Upgrade Tor to 0.4.8.10 from 0.4.8.5
#12617
Conversation
| $windowsInstaller = "tor-browser-windows-x86_64-portable-${version}.exe" | ||
| $macDmg = "tor-browser-macos-${version}.dmg" | ||
| $linuxTarball = "tor-browser-linux-x86_64-${version}.tar" |
There was a problem hiding this comment.
Binaries got changed. Hopefully, the dmg for macOS is still for both intel and arm64 archs.
There was a problem hiding this comment.
cr utACK. Checked binary name changes and that hashes of Linux binaries match https://www.torproject.org/dist/torbrowser/13.0.10/tor-browser-linux-x86_64-13.0.10.tar.xz.
| { OSPlatform.OSX, "ba028d74610083102c1f9cb95e6e746e3c0d374d61e275d3049729260900cb8b" }, | ||
| { OSPlatform.Windows, "33049016dd8985e97e69d89cad74b59b06488310c0be86d0f83b10ee096b7875" }, | ||
| { OSPlatform.Linux, "8f5f89e8dec6f4fa095ee10a9b16904cdb8a3d3f109d3b2929ff960ca15846ba" }, | ||
| { OSPlatform.OSX, "0360821eeb291e290f09966af87e7a1ceaba6d0a4b60e11c15249aeef288d49b" }, |
There was a problem hiding this comment.
Could this be probably extended to also check hashes of bundled dynamic libraries?
There was a problem hiding this comment.
Probably yes, but it would require a proposal how to do it so that others can easily verify. I'm not really sure what is the instrustry standard (one can hash one file at a time, keep hashing while traversing directory, etc.).
There was a problem hiding this comment.
tack 0bff633 on debian 12
successfully sent & received and did a coinjoin on mainnet.
I didn't verify all the hashes
Fixes #12347
Changelog
Changelog mentions:
Some security issues but mostly for relay operators and for onion services, and a conflux bug:
Testing
torprocess reporting it is for the arm64 arch. So that looks ok too.Resources
Older upgrades: