TorBrowser versions 7.0.8 and below for Mac OS X and Linux are affected by a critical security issue. According to the Tor Project, further details will be released in the near future. Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser.
98ad8fa1e2be0c10bbbb3b46fcb9cb4ff3e65dec0ce7c05e95e2dbb0691343c0