commit 583cbc0936483ee9cef8e58497458f3ce3420d5c Author: Georg Koppen gk@torproject.org Date: Mon Apr 25 07:54:07 2016 +0000
Release preparations for 6.0a5-hardened
Version bumps, changelog update and config.yml update --- Bundle-Data/Docs/ChangeLog.txt | 41 ++++++++++++++++++++++++++++++++++++ gitian/versions.alpha | 44 ++++++++++++++++++++++++++------------- tools/update-responses/config.yml | 13 ++++++------ 3 files changed, 76 insertions(+), 22 deletions(-)
diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index f348f23..dd8269f 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,44 @@ +Tor Browser 6.0a5-hardened -- April 27 2016 + * All Platforms + * Update Firefox to 45.1.0esr + * Update Tor to 0.2.8.2-alpha + * Update Torbutton to 1.9.5.3 + * Bug 18466: Make Torbutton compatible with Firefox ESR 45 + * Translation updates + * Update Tor Launcher to 0.2.8.4 + * Bug 13252: Do not store data in the application bundle + * Bug 10534: Don't advertise the help desk directly anymore + * Translation updates + * Update HTTPS-Everywhere to 5.1.6 + * Update NoScript to 2.9.0.11 + * Update meek to 0.22 (tag 0.22-18371-2) + * Bug 18371: Symlinks are incompatible with Gatekeeper signing + * Bug 15197 and child tickets: Rebase Tor Browser patches to ESR 45 + * Bug 18042: Disable SHA1 certificate support + * Bug 18821: Disable libmdns support for desktop and mobile + * Bug 18848: Disable additional welcome URL shown on first start + * Bug 14970: Exempt our extensions from signing requirement + * Bug 16328: Disable MediaDevices.enumerateDevices + * Bug 16673: Disable HTTP Alternative-Services + * Bug 17167: Disable Mozilla's tracking protection + * Bug 18603: Disable performance-based WebGL fingerprinting option + * Bug 18738: Disable Selfsupport and Unified Telemetry + * Bug 18799: Disable Network Tickler + * Bug 18800: Remove DNS lookup in lockfile code + * Bug 18801: Disable dom.push preferences + * Bug 18802: Remove the JS-based Flash VM (Shumway) + * Bug 18863: Disable MozTCPSocket explicitly + * Bug 15640: Place Canvas MediaStream behind site permission + * Bug 16326: Verify cache isolation for Request and Fetch APIs + * Bug 18741: Fix OCSP and favicon isolation for ESR 45 + * Bug 16998: Disable <link rel="preconnect"> for now + * Bug 17506: Reenable building hardened Tor Browser with startup cache + * Bug 18726: Add new default obfs4 bridge (GreenBelt) + * Build System + * Bug 16224: Don't use BUILD_HOSTNAME anymore in Firefox builds + * Bug 18699: Stripping fails due to obsolete Browser/components directory + * Bug 18698: Include libgconf2-dev for our Linux builds + Tor Browser 6.0a4-hardened -- March 17 2016 * All Platforms * Update Firefox to 38.7.1esr diff --git a/gitian/versions.alpha b/gitian/versions.alpha index 71058ca..2a8e10f 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -9,29 +9,35 @@ BUILD_PT_BUNDLES=1 # that does not include the language prompt. MULTI_LINGUAL=1
+# DATA_OUTSIDE_APP_DIR is only implemented for Mac OS. +DATA_OUTSIDE_APP_DIR=1 + VERIFY_TAGS=1
-FIREFOX_VERSION=38.7.1esr +FIREFOX_VERSION=45.1.0esr
TORBROWSER_UPDATE_CHANNEL=hardened
-TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-6.0-1-build1 -TOR_TAG=tor-0.2.8.1-alpha -TORLAUNCHER_TAG=0.2.8.3 -TORBUTTON_TAG=1.9.5.2 -HTTPSE_TAG=5.1.4 +TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-6.0-1-build2 +TOR_TAG=tor-0.2.8.2-alpha +TORLAUNCHER_TAG=0.2.8.4 +TORBUTTON_TAG=1.9.5.3 +HTTPSE_TAG=5.1.6 NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable -MINGW_TAG=a883b47a45ff74ced41dfbd9f748d5c2c61f3c01 # due to bug 1156131 +CMAKE_TAG=v2.8.12.2 +LLVM_TAG=8f188e0ea735ac9383a65a0d1c846eb790c2ec74 # r247539 +CLANG_TAG=592b43b609b42cffd1531a700c140e10766bf049 # r247539 +MINGW_TAG=a0cd5afeb60be3be0860e9a203314c10485bb9b8 PYPTLIB_TAG=pyptlib-0.0.6 OBFSPROXY_TAG=obfsproxy-0.2.12 LIBFTE_TAG=85ef8ae58dbf0d02ea26b627e343784b5574c428 # sketch master with fix FTEPROXY_TAG=597f8378f6f4f3de570b8e1064c2e4cb8d67fbd0 # tag 0.2.19 LIBDMG_TAG=dfd5e5cc3dc1191e37d3c3a6118975afdd1d7014 TXSOCKSX_TAG=216eb0894a1755872f4789f9458aa6cf543b8433 # unsigned habnabit/1.13.0.2 -GOPTLIB_TAG=0.2 -MEEK_TAG=0.20 +GOPTLIB_TAG=0.5 +MEEK_TAG=0.22-18371-2 FAKETIME_TAG=70aa6b394d9341522dffe8a5a5cf5929e82cc6b9 # unsigned v0.9.6 GOED25519_TAG=c4161f4c7483313562781c61b9a20aba73daf9de GOSIPHASH_TAG=42ba037e748c9062a75e0924705c43b893edefcd @@ -40,7 +46,7 @@ GO_X_NET_TAG=7dbad50ab5b31073856416cdcfeb2796d682f844 OBFS4_TAG=obfs4proxy-0.0.5 NOTOFONTS_TAG=720e34851382ee3c1ef024d8dffb68ffbfb234c2
-GITIAN_TAG=tor-browser-builder-3.x-9 +GITIAN_TAG=tor-browser-builder-4-1
OPENSSL_VER=1.0.1s GMP_VER=5.1.3 @@ -48,6 +54,7 @@ FIREFOX_LANG_VER=$FIREFOX_VERSION FIREFOX_LANG_BUILD=build1 BINUTILS_VER=2.24 GCC_VER=5.2.0 +CLANG_VER=r247539 PYTHON_VER=2.7.5 PYCRYPTO_VER=2.6.1 ARGPARSE_VER=1.2.1 @@ -58,13 +65,14 @@ PY2EXE_VER=0.6.9 SETUPTOOLS_VER=1.4 PARSLEY_VER=1.2 GO_VER=1.4.2 +NSIS_VER=2.51
## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.4-fx+fn+sm.xpi -TOOLCHAIN4_PACKAGE=x86_64-apple-darwin10.tar.xz +NOSCRIPT_PACKAGE=noscript_security_suite-2.9.0.11-fn+sm+fx.xpi TOOLCHAIN4_OLD_PACKAGE=multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz +CCTOOLS_PACKAGE=cctools.tar.gz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz OSXSDK_OLD_PACKAGE=apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb MSVCR100_PACKAGE=msvcr100.dll @@ -80,6 +88,8 @@ PY2EXE_PACKAGE=py2exe-${PY2EXE_VER}.win32-py2.7.exe SETUPTOOLS_PACKAGE=setuptools-${SETUPTOOLS_VER}.tar.gz PARSLEY_PACKAGE=Parsley-${PARSLEY_VER}.tar.gz GO_PACKAGE=go${GO_VER}.src.tar.gz +NSIS_PACKAGE=nsis-${NSIS_VER}-src.tar.bz2 +NSIS_DEBIAN_PACKAGE=nsis_${NSIS_VER}-1.debian.tar.xz STIXMATHFONT_PACKAGE=STIXv1.1.1-latex.zip NOTOEMOJIFONT_PACKAGE=NotoEmoji-Regular.ttf NOTOJPFONT_PACKAGE=NotoSansJP-Regular.otf @@ -92,9 +102,9 @@ OPENSSL_HASH=e7e81d82f3cd538ab0cdba494006d44aab9dd96b7f6233ce9971fb7c7916d511 GMP_HASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160 OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf OSXSDK_OLD_HASH=6602d8d5ddb371fbc02e2a5967d9bd0cd7358d46f9417753c8234b923f2ea6fc -TOOLCHAIN4_HASH=7b71bfe02820409b994c5c33a7eab81a81c72550f5da85ff7af70da3da244645 TOOLCHAIN4_OLD_HASH=65c1b2d302358a6b95a26c6828a66908a199276193bb0b268f2dcc1a997731e9 -NOSCRIPT_HASH=94d036ff45116023bde97e6dee6c79daf2d28804764bfa8937f5d4d3463173f5 +NOSCRIPT_HASH=fdd965a69188ac651b08a7d3ada54821a89db10a4685aa73ba59edc0b8243390 +CCTOOLS_HASH=e908fdebc2886ee5491ebfc7e7950af451b3c4e2439c2d7a923ed06ad05113e4 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c ARGPARSE_HASH=ddaf4b0a618335a32b6664d4ae038a1de8fbada3b25033f9021510ed2b3941a4 @@ -105,6 +115,8 @@ PY2EXE_HASH=610a8800de3d973ed5ed4ac505ab42ad058add18a68609ac09e6cf3598ef056c SETUPTOOLS_HASH=75d288687066ed124311d6ca5f40ffa92a0e81adcd7fff318c6e84082713cf39 PARSLEY_HASH=50d30cee70770fd44db7cea421cb2fb75af247c3a1cd54885c06b30a7c85dd23 GO_HASH=299a6fd8f8adfdce15bc06bde926e7b252ae8e24dd5b16b7d8791ed79e7b5e9b +NSIS_HASH=43d4c9209847e35eb6e2c7cd5a7586e1445374c056c2c7899e40a080e17a1be7 +NSIS_DEBIAN_HASH=1dee6957b4a4b8dfe69bcf28bc7f301a13b96b3fa5a394e36c8926ae781e774a GCC_HASH=5f835b04b5f7dd4f4d2dc96190ec1621b8d89f2dc6f638f9f8bc1b1014ba8cad STIXMATHFONT_HASH=e3b0f712e2644438eee2d0dcd2b10b2d54f1b972039de95b2f8e800bae1adbd8 NOTOEMOJIFONT_HASH=415dc6290378574135b64c808dc640c1df7531973290c4970c51fdeb849cb0c5 @@ -116,8 +128,8 @@ NOTOTCFONT_HASH=e6b82f7d3dab605c428161124ceb5e169cde93de632d800297b167cdd88e7baa ## Non-git package URLs OPENSSL_URL=https://www.openssl.org/source/$%7BOPENSSL_PACKAGE%7D GMP_URL=https://ftp.gnu.org/gnu/gmp/$%7BGMP_PACKAGE%7D -TOOLCHAIN4_URL=https://people.torproject.org/~mikeperry/mirrors/sources/$%7BTOOLCHAIN4_PACK... TOOLCHAIN4_OLD_URL=https://people.torproject.org/~mikeperry/mirrors/sources/$%7BTOOLCHAIN4_OLD_... +CCTOOLS_URL=https://people.torproject.org/~gk/mirrors/sources/$%7BCCTOOLS_PACKAGE%7D OSXSDK_URL=https://launchpad.net/~flosoft/+archive/cross-apple/+files/$%7BOSXSDK_PACKAG... BINUTILS_URL=https://ftp.gnu.org/gnu/binutils/$%7BBINUTILS_PACKAGE%7D GCC_URL=https://ftp.gnu.org/gnu/gcc/gcc-$%7BGCC_VER%7D/$%7BGCC_PACKAGE%7D @@ -133,6 +145,8 @@ PY2EXE_URL=http://liquidtelecom.dl.sourceforge.net/project/py2exe/py2exe/$%7BPY2EX SETUPTOOLS_URL=https://pypi.python.org/packages/source/s/setuptools/$%7BSETUPTOOLS_PACKAGE%... PARSLEY_URL=https://pypi.python.org/packages/source/P/Parsley/$%7BPARSLEY_PACKAGE%7D GO_URL=https://golang.org/dl/$%7BGO_PACKAGE%7D +NSIS_URL=http://downloads.sourceforge.net/nsis/$%7BNSIS_PACKAGE%7D +NSIS_DEBIAN_URL=http://http.debian.net/debian/pool/main/n/nsis/$%7BNSIS_DEBIAN_PACKAGE%7D STIXMATHFONT_URL=http://iweb.dl.sourceforge.net/project/stixfonts/Current%20Release/$%7BSTIXM... NOTOEMOJIFONT_URL=https://github.com/googlei18n/noto-emoji/raw/2f1ffdd6fbbd05d6f382138a3d3adcd... NOTOCJKBASE_URL=https://github.com/googlei18n/noto-cjk/raw/f36eda03dfa5582a6d49abbfb5c83d020... diff --git a/tools/update-responses/config.yml b/tools/update-responses/config.yml index ceaaf10..73b1cf8 100644 --- a/tools/update-responses/config.yml +++ b/tools/update-responses/config.yml @@ -9,7 +9,7 @@ build_targets: osx32: Darwin_x86-gcc3 osx64: Darwin_x86_64-gcc3 channels: - hardened: 6.0a4-hardened + hardened: 6.0a5-hardened release: 5.0 versions: 5.0: @@ -23,13 +23,12 @@ versions: osx32: minSupportedOSVersion: 10.8 detailsURL: https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs#updat... - 6.0a4-hardened: - platformVersion: 38.7.1 - detailsURL: https://blog.torproject.org/blog/tor-browser-60a4-hardened-released - download_url: https://www.torproject.org/dist/torbrowser/6.0a4-hardened + 6.0a5-hardened: + platformVersion: 45.1.0 + detailsURL: https://blog.torproject.org/blog/tor-browser-60a5-hardened-released + download_url: https://www.torproject.org/dist/torbrowser/6.0a5-hardened incremental_from: - - 6.0a2-hardened - - 6.0a3-hardened + - 6.0a4-hardened migrate_archs: osx32: osx64 osx32: