Download Tor Browser 11.5.5
Version 11.5.5 of Tor Browser has been released. Tor stands for The Onion Router and is a network that can be used to surf the Internet fairly anonymously. All users’ TCP traffic is routed through various Tor routers, after which it is virtually impossible for the recipient to find out who the original sender was. That information is still present within the Tor network, so that answers, of course also via the system of routers, eventually arrive at the right place. Version 11 is based on Firefox ESR 91, where version 10 was still ESR 78. The release notes for this release are as follows:
Tor Browser 11.5.5 (Android, Windows, macOS, Linux)
Tor Browser 11.5.5 backports the following security updates from Firefox ESR 102.4 to to Firefox ESR 91.13 on Windows, macOS and Linux:
- CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c
- CVE-2022-42927: Same-origin policy violation could have leaked cross-origin URLs
- CVE-2022-42928: Memory Corruption in JS Engine
- CVE-2022-42929: Denial of Service via window.print
- CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4
Tor Browser 11.5.5 updates GeckoView on Android to 102.4.0esr and includes important security updates. There were no Android-specific security updates to backport from the Firefox 106 release. The full changelog since Tor Browser 11.5.4 is:
All Platforms
- Update Translations
- Bug tor-browser-build#40649: Update meek default bridge
- Bug tor-browser-build#40654: Enable uTLS and use the full bridge line for snowflake
Windows + macOS + Linux
- UpdateManual
- Bug tor browser#40465: Onion Authentication fails when connecting to a subdomain
- Bug tor browser#41355: Amends to YEC 2022 Takeover Desktop Stable 11.5.5
- Bug tor browser#41359: Backport ESR 102.4 security fixes to 91.13-based Tor Browser
- Bug tor browser#41364: Continued amendments to YEC 2022 Takeover Desktop Stable 11.5.5
Android
- Bug tor-browser-build#40650: Rebase geckoview-102.3.0esr-11.5-1 to ESR 102.4
- Bug tor browser#41360: Backport Android-specific Firefox 106 to ESR 102.4-based Tor Browser
- Bug tor browser#41365: Amends to YEC 2022 Takeover on Android
Build
- Windows + macOS + Linux
- Update Go to 1.18.7
- Bug tor-browser-build#40464: go 1.18 fails to build on macOS
| Version number | 11.5.5 |
| Release status | Final |
| Operating systems | Windows 7, Android, Linux, macOS, Windows 8, Windows 10, Windows 11 |
| Website | The Tor Project |
| Download | |
| License type | GPL |