Hi all, In January, the Tor Browser team made 6 releases: 5.0.7[1], 5.5a6[2], 5.5a6-hardened[3] + 5.5[4], 6.0a1[5] and 6.0a1-hardened[6].
The first three releases were due to a potentially exploitable crash[7] while the three releases at the end of January incorporated the security fixes Mozilla is providing every six weeks to its Firefox ESR. We are excited to have Tor Browser 5.5 as our new major stable release. It contains a number of new features and bugfixes, most notably a defense against font enumeration which we developed over the past weeks and months. Moreover, we made progress on our usability side by shipping Tor Browser in an additional locale, Japanese, by polishing our about:tor page and by showing the changes in the new Tor Browser version immediately after an update. Tor Browser 6.0a1 and 6.0a1-hardened make further progress on our usability front by improving the setup wizard UI flow[8]. The full list of tickets closed by the Tor Browser team in January can be seen using the TorBrowserTeam201601 tag on our bug tracker[9]. For February we plan to release a fixup stable release, 5.5.1, which addresses major problems which our users noticed with the switch to 5.5: usability issues due to our font enumeration defense[10][11] and broken websites using the window.name attribute in iframes[12]. Further, we plan to fix the remaining bug for signing Tor Browser on OS X and hope to get that tested in the upcoming alpha release[13]. Additionally, we are starting to look closer at tasks related to the forthcoming switch to Firefox ESR 45, starting with rebasing our patches and fixing our toolchains[14][15]. The full list of tickets the Tor Browser team plans to work on in February can be seen with the TorBrowserTeam201602 tag on our bug tracker[16]. Georg [1] https://blog.torproject.org/blog/tor-browser-507-released [2] https://blog.torproject.org/blog/tor-browser-55a6-released [3] https://blog.torproject.org/blog/tor-browser-55a6-hardened-released [4] https://blog.torproject.org/blog/tor-browser-55-released [5] https://blog.torproject.org/blog/tor-browser-60a1-released [6] https://blog.torproject.org/blog/tor-browser-60a1-hardened-released [7] https://bugs.torproject.org/17931 [8] https://bugs.torproject.org/11773 [9] https://trac.torproject.org/projects/tor/query?status=closed&keywords=~TorBrowserTeam201601 [10] https://bugs.torproject.org/18169 [11] https://bugs.torproject.org/18172 [12] https://bugs.torproject.org/18168 [13] https://bugs.torproject.org/13252 [14] https://bugs.torproject.org/15197 [15] https://bugs.torproject.org/18226 [16] https://trac.torproject.org/projects/tor/query?keywords=~TorBrowserTeam201602
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-reports mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-reports
