[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24138 [Applications/Tor Browser]: Older version of Tor Browser not updating

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #24138 [Applications/Tor Browser]: Older version of Tor Browser not updating
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 06 Nov 2017 20:44:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 06 Nov 2017 15:44:25 -0500
In-reply-to: <047.b9fe461a777a134d83bbf4bab42a473e@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.b9fe461a777a134d83bbf4bab42a473e@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#24138: Older version of Tor Browser not updating
--------------------------------------+-----------------------------------
 Reporter:  lizzard                   |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_information
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+-----------------------------------

Comment (by gk):

 Replying to [comment:4 mcs]:
 > It may be difficult to fix this now. Opening Tor Browser 4.5.3, using
 about:config to set `app.update.log = true`, and opening the Browser
 Console reveals that the update URL used is:
 >
 https://www.torproject.org/dist/torbrowser/update_2/release/Darwin_x86_64-gcc3/4.5.3
 /en-US?force=1
 >
 > An update check results in this error:
 > Expected certificate attribute 'issuerName' value incorrect, expected:
 'CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert
 Inc,C=US', got: 'CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US'.
 >
 > This happens because 4.5.3 includes some built-in checks to ensure that
 the browser is talking to the correct update server, but unfortunately we
 have switched from a DigiCert issued certificate to one from Let's
 Encrypt. I am not sure how to avoid this problem without running a server
 that uses a certificate from the older CA... forever.

 So, 2) is even worse than I assumed without checking, *sigh*. But there is
 still 1). Could we do something about the false feedback in the About Tor
 Browser menu?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24138#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #24138 [- Select a component]: Older version of Tor Browser not updating
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #23136 [Applications/Tor Launcher]: moat integration (fetch bridges for the user)
Next by Author: Re: [tor-bugs] #22895 [Core Tor/Tor]: Unused variables in donna's SSE2 header
Previous by thread: Re: [tor-bugs] #24138 [Applications/Tor Browser]: Older version of Tor Browser not updating
Next by thread: Re: [tor-bugs] #24138 [Applications/Tor Browser]: Older version of Tor Browser not updating
Index(es):
- Author
- Thread