|
1
|
+Tor Browser 13.0a1 - July 20 2023
|
|
2
|
+ * All Platforms
|
|
3
|
+ * Updated Translations
|
|
4
|
+ * Updated NoScript to 11.4.25
|
|
5
|
+ * Updated OpenSSL to 3.0.9
|
|
6
|
+ * Updated Go to 1.20.6
|
|
7
|
+ * Updated tor to 0.4.8.2-alpha
|
|
8
|
+ * Bug 40577: Add "suggest url" in DDG onion's manifest [tor-browser]
|
|
9
|
+ * Bug 40885: Bump version of snowflake to v2.6.0 [tor-browser-build]
|
|
10
|
+ * Bug 40887: Update Webtunnel version to 38eb5505 [tor-browser-build]
|
|
11
|
+ * Bug 41092: Enable tracking query parameters stripping [tor-browser]
|
|
12
|
+ * Bug 41399: Update Mozilla's patch for Bug 1675054 to enable brotli encoding for HTTP onions as well [tor-browser]
|
|
13
|
+ * Bug 41759: Rebase Base Browser to 115 nightly [tor-browser]
|
|
14
|
+ * Bug 41796: Rebase Tor Browser to Firefox 115 [tor-browser]
|
|
15
|
+ * Windows + macOS + Linux
|
|
16
|
+ * Updated Firefox to 115.0.2esr
|
|
17
|
+ * Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser]
|
|
18
|
+ * Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser]
|
|
19
|
+ * Bug 41741: Refactor the domain isolator and new circuit [tor-browser]
|
|
20
|
+ * Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser]
|
|
21
|
+ * Bug 41842: Remove the old removal logics from Torbutton [tor-browser]
|
|
22
|
+ * Bug 41845: Stop forcing (bad) pref values for non-PBM users [tor-browser]
|
|
23
|
+ * Bug 41854: Download Spam Protection cannot be overridden to allow legitimate downloads [tor-browser]
|
|
24
|
+ * Bug 41874: Visual & A11 regressions in add-on badges [tor-browser]
|
|
25
|
+ * Build System
|
|
26
|
+ * All Platforms
|
|
27
|
+ * Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build]
|
|
28
|
+ * Bug 40410: Get rid of python2 [tor-browser-build]
|
|
29
|
+ * Bug 40487: Bump Python version [tor-browser-build]
|
|
30
|
+ * Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build]
|
|
31
|
+ * Bug 40854: Update to OpenSSL 3.0 [tor-browser-build]
|
|
32
|
+ * Bug 40855: Update toolchains for Mozilla 115 [tor-browser-build]
|
|
33
|
+ * Bug 40868: Bump Rust to 1.69.0 [tor-browser-build]
|
|
34
|
+ * Bug 40886: Update README with instructions for Arch linux [tor-browser-build]
|
|
35
|
+ * Bug 40889: Add mullvad sha256sums URL to tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build]
|
|
36
|
+ * Bug 40894: Fix format of keyring/boklm.gpg [tor-browser-build]
|
|
37
|
+ * Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build]
|
|
38
|
+ * Windows
|
|
39
|
+ * Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build]
|
|
40
|
+ * Linux
|
|
41
|
+ * Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build]
|
|
42
|
+
|
|
43
|
+Tor Browser 12.5.1 - July 5 2023
|
|
44
|
+ * All Platforms
|
|
45
|
+ * Updated Translations
|
|
46
|
+ * Updated NoScript to 11.4.24
|
|
47
|
+ * Bug 41860: Rebase 12.5 stable to 102.13esr [tor-browser]
|
|
48
|
+ * Windows + macOS + Linux
|
|
49
|
+ * Updated Firefox to 102.13.0esr
|
|
50
|
+ * Bug 41854: Download Spam Protection cannot be overridden to allow legitimate downloads [tor-browser]
|
|
51
|
+ * Bug 41856: Onion service authorization prompt's key field does not get focus when clicked [tor-browser]
|
|
52
|
+ * Bug 41858: 'Learn more' link in onboarding links to 12.0 release notes and not 12.5 [tor-browser]
|
|
53
|
+ * Android
|
|
54
|
+ * Updated GeckoView to 102.13.0esr
|
|
55
|
+
|
|
56
|
+Tor Browser 12.5.0 - June 15 2023
|
|
57
|
+ * All Platforms
|
|
58
|
+ * Updated Translations
|
|
59
|
+ * Bug 40353: Re-enable rlbox [tor-browser-build]
|
|
60
|
+ * Bug 40711: Review and expand the stakeholders we communicate major changes to [tor-browser-build]
|
|
61
|
+ * Bug 40810: Add Finnish (fi) language support [tor-browser-build]
|
|
62
|
+ * Bug 40817: Add basebrowser-incrementals-nightly makefile target [tor-browser-build]
|
|
63
|
+ * Bug 40833: base-browser nightly is using the default channel instead of nightly [tor-browser-build]
|
|
64
|
+ * Bug 40860: Improve the transition from the old fontconfig file to the new one [tor-browser-build]
|
|
65
|
+ * Bug 41066: Circuit Isolation should take containers into account [tor-browser]
|
|
66
|
+ * Bug 41351: Move the crypto protection patch earlier in the patchset [tor-browser]
|
|
67
|
+ * Bug 41428: Check if we can create our own directories for branding [tor-browser]
|
|
68
|
+ * Bug 41514: eslint broken since migrating torbutton [tor-browser]
|
|
69
|
+ * Bug 41568: Disable LaterRun [tor-browser]
|
|
70
|
+ * Bug 41599: about:networking#networkid should be normalized [tor-browser]
|
|
71
|
+ * Bug 41624: Disable unused about: pages [tor-browser]
|
|
72
|
+ * Bug 41635: Disable the Normandy component at compile time [tor-browser]
|
|
73
|
+ * Bug 41636: Disable back webextension.storage.sync after ensuring NoScript settings won't be lost [tor-browser]
|
|
74
|
+ * Bug 41647: Turn --enable-base-browser in --with-base-browser-version [tor-browser]
|
|
75
|
+ * Bug 41662: Disable about:sync-logs [tor-browser]
|
|
76
|
+ * Bug 41671: Turn media.peerconnection.ice.relay_only to true as defense in depth against WebRTC ICE leaks [tor-browser]
|
|
77
|
+ * Bug 41689: Remove startup.homepage_override_url from Base Browser [tor-browser]
|
|
78
|
+ * Bug 41704: Immediately return on remoteSettings.pollChanges [tor-browser]
|
|
79
|
+ * Bug 41738: Replace the patch to disable live reload with its preference [tor-browser]
|
|
80
|
+ * Bug 41763: TTP-02-003 WP1: Data URI allows JS execution despite safest security level (Low) [tor-browser]
|
|
81
|
+ * Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp [tor-browser]
|
|
82
|
+ * Bug 41818: Remove YEC 2022 strings [tor-browser]
|
|
83
|
+ * Windows + macOS + Linux
|
|
84
|
+ * Bug 165: Fix maximization warning x button and preference [mullvad-browser]
|
|
85
|
+ * Bug 20497: Improve support for non-portable mode [tor-browser]
|
|
86
|
+ * Bug 33298: HTTP onion sites do not give a popup warning when submitting form data to non-onion HTTP sites [tor-browser]
|
|
87
|
+ * Bug 40144: about:privatebrowsing Firefox branding [tor-browser]
|
|
88
|
+ * Bug 40347: URL bar lock icon says connection is not secure when on "view-source:[...].onion" URLs [tor-browser]
|
|
89
|
+ * Bug 40552: New texts for the add a bridge manually modal [tor-browser]
|
|
90
|
+ * Bug 40701: Improve security warning when downloading a file [tor-browser]
|
|
91
|
+ * Bug 40733: Use the new branding directories [tor-browser-build]
|
|
92
|
+ * Bug 40745: Allow customizing MOZ_APP_BASENAME [tor-browser-build]
|
|
93
|
+ * Bug 40773: Copy some documentation files only on Tor Browser [tor-browser-build]
|
|
94
|
+ * Bug 40781: Move translations to new paths [tor-browser-build]
|
|
95
|
+ * Bug 40788: Tor Browser 11.0.4-11.0.6 phoning home [tor-browser]
|
|
96
|
+ * Bug 40808: Set update URL for nightly base-browser [tor-browser-build]
|
|
97
|
+ * Bug 40811: Make testing the updater easier [tor-browser-build]
|
|
98
|
+ * Bug 40958: The number of relays displayed for an onion site can be misleading [tor-browser]
|
|
99
|
+ * Bug 41038: Update "Click to Copy" button label in circuit display [tor-browser]
|
|
100
|
+ * Bug 41080: Some users are choosing an adjacent country for circumvention settings [tor-browser]
|
|
101
|
+ * Bug 41084: Reserve red as a button color for dangerous actions [tor-browser]
|
|
102
|
+ * Bug 41085: Refactor the UI to remove all bridges [tor-browser]
|
|
103
|
+ * Bug 41093: Users don't understand the purpose of bridge-moji [tor-browser]
|
|
104
|
+ * Bug 41109: "New circuit..." button gets cut-off when onion name wraps [tor-browser]
|
|
105
|
+ * Bug 41350: Move the implementation of Bug 19273 out of Torbutton [tor-browser]
|
|
106
|
+ * Bug 41363: Crypto warning popup is not screen reader accessible [tor-browser]
|
|
107
|
+ * Bug 41448: User 'danger' style for primary button in new identity modal [tor-browser]
|
|
108
|
+ * Bug 41483: Tor Browser says Firefox timed out, confusing users [tor-browser]
|
|
109
|
+ * Bug 41503: Disable restart in case of reboot and restore in case of crash [tor-browser]
|
|
110
|
+ * Bug 41521: Improve localization notes [tor-browser]
|
|
111
|
+ * Bug 41533: Page Info window for view-source:http://...onion addresses says Connection Not Encrypted [tor-browser]
|
|
112
|
+ * Bug 41540: Confusing build-id date in about:preferences in alphas [tor-browser]
|
|
113
|
+ * Bug 41562: API-triggered fullscreen after F11 causes letterboxing to crop the page [tor-browser]
|
|
114
|
+ * Bug 41577: Disable profile migration [tor-browser]
|
|
115
|
+ * Bug 41587: Disable the updater for Base Browser [tor-browser]
|
|
116
|
+ * Bug 41595: Disable pagethumbnails capturing [tor-browser]
|
|
117
|
+ * Bug 41600: Some users have difficulty finding the circuit display [tor-browser]
|
|
118
|
+ * Bug 41607: Update "New Circuit" icon [tor-browser]
|
|
119
|
+ * Bug 41608: Improve the UX of the location bar's connection status [tor-browser]
|
|
120
|
+ * Bug 41609: Move the disabling of Firefox Home (Activity Stream) to base-browser [tor-browser]
|
|
121
|
+ * Bug 41613: Skip Drang & Drop filtering for DNS-safe URLs (no hostname, e.g. RFC3966 tel:) [tor-browser]
|
|
122
|
+ * Bug 41617: Improve the UX of the built-in bridges dialog [tor-browser]
|
|
123
|
+ * Bug 41618: Update the iconography used in the status strip in connection settings [tor-browser]
|
|
124
|
+ * Bug 41623: Update connection assist's iconography [tor-browser]
|
|
125
|
+ * Bug 41633: Updating from 12.0.2 to 12.0.3 resets NoScript settings [tor-browser]
|
|
126
|
+ * Bug 41657: Remove --enable-tor-browser-data-outside-app-dir [tor-browser]
|
|
127
|
+ * Bug 41668: Move part of the updater patches to base browser [tor-browser]
|
|
128
|
+ * Bug 41686: Move the 'Bug 11641: Disable remoting by default' commit from base-browser to tor-browser [tor-browser]
|
|
129
|
+ * Bug 41695: Port warning on maximized windows without letterboxing from torbutton [tor-browser]
|
|
130
|
+ * Bug 41699: Tighten up the tor onion alias regular expression [tor-browser]
|
|
131
|
+ * Bug 41701: Reporting an extension does not work [tor-browser]
|
|
132
|
+ * Bug 41702: The connection pill needs to be centered vertically [tor-browser]
|
|
133
|
+ * Bug 41709: sendCommand should not try to send a command forever [tor-browser]
|
|
134
|
+ * Bug 41711: Race condition when opening a new window in New Identity [tor-browser]
|
|
135
|
+ * Bug 41718: Add the external filetype warning to about:downloads [tor-browser]
|
|
136
|
+ * Bug 41719: Update title and button strings in the new circuit display to sentence case [tor-browser]
|
|
137
|
+ * Bug 41725: Stray connectionPane.xhtml patch [tor-browser]
|
|
138
|
+ * Bug 41726: Animate the torconnect icon to transition between connected states [tor-browser]
|
|
139
|
+ * Bug 41734: Add a 'Connected' flag to indicate which built-in bridge option Tor Browser is currently using [tor-browser]
|
|
140
|
+ * Bug 41736: Customize the default CustomizableUI toolbar using CustomizableUI.jsm [tor-browser]
|
|
141
|
+ * Bug 41749: Replace the onion-glyph with dedicated icon for onion services [tor-browser]
|
|
142
|
+ * Bug 41770: Keyboard navigation broken leaving the toolbar tor circuit button [tor-browser]
|
|
143
|
+ * Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp [tor-browser]
|
|
144
|
+ * Bug 41785: Network monitor in developer tools shows HTTP onion resources as insecure [tor-browser]
|
|
145
|
+ * Bug 41792: Drag and Drop protection prevents dragging downloads [tor-browser]
|
|
146
|
+ * Bug 41800: Add the external filetype warning to Library / Manage Bookmarks [tor-browser]
|
|
147
|
+ * Bug 41801: Fix handleProcessReady in TorSettings.init [tor-browser]
|
|
148
|
+ * Bug 41802: Bad regex used to extract transport from bridgeline [tor-browser]
|
|
149
|
+ * Bug 41810: Add "Connect" buttons to Request Bridge and Provide Bridge modals [tor-browser]
|
|
150
|
+ * Bug 41816: The top navigation in about:torconnect isn't updated correctly [tor-browser]
|
|
151
|
+ * Bug 41841: Use the new onion-site.svg icon in the onion-location pill [tor-browser]
|
|
152
|
+ * Windows + Linux
|
|
153
|
+ * Bug 40714: Ship NoScript in the distribution directory also for Windows and Linux [tor-browser-build]
|
|
154
|
+ * Bug 41654: UpdateInfo jumped into Data [tor-browser]
|
|
155
|
+ * Windows
|
|
156
|
+ * Bug 40772: Check and fix HiDPI issues in the NSIS installer [tor-browser-build]
|
|
157
|
+ * Bug 40793: Add some metadata also to the Windows installer [tor-browser-build]
|
|
158
|
+ * Bug 40801: Correct the ExecShell for system-wide installs in the NSIS script [tor-browser-build]
|
|
159
|
+ * Bug 41459: WebRTC fails to build under mingw [tor-browser]
|
|
160
|
+ * Bug 41678: WebRTC build fix patches incorrectly defining pid_t [tor-browser]
|
|
161
|
+ * Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser]
|
|
162
|
+ * macOS
|
|
163
|
+ * Bug 40719: Allow non-universal macOS builds also on base-browser [tor-browser-build]
|
|
164
|
+ * Bug 41535: Remove the old, unused and undocumented "-invisible" macOS CLI flag [tor-browser]
|
|
165
|
+ * Linux
|
|
166
|
+ * Bug 40830: The fontconfig directory is missing in Base Browser [tor-browser-build]
|
|
167
|
+ * Bug 41163: Many bundled fonts are blocked in Ubuntu/Fedora because of RFP [tor-browser]
|
|
168
|
+ * Bug 41732: implement linux font whitelist as defense-in-depth [tor-browser]
|
|
169
|
+ * Android
|
|
170
|
+ * Bug 41001: Remove remaining security slider code [tor-browser]
|
|
171
|
+ * Bug 41185: Hide learn more about sync [tor-browser]
|
|
172
|
+ * Bug 41634: Google Play incorrectly detects that libTor.so is built with OpenSSL 1.1.1b [tor-browser]
|
|
173
|
+ * Bug 41667: Enable media.peerconnection.ice.obfuscate_host_addresses on Android for defense-in-depth [tor-browser]
|
|
174
|
+ * Bug 41677: Remove the --disable-tor-browser-update flag on Android [tor-browser]
|
|
175
|
+ * Build System
|
|
176
|
+ * All Platforms
|
|
177
|
+ * Updated Go to 1.20.5
|
|
178
|
+ * Bug 40673: Avoid building each go module separately [tor-browser-build]
|
|
179
|
+ * Bug 40679: Use the latest translations for nightly builds [tor-browser-build]
|
|
180
|
+ * Bug 40689: Update Ubuntu version from projects/mmdebstrap-image/config to 22.04.1 [tor-browser-build]
|
|
181
|
+ * Bug 40717: Create a script to prepare changelogs [tor-browser-build]
|
|
182
|
+ * Bug 40720: Update fetch-changelogs.py scripts to support new Build System label [tor-browser-build]
|
|
183
|
+ * Bug 40750: Find why rlbox hurts reproducibility [tor-browser-build]
|
|
184
|
+ * Bug 40751: make signtag-* needs to take project name into account [tor-browser-build]
|
|
185
|
+ * Bug 40753: We should not copy mar tools when the updater is disabled [tor-browser-build]
|
|
186
|
+ * Bug 40760: Add BSD packager contacts to release prep templates [tor-browser-build]
|
|
187
|
+ * Bug 40763: Add support for signing multiple browsers in tools/signing/nightly [tor-browser-build]
|
|
188
|
+ * Bug 40783: Update download-unsigned-sha256sums-gpg-signatures-from-people-tpo to use $projectname prefix directory [tor-browser-build]
|
|
189
|
+ * Bug 40784: Fix var_p/nightly_torbrowser_incremental_from after #40737 [tor-browser-build]
|
|
190
|
+ * Bug 40794: Include the build-id in firefox-l10n output name [tor-browser-build]
|
|
191
|
+ * Bug 40795: Trim down tor-browser-build release prep issue templates [tor-browser-build]
|
|
192
|
+ * Bug 40796: Bad UX for the changelogs script when using the issue number [tor-browser-build]
|
|
193
|
+ * Bug 40805: Define the version flag for all browsers [tor-browser-build]
|
|
194
|
+ * Bug 40807: Add config for signing base-browser nightly in tools/signing/nightly [tor-browser-build]
|
|
195
|
+ * Bug 40812: Make var/rezip in projects/firefox/config quiet [tor-browser-build]
|
|
196
|
+ * Bug 40818: Enable wasm target for rust compiler [tor-browser-build]
|
|
197
|
+ * Bug 40828: Use http://archive.debian.org/debian-archive/ for jessie [tor-browser-build]
|
|
198
|
+ * Bug 40837: Rebase mullvad-browser build changes onto main [tor-browser-build]
|
|
199
|
+ * Bug 40870: Remove url without browser name from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build]
|
|
200
|
+ * Bug 41649: Create rebase and security backport gitlab issue templates [tor-browser]
|
|
201
|
+ * Bug 41682: Add base-browser nightly mar signing key [tor-browser]
|
|
202
|
+ * Windows + macOS + Linux
|
|
203
|
+ * Bug 33953: Provide a way for easily updating Go dependencies of projects [tor-browser-build]
|
|
204
|
+ * Bug 40713: Use the new tor-browser l10n branch in Firefox [tor-browser-build]
|
|
205
|
+ * Bug 40777: Create a Go bootstrap project [tor-browser-build]
|
|
206
|
+ * Bug 40778: Disable all translations with testbuilds in Firefox [tor-browser-build]
|
|
207
|
+ * Bug 40788: Remove all languages but en-US for privacy-browser build target [tor-browser-build]
|
|
208
|
+ * Bug 40809: Remove --enable-tor-browser-update and --enable-verify-mar from projects/firefox/mozconfig [tor-browser-build]
|
|
209
|
+ * Bug 40813: Enable var/updater_enabled for basebrowser nightly [tor-browser-build]
|
|
210
|
+ * Bug 40823: Update appname_* variables in projects/release/update_responses_config.yml [tor-browser-build]
|
|
211
|
+ * Bug 40826: Correctly set appname_marfile for basebrowser in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build]
|
|
212
|
+ * Bug 40827: MAR generation uses (mostly) hard-coded MAR update channel [tor-browser-build]
|
|
213
|
+ * Bug 40841: Adapt signing scripts to new signing machines [tor-browser-build]
|
|
214
|
+ * Bug 40849: Move Go dependencies to the projects dependent on them, not as a standalone projects [tor-browser-build]
|
|
215
|
+ * Bug 40866: Remove `Using ansible to set up a nightly build machine` from README [tor-browser-build]
|
|
216
|
+ * Bug 40869: obfs4 is renamed to lyrebird [tor-browser-build]
|
|
217
|
+ * Windows
|
|
218
|
+ * Bug 29185: NSIS Installer not reproducible when icon has an alpha channel [tor-browser-build]
|
|
219
|
+ * Bug 40757: Change projects/browser/windows-installer/torbrowser.nsi to a template file [tor-browser-build]
|
|
220
|
+ * Windows + macOS + Linux
|
|
221
|
+ * Bug 40732: Review Bundle-Data and try not to ship the default profile in base browser [tor-browser-build]
|
|
222
|
+ * Linux + Android
|
|
223
|
+ * Bug 40653: Build compiler-rt with runtimes instead of the main LLVM build [tor-browser-build]
|
|
224
|
+ * macOS
|
|
225
|
+ * Bug 40792: signing scripts missing project name prefix to make rule [tor-browser-build]
|
|
226
|
+ * Bug 40798: dmg2mar step also takes care of copying the signed+stabled dmg to the signed directory [tor-browser-build]
|
|
227
|
+ * Bug 40806: Update the reference to the macOS mozconfig [tor-browser-build]
|
|
228
|
+ * Bug 40824: dmg2mar script using hardcoded project names for paths [tor-browser-build]
|
|
229
|
+ * Bug 40847: Build filesystem influences the DMG creation [tor-browser-build]
|
|
230
|
+ * Bug 40858: Create script to assist testers self sign Mac builds to allow running on Arm processors [tor-browser-build]
|
|
231
|
+ * Bug 41453: Rename mozconfig-macos-x86_64 to mozconfig-macos [tor-browser]
|
|
232
|
+ * Android
|
|
233
|
+ * Bug 40738: Update Android git hashes templates [tor-browser-build]
|
|
234
|
+ * Bug 40874: Add commit information also to GV [tor-browser-build]
|
|
235
|
+ * Bug 41684: Android improvements for local dev builds [tor-browser]
|
|
236
|
+
|
1
|
237
|
Tor Browser 12.5a7 - June 08 2023
|
2
|
238
|
* All Platforms
|
3
|
239
|
* Updated Translations
|