New Alpha Release: Tor Browser 12.5a6 (Android, Windows, macOS, Linux)

by richard | May 24, 2023

Tor Browser 12.5a6 is now available from the Tor Browser download page and also from our distribution directory.

This release updates Firefox 102.11.0esr, including bug fixes, stability improvements and important security updates. There were no Android-specific security updates to backport from the Firefox 113 release.

Build-Signing Infrastructure Updates

We are in the process of updating our build signing infrastructure, and unfortunately are unable to ship code-signed 12.5a6 installers for Windows systems currently. Therefore we will not be providing full Window installers for this release. However, automatic build-to-build upgrades from 12.5a4 and 12.5a5 should continue to work as expected.

Full changelog

The full changelog since Tor Browser 12.5a5 is:


This is a companion discussion topic for the original entry at https://blog.torproject.org/new-alpha-release-tor-browser-125a6/
2 Likes

Could we please get further details on this? Clicking the link gives 404. If low is in relation to level of danger then shouldn’t it actually be considered high since it allows unique fingerprinting via JavaScript. Thanks.

@Screen We’ve just set the ticket’s visibility to public, if you’d like to give the link another go!

1 Like

Thanks, is there any way to know if this exploit has been used against me and could I tell if a page uses this vulnerability by using ‘view-source:’ in the URL bar?

I suspect @ma1 might be able to help you here :slight_smile:

1 Like

Unless you manually pasted data: URIs in the navigation bar or you’ve got one bookmarked and opened the bookmark, there’s no way this could be used against you (just clicking a link from a web page didn’t work).
In other words, quite a bit of social engineering was required and that’s why the security auditors rated it low.

2 Likes

That is reassuring to know, many thanks