This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch tor-browser-102.4.0esr-12.0-2 in repository tor-browser.
The following commit(s) were added to refs/heads/tor-browser-102.4.0esr-12.0-2 by this push: new 46dcad9a70ad squash! Firefox preference overrides. 46dcad9a70ad is described below
commit 46dcad9a70ad2ed3785f6607e470f927da39be02 Author: Richard Pospesel richard@torproject.org AuthorDate: Wed Nov 2 20:39:17 2022 +0000
squash! Firefox preference overrides.
Bug 40183: Disable TLS ciphersuites using SHA-1 --- browser/app/profile/001-base-profile.js | 12 ++++++++++++ 1 file changed, 12 insertions(+)
diff --git a/browser/app/profile/001-base-profile.js b/browser/app/profile/001-base-profile.js index caf2f00ad8d6..3f93614a7bbb 100644 --- a/browser/app/profile/001-base-profile.js +++ b/browser/app/profile/001-base-profile.js @@ -79,6 +79,18 @@ pref("dom.security.https_only_mode.upgrade_onion", false); // [4] https://www.ssllabs.com/ssl-pulse/ pref("security.ssl.require_safe_negotiation", true);
+// Bug 40183: Disable TLS ciphersuites using SHA-1 +// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183 +pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked); +pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked); +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked); +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked); +pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked); +pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked); +pref("security.ssl3.rsa_aes_128_sha", false, locked); +pref("security.ssl3.rsa_aes_256_sha", false, locked); + + // Misc privacy: Remote pref("browser.send_pings", false); pref("geo.enabled", false);