Version history for Tor Browser Bundle (64-bit)

<<Back to software description

Changes for v9.0.6 - v9.0.7

• All Platforms
• Bump NoScript to 11.0.19
• Bump Https-Everywhere to 2020.3.16
• Bug 33613: Disable Javascript on Safest security level
• Windows + OS X + Linux
• Bump Tor to 0.4.2.7

Changes for v9.0 - v9.0.1

• All Platforms
• Update NoScript to 11.0.4
• Bug 21004: Don't block JavaScript on onion services on medium security
• Bug 27307: NoScript marks HTTP onions as not secure
• Bug 30783: Fundraising banner for EOY 2019 campain
• Bug 32321: Don't ping Mozilla for Man-in-the-Middle-detection
• Bug 27268: Preferences clean-up
• Windows + OS X + Linux
• Update Tor Launcher to 0.2.20.2
• Bug 32164: Trim each received log line from tor
• Translations update
• Bug 31803: Replaced about:debugging logo with flat version
• Bug 31764: Fix for error when navigating via 'Paste and go'
• Bug 32169: Fix TB9 Wikipedia address bar search
• Bug 32210: Hide the tor pane when using a system tor
• Bug 31658: Use builtin --panel-disabled-color for security level text
• Bug 32188: Fix localization on about:preferences#tor
• Bug 32184: Red dot is shown while downloading an update

Changes for v8.5.4 - v9.0

• All Platforms
• Update Firefox to 68.2.0esr
• Bug 31740: Remove some unnecessary RemoteSettings instances
• Bug 13543: Spoof smooth and powerEfficient for Media Capabilities
• Bug 28196: about:preferences is not properly translated anymore
• Bug 19417: Disable asmjs on safer and safest security levels
• Bug 30463: Explicitly disable MOZ_TELEMETRY_REPORTING
• Bug 31935: Disable profile downgrade protection
• Bug 16285: Disable DRM/EME on Android and drop Adobe CDM
• Bug 31602: Remove Pocket indicators in UI and disable it
• Bug 31914: Fix eslint linter error
• Bug 30429: Rebase patches for Firefox 68 ESR
• Bug 31144: Review network code changes for Firefox 68 ESR
• Bug 10760: Integrate Torbutton into Tor Browser directly
• Bug 25856: Remove XUL overlays from Torbutton
• Bug 31322: Fix about:tor assertion failure debug builds
• Bug 29430: Add support for meek_lite bridges to bridgeParser
• Bug 28561: Migrate "About Tor Browser" dialog to tor-browser
• Bug 30683: Prevent detection of locale via some *.properties
• Bug 31298: Backport patch for #24056
• Bug 9336: Odd wyswig schemes without isolation for browserspy.dk
• Bug 27601: Browser notifications are not working anymore
• Bug 30845: Make sure internal extensions are enabled
• Bug 28896: Enable extensions in private browsing by default
• Bug 31563: Reload search extensions if extensions.enabledScopes has changed
• Bug 31396: Fix communication with NoScript for security settings
• Bug 31142: Fix crash of tab and messing with about:newtab
• Bug 29049: Backport JS Poison Patch
• Bug 25214: Canvas data extraction on locale pdf file should be allowed
• Bug 30657: Locale is leaked via title of link tag on non-html page
• Bug 31015: Disabling SVG hides UI icons in extensions
• Bug 30681: Set security.enterprise_roots.enabled to false
• Bug 30538: Unable to comment on The Independent Newspaper
• Bug 31209: View PDF in Tor Browser is fuzzy
• Translations update
• Windows + OS X + Linux
• Update Tor to 0.4.1.6
• Update OpenSSL to 1.1.1d
• Bug 31844: OpenSSL 1.1.1d fails to compile for some platforms/architectures
• Update Tor Launcher to 0.2.20.1
• Bug 28044: Integrate Tor Launcher into tor-browser
• Bug 32154: Custom bridge field only allows one line of input
• Bug 31286: New strings for about:preferences#tor
• Bug 31303: Do not launch tor in browser toolbox
• Bug 32112: Fix bad & escaping in translations
• Bug 31491: Clean up the old meek http helper browser profiles
• Bug 29197: Remove use of overlays
• Bug 31300: Modify Tor Launcher so it is compatible with ESR68
• Bug 31487: Modify moat client code so it is compatible with ESR68
• Bug 31488: Moat: support a comma-separated list of transports
• Bug 30468: Add mk locale
• Bug 30469: Add ro locale
• Bug 30319: Remove FTE bits
• Translations update
• Bug 32092: Fix Tor Browser Support link in preferences
• Bug 32111: Fixed issue parsing user-provided bridge strings
• Bug 31749: Fix security level panel spawning events
• Bug 31920: Fix Security Level panel when its toolbar button moves to overflow
• Bug 31748+31961: Fix 'Learn More' links in Security Level preferences and panel
• Bug 28044: Integrate Tor Launcher into tor-browser
• Bug 31059: Enable Letterboxing
• Bug 30468: Add mk locale
• Bug 30469: Add ro locale
• Bug 29430: Use obfs4proxy's meek_lite with utls instead of meek
• Bug 31251: Security Level button UI polish
• Bug 31344: Register SecurityLevelPreference's 'unload' callback
• Bug 31286: Provide network settings on about:preferences#tor
• Bug 31886: Fix ko bundle bustage
• Bug 31768: Update onboarding for Tor Browser 9
• Bug 27511: Add new identity button to toolbar
• Bug 31778: Support dark-theme for the Circuit Display UI
• Bug 31910: Replace meek_lite with meek in circuit display
• Bug 30504: Deal with New Identity related browser console errors
• Bug 31929: Don't escape DTD entity in ar
• Bug 31747: Some onboarding UI is always shown in English
• Bug 32041: Replace = with real hamburguer icon ≡
• Bug 30304: Browser locale can be obtained via DTD strings
• Bug 31065: Set network.proxy.allow_hijacking_localhost to true
• Bug 24653: Merge securityLevel.properties into torbutton.dtd
• Bug 31164: Set up default bridge at Karlstad University
• Bug 15563: Disable ServiceWorkers on all platforms
• Bug 31598: Disable warning on window resize if letterboxing is enabled
• Bug 31562: Fix circuit display for error pages
• Bug 31575: Firefox is phoning home during start-up
• Bug 31491: Clean up the old meek http helper browser profiles
• Bug 26345: Hide tracking protection UI
• Bug 31601: Disable recommended extensions again
• Bug 30662: Don't show Firefox Home when opening new tabs
• Bug 31457: Disable per-installation profiles
• Bug 28822: Re-implement desktop onboarding for ESR 68
• Windows
• Bug 31942: Re-enable signature check for language packs
• Bug 29013: Enable stack protection for Firefox on Windows
• Bug 30800: ftp:// on Windows can be used to leak the system time zone
• Bug 31547: Back out patch for Mozilla's bug 1574980
• Bug 31141: Fix typo in font.system.whitelist
• Bug 30319: Remove FTE bits
• OS X
• Bug 30126: Make Tor Browser compatible with macOS 10.15
• Bug 31607: App menu items stop working on macOS
• Bug 31955: On macOS avoid throwing inside nonBrowserWindowStartup()
• Bug 29818: Adapt #13379 patch for 68esr
• Bug 31464: Meek and moat are broken on macOS 10.9 with Go 1.12
• Linux
• Bug 31942: Re-enable signature check for language packs
• Bug 31646: Update abicheck to require newer libstdc++.so.6
• Bug 31968: Don't fail if /proc/cpuinfo is not readable
• Bug 24755: Stop using a heredoc in start-tor-browser
• Bug 31550: Put curly quotes inside single quotes
• Bug 31394: Replace "-1" with "−1" in start-tor-browser.desktop
• Bug 30319: Remove FTE bits
• Android
• Update Tor to 0.4.1.5
• Bug 31010: Rebase mobile patches for Fennec 68
• Bug 31010: Don't use addTrustedTab() on mobile
• Bug 30607: Support Tor Browser running on Android Q
• Bug 31192: Support x86_64 target on Android
• Bug 30380: Cancel dormant by startup
• Bug 30943: Show version number on mobile
• Bug 31720: Enable website suggestions in address bar
• Bug 31822: Security slider is not really visible on Android anymore
• Bug 24920: Only create Private tabs in permanent Private Browsing Mode
• Bug 31730: Revert aarch64-workaround against JIT-related crashes
• Bug 32097: Fix conflicts in mobile onboarding while rebasing to 68.2.0esr
• Build System
• All Platforms
• Bug 30585: Provide standalone clang 8 project across all platforms
• Bug 30376: Use Rust 1.34 for Tor Browser 9
• Bug 30490: Add cbindgen project for building Firefox 68 ESR/Fennec 68
• Bug 30701: Add nodejs project for building Firefox 68 ESR/Fennec 68
• Bug 31621: Fix node bug that makes large writes to stdout fail
• Bug 30734: Add nasm project for building Firefox 68 ESR/Fennec 68
• Bug 31293: Make sure the lo interface inside the containers is up
• Bug 27493: Clean up mozconfig options
• Bug 31308: Sync mozconfig files used in tor-browser over to tor-browser-build for esr68
• Windows
• Bug 29307: Use Stretch for cross-compiling for Windows
• Bug 29731: Remove faketime for Windows builds
• Bug 30322: Windows toolchain update for Firefox 68 ESR
• Bug 28716: Create mingw-w64-clang toolchain
• Bug 28238: Adapt firefox and fxc2 projects for Windows builds
• Bug 28716: Optionally omit timestamp in PE header
• Bug 31567: NS_tsnprintf() does not handle %s correctly on Windows
• Bug 31458: Revert patch for #27503 and bump mingw-w64 revision used
• Bug 9898: Provide clean fix for strcmpi issue in NSPR
• Bug 29013: Enable stack protection support for Firefox on Windows
• Bug 30384: Use 64bit containers to build 32bit Windows Tor Browser
• Bug 31538: Windows bundles based on ESR 68 are not built reproducibly
• Bug 31584: Clean up mingw-w64 project
• Bug 31596: Bump mingw-w64 version to pick up fix for #31567
• Bug 29187: Bump NSIS version to 3.04
• Bug 31732: Windows nightly builds are busted due to mingw-w64 commit bump
• Bug 29319: Remove FTE support for Windows
• OS X
• Bug 30323: MacOS toolchain update for Firefox 68 ESR
• Bug 31467: Switch to clang for cctools project
• Bug 31465: Adapt tor-browser-build projects for macOS notarization
• Linux
• Bug 31448: gold and lld break linking 32bit Linux bundles
• Bug 31618: Linux32 builds of Tor Browser 9.0a6 are not matching
• Bug 31450: Still use GCC for our ASan builds
• Bug 30321: Linux toolchain update for Firefox ESR 68
• Bug 30736: Install yasm from wheezy-backports
• Bug 31447: Don't install Python just for Mach
• Bug 30448: Strip Browser/gtk2/libmozgtk.so
• Android
• Bug 30324: Android toolchain update for Fennec 68
• Bug 31173: Update android-toolchain project to match Firefox
• Bug 31389: Update Android Firefox to build with Clang
• Bug 31388: Update Rust project for Android
• Bug 30665: Get Firefox 68 ESR working with latest android toolchain
• Bug 30460: Update TOPL project to use Firefox 68 toolchain
• Bug 30461: Update tor-android-service project to use Firefox 68 toolchain
• Bug 28753: Use Gradle with --offline when building the browser part
• Bug 31564: Make Android bundles based on ESR 68 reproducible
• Bug 31981: Remove require-api.patch
• Bug 31979: TOPL: Sort dependency list
• Bug 30665: Remove unnecessary build patches for Firefox

Changes for v8.5.2 - v8.5.3

• * All platforms
• * Pick up fix for Mozilla's bug 1560192

Changes for v8.5 - v8.5.2

• Tor Browser 8.5.2 -- June 19 2019
• * All platforms
• * Pick up fix for Mozilla's bug 1544386
• * Update NoScript to 10.6.3
• * Bug 29904: NoScript blocks MP4 on higher security levels
• * Bug 30624+29043+29647: Prevent XSS protection from freezing the browser
• Tor Browser 8.5.1 -- June 4 2019
• * All platforms
• * Update Torbutton to 2.1.10
• * Bug 30565: Sync nocertdb with privatebrowsing.autostart at startup
• * Bug 30464: Add WebGL to safer descriptions
• * Translations update
• * Update NoScript to 10.6.2
• * Bug 29969: Remove workaround for Mozilla's bug 1532530
• * Update HTTPS Everywhere to 2019.5.13
• * Bug 30541: Disable WebGL readPixel() for web content
• * Windows + OS X + Linux
• * Bug 30560: Better match actual toolbar in onboarding toolbar graphic
• * Bug 30571: Correct more information URL for security settings
• * Android
• * Bug 30635: Sync mobile default bridges list with desktop one
• * Build System
• * All platforms
• * Bug 30480: Check that signed tag contains expected tag name

Changes for v8.0.8 - v8.0.9

• All platforms
• Update Torbutton to 2.0.13
• Bug 30388: Make sure the updated intermediate certificate keeps working
• Backport fixes for bug 1549010 and bug 1549061
• Bug 30388: Make sure the updated intermediate certificate keeps working
• Update NoScript to 10.6.1
• Bug 29872: XSS popup with DuckDuckGo search on about:to

Changes for v8.0.7 - v8.0.8

• All platforms
• Update Firefox to 60.6.1esr
• Update NoScript to 10.2.4
• Bug 29733: Work around Mozilla's bug 1532530

Changes for v8.0.6 - v8.0.7

• All platforms
• Update Firefox to 60.6.0esr
• Update Tor to 0.3.5.8
• Bug 29660: XMPP can not connect to SOCKS5 anymore
• Update Torbutton to 2.0.11
• Bug 29021: Tell NoScript it is running within Tor Browser
• Windows
• Bug 29081: Harden libwinpthread

Changes for v8.0.5 - v8.0.6

• All platforms
• Update Firefox to 60.5.1esr
• Update HTTPS Everywhere to 2019.1.31
• Bug 29378: Remove 83.212.101.3 from default bridges
• Build System
• All Platforms
• Bug 29235: Build our own version of python3.6 for HTTPS Everywhere

Changes for v8.0.1 - v8.0.2

• All platforms
• Update Firefox to 60.2.1esr
• Backport fix for Mozilla bug 1493900 and 1493903
• OS X
• Backport fix for Mozilla bug 1489785 for macOS 10.14 compatibility

Changes for v8.0 - v8.0.1

• All platforms
• Update Tor to 0.3.4.8
• Update Torbutton to 2.0.7
• Bug 27097: Tor News signup banner
• Bug 27663: Add New Identity menuitem again
• Bug 26624: Only block OBJECT on highest slider level
• Bug 26555: Don't show IP address for meek or snowflake
• Bug 27478: Torbutton icons for dark theme
• Bug 27506+14520: Move status version to upper left corner for RTL locales
• Bug 27427: Fix NoScript IPC for about:blank by whitelisting messages
• Bug 27558: Update the link to "Your Guard note may not change" text
• Translations update
• Update Tor Launcher to 0.2.16.6
• Bug 27469: Adapt Moat URLs
• Translations update
• Clean-up
• Update NoScript to 10.1.9.6
• Bug 27763: Restrict Torbutton signing exemption to mobile
• Bug 26146: Spoof HTTP User-Agent header for desktop platforms
• Bug 27543: QR code is broken on web.whatsapp.com
• Bug 27264: Bookmark items are not visible on the boomark toolbar
• Bug 27535: Enable TLS 1.3 draft version
• Backport of Mozilla bug 1490585, 1475775, and 1489744
• OS X
• Bug 27482: Fix crash during start-up on macOS 10.9.x systems

<<Back to software description