Software-update: Tor Browser 12.0.3

Versie 12.0.3 van Tor Browser is uitgekomen. Tor staat voor The Onion Router en is een netwerk dat gebruikt kan worden om redelijk anoniem over internet te surfen. Al het tcp-verkeer van gebruikers wordt langs verschillende Tor-routers geleid, waarna het voor de ontvanger vrijwel niet meer mogelijk is om te achterhalen wie de oorspronkelijke verzender was. Binnen het Tor-netwerk is die informatie nog wel aanwezig, zodat antwoorden, uiteraard ook weer via het stelsel van routers, uiteindelijk weer op de juiste plek aankomen. Versie 12 is gebaseerd op Firefox ESR 102, waar dat bij versie 11 nog ESR 91 was. De releasenotes voor deze uitgave zien er als volgt uit:

Tor Browser 12.0.3

This release updates Firefox to 102.8, including bug fixes, stability improvements and important security updates. There were no Android-specific security updates to backport from the Firefox 110 release. We use this opportunity to update various components of Tor Browser as well:

• NoScript 11.4.16
• OpenSSL 1.1.1t

We would like to thank all of the community volunteers for their contributions this month! The full changelog since Tor Browser 12.0.2 is:

All Platforms

• Updated Translations
• Updated OpenSSL to 1.1.1t
• Updated NoScript to 11.4.16
• Bug tor-browser#40763: Stop using remote localized files in CFR
• Bug tor-browser#41424: Reduce disk activity by disabling some unnecessary tasks and telemetry
• Bug tor-browser#41565: Gate Telemetry Tasks behind AppConstants.MOZ_TELEMETRY_REPORTING
• Bug tor-browser#41601: Apply Snowflake Remove HelloVerify Countermeasure

Windows + macOS + Linux

• Updated Firefox to 102.8esr
• Bug tor-browser#32274: Bad screen-reader UX for Security Level/Shield button
• Bug tor-browser#41066: Circuit Isolation should take containers into account
• Bug tor-browser#41561: Maximize warning is broken (regression)
• Bug tor-browser#41572: Check for userContextId also in the circuit display
• Bug tor-browser#41588: Use better words for the Tor Network description in the onboarding

Windows

• Bug tor-browser#40717: UX: hide SSO
• Bug tor-browser#41578: Disable and lock Windows SSO

macOS

• Bug tor-browser-build#28124: Show Tor Browser icon as macOS volume (dmg) icon

Android

• Updated GeckoView to 102.8esr
• Bug tor-browser#40283: Can't upload files with Tor browser on Android
• Bug tor-browser#40536: Proxy Refused if link from other app opens Android TBB
• Bug tor-browser#41616: Backport Android-specific security fixes from Firefox 110 to ESR 102.8-based Tor Browser

Build System

• All Platforms
  • Bug tor-browser-build#40723: Update upload-update_responses-to-staticiforme step for new tor-browser-update-responses repository
  • Bug tor-browser-build#40747: Remove empty line at the top of sha256sums-unsigned-build.txt
  • Bug tor-browser-build#40748: When sha256sums-unsigned-build.txt contains an empty line, tools/dmg2mar prints a warning
• macOS
  • Bug tor-browser-build#40744: HFS DMG are not deterministic
  • Bug tor-browser-build#40755: libdmg-hfsplus fails to build on debian stable
• Android
  • Bug tor-browser-build#40752: Wrong urls in download-android-*.json files