Everyone needs to upgrade their TorBrowser, and TAILS if you run it.
https://blog.torproject.org/blog/tor-browser-65-released
This release features important security updates to Firefox.
This is a major release and the first one in the 6.5 series. First of all it fixes the usual critical bugs in Firefox by updating to ESR 45.7.0. It contains version updates to other bundle components as well: Tor to 0.2.9.9, OpenSSL to 1.0.2j, HTTPS-Everywhere to 5.2.9, and NoScript to 2.9.5.3.
Besides those updates Tor Browser 6.5 ships with a lot of the improvements we have been working on in the past couple of months.
On the security side we always block remote JAR files now and remove the support for SHA-1 HPKP pins. Additionally we backported from an other firefox branch patches to mark JIT pages as non-writable and other crash fixes that could disrupt a Tor Browser session quite reliably.
With respect to user tracking and fingerprinting we now isolate SharedWorker script requests to the first party domain. We improved our timer resolution spoofing and reduced the timing precision for AudioContext, HTMLMediaElement, and Mediastream elements. We stopped user fingerprinting via internal resource:// URLs, and for Windows users we fixed a regression introduced in Tor Browser 6.0 which could leak the local timezone if JavaScript were enabled.
A great deal of our time was spent on improving the usability of Tor Browser. We redesigned the security slider and improved its labels. We moved a lot of Torbutton's privacy settings directly into the respective Firefox menu making it cleaner and more straightforward to use. Finally, we moved as many Torbutton features as possible into Firefox to make it easier for upstreaming them. This allowed us to resolve a couple of window resizing bugs that piled on over the course of the past years.
https://tails.boum.org/news/version_2.10/index.en.html
Upgrade Tor to 0.2.9.9. Upgrade Tor Browser to 6.5. Upgrade Linux to 4.8. This should improve the support for newer hardware (graphics, Wi-Fi, etc.) Upgrade Icedove to 45.6.0. Replace AdBlock Plus with uBlock Origin. Configure the APT package manage to use Debian's Onion services. Install the AMDGPU display driver. This should improve the support for newer AMD graphics adapters. Renamed the Boot Loader Menu entries from "Live" to "Tails", and replaced the confusing "failsafe" wording with "Troubleshooting Mode". Add support for exFAT. Remove Nyx (previously called arm). Rewrite Tor control port filter entirely. Now Tails can safely support OnionShare, the circuit view of Tor Browser, and similar. This also enabled Whonix to replace their own similar piece of software with this one.
Stay safe everyone!
Omg best Tor update ever "This allowed us to resolve a couple of window resizing bugs that piled on over the course of the past years."