AfterDawn.com
AfterDawn > Software downloads > Network > Miscellaneous network tools > Tor Browser Bundle > Version history

Version history for Tor Browser Bundle

<<Back to software description

Changes for v2.3.25-6 - v2.3.25-8

  • Update Firefox to 17.0.6esr
  • Update HTTPS Everywhere to 3.2
  • Update Torbutton to 1.5.2
  • Update libpng to 1.5.15
  • Update NoScript to 2.6.6.1
  • Firefox patch changes:
  • Apply font limits to @font-face local() fonts and disable fallback
  • rendering for @font-face. (closes: #8455)
  • Use Optimistic Data SOCKS handshake (improves page load performance).
  • (closes: #3875)
  • Honor the Windows theme for inverse text colors (without leaking those
  • colors to content). (closes: #7920)
  • Increase pipeline randomization and try harder to batch pipelined
  • requests together. (closes: #8470)
  • Fix an image cache isolation domain key misusage. May fix several image
  • cache related crash bugs with New Identity, exit, and certain websites.
  • (closes: #8628)
  • Torbutton changes:
  • Allow session restore if the user allows disk actvity (closes: #8457)
  • Remove the Display Settings panel and associated locales (closes: #8301)
  • Fix "Transparent Torification" option. (closes: #6566)
  • Fix a hang on New Identity. (closes: #8642)
  • Build changes:
  • Fetch our source deps from an https mirror (closes: #8286)
  • Create watch scripts for syncing mirror sources and monitoring mirror
  • integrity (closes: #8338)


Changes for v2.3.25-4 - v2.3.25-5

  • Update Firefox to 17.0.4esr
  • Update NoScript to 2.6.5.8
  • Update HTTPS Everywhere to 3.1.4
  • Fix non-English language bundles to have the correct branding
  • Firefox patch changes:
  • Remove "This plugin is disabled" barrier
  • This improves the user experience for HTML5 Youtube videos:
  • They "silently" attempt to load flash first, which was not so silent
  • with this barrier in place.
  • Disable NoScript's HTML5 media click-to-play barrier
  • Fix a New Identity hang and/or crash condition
  • Fix crash with Drag + Drop on Windows
  • Torbutton changes:
  • Fix Drag+Drop crash by using a new TBB drag observer
  • Fix XML/E4X errors with Cookie Protections
  • Don't clear cookies at shutdown if user wants disk history
  • Leave IndexedDB and Offline Storage disabled.
  • Clear DOM localStorage on New Identity.
  • Don't strip "third party" HTTP auth from favicons
  • Localize the "Spoof english" button strings
  • Ask user for confirmation before enabling plugins
  • Emit private browsing session clearing event on "New Identity"


Changes for v2.3.25-2 - v2.3.25-4

  • Update Firefox to 17.0.3esr
  • Downgrade OpenSSL to 1.0.0k
  • Update libpng to 1.5.14
  • Update NoScript to 2.6.5.7
  • Firefox patch changes:
  • Exempt remote @font-face fonts from font limits (and prefer them).
  • (closes: #8270)
  • Remote fonts (aka "User Fonts") are not a fingerprinting threat, so
  • they should not count towards our CSS font count limits. Moreover,
  • if a CSS font-family rule lists any remote fonts, those fonts are
  • preferred over the local fonts, so we do not reduce the font count
  • for that rule.
  • This vastly improves rendering and typography for many websites.
  • Disable WebRTC in Firefox build options. (closes: #8178)
  • WebRTC isn't slated to be enabled until Firefox 18, but the code
  • was getting compiled in already and is capable of creating UDP Sockets
  • and bypassing Tor. We disable it from build as a safety measure.
  • Move prefs.js into omni.ja and extension-overrides. (closes: #3944)
  • This causes our browser pref changes to appear as defaults. It also
  • means that future updates of TBB should preserve user pref settings.
  • Fix a use-after-free that caused crashing on MacOS (closes: #8234)
  • Eliminate several redundant, useless, and deprecated Firefox pref settings
  • Report Firefox 17.0 as the Tor Browser user agent
  • Use Firefox's click-to-play barrier for plugins instead of NoScript
  • Set the Tor SOCKS+Control ports to 9150, 9151 respectively on all platforms
  • This fixes a SOCKS race condition with our SOCKS autoport configuration
  • and HTTPS-Everywhere's Tor test. Firefox 17 appears to cache proxy
  • settings per URL now, which resulted in a proxy error for
  • check.torproject.org if we lost the race.
  • Torbutton was updated to 1.5.0. The following issues were fixed:
  • Remove old toggle observers and related code (closes: #5279)
  • Simplify Security Preference UI and associated pref updates (closes: #3100)
  • Eliminate redundancy in our Flash/plugin disabling code (closes: #7470)
  • Leave most preferences under Tor Browser's control (closes: #3944)
  • Disable toggle-on-startup and crash detection logic (closes: #7974)
  • Disable/remove toggle-mode code and related observers (closes: #5379)
  • Add menu hint to Torbutton icon (closes: #6431)
  • Make Torbutton icon flash a warning symbol if TBB is out of date (closes: #7495)
  • Perform version check every time there's a new tab. (closes: #6096)
  • Rate limit version check queries to once every 1.5hrs max. (closes: #6156)
  • misc: Allow WebGL and DOM storage.
  • misc: Disable independent Torbutton updates
  • misc: Change the recommended SOCKSPort to 9150 (to match TBB)
  • The following Firefox patch changes are also included in this release:
  • Isolate image cache to url bar domain (closes: #5742 and #6539)
  • Enable DOM storage and isolate it to url bar domain (closes: #6564)
  • Include nsIHttpChannel.redirectTo API for HTTPS-Everywhere (closes: #5477)
  • Misc preference changes:
  • Disable DOM performance timers (dom.enable_performance) (closes: #6204)
  • Disable HTTP connection retry timeout (network.http.connection-retry-timeout) (closes: #7656)
  • Disable full path information for plugins (plugin.expose_full_path) (closes: #6210)
  • Disable NoScript's block of remote WebFonts (noscript.forbidFonts) (closes: #7937)


Changes for v2.3.25-1 - v2.3.25-2

  • Update Firefox to 10.0.12esr
  • Update Libevent to 2.0.21-stable
  • Update HTTPS Everywhere to 3.1.2
  • Update NoScript to 2.6.4.2


Changes for v2.2.39-5 - v2.3.25-1

  • Update Tor to 0.2.3.25
  • Update Firefox 10.0.11esr
  • Update Vidalia to 0.2.21
  • Update NoScript to 2.6.2


Changes for v2.2.39-4 - v2.2.39-5

  • Update Firefox to 10.0.10esr
  • Update NoScript to 2.5.9


Changes for v2.2.39-3 - v2.2.39-4

  • Update Firefox patches to prevent crashing (closes: #7128)
  • Update HTTPS Everywhere to 3.0.2
  • Update NoScript to 2.5.8


Changes for v2.2.39-1 - v2.2.39-3

  • Update Firefox to 10.0.9esr
  • Update Torbutton to 1.4.6.3
  • Update NoScript to 2.5.7
  • Update HTTPS Everywhere to 2.2.2
  • Update libpng to 1.5.13


Changes for v2.2.38-2 - v2.2.39-1

  • Update Tor to 0.2.2.39
  • Update NoScript to 2.5.4


Changes for v2.2.38-1 - v2.2.38-2

  • Update Firefox to 10.0.7esr
  • Update Libevent to 2.0.20-stable
  • Update NoScript to 2.5.2
  • Update HTTPS Everywhere to 2.2.1


Changes for v2.2.37-2 - v2.2.38-1

  • Update Tor to 0.2.2.38
  • Update NoScript to 2.5
  • Update HTTPS Everywhere to 2.1


Changes for v2.2.37-2 - v2.3.20 alpha 1

  • Update Tor to 0.2.3.20-rc
  • Update NoScript to 2.5
  • Change the urlbar search engine to Startpage
  • Firefox patch updates:
  • Fix the Tor Browser SIGFPE crash bug
  • Add a redirect API for HTTPS-Everywhere
  • Enable WebGL (as click-to-play only)


Changes for v2.2.35-11 - v2.2.35-12

  • Update OpenSSL to 1.0.1c
  • Update Libevent to 2.0.19-stable
  • Update zlib to 1.2.7
  • Update NoScript to 2.4.1


Changes for v2.2.35-9 - v2.2.35-11

  • Security release to stop TorBrowser from bypassing SOCKS proxy DNS configuration
  • New Firefox patches:
  • Prevent WebSocket DNS leak (closes: #5741)
  • Fix a race condition that could be used to link browsing sessions together when using new identity from Tor Browser (closes: #5715)
  • Remove extraneous BetterPrivacy settings from prefs.js (closes: #5722)
  • Fix the mozconfig options for OS X so that it really builds everything with clang instead of llvm-gcc


Changes for v2.2.35-8 - v2.2.35-9

  • Update Firefox to 12.0
  • Update OpenSSL to 1.0.1b
  • Update Libevent to 2.0.18-stable
  • Update Qt to 4.8.1
  • Update Libpng to 1.5.10
  • Update HTTPS Everywhere to 2.0.2
  • Update NoScript to 2.3.9
  • Rebrand Firefox to TorBrowser (closes: #2176)
  • New Firefox patches
  • Make Download Manager memory-only (closes: #4017)
  • Add DuckDuckGo and Startpage to Omnibox (closes: #4902)
  • Add Steven Michaud's OS X crash fix patch. It doesn't fix #5021 but will hopefully help us debug further. See also:
  • https://bugzilla.mozilla.org/show_bug.cgi?id=715885#c35
  • Make the 32-bit Tor Browser Bundle compatible with OS X 10.5


Changes for v2.2.35-7.1 - v2.2.35-8

  • Update Firefox to 11.0
  • Update OpenSSL to 1.0.0h
  • Update NoScript to 2.3.4
  • Update HTTPS Everywhere to 2.0.1
  • Always build to with warnings enabled (closes: #4470)
  • Disable HTTPS Everywhere SSL Observatory screen (closes: #5300)
  • Windows
  • Remove tor-resolve from the Windows bundle (closes: #5403)
  • Mac OS X
  • Give OS X users below 10.5 an incompatibility message (closes: #4356)
  • Linux
  • Don't attempt to load the default KDE 4 theme from Vidalia, because that fails when the Qt versions don't match (closes: #5214)


Changes for v2.3.25-2 - v2.3.25-3

  • Update OpenSSL to 1.0.1d
  • Update HTTPS Everywhere to 3.1.3
  • Update NoScript to 2.6.4.4


<<Back to software description

Subscribe to AfterDawn's weekly newsletter.

Popular products:

Hot forum topics right now:

More information:

© 1999-2013 AfterDawn Oy rev5333

For information about advertising on AfterDawn.com, please contact our media sales team.