Tor Browser 4.0.8 released

Mike Perry announced the release of Tor Browser 4.0.8, a new stable release by the Tor Browser team. This version is exactly the same as 4.0.7, which was briefly advertised to users last week but then withdrawn because a bug would have caused it to endlessly recommend updating. This release includes Tor 0.2.5.12, which fixes the recent onion service and client crash bugs.

tor-browser40-01

Both 4.0.7 and 4.0.8 contain an update to the included Tor software, to fix two crash bugs in the version of the Tor software included prior to 4.0.7. One crash bug affects only people using the bundled tor binary to run hidden services, and the other crash bug allows a malicious website or Tor exit node to crash the underlying tor client by inducing it to load a resource from a hidden service with a malformed descriptor. These bugs do not allow remote code execution, but because they can be used by arbitrary actors to perform a denial of service, we are issuing a security update to address them.

Tor Browser 4.0.8 changelog

All Platforms

  • Bug 15637: Fix update loop due to improper versioning
  • Update Tor to 0.2.5.12
  • Update NoScript to 2.6.9.21

Install Tor Browser 4.0.8 on Ubuntu OS

sudo add-apt-repository ppa:webupd8team/tor-browser

sudo apt-get update

sudo apt-get install tor-browser
 
comments powered by Disqus