Hi all!
Tor Browser 7.5.4 is ready for testing. Bundles can be found on:
https://people.torproject.org/~boklm/builds/7.5.6-build4
Tor Browser 7.5.6 contains security updates to Firefox and includes
newer versions of NoScript and HTTPS Everywhere. Moreover, we added the
latest Tor stable version, 0.3.3.7.
This Tor Browser version additionally contains a number of backported
patches from the alpha, most notably the feature to treat cookies set by
.onion domain as secure as well.
For Windows users we activated an option that prevents an accidental
proxy bypass when dealing with UNC paths.
The full changelog since Tor Browser 7.5.5 is
Tor Browser 7.5.6 -- June 26 2018
* All platforms
* Update Firefox to 52.9.0esr
* Update Tor to 0.3.3.7
* Update Tor Launcher to 0.2.14.5
* Bug 20890: Increase control port connection timeout
* Update HTTPS Everywhere to 2018.6.21
* Bug 26451: Prevent HTTPS Everywhere from freezing the browser
* Update NoScript to 5.1.8.6
* Bug 21537: Mark .onion cookies as secure
* Bug 25938: Backport fix for cross-origin header leak (bug 1334776)
* Bug 25721: Backport patches from Mozilla's bug 1448771
* Bug 25147+25458: Sanitize HTML fragments for chrome documents
* Bug 26221: Backport fix for leak in SHA256 in nsHttpConnectionInfo.cpp
* Windows
* Bug 26424: Disable UNC paths to prevent possible proxy bypasses