Tor Browser 8.0.9 was launched on May 7, 2019 to the general public. The new model addresses a serious issue in Mozilla’s add-on signing platform that precipitated verification to fail.
Tor Browser is predicated on Firefox ESR code, and since Firefox ESR, and every other model of Firefox, was affected by the issue, so was Tor Browser.
The Tor challenge knowledgeable customers of the browser concerning the issue on its web site
Tor customers discovered the add-ons NoScript, HTTPS Everywhere, Torbutton, and TorLauncher disabled, and marked as legacy extensions. The identical occurred to Firefox customers worldwide who all lost access to their installed extensions.
Mozilla fixed the issue within the meantime in Firefox (together with Firefox ESR), and Tor Browser 8.0.9 does the identical. Means, add-ons ought to present up as put in once more after Tor Browser is up to date to the brand new model or put in anew.
Note: The Brave browser supports Tor as well; it was not affected by the issue.
Tor Browser 8.0.9
Tor customers and admins can download the latest version of the net browser from the official challenge web site. It is accessible for the desktop working methods Windows, Mac OS and Linux, and the cell working system Android.
You might run an update verify by opening Menu > Help > About Tor Browser.
Tor customers who use the built-in extensions or others are inspired to update to the brand new model to repair the issue. Add-ons ought to return to the enabled state mechanically after the update.
The total changelog:
Update Torbutton to 2.zero.13
Bug 30388: Make certain the up to date intermediate certificates retains working
Backport fixes for bug 1549010 and bug 1549061 *
Bug 30388: Make certain the up to date intermediate certificates retains working *
Update NoScript to 10.6.1
Bug 29872: XSS popup with DuckDuckGo search on about:tor
Tor customers who disabled add-on signing within the browser to repair the issue briefly might wish to think about enabling it once more. This is finished by loading about:config within the browser’s tackle bar, trying to find xpinstall.signatures.required and setting the choice to True.
True implies that Firefox will confirm the certificates of put in extensions and extensions which are about to be put in within the browser. Extensions with out legitimate certificates can’t be put in or used if the setting is enabled (with some exceptions, e.g. short-term add-ons). (by way of Born)