[Tails-dev] Tor Browser 9.5 is ready for testing (!)

Delete this message

Reply to this message
Author: Matthew Finkel
Date:  
To: tor-qa
CC: tails-dev
Subject: [Tails-dev] Tor Browser 9.5 is ready for testing (!)
Hello!

We are happy to announce the first Tor Browser 9.5 release candidate
for wider testing. Packages can be found at:

https://people.torproject.org/~gk/builds/9.5-build2/

Tor Browser 9.5 is a very exciting update as it is the first stable
release of the 9.5 series.

The full changelog since Tor Browser 9.0.10 is:

 * All Platforms
   * Update Firefox to 68.9.0esr
   * Update HTTPS-Everywhere to 2020.5.20
   * Update NoScript to 11.0.26
   * Update Tor to 0.4.3.5
   * Translations update
   * Bug 21549: Disable wasm for now until it is properly audited
   * Bug 27268: Preferences clean-up in Torbutton code
   * Bug 28745: Remove torbutton.js unused code
   * Bug 28746: Remove torbutton isolation and fp prefs sync
   * Bug 30237: Control port module improvements for v3 client authentication
   * Bug 30786: Add th locale
   * Bug 30787: Add lt locale
   * Bug 30788: Add ms locale
   * Bug 30851: Move default preferences to 000-tor-browser.js
   * Bug 30888: move torbutton_util.js to modules/utils.js
   * Bug 31134: Govern graphite again by security settings
   * Bug 31395: Remove inline script in aboutTor.xhtml
   * Bug 31499: Update libevent to 2.1.11-stable
     * Bug 33877: Disable Samples and Regression tests For Libevent Build
   * Bug 31573: Catch SessionStore.jsm exception
   * Bug 32318: Backport Mozilla's fix for bug 1534339
   * Bug 32414: Make Services.search.addEngine obey FPI
   * Bug 32493: Disable MOZ_SERVICES_HEALTHREPORT
   * Bug 32618: Backport fixes from Mozilla bugs 1467970 and 1590526
   * Bug 33342: Avoid disconnect search addon error after removal
   * Bug 33726: Fix patch for #23247: Communicating security expectations for .onion
   * Bug 34157: Backport fix for Mozilla Bug 1511941
 * Windows + OS X + Linux
   * Update Tor Launcher to 0.2.21.8
     * Translations update
     * Bug 19757: Support on-disk storage of v3 client auth keys
     * Bug 30237: Add v3 onion services client authentication prompt
     * Bug 30786: Add th locale
     * Bug 30787: Add lt locale
     * Bug 30788: Add ms locale
     * Bug 33514: non-en-US Tor Browser 9.5a6 won't start up
   * Bug 19251: Show improved error pages for onion service errors
   * Bug 19757: Support on-disk storage of v3 client auth keys
   * Bug 21952: Implement Onion-Location
   * Bug 27604: Fix broken Tor Browser after moving it to a different directory
   * Bug 28005: Implement .onion alias urlbar rewrites
   * Bug 30237: Improve TBB UI of hidden service client authorization
   * Bug 32076: Upgrade to goptlib v1.1.0
   * Bug 32220: Improve the letterboxing experience
   * Bug 32418: Allow updates to be disabled via an enterprise policy.
   * Bug 32470: Backport fix for bug 1590538
   * Bug 32645: Update URL bar onion indicators
   * Bug 32658: Create a new MAR signing key
   * Bug 32674: Point the about:tor "Get involved" link to the community portal
   * Bug 32767: Remove Disconnect search
   * Bug 33698: Update "About Tor Browser" links in Tor Browser
   * Bug 33707: Swap out onion icon in circuit display with new one
   * Bug 34032: Use Securedrop's Official https-everywhere ruleset
   * Bug 34196: Update site info URL with the onion name
   * Bug 34321: Add Learn More onboarding item
 * Windows
   * Bug 22919: Improve the random number generator for the boundaries in multipart/form-data
   * Bug 29614: Use SHA-256 algorithm for Windows timestamping
   * Bug 33113: Bump NSIS version to 3.05
 * OS X
   * Bug 32505: Tighten our rules in our entitlements file for macOS
 * Linux
   * Bug 34315: Avoid reading policies from /etc/firefox on Linux
 * Android
   * Bug 26529: Notify user about possible proxy-bypass before opening external app
   * Bug 30767: Custom obfs4 bridge does not work on Tor Browser for Android
   * Bug 32303: Obfs4 is broken on Android Q
   * Bug 33359: Use latest Version of TOPL and Remove Patches
   * Bug 33931: obfs4 bridges are used instead of meek if meek is selected in Tor Browser for Android alpha
 * Build System
   * All Platforms
     * Go to 1.13.11
     * Bug 33380: Add *.json to sha256sums-unsigned-build.txt
   * Windows
     * Bug 33802: --enable-secure-api is not supported anymore in mingw-w64
   * Linux
     * Bug 32976: Build and bundle geckodriver
     * Bug 34242: Fix creation of Linux containers
   * Android
     * Bug 28765: LibEvent Build for Android
     * Bug 28766: Tor Build for Android
     * Bug 28803: Integrate building Pluggable Transports for Android
     * Bug 30461: Clean up tor-android-service project
     * Bug 32993: Package Tor With Tor Android Service Project
     * Bug 33685: Add Support for Building zlib for Android


Thanks,
Matt