New Release: Tor Browser 8.5a4

by boklm | October 23, 2018

Tor Browser 8.5a4 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Highlights in Tor Browser 8.5a4 are a new Tor alpha version, 0.3.5.3-alpha, a fixed layout of our macOS installer window and Stylo (Mozilla's new CSS engine) being enabled on macOS after fixing a reproducibility issues. Please report any problems you find with those macOS related changes as we think about backporting them for the stable series.

Moreover, we backport a defense against protocol handler enumeration developed by Mozilla engineers and provide Tor Browser on all supported platforms in four additional locales: cs, el, hu, and ka.

Note: It turned out it was a bit premature to ship the new locales as we did not catch bugs in them last minute, so we don't make them available on our download page. Sorry for the inconvenience.

 

The full changelog since Tor Browser 8.5a3 is:

  • All Platforms
    • Update Firefox to 60.3.0esr
    • Update Tor to 0.3.5.3-alpha
    • Update Torbutton to 2.1.1
    • Update Tor Launcher to 0.2.17
    • Update HTTPS Everywhere to 2018.9.19
    • Update NoScript to 10.1.9.9
    • Bug 1623: Block protocol handler enumeration (backport of fix for #680300)
    • Bug 27905: Fix many occurrences of "Firefox" in about:preferences
    • Bug 28082: Add locales cs, el, hu, ka
  • Windows
    • Bug 21704: Abort install if CPU is missing SSE2 support
    • Bug 28002: Fix the precomplete file in the en-US installer
  • OS X
    • Bug 26263: App icon positioned incorrectly in macOS DMG installer window
    • Bug 26475: Fix Stylo related reproducibilitiy issue
  • Linux
    • Bug 26475: Fix Stylo related reproducibilitiy issue
    • Bug 28022: Use `/usr/bin/env bash` for bash invocation
  • Android
    • Backport of fixes for bug 1448014, 1458905, 1441345, and 1448305
  • Build System
    • All Platforms
      • Bug 27218: Generate multiple Tor Browser bundles in parallel
    • Windows
    • OS X

Comments

Please note that the comment area below has been archived.

Anonymous (not verified) said:

October 23, 2018

Permalink

00:48:25.836 this.browser is null 1 ext-tabs-base.js:298
get frameLoader chrome://extensions/content/ext-tabs-base.js:298:5
get frameLoader chrome://browser/content/ext-browser.js:605:5
get width chrome://browser/content/ext-browser.js:678:5
convert chrome://extensions/content/ext-tabs-base.js:579:7
get chrome://browser/content/ext-tabs.js:572:18
next self-hosted:1214:9
get self-hosted:977:17
call/result< resource://gre/modules/ExtensionParent.jsm:772:57
withPendingBrowser resource://gre/modules/ExtensionParent.jsm:427:26
next self-hosted:1214:9
call resource://gre/modules/ExtensionParent.jsm:771:20
next self-hosted:1214:9
torbutton_send_ctrl_cmd chrome://torbutton/content/torbutton.js:770:10
torbutton_do_new_identity chrome://torbutton/content/torbutton.js:1143:10
torbutton_new_identity chrome://torbutton/content/torbutton.js:867:9
oncommand chrome://browser/content/browser.xul:1:1

Well, requests for cached items should not hit the network. Thus, that might be a misleading log line in that the request is later on cancelled internally (i.e. the resource gets loaded from the cache but the request is not going out over the network).

Anonymous (not verified) said:

October 24, 2018

Permalink

Don't they check the server if content modified? Why does Torbutton refresh the catch-all circuit to fulfill those requests?

anon (not verified) said:

October 24, 2018

Permalink

My TOR auto-updated. My Anti-virus red flagged PINGSENDER.EXE as malicious. Just letting you know.

Thanks for the free software GK. We appreciate your efforts too.

Anonymous (not verified) said:

October 24, 2018

Permalink

I'm not sure if this is the right place to ask, but is it safe to use a download manager together with TOR? Which one is recommended (IDM?)

Alex (not verified) said:

October 24, 2018

Permalink

Hello, I've said this on every update post since the 'Quantum' upgrade:
- Tor doesn't remember the size that it was left on before closing, so when it opens again it ends up being in a very specific and unique size for those of us that have tabs open.
- Tor is not allowing me to login to disqus, no matter what I add to the whitelist.
- Can you bring back the Sync function?

I've tried to fix those issues on Windows 7, Ubuntu 16.04, Ubuntu 18 and Windows Vista with no success.

Anonymous (not verified) said:

October 25, 2018

Permalink

(#2) Error Killing GPU process due to IPC reply timeout
(#3) Error Failed to connect GPU process
(#4) Error Receive IPC close with reason=AbnormalShutdown

Maria (not verified) said:

October 25, 2018

Permalink

Guys, Google Safe Browsing and Google itself should not be within a privacy software like Tor.

Please get rid of Google from future releases.

Thanks.

Anonymous (not verified) said:

October 26, 2018

Permalink

07:38:52.125 Can not decrement crashed tab count to below 0 ContentCrashHandlers.jsm:528
onAboutTabCrashedUnload resource:///modules/ContentCrashHandlers.jsm:528:7
receiveMessage resource:///modules/ContentCrashHandlers.jsm:188:9
receiveMessage self-hosted:977:17
callListeners resource://gre/modules/RemotePageManager.jsm:33:9
portMessageReceived resource://gre/modules/RemotePageManager.jsm:123:5
portMessageReceived self-hosted:977:17
callListeners resource://gre/modules/RemotePageManager.jsm:33:9
ChromeMessagePort.prototype.observe resource://gre/modules/RemotePageManager.jsm:361:3

Anonymous (not verified) said:

October 26, 2018

Permalink

[10-27 00:09:27] Torbutton INFO: This is not a Tor Browser: TypeError: m_tb_prefs is undefined
TypeError: m_tb_prefs is undefined[Learn More] torbutton.js:237:7
torbutton_donation_banner_countdown chrome://torbutton/content/torbutton.js:237:7
torbutton_init chrome://torbutton/content/torbutton.js:354:5
if you copy TBB to a different folder on Windows :(

Ronkan555 (not verified) said:

October 27, 2018

Permalink

Just downloaded tor. then onion would not let me download the opposite way thought you had to download onion first, also i have ip vanish turned on does that help?

Anonymous (not verified) said:

November 01, 2018

Permalink

0:07:30.957 NS_ERROR_NOT_AVAILABLE: Component returned failure code: 0x80040111 (NS_ERROR_NOT_AVAILABLE) [nsIDOMWindowUtils.isParentWindowMainWidgetVisible] 1 nsPrompter.js:339

Tor-ET (not verified) said:

November 13, 2018

Permalink

1

1-unable to request bridges within TOR get error 500
2-the webpage to request bridges is not functioning

NoobQ (not verified) said:

November 15, 2018

Permalink

Here is one more web site https://browserleaks.com/ip

Passive, SYN Linux 2.2.x-3.x | Language: Unknown | Link: Ethernet or modem | MTU: 1500 | Distance: 5 Hops

User-Agent Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0

I am using Ubuntu 18.04 for testing

Anonymous (not verified) said:

November 16, 2018

Permalink

I use separate TBB with disabled scripts (javascript.enabled=false). Is it safe to completely disable (or remove) NS plugin in this case? I want to do it because NS slows down my tor browser.

Anonymous (not verified) said:

November 21, 2018

Permalink

"we are adding a notification to our Firefox Quantum browser that alerts desktop users when they visit a site that has had a recently reported data breach. We’re bringing this functionality to Firefox users in recognition of the growing interest in these types of privacy- and security-centric features."

Bring back Tor (not verified) said:

November 28, 2018

Permalink

2 months and Tor 8.0-8.5 wont start without displaying anything. The voluntarily turned on log shows:
"Error: the firefox package (version 60 or more) is not installed.
On CentOS/RHEL 6, Tor Browser requires the firefox package to be installed."
Always downgrading to v7 by overwriting directory contents, and that works.

Tor doesn't wo… (not verified) said:

November 28, 2018

Permalink

Since v8 i'm paralyzed by this on CentOS:
libgtk-3.so.0: cannot open shared object file: No such file or directory
Couldn't load XPCOM.
No sudo.

Anonymous (not verified) said:

December 01, 2018

Permalink

NoScript is still not saving per site permissions. This is seriously annoying, preventing me from customizing which sites I trust or not, while turning script fully on by default, every time Tor Browser is restarted! As it's been several iterations now since this bug has been active, I'm going right back to an older version of Tor Browser until it's fixed.