macOS + Linux
    • Updated Firefox to 102.13.0esr
    • Bug tor-browser#41854: Download Spam Protection cannot be overridden to allow legitimate downloads
    • Bug tor-browser#41856: Onion service authorization prompt's key field does not get focus when clicked
    • Bug tor-browser#41858: 'Learn more' link in onboarding links to 12.0 release notes and not 12.5
  • Android
    • Updated GeckoView to 102.13.0esr
The full changelog since Tor Browser 12.0.7 is:

Tor Browser 12.0.7 - May 31 2023

* All Platforms
* Updated Translations
* Updated NoScript to 11.4.22
* Updated OpenSSL to 1.1.1u
* Bug 41764: TTP-02-004 OOS: No user-activation required to download files (Low) [tor-browser]
* Bug 41794: Rebase Tor Browser and Base Browser stable to 102.12esr [tor-browser]
* Windows + macOS + Linux
* Updated Firefox to 102.12esr
* Bug 41777: Internally shippped manual does not adapt to RTL languages (it always align to the left) [tor-browser]
* Android
* Updated GeckoView to 102.12esr
* Bug 41805: Backport Android-specific security fixes from Firefox 114 to ESR 102.12-based Tor Browser [tor-browser]
The full changelog since Tor Browser 12.0.5 is:

Zurück
Oben Unten