Tor Browser 8.0.9 update resolves add-on signing issue

Tor Browser 8.0.9 was launched on May 7, 2019 to the general public. The new model addresses a serious issue in Mozilla’s add-on signing platform that precipitated verification to fail.

Tor Browser is predicated on Firefox ESR code, and since Firefox ESR, and every other model of Firefox, was affected by the issue, so was Tor Browser.

The privacy-focused browser comes with a number of add-ons put in that enhance privateness. One notable extension is NoScript because it blocks all (or most) JavaScript from execution. Scripts might serve reliable functions, e.g. present performance on web sites, however they might even be used for fingerprinting, monitoring, the serving of commercial, and even malicious assaults or the distribution of malware.

The Tor challenge knowledgeable customers of the browser concerning the issue on its web site

Tor customers discovered the add-ons NoScript, HTTPS Everywhere, Torbutton, and TorLauncher disabled, and marked as legacy extensions. The identical occurred to Firefox customers worldwide who all lost access to their installed extensions.

Mozilla fixed the issue within the meantime in Firefox (together with Firefox ESR), and Tor Browser 8.0.9 does the identical. Means, add-ons ought to present up as put in once more after Tor Browser is up to date to the brand new model or put in anew.

Note: The Brave browser supports Tor as well; it was not affected by the issue.

Tor Browser 8.0.9

tor browser 8.0.9

Tor customers and admins can download the latest version of the net browser from the official challenge web site. It is accessible for the desktop working methods Windows, Mac OS and Linux, and the cell working system Android.

You might run an update verify by opening Menu > Help > About Tor Browser.

Tor customers who use the built-in extensions or others are inspired to update to the brand new model to repair the issue. Add-ons ought to return to the enabled state mechanically after the update.

The total changelog:

Update Torbutton to

Bug 30388: Make certain the up to date intermediate certificates retains working

Backport fixes for bug 1549010 and bug 1549061 *

Bug 30388: Make certain the up to date intermediate certificates retains working *

Update NoScript to 10.6.1

Bug 29872: XSS popup with DuckDuckGo search on about:tor

Tor customers who disabled add-on signing within the browser to repair the issue briefly might wish to think about enabling it once more. This is finished by loading about:config within the browser’s tackle bar, trying to find xpinstall.signatures.required and setting the choice to True.

True implies that Firefox will confirm the certificates of put in extensions and extensions which are about to be put in within the browser. Extensions with out legitimate certificates can’t be put in or used if the setting is enabled (with some exceptions, e.g. short-term add-ons). (by way of Born)

Check Also

Windows Updates KB4541301, KB4541302 and KB4559309 replace old with new Microsoft Edge on Windows 10

Microsoft launched a Chromium-based model of the corporate’s Microsoft Edge internet browser earlier this yr. …

Leave a Reply

Your email address will not be published. Required fields are marked *