- tbb-commits - lists.torproject.org

[Git][tpo/applications/tor-browser][base-browser-128.7.0esr-14.0-1] fixup! Add CI for Base Browser
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch base-browser-128.7.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 2db79da2 by Beatriz Rizental at 2025-02-03T16:00:19+01:00 fixup! Add CI for Base Browser - - - - - 1 changed file: - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/mixins.yml ===================================== @@ -4,7 +4,21 @@ before_script: - git init - git remote add local "$LOCAL_REPO_PATH" - - git fetch --depth 500 local + - | + # Determine the reference of the target branch in the local repository copy. + # + # 1. List all references in the local repository + # 2. Filter the references to the target branch + # 3. Remove tags + # 4. Keep a single line, in case there are too many matches + # 5. Clean up the output + # 6. Remove everything before the last two slashes, because the output is like `refs/heads/...` or `refs/remotes/...` + TARGET_BRANCH=$(git ls-remote local | grep ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} | grep -v 'refs/tags/' | awk '{print $2}' | tail -1 | sed 's|[^/]*/[^/]*/||') + if [ -z "$TARGET_BRANCH" ]; then + echo "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + fi + - git fetch --depth 500 local $TARGET_BRANCH - git remote add origin "$CI_REPOSITORY_URL" - | if [ -z "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}" ]; then @@ -26,7 +40,16 @@ before_script: - git init - git remote add local $env:LOCAL_REPO_PATH - - git fetch --depth 500 local + - | + $branchName = $env:CI_COMMIT_BRANCH + if ([string]::IsNullOrEmpty($branchName)) { + $branchName = $env:CI_MERGE_REQUEST_TARGET_BRANCH_NAME + } + $TARGET_BRANCH = git ls-remote local | Select-String -Pattern $branchName | Select-String -Pattern -NotMatch 'refs/tags/' | Select-Object -Last 1 | ForEach-Object { $_.ToString().Split()[1] -replace '^[^/]*/[^/]*/', '' } + if ([string]::IsNullOrEmpty($TARGET_BRANCH)) { + Write-Output "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + } - git remote add origin $env:CI_REPOSITORY_URL - | $branchName = $env:CI_COMMIT_BRANCH View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2db79da… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/2db79da… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.7.0esr-14.0-1] fixup! Add CI for Base Browser
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch tor-browser-128.7.0esr-14.0-1 at The Tor Project / Applications / Tor Browser Commits: 8004ee08 by Beatriz Rizental at 2025-02-03T15:42:55+01:00 fixup! Add CI for Base Browser - - - - - 1 changed file: - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/mixins.yml ===================================== @@ -4,7 +4,21 @@ before_script: - git init - git remote add local "$LOCAL_REPO_PATH" - - git fetch --depth 500 local + - | + # Determine the reference of the target branch in the local repository copy. + # + # 1. List all references in the local repository + # 2. Filter the references to the target branch + # 3. Remove tags + # 4. Keep a single line, in case there are too many matches + # 5. Clean up the output + # 6. Remove everything before the last two slashes, because the output is like `refs/heads/...` or `refs/remotes/...` + TARGET_BRANCH=$(git ls-remote local | grep ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} | grep -v 'refs/tags/' | awk '{print $2}' | tail -1 | sed 's|[^/]*/[^/]*/||') + if [ -z "$TARGET_BRANCH" ]; then + echo "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + fi + - git fetch --depth 500 local $TARGET_BRANCH - git remote add origin "$CI_REPOSITORY_URL" - | if [ -z "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}" ]; then @@ -26,7 +40,16 @@ before_script: - git init - git remote add local $env:LOCAL_REPO_PATH - - git fetch --depth 500 local + - | + $branchName = $env:CI_COMMIT_BRANCH + if ([string]::IsNullOrEmpty($branchName)) { + $branchName = $env:CI_MERGE_REQUEST_TARGET_BRANCH_NAME + } + $TARGET_BRANCH = git ls-remote local | Select-String -Pattern $branchName | Select-String -Pattern -NotMatch 'refs/tags/' | Select-Object -Last 1 | ForEach-Object { $_.ToString().Split()[1] -replace '^[^/]*/[^/]*/', '' } + if ([string]::IsNullOrEmpty($TARGET_BRANCH)) { + Write-Output "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + } - git remote add origin $env:CI_REPOSITORY_URL - | $branchName = $env:CI_COMMIT_BRANCH View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8004ee0… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/8004ee0… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][base-browser-128.7.0esr-14.5-1] fixup! Add CI for Base Browser
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch base-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: 4da10a5e by Beatriz Rizental at 2025-02-03T15:36:36+01:00 fixup! Add CI for Base Browser - - - - - 1 changed file: - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/mixins.yml ===================================== @@ -4,7 +4,21 @@ before_script: - git init - git remote add local "$LOCAL_REPO_PATH" - - git fetch --depth 500 local ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} + - | + # Determine the reference of the target branch in the local repository copy. + # + # 1. List all references in the local repository + # 2. Filter the references to the target branch + # 3. Remove tags + # 4. Keep a single line, in case there are too many matches + # 5. Clean up the output + # 6. Remove everything before the last two slashes, because the output is like `refs/heads/...` or `refs/remotes/...` + TARGET_BRANCH=$(git ls-remote local | grep ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} | grep -v 'refs/tags/' | awk '{print $2}' | tail -1 | sed 's|[^/]*/[^/]*/||') + if [ -z "$TARGET_BRANCH" ]; then + echo "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + fi + - git fetch --depth 500 local $TARGET_BRANCH - git remote add origin "$CI_REPOSITORY_URL" - | if [ -z "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}" ]; then @@ -31,7 +45,11 @@ if ([string]::IsNullOrEmpty($branchName)) { $branchName = $env:CI_MERGE_REQUEST_TARGET_BRANCH_NAME } - git fetch --depth 500 local $branchName + $TARGET_BRANCH = git ls-remote local | Select-String -Pattern $branchName | Select-String -Pattern -NotMatch 'refs/tags/' | Select-Object -Last 1 | ForEach-Object { $_.ToString().Split()[1] -replace '^[^/]*/[^/]*/', '' } + if ([string]::IsNullOrEmpty($TARGET_BRANCH)) { + Write-Output "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + } - git remote add origin $env:CI_REPOSITORY_URL - | $branchName = $env:CI_COMMIT_BRANCH View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4da10a5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/4da10a5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.7.0esr-14.5-1] fixup! Add CI for Base Browser
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch mullvad-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 40c8eec9 by Beatriz Rizental at 2025-02-03T15:36:14+01:00 fixup! Add CI for Base Browser - - - - - 1 changed file: - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/mixins.yml ===================================== @@ -4,7 +4,21 @@ before_script: - git init - git remote add local "$LOCAL_REPO_PATH" - - git fetch --depth 500 local ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} + - | + # Determine the reference of the target branch in the local repository copy. + # + # 1. List all references in the local repository + # 2. Filter the references to the target branch + # 3. Remove tags + # 4. Keep a single line, in case there are too many matches + # 5. Clean up the output + # 6. Remove everything before the last two slashes, because the output is like `refs/heads/...` or `refs/remotes/...` + TARGET_BRANCH=$(git ls-remote local | grep ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} | grep -v 'refs/tags/' | awk '{print $2}' | tail -1 | sed 's|[^/]*/[^/]*/||') + if [ -z "$TARGET_BRANCH" ]; then + echo "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + fi + - git fetch --depth 500 local $TARGET_BRANCH - git remote add origin "$CI_REPOSITORY_URL" - | if [ -z "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}" ]; then @@ -31,7 +45,11 @@ if ([string]::IsNullOrEmpty($branchName)) { $branchName = $env:CI_MERGE_REQUEST_TARGET_BRANCH_NAME } - git fetch --depth 500 local $branchName + $TARGET_BRANCH = git ls-remote local | Select-String -Pattern $branchName | Select-String -Pattern -NotMatch 'refs/tags/' | Select-Object -Last 1 | ForEach-Object { $_.ToString().Split()[1] -replace '^[^/]*/[^/]*/', '' } + if ([string]::IsNullOrEmpty($TARGET_BRANCH)) { + Write-Output "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + } - git remote add origin $env:CI_REPOSITORY_URL - | $branchName = $env:CI_COMMIT_BRANCH View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/40c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/commit/40c… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.7.0esr-14.5-1] fixup! Add CI for Base Browser
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch tor-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: b05f3350 by Beatriz Rizental at 2025-02-03T15:31:27+01:00 fixup! Add CI for Base Browser - - - - - 1 changed file: - .gitlab/ci/mixins.yml Changes: ===================================== .gitlab/ci/mixins.yml ===================================== @@ -4,7 +4,21 @@ before_script: - git init - git remote add local "$LOCAL_REPO_PATH" - - git fetch --depth 500 local ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} + - | + # Determine the reference of the target branch in the local repository copy. + # + # 1. List all references in the local repository + # 2. Filter the references to the target branch + # 3. Remove tags + # 4. Keep a single line, in case there are too many matches + # 5. Clean up the output + # 6. Remove everything before the last two slashes, because the output is like `refs/heads/...` or `refs/remotes/...` + TARGET_BRANCH=$(git ls-remote local | grep ${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_TARGET_BRANCH_NAME} | grep -v 'refs/tags/' | awk '{print $2}' | tail -1 | sed 's|[^/]*/[^/]*/||') + if [ -z "$TARGET_BRANCH" ]; then + echo "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + fi + - git fetch --depth 500 local $TARGET_BRANCH - git remote add origin "$CI_REPOSITORY_URL" - | if [ -z "${CI_COMMIT_BRANCH:-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME}" ]; then @@ -31,7 +45,11 @@ if ([string]::IsNullOrEmpty($branchName)) { $branchName = $env:CI_MERGE_REQUEST_TARGET_BRANCH_NAME } - git fetch --depth 500 local $branchName + $TARGET_BRANCH = git ls-remote local | Select-String -Pattern $branchName | Select-String -Pattern -NotMatch 'refs/tags/' | Select-Object -Last 1 | ForEach-Object { $_.ToString().Split()[1] -replace '^[^/]*/[^/]*/', '' } + if ([string]::IsNullOrEmpty($TARGET_BRANCH)) { + Write-Output "Target branch $TARGET_BRANCH is not yet in local repository. Stopping the pipeline." + exit 1 + } - git remote add origin $env:CI_REPOSITORY_URL - | $branchName = $env:CI_COMMIT_BRANCH View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b05f335… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/b05f335… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-128.7.0esr-14.5-1] 2 commits: BB 29745: Limit remote access to content accessible resources
by ma1 (＠ma1) 03 Feb '25

03 Feb '25

ma1 pushed to branch tor-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Tor Browser Commits: d2be2499 by Henry Wilkes at 2025-02-03T11:53:29+00:00 BB 29745: Limit remote access to content accessible resources - - - - - 7e470c8c by Henry Wilkes at 2025-02-03T11:53:30+00:00 fixup! BB 42716: Disable unwanted about: pages TB 43308: Remove about:logo which exposes a branding asset. - - - - - 2 changed files: - caps/nsScriptSecurityManager.cpp - docshell/base/nsAboutRedirector.cpp Changes: ===================================== caps/nsScriptSecurityManager.cpp ===================================== @@ -1044,6 +1044,48 @@ nsresult nsScriptSecurityManager::CheckLoadURIFlags( } } + // Only allow some "about:" pages to have access to contentaccessible + // "chrome://branding/" assets. Otherwise web pages could easily and + // consistently detect the differences between channels when their + // branding differs. See tor-browser#43308 and tor-browser#42319. + // NOTE: The same assets under the alternative URI + // "resource:///chrome/browser/content/branding/" should already be + // inaccessible to web content, so we only add a condition for the chrome + // path. + if (targetScheme.EqualsLiteral("chrome")) { + nsAutoCString targetHost; + rv = aTargetBaseURI->GetHost(targetHost); + NS_ENSURE_SUCCESS(rv, rv); + if (targetHost.EqualsLiteral("branding")) { + // Disallow any Principal whose scheme is not "about", or is a + // contentaccessible "about" URI ("about:blank" or "about:srcdoc"). + // NOTE: "about:blank" and "about:srcdoc" would be unexpected here + // since such a document spawned by a web document should inherit the + // same Principal URI. I.e. they would be "http:" or "https:" schemes. + // But we add this condition for extra assurances. + // NOTE: Documents with null Principals, like "about:blank" typed by + // the user, would also be excluded since the Principal URI would be + // "moz-nullprincipal:". + if (!aSourceBaseURI->SchemeIs("about") || + NS_IsContentAccessibleAboutURI(aSourceBaseURI)) { + return NS_ERROR_DOM_BAD_URI; + } + // Also exclude "about:reader" from accessing branding assets. I.e. if + // a web page includes `<img src="chrome://branding/..." />` we do not + // want it to render within "about:reader" either. + // Though it is unknown whether the information within "about:reader" + // would be exploitable by a web page, we also want to exclude + // "about:reader" for consistency: if it does not display in the + // original web page, it should not display in "about:reader" either. + nsAutoCString sourcePath; + rv = aSourceBaseURI->GetFilePath(sourcePath); + NS_ENSURE_SUCCESS(rv, rv); + if (sourcePath.EqualsLiteral("reader")) { + return NS_ERROR_DOM_BAD_URI; + } + } + } + if (targetScheme.EqualsLiteral("resource")) { if (StaticPrefs::security_all_resource_uri_content_accessible()) { return NS_OK; ===================================== docshell/base/nsAboutRedirector.cpp ===================================== @@ -123,10 +123,9 @@ static const RedirEntry kRedirMap[] = { nsIAboutModule::IS_SECURE_CHROME_UI}, {"logging", "chrome://global/content/aboutLogging.html", nsIAboutModule::ALLOW_SCRIPT}, - {"logo", "chrome://branding/content/about.png", - nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | - // Linkable for testing reasons. - nsIAboutModule::MAKE_LINKABLE}, + // Do not allow web pages to link to about:logo, which varies between + // channels. See tor-browser#43308. + // Moreover, it exposes firefox-specific branding. {"memory", "chrome://global/content/aboutMemory.xhtml", nsIAboutModule::ALLOW_SCRIPT}, {"certificate", "chrome://global/content/certviewer/certviewer.html", View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f0b1a9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/f0b1a9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag FIREFOX_NIGHTLY_128_END
by morgan (＠morgan) 03 Feb '25

03 Feb '25

morgan pushed new tag FIREFOX_NIGHTLY_128_END at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/FIREFOX_N… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bump Firefox version to 128.7.0esr for nightly builds.
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 1d6dde94 by Pier Angelo Vendrame at 2025-02-03T12:57:54+01:00 Bump Firefox version to 128.7.0esr for nightly builds. - - - - - 2 changed files: - projects/firefox/config - projects/geckoview/config Changes: ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: '128.6.0' + firefox_platform_version: '128.7.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 1 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -16,12 +16,12 @@ container: build_apk: 1 var: - firefox_platform_version: '128.6.0' + firefox_platform_version: '128.7.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 2 + browser_build: 1 gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.7.0esr-14.5-1-build1
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag mullvad-browser-128.7.0esr-14.5-1-build1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser][mullvad-browser-128.7.0esr-14.5-1] 25 commits: MB 38: Mullvad Browser configuration
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch mullvad-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser Commits: 1dec7431 by Pier Angelo Vendrame at 2025-02-03T11:56:37+01:00 MB 38: Mullvad Browser configuration - - - - - 67f67928 by Pier Angelo Vendrame at 2025-02-03T11:56:38+01:00 MB 1: Mullvad Browser branding See also: mullvad-browser#5: Product name and directory customization mullvad-browser#12: Create new branding directories and integrate Mullvad icons+branding mullvad-browser#14: Remove Default Built-in bookmarks mullvad-browser#35: Add custom PDF icons for Windows builds mullvad-browser#48: Replace Mozilla copyright and legal trademarks in mullvadbrowser.exe metadata mullvad-browser#51: Update trademark string mullvad-browser#104: Update shipped dll metadata copyright/licensing info mullvad-browser#107: Add alpha and nightly icons - - - - - 923b7b63 by Pier Angelo Vendrame at 2025-02-03T11:56:39+01:00 fixup! MB 1: Mullvad Browser branding TB 43323: Add an asset for sanity tests. - - - - - 1a945ae1 by Henry Wilkes at 2025-02-03T11:56:40+01:00 Mullvad Browser strings This commit adds strings needed by the following Mullvad Browser patches. - - - - - 34cca47f by Pier Angelo Vendrame at 2025-02-03T11:56:41+01:00 MB 20: Allow packaged-addons in PBM. We install a few addons from the distribution directory, but they are not automatically enabled for PBM mode. This commit modifies the code that installs them to also add the PBM permission to the known ones. - - - - - 74dc4caf by Pier Angelo Vendrame at 2025-02-03T11:56:42+01:00 MB 63: Customize some about pages for Mullvad Browser Also: mullvad-browser#57: Purge unneeded about: pages - - - - - 328e8889 by Pier Angelo Vendrame at 2025-02-03T11:56:43+01:00 MB 37: Customization for the about dialog - - - - - d5b0e6c6 by Henry Wilkes at 2025-02-03T11:56:45+01:00 MB 39: Add home page about:mullvad-browser - - - - - 048c31f9 by hackademix at 2025-02-03T11:56:47+01:00 MB 97: Remove UI cues to install new extensions. - - - - - f883f4c7 by hackademix at 2025-02-03T11:56:48+01:00 MB 47: uBlock Origin customization - - - - - a3e47e56 by Pier Angelo Vendrame at 2025-02-03T11:56:49+01:00 MB 21: Disable the password manager This commit disables the about:login page and removes the "Login and Password" section of about:preferences. We do not do anything to the real password manager of Firefox, that is in toolkit: it contains C++ parts that make it difficult to actually prevent it from being built.. Finally, we modify the the function that opens about:login to report an error in the console so that we can quickly get a backtrace to the code that tries to use it. - - - - - fbf62cb7 by Pier Angelo Vendrame at 2025-02-03T11:56:50+01:00 MB 112: Updater customization for Mullvad Browser MB 71: Set the updater base URL to Mullvad domain - - - - - 4d8e63a7 by Nicolas Vigier at 2025-02-03T11:56:52+01:00 MB 79: Add Mullvad Browser MAR signing keys MB 256: Add mullvad-browser nightly mar signing key - - - - - bd420603 by Pier Angelo Vendrame at 2025-02-03T11:56:53+01:00 MB 34: Hide unsafe and unwanted preferences UI about:preferences allow to override some of our defaults, that could be fingeprintable or have some other unwanted consequences. - - - - - 4163158c by Pier Angelo Vendrame at 2025-02-03T11:56:56+01:00 MB 160: Disable the cookie exceptions button Besides disabling the "Delete on close checkbox", disable also the "Manage Exceptions" button when always using PBM. - - - - - 25693dbd by hackademix at 2025-02-03T11:56:57+01:00 MB 163: prevent uBlock Origin from being uninstalled/disabled - - - - - f35cd0c7 by Richard Pospesel at 2025-02-03T11:56:57+01:00 MB 188: Customize Gitlab Issue and Merge templates - - - - - d29b3c5a by rui hildt at 2025-02-03T11:56:58+01:00 MB 213: Customize the search engines list MB 328: Refactor the search engine patch. Upstream switched to a completely different search engine configuration between ESR 115 and ESR 128. We moved our configuration to a couple of JSON files that do not follow upstream's schemas, as they are overcomplicated for our needs. Also, we keep the old search engine extensions for now, as upstream also kept them, and planned of removing them with Bug 1885953. - - - - - 7fd6882a by hackademix at 2025-02-03T11:56:58+01:00 MB 214: Enable cross-tab identity leak protection in "quiet" mode - - - - - 2bfb2629 by Pier Angelo Vendrame at 2025-02-03T11:56:59+01:00 MB 80: Enable Mullvad Browser as a default browser - - - - - 8dba1da4 by Pier Angelo Vendrame at 2025-02-03T11:56:59+01:00 MB 320: Temporarily disable WebRTC and WDBA on Windows. WebRTC should be re-enabled when tor-browser#42758 is resolved, and and the default browser agent when in general we make this feature work again. - - - - - 6a6a05e1 by Henry Wilkes at 2025-02-03T11:57:00+01:00 MB 329: Customize toolbar for mullvad-browser. - - - - - e311c495 by Henry Wilkes at 2025-02-03T11:57:01+01:00 Add CI for Mullvad Browser - - - - - 0a6b5863 by Henry Wilkes at 2025-02-03T11:57:01+01:00 fixup! Add CI for Mullvad Browser MB 324: Remove trailing comma from translation JSON. - - - - - d0551109 by Kershaw Chang at 2025-02-03T11:57:02+01:00 Bug 1910593 - Don't prefetch HTTPS RR if proxyDNS is enabled, r=necko-reviewers,valentin Differential Revision: https://phabricator.services.mozilla.com/D219528 - - - - - 269 changed files: - .gitlab/ci/jobs/update-translations.yml - .gitlab/issue_templates/Emergency Security Issue.md - + .gitlab/issue_templates/Rebase Browser - Alpha.md - + .gitlab/issue_templates/Rebase Browser - Stable.md - .gitlab/merge_request_templates/default.md - browser/app/Makefile.in - browser/app/macbuild/Contents/Info.plist.in - browser/app/module.ver - browser/app/firefox.exe.manifest → browser/app/mullvadbrowser.exe.manifest - + browser/app/profile/000-mullvad-browser.js - browser/app/profile/001-base-profile.js - browser/base/content/aboutDialog.xhtml - browser/base/content/appmenu-viewcache.inc.xhtml - browser/base/content/browser-menubar.inc - browser/base/content/browser-places.js - browser/base/content/browser.js - browser/base/content/default-bookmarks.html - browser/base/content/nsContextMenu.js - browser/base/content/overrides/app-license.html - browser/base/content/pageinfo/pageInfo.xhtml - browser/base/content/utilityOverlay.js - browser/branding/branding-common.mozbuild - + browser/branding/mb-alpha/VisualElements_150.png - + browser/branding/mb-alpha/VisualElements_70.png - + browser/branding/mb-alpha/configure.sh - + browser/branding/mb-alpha/content/about-logo.png - + browser/branding/mb-alpha/content/about-logo.svg - + browser/branding/mb-alpha/content/about-logo(a)2x.png - + browser/branding/mb-alpha/content/about-wordmark.svg - + browser/branding/mb-alpha/content/about.png - + browser/branding/mb-alpha/content/aboutDialog.css - + browser/branding/mb-alpha/content/firefox-wordmark.svg - + browser/branding/mb-alpha/content/icon128.png - + browser/branding/mb-alpha/content/icon16.png - + browser/branding/mb-alpha/content/icon256.png - + browser/branding/mb-alpha/content/icon32.png - + browser/branding/mb-alpha/content/icon48.png - + browser/branding/mb-alpha/content/icon64.png - + browser/branding/mb-alpha/content/jar.mn - + browser/branding/mb-alpha/content/moz.build - + browser/branding/mb-alpha/default128.png - + browser/branding/mb-alpha/default16.png - + browser/branding/mb-alpha/default22.png - + browser/branding/mb-alpha/default24.png - + browser/branding/mb-alpha/default256.png - + browser/branding/mb-alpha/default32.png - + browser/branding/mb-alpha/default48.png - + browser/branding/mb-alpha/default64.png - + browser/branding/mb-alpha/document.icns - + browser/branding/mb-alpha/document.ico - + browser/branding/mb-alpha/document_pdf.ico - + browser/branding/mb-alpha/firefox.icns - + browser/branding/mb-alpha/firefox.ico - + browser/branding/mb-alpha/firefox.svg - + browser/branding/mb-alpha/locales/en-US/brand.ftl - + browser/branding/mb-alpha/locales/en-US/brand.properties - + browser/branding/mb-alpha/locales/jar.mn - + browser/branding/mb-alpha/locales/moz.build - + browser/branding/mb-alpha/moz.build - + browser/branding/mb-alpha/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-alpha/newtab.ico - + browser/branding/mb-alpha/newwindow.ico - + browser/branding/mb-alpha/pbmode.ico - + browser/branding/mb-alpha/pref/firefox-branding.js - + browser/branding/mb-nightly/VisualElements_150.png - + browser/branding/mb-nightly/VisualElements_70.png - + browser/branding/mb-nightly/configure.sh - + browser/branding/mb-nightly/content/about-logo.png - + browser/branding/mb-nightly/content/about-logo.svg - + browser/branding/mb-nightly/content/about-logo(a)2x.png - + browser/branding/mb-nightly/content/about-wordmark.svg - + browser/branding/mb-nightly/content/about.png - + browser/branding/mb-nightly/content/aboutDialog.css - + browser/branding/mb-nightly/content/firefox-wordmark.svg - + browser/branding/mb-nightly/content/icon128.png - + browser/branding/mb-nightly/content/icon16.png - + browser/branding/mb-nightly/content/icon256.png - + browser/branding/mb-nightly/content/icon32.png - + browser/branding/mb-nightly/content/icon48.png - + browser/branding/mb-nightly/content/icon64.png - + browser/branding/mb-nightly/content/jar.mn - + browser/branding/mb-nightly/content/moz.build - + browser/branding/mb-nightly/default128.png - + browser/branding/mb-nightly/default16.png - + browser/branding/mb-nightly/default22.png - + browser/branding/mb-nightly/default24.png - + browser/branding/mb-nightly/default256.png - + browser/branding/mb-nightly/default32.png - + browser/branding/mb-nightly/default48.png - + browser/branding/mb-nightly/default64.png - + browser/branding/mb-nightly/document.icns - + browser/branding/mb-nightly/document.ico - + browser/branding/mb-nightly/document_pdf.ico - + browser/branding/mb-nightly/firefox.icns - + browser/branding/mb-nightly/firefox.ico - + browser/branding/mb-nightly/firefox.svg - + browser/branding/mb-nightly/locales/en-US/brand.ftl - + browser/branding/mb-nightly/locales/en-US/brand.properties - + browser/branding/mb-nightly/locales/jar.mn - + browser/branding/mb-nightly/locales/moz.build - + browser/branding/mb-nightly/moz.build - + browser/branding/mb-nightly/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-nightly/newtab.ico - + browser/branding/mb-nightly/newwindow.ico - + browser/branding/mb-nightly/pbmode.ico - + browser/branding/mb-nightly/pref/firefox-branding.js - + browser/branding/mb-release/VisualElements_150.png - + browser/branding/mb-release/VisualElements_70.png - + browser/branding/mb-release/configure.sh - + browser/branding/mb-release/content/about-logo.png - + browser/branding/mb-release/content/about-logo.svg - + browser/branding/mb-release/content/about-logo(a)2x.png - + browser/branding/mb-release/content/about-wordmark.svg - + browser/branding/mb-release/content/about.png - + browser/branding/mb-release/content/aboutDialog.css - + browser/branding/mb-release/content/firefox-wordmark.svg - + browser/branding/mb-release/content/icon128.png - + browser/branding/mb-release/content/icon16.png - + browser/branding/mb-release/content/icon256.png - + browser/branding/mb-release/content/icon32.png - + browser/branding/mb-release/content/icon48.png - + browser/branding/mb-release/content/icon64.png - + browser/branding/mb-release/content/jar.mn - + browser/branding/mb-release/content/moz.build - + browser/branding/mb-release/default128.png - + browser/branding/mb-release/default16.png - + browser/branding/mb-release/default22.png - + browser/branding/mb-release/default24.png - + browser/branding/mb-release/default256.png - + browser/branding/mb-release/default32.png - + browser/branding/mb-release/default48.png - + browser/branding/mb-release/default64.png - + browser/branding/mb-release/document.icns - + browser/branding/mb-release/document.ico - + browser/branding/mb-release/document_pdf.ico - + browser/branding/mb-release/firefox.icns - + browser/branding/mb-release/firefox.ico - + browser/branding/mb-release/firefox.svg - + browser/branding/mb-release/locales/en-US/brand.ftl - + browser/branding/mb-release/locales/en-US/brand.properties - + browser/branding/mb-release/locales/jar.mn - + browser/branding/mb-release/locales/moz.build - + browser/branding/mb-release/moz.build - + browser/branding/mb-release/mullvadbrowser.VisualElementsManifest.xml - + browser/branding/mb-release/newtab.ico - + browser/branding/mb-release/newwindow.ico - + browser/branding/mb-release/pbmode.ico - + browser/branding/mb-release/pref/firefox-branding.js - browser/components/BrowserContentHandler.sys.mjs - browser/components/BrowserGlue.sys.mjs - browser/components/about/AboutRedirector.cpp - browser/components/about/components.conf - browser/components/customizableui/CustomizableUI.sys.mjs - browser/components/moz.build - + browser/components/mullvad-browser/AboutMullvadBrowserChild.sys.mjs - + browser/components/mullvad-browser/AboutMullvadBrowserParent.sys.mjs - + browser/components/mullvad-browser/content/2728-sparkles.svg - + browser/components/mullvad-browser/content/aboutMullvadBrowser.css - + browser/components/mullvad-browser/content/aboutMullvadBrowser.js - + browser/components/mullvad-browser/content/aboutMullvadBrowser.xhtml - + browser/components/mullvad-browser/content/mullvadBrowserFont.css - + browser/components/mullvad-browser/jar.mn - + browser/components/mullvad-browser/moz.build - browser/components/newtab/AboutNewTabService.sys.mjs - browser/components/preferences/home.inc.xhtml - browser/components/preferences/main.js - browser/components/preferences/preferences.xhtml - browser/components/preferences/privacy.inc.xhtml - browser/components/preferences/privacy.js - browser/components/preferences/search.inc.xhtml - + browser/components/search/extensions/brave/favicon.svg - + browser/components/search/extensions/brave/manifest.json - + browser/components/search/extensions/ddg-html/favicon.ico - + browser/components/search/extensions/ddg-html/manifest.json - browser/components/search/extensions/ddg/manifest.json - + browser/components/search/extensions/metager/favicon.ico - + browser/components/search/extensions/metager/manifest.json - + browser/components/search/extensions/mojeek/favicon.ico - + browser/components/search/extensions/mojeek/manifest.json - + browser/components/search/extensions/mullvad-leta/favicon.svg - + browser/components/search/extensions/mullvad-leta/manifest.json - + browser/components/search/extensions/startpage/favicon.png - + browser/components/search/extensions/startpage/manifest.json - browser/components/shell/ShellService.sys.mjs - browser/components/shell/WindowsDefaultBrowser.cpp - browser/components/shell/nsWindowsShellService.cpp - browser/config/mozconfigs/base-browser - + browser/config/mozconfigs/mullvad-browser - browser/confvars.sh - browser/installer/package-manifest.in - browser/installer/windows/nsis/updater_append.ini - browser/modules/HomePage.sys.mjs - browser/moz.build - config/create_rc.py - devtools/client/aboutdebugging/src/actions/runtimes.js - devtools/client/aboutdebugging/src/components/sidebar/Sidebar.js - devtools/client/jar.mn - devtools/client/themes/images/aboutdebugging-firefox-aurora.svg - devtools/client/themes/images/aboutdebugging-firefox-beta.svg - devtools/client/themes/images/aboutdebugging-firefox-logo.svg - devtools/client/themes/images/aboutdebugging-firefox-nightly.svg - devtools/client/themes/images/aboutdebugging-firefox-release.svg - + devtools/client/themes/images/aboutdebugging-mullvadbrowser-logo.svg - docshell/base/nsAboutRedirector.cpp - docshell/build/components.conf - dom/chrome-webidl/NetDashboard.webidl - moz.configure - mozconfig-linux-aarch64 - mozconfig-linux-aarch64-dev - mozconfig-linux-x86_64 - mozconfig-linux-x86_64-asan - mozconfig-linux-x86_64-dev - mozconfig-macos - mozconfig-macos-dev - mozconfig-windows-x86_64 - netwerk/base/Dashboard.cpp - netwerk/base/DashboardTypes.h - netwerk/dns/nsHostResolver.cpp - netwerk/protocol/http/nsHttp.cpp - netwerk/protocol/http/nsHttp.h - netwerk/protocol/http/nsHttpChannel.cpp - netwerk/protocol/http/nsHttpChannel.h - netwerk/protocol/http/nsHttpConnectionInfo.h - netwerk/protocol/http/nsHttpConnectionMgr.cpp - netwerk/protocol/http/nsHttpHandler.cpp - netwerk/protocol/http/nsHttpHandler.h - + netwerk/test/unit/test_proxyDNS_leak.js - netwerk/test/unit/xpcshell.toml - + other-licenses/nsis/Contrib/ApplicationID/Makefile - + other-licenses/nsis/Contrib/CityHash/Makefile - toolkit/components/extensions/child/ext-storage.js - toolkit/components/extensions/parent/ext-storage.js - toolkit/components/passwordmgr/LoginHelper.sys.mjs - toolkit/components/search/AppProvidedSearchEngine.sys.mjs - toolkit/components/search/SearchService.sys.mjs - + toolkit/components/search/content/brave.svg - + toolkit/components/search/content/duckduckgo.ico - + toolkit/components/search/content/metager.ico - + toolkit/components/search/content/mojeek.ico - + toolkit/components/search/content/mullvad-leta.svg - + toolkit/components/search/content/mullvadBrowserSearchEngineIcons.json - + toolkit/components/search/content/mullvadBrowserSearchEngines.json - + toolkit/components/search/content/startpage.png - + toolkit/components/search/jar.mn - toolkit/components/search/moz.build - toolkit/components/securitylevel/SecurityLevel.sys.mjs - toolkit/content/aboutNetworking.js - + toolkit/content/aboutRightsMullvad.xhtml - + toolkit/content/aboutTelemetryMullvad.xhtml - toolkit/content/jar.mn - toolkit/content/license.html - toolkit/content/widgets/moz-support-link/moz-support-link.mjs - + toolkit/locales/en-US/toolkit/global/mullvad-browser.ftl - toolkit/mozapps/defaultagent/EventLog.h - toolkit/mozapps/defaultagent/SetDefaultBrowser.cpp - toolkit/mozapps/extensions/AddonManager.sys.mjs - toolkit/mozapps/extensions/content/aboutaddons.css - toolkit/mozapps/extensions/internal/XPIDatabase.sys.mjs - toolkit/mozapps/extensions/internal/XPIProvider.sys.mjs - toolkit/mozapps/update/updater/nightly_aurora_level3_primary.der - toolkit/mozapps/update/updater/nightly_aurora_level3_secondary.der - toolkit/mozapps/update/updater/release_primary.der - toolkit/mozapps/update/updater/release_secondary.der - + toolkit/themes/shared/icons/mullvadbrowser.png - toolkit/themes/shared/minimal-toolkit.jar.inc.mn - toolkit/xre/nsAppRunner.cpp - tools/lint/fluent-lint/exclusions.yml - widget/windows/WinTaskbar.cpp - widget/windows/moz.build The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/84… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/compare/84… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.20.0esr-13.5-1-build3
by ma1 (＠ma1) 03 Feb '25

03 Feb '25

ma1 pushed new tag tor-browser-115.20.0esr-13.5-1-build3 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.20.0esr-13.5-1] 2 commits: Bug 1932783 - Make nsHostKey::flags Atomic, a=RyanVM
by ma1 (＠ma1) 03 Feb '25

03 Feb '25

ma1 pushed to branch tor-browser-115.20.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: e6ac6148 by Kershaw Chang at 2025-02-03T12:42:15+01:00 Bug 1932783 - Make nsHostKey::flags Atomic, a=RyanVM - - - - - efa40325 by Dana Keeler at 2025-02-03T12:42:22+01:00 Bug 1940804 - avoid some "as" casts in cert_storage a=RyanVM Original Revision: https://phabricator.services.mozilla.com/D233775 Differential Revision: https://phabricator.services.mozilla.com/D233880 - - - - - 4 changed files: - netwerk/dns/nsHostRecord.cpp - netwerk/dns/nsHostRecord.h - netwerk/dns/nsHostResolver.cpp - security/manager/ssl/cert_storage/src/lib.rs Changes: ===================================== netwerk/dns/nsHostRecord.cpp ===================================== @@ -39,6 +39,15 @@ nsHostKey::nsHostKey(const nsACString& aHost, const nsACString& aTrrServer, pb(aPb), originSuffix(aOriginsuffix) {} +nsHostKey::nsHostKey(const nsHostKey& other) + : host(other.host), + mTrrServer(other.mTrrServer), + type(other.type), + flags(other.flags), + af(other.af), + pb(other.pb), + originSuffix(other.originSuffix) {} + bool nsHostKey::operator==(const nsHostKey& other) const { return host == other.host && mTrrServer == other.mTrrServer && type == other.type && ===================================== netwerk/dns/nsHostRecord.h ===================================== @@ -79,13 +79,15 @@ struct nsHostKey { const nsCString host; const nsCString mTrrServer; uint16_t type = 0; - nsIDNSService::DNSFlags flags = nsIDNSService::RESOLVE_DEFAULT_FLAGS; + mozilla::Atomic<nsIDNSService::DNSFlags> flags{ + nsIDNSService::RESOLVE_DEFAULT_FLAGS}; uint16_t af = 0; bool pb = false; const nsCString originSuffix; explicit nsHostKey(const nsACString& host, const nsACString& aTrrServer, uint16_t type, nsIDNSService::DNSFlags flags, uint16_t af, bool pb, const nsACString& originSuffix); + explicit nsHostKey(const nsHostKey& other); bool operator==(const nsHostKey& other) const; size_t SizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf) const; PLDHashNumber Hash() const; ===================================== netwerk/dns/nsHostResolver.cpp ===================================== @@ -1116,7 +1116,8 @@ nsresult nsHostResolver::NameLookup(nsHostRecord* rec, } LOG(("NameLookup: %s effectiveTRRmode: %d flags: %X", rec->host.get(), - static_cast<nsIRequest::TRRMode>(rec->mEffectiveTRRMode), rec->flags)); + static_cast<nsIRequest::TRRMode>(rec->mEffectiveTRRMode), + static_cast<uint32_t>(rec->flags))); if (rec->flags & nsIDNSService::RESOLVE_DISABLE_TRR) { rec->RecordReason(TRRSkippedReason::TRR_DISABLED_FLAG); @@ -1900,8 +1901,9 @@ void nsHostResolver::GetDNSCacheEntries(nsTArray<DNSCacheEntries>* args) { } info.originAttributesSuffix = recordEntry.GetKey().originSuffix; - info.flags = nsPrintfCString("%u|0x%x|%u|%d|%s", rec->type, rec->flags, - rec->af, rec->pb, rec->mTrrServer.get()); + info.flags = nsPrintfCString("%u|0x%x|%u|%d|%s", rec->type, + static_cast<uint32_t>(rec->flags), rec->af, + rec->pb, rec->mTrrServer.get()); args->AppendElement(std::move(info)); } ===================================== security/manager/ssl/cert_storage/src/lib.rs ===================================== @@ -40,6 +40,7 @@ use rkv::{StoreError, StoreOptions, Value}; use rust_cascade::Cascade; use sha2::{Digest, Sha256}; use std::collections::{HashMap, HashSet}; +use std::convert::TryInto; use std::ffi::CString; use std::fmt::Display; use std::fs::{create_dir_all, remove_file, File, OpenOptions}; @@ -266,10 +267,10 @@ impl SecurityState { }; let reader = env_and_store.env.read()?; match env_and_store.store.get(&reader, key) { - Ok(Some(Value::I64(i))) - if i <= (std::i16::MAX as i64) && i >= (std::i16::MIN as i64) => - { - Ok(Some(i as i16)) + Ok(Some(Value::I64(i))) => { + Ok(Some(i.try_into().map_err(|_| { + SecurityStateError::from("Stored value out of range for i16") + })?)) } Ok(None) => Ok(None), Ok(_) => Err(SecurityStateError::from( @@ -893,10 +894,10 @@ struct Cert<'a> { impl<'a> Cert<'a> { fn new(der: &'a [u8], subject: &'a [u8], trust: i16) -> Result<Cert<'a>, SecurityStateError> { - if der.len() > u16::max as usize { + if der.len() > u16::MAX.into() { return Err(SecurityStateError::from("certificate is too long")); } - if subject.len() > u16::max as usize { + if subject.len() > u16::MAX.into() { return Err(SecurityStateError::from("subject is too long")); } Ok(Cert { @@ -920,7 +921,7 @@ impl<'a> Cert<'a> { return Err(SecurityStateError::from("invalid Cert: no der len?")); } let (mut der_len, rest) = rest.split_at(size_of::<u16>()); - let der_len = der_len.read_u16::<NetworkEndian>()? as usize; + let der_len = der_len.read_u16::<NetworkEndian>()?.into(); if rest.len() < der_len { return Err(SecurityStateError::from("invalid Cert: no der?")); } @@ -930,7 +931,7 @@ impl<'a> Cert<'a> { return Err(SecurityStateError::from("invalid Cert: no subject len?")); } let (mut subject_len, rest) = rest.split_at(size_of::<u16>()); - let subject_len = subject_len.read_u16::<NetworkEndian>()? as usize; + let subject_len = subject_len.read_u16::<NetworkEndian>()?.into(); if rest.len() < subject_len { return Err(SecurityStateError::from("invalid Cert: no subject?")); } @@ -961,15 +962,19 @@ impl<'a> Cert<'a> { + size_of::<i16>(), ); bytes.write_u8(CERT_SERIALIZATION_VERSION_1)?; - if self.der.len() > u16::max as usize { - return Err(SecurityStateError::from("certificate is too long")); - } - bytes.write_u16::<NetworkEndian>(self.der.len() as u16)?; + bytes.write_u16::<NetworkEndian>( + self.der + .len() + .try_into() + .map_err(|_| SecurityStateError::from("certificate is too long"))?, + )?; bytes.extend_from_slice(&self.der); - if self.subject.len() > u16::max as usize { - return Err(SecurityStateError::from("subject is too long")); - } - bytes.write_u16::<NetworkEndian>(self.subject.len() as u16)?; + bytes.write_u16::<NetworkEndian>( + self.subject + .len() + .try_into() + .map_err(|_| SecurityStateError::from("subject is too long"))?, + )?; bytes.extend_from_slice(&self.subject); bytes.write_i16::<NetworkEndian>(self.trust)?; Ok(bytes) @@ -1183,7 +1188,7 @@ fn load_crlite_stash_from_reader_into_map( let issuer_spki_hash_len = reader.read_u8().map_err(|e| { SecurityStateError::from(format!("error reading stash issuer_spki_hash_len: {}", e)) })?; - let mut issuer_spki_hash = vec![0; issuer_spki_hash_len as usize]; + let mut issuer_spki_hash = vec![0; issuer_spki_hash_len.into()]; reader.read_exact(&mut issuer_spki_hash).map_err(|e| { SecurityStateError::from(format!("error reading stash issuer_spki_hash: {}", e)) })?; @@ -1192,7 +1197,7 @@ fn load_crlite_stash_from_reader_into_map( let serial_len = reader.read_u8().map_err(|e| { SecurityStateError::from(format!("error reading stash serial_len: {}", e)) })?; - let mut serial = vec![0; serial_len as usize]; + let mut serial = vec![0; serial_len.into()]; reader.read_exact(&mut serial).map_err(|e| { SecurityStateError::from(format!("error reading stash serial: {}", e)) })?; View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a45b65… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/a45b65… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-13.5.12-build1
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag tbb-13.5.12-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41351: Prepare Tor Browser Legacy 13.5.12
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 45eb8dd6 by Pier Angelo Vendrame at 2025-02-03T11:52:30+01:00 Bug 41351: Prepare Tor Browser Legacy 13.5.12 - - - - - 4 changed files: - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/firefox/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,15 @@ +Tor Browser 13.5.12 - February 04 2025 + * All Platforms + * Updated Firefox to 115.20.0esr + * Bug 43447: Backport stable and legacy: Some .tor.onion sites are not displaying the underlying V3 onion address in alpha [tor-browser] + * Bug 43450: Rebase Tor Browser legacy onto 115.20.0esr [tor-browser] + * Bug 43451: Backport security fixes from Firefox 135 [tor-browser] + * Build System + * All Platforms + * Bug 41324: Improve build signing ergonomics [tor-browser-build] + * Bug 41350: Increase timeout in rcodesign-notary-submit [tor-browser-build] + * Bug 41357: keyring/anti-censorship.gpg is in `GPG keybox database version 1` format [tor-browser-build] + Tor Browser 13.5.11 - July 01 2025 * All Platforms * Updated Firefox to 115.19.0esr ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: 115.19.0 + firefox_platform_version: 115.20.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '13.5' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 1 + browser_build: 3 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: bb1df34ec79d55dcd1e0ebc80cb2c72d27c462b7 + git_hash: 93eddbd3888852c09e130d536fb3c9bd7e4e6f57 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: ed3c2270e0a932596abb9fdb9a9f7151fb74d3a1 + git_hash: dd30508387040bf0a1217a1eb9edb80ac21926f2 targets: nightly: git_hash: 'tor-browser' ===================================== rbm.conf ===================================== @@ -73,19 +73,18 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '13.5.11' + torbrowser_version: '13.5.12' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/01/06 13:10:30' + browser_release_date: '2025/02/03 10:30:01' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - 13.5.11 - 13.5.10 - 13.5.9 - # 13.5.8 was Android-only - - 13.5.7 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' # By default, we sort the list of installed packages. This allows sharing View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/4… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-14.0.5-build1
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag mb-14.0.5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-14.0.5-build1
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag tbb-14.0.5-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41336,41344: Prepare Tor,Mullvad Browsers 14.0.5
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 12b1eb01 by Pier Angelo Vendrame at 2025-02-03T11:27:11+01:00 Bug 41336,41344: Prepare Tor,Mullvad Browsers 14.0.5 - - - - - 8 changed files: - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/translation/config - rbm.conf Changes: ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,20 @@ +Mullvad Browser 14.0.5 - February 04 2025 + * All Platforms + * Updated Firefox to 128.7.0esr + * Updated Mullvad Browser Extension to 0.9.4 + * Updated uBlock Origin to 1.62.0 + * Bug 390: Rebase Mullvad Browser release onto Firefox 128.7.0esr [mullvad-browser] + * Bug 41065: navigator.storage "best effort" + "persistent" leak partitionSize/totalSpace entropy [tor-browser] + * Bug 43386: Extension requests expose Firefox's minor version and custom app name [tor-browser] + * Bug 43451: Backport security fixes from Firefox 135 [tor-browser] + * Linux + * Bug 43236: High refresh rate detectable by websites when Wayland (MOZ_ENABLE_WAYLAND=1) is used [tor-browser] + * Build System + * All Platforms + * Bug 41324: Improve build signing ergonomics [tor-browser-build] + * Bug 41343: Add signing step to clean some files such as test artifacts [tor-browser-build] + * Bug 41350: Increase timeout in rcodesign-notary-submit [tor-browser-build] + Mullvad Browser 14.0.4 - January 07 2025 * All Platforms * Updated Firefox to 128.6.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,28 @@ +Tor Browser 14.0.5 - February 04 2025 + * All Platforms + * Bug 41065: navigator.storage "best effort" + "persistent" leak partitionSize/totalSpace entropy [tor-browser] + * Bug 43386: Extension requests expose Firefox's minor version and custom app name [tor-browser] + * Bug 43447: Backport stable and legacy: Some .tor.onion sites are not displaying the underlying V3 onion address in alpha [tor-browser] + * Bug 43448: Rebase Tor Browser release onto 128.7.0esr [tor-browser] + * Bug 43451: Backport security fixes from Firefox 135 [tor-browser] + * Bug 41328: Exclude tor dependencies from LD_LIBRARY_PATH [tor-browser-build] + * Windows + macOS + Linux + * Updated Firefox to 128.7.0esr + * Bug 43312: Download popup panel progress bar overflows [tor-browser] + * Linux + * Bug 43236: High refresh rate detectable by websites when Wayland (MOZ_ENABLE_WAYLAND=1) is used [tor-browser] + * Bug 43326: Launching tor-browser on gentoo fails with "version `OPENSSL_3.2.0' not found" [tor-browser] + * Android + * Updated GeckoView to 128.7.0esr + * Build System + * All Platforms + * Updated Go to 1.22.11 + * Bug 41324: Improve build signing ergonomics [tor-browser-build] + * Bug 41343: Add signing step to clean some files such as test artifacts [tor-browser-build] + * Bug 41345: Go autoupdates in 1.23 so add env var to prevent it in any step that has network access [tor-browser-build] + * Bug 41350: Increase timeout in rcodesign-notary-submit [tor-browser-build] + * Bug 41357: keyring/anti-censorship.gpg is in `GPG keybox database version 1` format [tor-browser-build] + Tor Browser 14.0.4 - January 07 2025 * All Platforms * Updated NoScript to 12.1.1 ===================================== projects/browser/config ===================================== @@ -111,13 +111,13 @@ input_files: - URL: https://addons.mozilla.org/firefox/downloads/file/4411102/noscript-12.1.1.x… name: noscript sha256sum: f9639e63ffcfc352036de00e4ff6694bb0ca65a0bb8fbd103bd08f32dc1ff31a - - URL: https://addons.mozilla.org/firefox/downloads/file/4391011/ublock_origin-1.6… + - URL: https://addons.mozilla.org/firefox/downloads/file/4412673/ublock_origin-1.6… name: ublock-origin - sha256sum: ee3a724a46ff32c17d1723077fecc6ede7fdab742154020b51fb6253ddcbba14 + sha256sum: 8a9e02aa838c302fb14e2b5bc88a6036d36358aadd6f95168a145af2018ef1a3 enable: '[% c("var/mullvad-browser") %]' - - URL: https://cdn.mullvad.net/browser-extension/0.9.3/mullvad-browser-extension-0… + - URL: https://cdn.mullvad.net/browser-extension/0.9.4/mullvad-browser-extension-0… name: mullvad-extension - sha256sum: fc6bc7c850adf8845fec15b7ea06324f65f843155e2cc5dbd8719e34436512af + sha256sum: c91fcf30fe9a998f45ddc92e083bca4cd7b6dbb24fc545391e155ed1ec13c8cb enable: '[% c("var/mullvad-browser") %]' - filename: 'gtk3-settings.ini' enable: '[% c("var/linux") %]' ===================================== projects/firefox/config ===================================== @@ -14,12 +14,12 @@ container: use_container: 1 var: - firefox_platform_version: '128.6.0' + firefox_platform_version: '128.7.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 1 + browser_build: 2 branding_directory_prefix: 'tb' copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' ===================================== projects/geckoview/config ===================================== @@ -16,12 +16,12 @@ container: build_apk: 1 var: - firefox_platform_version: '128.6.0' + firefox_platform_version: '128.7.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '14.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 1 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci").remove("-.*") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse HEAD") %]' ===================================== projects/go/config ===================================== @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: '1.22.10' +version: '1.22.11' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 @@ -126,7 +126,7 @@ input_files: enable: '[% ! c("var/linux") %]' - URL: 'https://go.dev/dl/go[% c("version") %].src.tar.gz' name: go - sha256sum: 1e94fd48be750d1fafb4d9b3b6dd31a6e9d2735d339bf2462bc97b64ca4c1037 + sha256sum: a60c23dec95d10a2576265ce580f57869d5ac2471c4f4aca805addc9ea0fc9fe - project: go-bootstrap name: go-bootstrap target_replace: ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: bb1df34ec79d55dcd1e0ebc80cb2c72d27c462b7 + git_hash: 93eddbd3888852c09e130d536fb3c9bd7e4e6f57 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: ed3c2270e0a932596abb9fdb9a9f7151fb74d3a1 + git_hash: dd30508387040bf0a1217a1eb9edb80ac21926f2 targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: b930eefd13fc90c515bcf9784b8175fc483b62da + git_hash: 9b5c720e96df3a54f65e5a4e86b162845971f725 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -73,24 +73,23 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '14.0.4' + torbrowser_version: '14.0.5' torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/01/06 12:57:32' + browser_release_date: '2025/02/03 10:00:00' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: - - '14.0.3' - - '[% IF c("var/tor-browser") %]14.0.2[% END %]' - - '[% IF c("var/tor-browser") %]14.0.1[% END %]' + - 14.0.4 + - 14.0.3 - '[% IF c("var/mullvad-browser") %]14.0[% END %]' - - '[% IF c("var/mullvad-browser") %]13.5.9[% END %]' + - '[% IF c("var/tor-browser") %]14.0.2[% END %]' mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.11 - torbrowser_legacy_platform_version: 115.19.0 + torbrowser_legacy_version: 13.5.12 + torbrowser_legacy_platform_version: 115.20.0 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/1… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new branch mullvad-browser-128.7.0esr-14.5-1
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new branch mullvad-browser-128.7.0esr-14.5-1 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-115.20.0esr-13.5-1-build2
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag tor-browser-115.20.0esr-13.5-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.20.0esr-13.5-1] fixup! Bug 40458: Implement .tor.onion aliases
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch tor-browser-115.20.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: a45b6577 by Henry Wilkes at 2025-02-03T11:49:16+01:00 fixup! Bug 40458: Implement .tor.onion aliases TB 41831: Add additional effective TLD for abc.au.securedrop.tor.onion exception. - - - - - 1 changed file: - netwerk/dns/effective_tld_names.dat Changes: ===================================== netwerk/dns/effective_tld_names.dat ===================================== @@ -5065,6 +5065,10 @@ pro.om onion tor.onion securedrop.tor.onion +// An additional TLD for abc.au.securedrop.tor.onion only. +// See tor-browser#41831. +// TODO: Remove once abc.au has migrated. See tor-browser#43443. +au.securedrop.tor.onion // org : https://www.iana.org/domains/root/db/org.html org View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a45b657… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/a45b657… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser] Pushed new tag tor-browser-128.7.0esr-14.0-1-build2
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag tor-browser-128.7.0esr-14.0-1-build2 at The Tor Project / Applications / Tor Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/tree/tor-brows… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser] Pushed new tag mullvad-browser-128.7.0esr-14.0-1-build2
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed new tag mullvad-browser-128.7.0esr-14.0-1-build2 at The Tor Project / Applications / Mullvad Browser -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser/-/tree/mullv… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Bug 41357: Fix format of keyring/anti-censorship.gpg
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 5aede602 by Nicolas Vigier at 2025-02-03T10:39:41+01:00 Bug 41357: Fix format of keyring/anti-censorship.gpg - - - - - 1 changed file: - keyring/anti-censorship.gpg Changes: ===================================== keyring/anti-censorship.gpg ===================================== Binary files a/keyring/anti-censorship.gpg and b/keyring/anti-censorship.gpg differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-14.0] Bug 41357: Fix format of keyring/anti-censorship.gpg
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build Commits: 901a0924 by Nicolas Vigier at 2025-02-03T10:39:10+01:00 Bug 41357: Fix format of keyring/anti-censorship.gpg - - - - - 1 changed file: - keyring/anti-censorship.gpg Changes: ===================================== keyring/anti-censorship.gpg ===================================== Binary files a/keyring/anti-censorship.gpg and b/keyring/anti-censorship.gpg differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/9… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][main] Bug 41357: Fix format of keyring/anti-censorship.gpg
by Pier Angelo Vendrame (＠pierov) 03 Feb '25

03 Feb '25

Pier Angelo Vendrame pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 5f52452e by Nicolas Vigier at 2025-02-02T10:12:24+01:00 Bug 41357: Fix format of keyring/anti-censorship.gpg - - - - - 1 changed file: - keyring/anti-censorship.gpg Changes: ===================================== keyring/anti-censorship.gpg ===================================== Binary files a/keyring/anti-censorship.gpg and b/keyring/anti-censorship.gpg differ View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0