Software Update: Tor Browser 11.5.5

Spread the love

Version 11.5.5 of Tor Browser has been released. Tor stands for The Onion Router and is a network that can be used to surf the Internet fairly anonymously. All users’ TCP traffic is routed through various Tor routers, after which it is virtually impossible for the recipient to find out who the original sender was. That information is still present within the Tor network, so that answers, of course also via the system of routers, eventually arrive at the right place. Version 11 is based on Firefox ESR 91, where version 10 was still ESR 78. The release notes for this release are as follows:

Tor Browser 11.5.5 (Android, Windows, macOS, Linux)

Tor Browser 11.5.5 backports the following security updates from Firefox ESR 102.4 to to Firefox ESR 91.13 on Windows, macOS and Linux:

  • CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c
  • CVE-2022-42927: Same-origin policy violation could have leaked cross-origin URLs
  • CVE-2022-42928: Memory Corruption in JS Engine
  • CVE-2022-42929: Denial of Service via window.print
  • CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4

Tor Browser 11.5.5 updates GeckoView on Android to 102.4.0esr and includes important security updates. There were no Android-specific security updates to backport from the Firefox 106 release. The full changelog since Tor Browser 11.5.4 is:

All Platforms

Windows + macOS + Linux

Android

Build

Version number 11.5.5
Release status Final
Operating systems Windows 7, Android, Linux, macOS, Windows 8, Windows 10, Windows 11
Website The Tor Project
Download
License type GPL
.fb-background-color { background: #ffffff !important; } .fb_iframe_widget_fluid_desktop iframe { width: 100% !important; }
AndroidBrowserFirefoxmacOSMemoryRouterSoftwareTorTor BrowserWindows
Share