Only the current release, the latest tag, and the current stable Tor version (e.g., 0.4.8.11) are supported. See README.md for a list of currently supported tags. All other tags will not receive updates.

If you have found a vulnerability in Tor, please email security@torproject.org. See Tor’s bug-reporting guidelines for details.

If you discover a potential vulnerability in this Docker image, please submit it privately via the security report form.
See the GitHub documentation for details.

Report vulnerabilities in third-party modules to the person or team maintaining the module.

The issue will be published as a security advisory.

I will update the supported tags as soon as a new Tor or Alpine release is available. Please give me three days to perform and test the update. I will also periodically rebuild the image to include updated Alpine packages with important security fixes.

The following automated tools are used to keep track of updated packages and known security problems:

• Dependabot: Automated dependency updates built into GitHub.
• Grype: A vulnerability scanner for container images and filesystems.
• Codacy Security Scan: Code quality scanner.