[tor-project] July 2017 Report for the Tor Browser Team
Georg Koppen
gk at torproject.org
Fri Aug 4 19:13:00 UTC 2017
Hi!
In July the Tor Browser team made 4 releases, Tor Browser 7.0.2[1], Tor
Browser 7.0.3[2], Tor Browser 7.5a2[3], and Tor Browser 7.5a3[4].
All four releases were out-of-bound releases fixing security issues. Tor
Browser 7.0.2 and Tor Browser 7.5a2 included updated Tor versions
(0.3.0.9 and 0.3.1.4-alpha respectively) and Tor Browser 7.0.3 and Tor
Browser 7.5a3 fixed a potential proxy bypass bug.[5] The latter two were
Linux-only releases as no other platform was affected by the problem,
which got reported in our newly launched bug bounty program provided by
HackerOne.[6]
Non-release work focused on both regressions due to our transition to
Firefox 52 ESR[7][8] and on Sponsor4 work: we got Selfrando ready to be
shipped in 32bit Linux alpha bundles[9] and are about to switch to our
new reproducible build system. The upcoming alpha series should be the
last one that is built with Gitian, which is exciting news.
The full list of tickets closed by the Tor Browser team in June is
accessible using the `TorBrowserTeam201707` keyword in our bug tracker.[10]
In August we plan to finally switch to rbm as our new tool for our
reproducible builds which then allows us to start working on Tor Browser
for 64bit Windows systems, which is due later this year[11]. Then we
hope to get our work on our Panopticlick system done so that we can make
use of it for fingerprinting statistics. Finally, we'll put some energy
on redesigning Tor Launcher with help from the UX team and network team
mainly to make it easier for censored users to get the bridges they need
to reach the Internet.[12]
All tickets on our radar for this month can be seen with the
`TorBrowserTeam201708` keyword in our bug tracker.[13]
Georg
[1] https://blog.torproject.org/blog/tor-browser-702-released
[2] https://blog.torproject.org/blog/tor-browser-703-released
[3] https://blog.torproject.org/blog/tor-browser-75a2-released
[4] https://blog.torproject.org/blog/tor-browser-75a3-released
[5] https://trac.torproject.org/projects/tor/ticket/23044
[6] https://hackerone.com/torproject
[7] https://trac.torproject.org/projects/tor/ticket/22343
[8] https://trac.torproject.org/projects/tor/ticket/22618
[9] https://trac.torproject.org/projects/tor/ticket/20848
[10]
https://trac.torproject.org/projects/tor/query?status=closed&keywords=~TorBrowserTeam201707
[11] https://trac.torproject.org/projects/tor/ticket/20636
[12] https://trac.torproject.org/projects/tor/ticket/21951
[13]
https://trac.torproject.org/projects/tor/query?status=accepted&status=assigned&status=merge_ready&status=needs_information&status=needs_review&status=needs_revision&status=new&status=reopened&keywords=~TorBrowserTeam201708&order=priority
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20170804/c87430c0/attachment.sig>
More information about the tor-project
mailing list