October 2024 - tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-update-responses][main] alpha: new version, 14.0a8
by morgan (＠morgan) 07 Oct '24

07 Oct '24

morgan pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: e02b3c8e by Morgan at 2024-10-07T20:09:20+00:00 alpha: new version, 14.0a8 - - - - - 30 changed files: - update_3/alpha/.htaccess - update_3/alpha/13.5a10-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/13.5a10-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/13.5a10-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/13.5a10-14.0a8+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/13.5a10-14.0a7+13.5a11-macos-ALL.xml → update_3/alpha/13.5a10-14.0a8+13.5a11-macos-ALL.xml - update_3/alpha/13.5a10-14.0a7+13.5a11-windows-i686-ALL.xml → update_3/alpha/13.5a10-14.0a8+13.5a11-windows-i686-ALL.xml - update_3/alpha/13.5a10-14.0a7+13.5a11-windows-x86_64-ALL.xml → update_3/alpha/13.5a10-14.0a8+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/13.5a8-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/13.5a8-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/13.5a8-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/13.5a8-14.0a8+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/13.5a8-14.0a7+13.5a11-macos-ALL.xml → update_3/alpha/13.5a8-14.0a8+13.5a11-macos-ALL.xml - update_3/alpha/13.5a8-14.0a7+13.5a11-windows-i686-ALL.xml → update_3/alpha/13.5a8-14.0a8+13.5a11-windows-i686-ALL.xml - update_3/alpha/13.5a8-14.0a7+13.5a11-windows-x86_64-ALL.xml → update_3/alpha/13.5a8-14.0a8+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/13.5a9-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/13.5a9-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/13.5a9-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/13.5a9-14.0a8+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/13.5a9-14.0a7+13.5a11-macos-ALL.xml → update_3/alpha/13.5a9-14.0a8+13.5a11-macos-ALL.xml - update_3/alpha/13.5a9-14.0a7+13.5a11-windows-i686-ALL.xml → update_3/alpha/13.5a9-14.0a8+13.5a11-windows-i686-ALL.xml - update_3/alpha/13.5a9-14.0a7+13.5a11-windows-x86_64-ALL.xml → update_3/alpha/13.5a9-14.0a8+13.5a11-windows-x86_64-ALL.xml - − update_3/alpha/14.0a4-14.0a7+13.5a11-macos-ALL.xml - update_3/alpha/14.0a5-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/14.0a5-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/14.0a4-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/14.0a5-14.0a8+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/14.0a5-14.0a7+13.5a11-macos-ALL.xml → update_3/alpha/14.0a5-14.0a8+13.5a11-macos-ALL.xml - update_3/alpha/14.0a4-14.0a7+13.5a11-windows-i686-ALL.xml → update_3/alpha/14.0a5-14.0a8+13.5a11-windows-i686-ALL.xml - update_3/alpha/14.0a5-14.0a7+13.5a11-windows-x86_64-ALL.xml → update_3/alpha/14.0a5-14.0a8+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/14.0a6-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/14.0a6-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/14.0a5-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/14.0a6-14.0a8+13.5a11-linux-x86_64-ALL.xml - update_3/alpha/14.0a6-14.0a7+13.5a11-macos-ALL.xml → update_3/alpha/14.0a6-14.0a8+13.5a11-macos-ALL.xml - update_3/alpha/14.0a5-14.0a7+13.5a11-windows-i686-ALL.xml → update_3/alpha/14.0a6-14.0a8+13.5a11-windows-i686-ALL.xml - update_3/alpha/14.0a6-14.0a7+13.5a11-windows-x86_64-ALL.xml → update_3/alpha/14.0a6-14.0a8+13.5a11-windows-x86_64-ALL.xml - update_3/alpha/14.0a4-14.0a7+13.5a11-linux-i686-ALL.xml → update_3/alpha/14.0a7-14.0a8+13.5a11-linux-i686-ALL.xml - update_3/alpha/14.0a6-14.0a7+13.5a11-linux-x86_64-ALL.xml → update_3/alpha/14.0a7-14.0a8+13.5a11-linux-x86_64-ALL.xml - + update_3/alpha/14.0a7-14.0a8+13.5a11-macos-ALL.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0a8-build2
by morgan (＠morgan) 07 Oct '24

07 Oct '24

morgan pushed new tag mb-14.0a8-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0a8-build2
by morgan (＠morgan) 07 Oct '24

07 Oct '24

morgan pushed new tag tbb-14.0a8-build2 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41249, 41250: Prepare Tor, Mullvad Browser 14.0a8-build2
by morgan (＠morgan) 07 Oct '24

07 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 3314ee0a by Morgan at 2024-10-07T17:11:51+00:00 Bug 41249,41250: Prepare Tor,Mullvad Browser 14.0a8-build2 - - - - - 3 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,4 +1,4 @@ -Mullvad Browser 14.0a8 - October 03 2024 +Mullvad Browser 14.0a8 - October 07 2024 * All Platforms * Updated uBlock Origin to 1.60.0 * Bug 349: Tidy up mullvad Fluent files [mullvad-browser] @@ -12,6 +12,7 @@ Mullvad Browser 14.0a8 - October 03 2024 * All Platforms * Bug 43157: Move tb-dev to base-browser [tor-browser] * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] Mullvad Browser 13.5.6 - September 30 2024 * All Platforms ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,4 +1,4 @@ -Tor Browser 14.0a8 - October 03 2024 +Tor Browser 14.0a8 - October 07 2024 * All Platforms * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] * Bug 42054: ESR128: investigate - thorin's list [tor-browser] @@ -26,6 +26,7 @@ Tor Browser 14.0a8 - October 03 2024 * Windows + macOS + Linux * Bug 41247: Adapt tools/update-responses/update_responses to support multiple versions in the same xml files [tor-browser-build] * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] + * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] Tor Browser 13.5a11 - October 01 2024 * All Platforms ===================================== rbm.conf ===================================== @@ -74,7 +74,7 @@ buildconf: var: torbrowser_version: '14.0a8' - torbrowser_build: 'build1' + torbrowser_build: 'build2' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. browser_release_date: '2024/10/03 19:27:08' View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] 2 commits: Bug 41259: Skip versions which don't set incremental_from when generating incrementals
by morgan (＠morgan) 07 Oct '24

07 Oct '24

morgan pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: f61208a8 by Nicolas Vigier at 2024-10-07T09:40:47+02:00 Bug 41259: Skip versions which don't set incremental_from when generating incrementals Also don't set `incremental_from` for the legacy version in update_responses config. - - - - - f27b3742 by Nicolas Vigier at 2024-10-07T09:46:47+02:00 Bug 41259: Don't set legacy version for Mullvad Browser - - - - - 2 changed files: - projects/release/update_responses_config.yml - tools/update-responses/update_responses Changes: ===================================== projects/release/update_responses_config.yml ===================================== @@ -72,12 +72,11 @@ versions: minSupportedInstructionSet: SSE2 linux-x86_64: minSupportedInstructionSet: SSE2 -[% IF c("var/torbrowser_legacy_version") -%] +[% IF c("var/tor-browser") && c("var/torbrowser_legacy_version") -%] [% c("var/torbrowser_legacy_version") %]: mar_channel_id: [% c('var/mar_channel_id') %] platformVersion: [% c('var/torbrowser_legacy_platform_version') %] detailsURL: https://blog.torproject.org/new[% IF c("var/alpha") %]-alpha[% END %]-release-tor-browser-[% c("var/torbrowser_legacy_version") FILTER remove('\.') %] - incremental_from: [] # minSupportedOsVersion on macOS corresponds to the Darwin version ( https://en.wikipedia.org/wiki/Darwin_(operating_system) ) macos: # macOS v10.12.0 ===================================== tools/update-responses/update_responses ===================================== @@ -702,6 +702,7 @@ my %actions = ( exit_error "Unknown channel" unless $config->{channels}{$channel}; my $versions = as_array($config->{channels}{$channel}); foreach my $version (@$versions) { + next unless $config->{versions}{$version}{incremental_from}; extract_martools($config, $version); get_version_files($config, $version); create_incremental_mars_for_version($config, $version, $channel); View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/compare/… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch mullvad-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 1a766e24 by hackademix at 2024-10-07T13:20:56+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/1a7… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/1a7… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch base-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 0bff17d4 by hackademix at 2024-10-07T13:20:50+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0bff17d… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/0bff17d… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch tor-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 70c7a53e by hackademix at 2024-10-07T13:20:44+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch mullvad-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser Commits: f2211840 by hackademix at 2024-10-07T13:20:13+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f22… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/f22… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.
by ma1 (＠ma1) 07 Oct '24

07 Oct '24

ma1 pushed to branch base-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 70534c90 by hackademix at 2024-10-07T13:20:06+02:00 fixup! Firefox preference overrides. MB361: Disable only cyphersuites using SH1 for signing (ECDSA). - - - - - 1 changed file: - browser/app/profile/001-base-profile.js Changes: ===================================== browser/app/profile/001-base-profile.js ===================================== @@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true); -// Bug 40183: Disable TLS ciphersuites using SHA-1 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA) +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false); +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); -pref("security.ssl3.rsa_aes_128_sha", false, locked); -pref("security.ssl3.rsa_aes_256_sha", false, locked); // Wrapping a static pref to lock it and prevent changing. // See tor-browser#40565. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70534c9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70534c9… You're receiving this email because of your account on gitlab.torproject.org.

1 0