- tor-commits - lists.torproject.org

[Git][tpo/applications/tor-browser-build][main] More reliable Mullvad Browser tags management.
by ma1 (＠ma1) 11 Nov '25

11 Nov '25

ma1 pushed to branch main at The Tor Project / Applications / tor-browser-build Commits: 50de1847 by hackademix at 2025-11-11T10:45:43+01:00 More reliable Mullvad Browser tags management. - - - - - 1 changed file: - tools/signing/publish-github.mullvadbrowser Changes: ===================================== tools/signing/publish-github.mullvadbrowser ===================================== @@ -16,7 +16,8 @@ fi set -e -GL_REMOTE=git@gitlab.torproject.org:tpo/applications/mullvad-browser.git +GL_REMOTE_TOR=git@gitlab.torproject.org:tpo/applications/tor-browser.git +GL_REMOTE_MULLVAD=git@gitlab.torproject.org:tpo/applications/mullvad-browser.git GH_REMOTE=git@github.com:mullvad/mullvad-browser.git CLONE_DIR="$TBB_DIR/git_clones/firefox" CHANNEL=$(showconf release var/browser_default_channel) @@ -29,7 +30,8 @@ BASE_VERSION=$(showconf release var/torbrowser_version $TARGET) RELEASE_VERSION="${BASE_VERSION}${mbrtag_suffix}" pushd >/dev/null ../../git_clones/firefox echo "Fetching $MB_BRANCH and tags..." -git fetch --tags "$GL_REMOTE" "$MB_BRANCH" +git fetch --tags "$GL_REMOTE_MULLVAD" "$MB_BRANCH" +git fetch --tags "$GL_REMOTE_TOR" "$BB_BRANCH" BB_TAG=$(git tag -l "$BB_BRANCH-build*" | tail -n1) FX_TAG=$(git tag -l "FIREFOX_${ESR_VERSION//\./_}*" | tail -n1) echo "QA build version: $BASE_VERSION" @@ -43,13 +45,15 @@ if ! [[ $REPLY =~ ^[Yy]$ ]]; then echo >&2 "Operation cancelled" exit 1 fi + git checkout $MB_TAG -git tag -s $RELEASE_VERSION -m"$ESR_VERSION-based $RELEASE_VERSION" +[[ $(git tag -l $RELEASE_VERSION) ]] || git tag -s $RELEASE_VERSION -m"$ESR_VERSION-based $RELEASE_VERSION" git tag -n1 $RELEASE_VERSION git push "$GH_REMOTE" "HEAD:refs/heads/$MB_BRANCH" git push "$GH_REMOTE" "$FX_TAG" git push "$GH_REMOTE" "$BB_TAG" git push "$GH_REMOTE" "$RELEASE_VERSION" + popd >/dev/null # Call Mullvad's github workflow for new releases (mullvad-browser#466) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/5… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-15.0] More reliable Mullvad Browser tags management.
by ma1 (＠ma1) 11 Nov '25

11 Nov '25

ma1 pushed to branch maint-15.0 at The Tor Project / Applications / tor-browser-build Commits: b72e9435 by hackademix at 2025-11-11T10:45:04+01:00 More reliable Mullvad Browser tags management. - - - - - 1 changed file: - tools/signing/publish-github.mullvadbrowser Changes: ===================================== tools/signing/publish-github.mullvadbrowser ===================================== @@ -16,7 +16,8 @@ fi set -e -GL_REMOTE=git@gitlab.torproject.org:tpo/applications/mullvad-browser.git +GL_REMOTE_TOR=git@gitlab.torproject.org:tpo/applications/tor-browser.git +GL_REMOTE_MULLVAD=git@gitlab.torproject.org:tpo/applications/mullvad-browser.git GH_REMOTE=git@github.com:mullvad/mullvad-browser.git CLONE_DIR="$TBB_DIR/git_clones/firefox" CHANNEL=$(showconf release var/browser_default_channel) @@ -29,7 +30,8 @@ BASE_VERSION=$(showconf release var/torbrowser_version $TARGET) RELEASE_VERSION="${BASE_VERSION}${mbrtag_suffix}" pushd >/dev/null ../../git_clones/firefox echo "Fetching $MB_BRANCH and tags..." -git fetch --tags "$GL_REMOTE" "$MB_BRANCH" +git fetch --tags "$GL_REMOTE_MULLVAD" "$MB_BRANCH" +git fetch --tags "$GL_REMOTE_TOR" "$BB_BRANCH" BB_TAG=$(git tag -l "$BB_BRANCH-build*" | tail -n1) FX_TAG=$(git tag -l "FIREFOX_${ESR_VERSION//\./_}*" | tail -n1) echo "QA build version: $BASE_VERSION" @@ -43,13 +45,15 @@ if ! [[ $REPLY =~ ^[Yy]$ ]]; then echo >&2 "Operation cancelled" exit 1 fi + git checkout $MB_TAG -git tag -s $RELEASE_VERSION -m"$ESR_VERSION-based $RELEASE_VERSION" +[[ $(git tag -l $RELEASE_VERSION) ]] || git tag -s $RELEASE_VERSION -m"$ESR_VERSION-based $RELEASE_VERSION" git tag -n1 $RELEASE_VERSION git push "$GH_REMOTE" "HEAD:refs/heads/$MB_BRANCH" git push "$GH_REMOTE" "$FX_TAG" git push "$GH_REMOTE" "$BB_TAG" git push "$GH_REMOTE" "$RELEASE_VERSION" + popd >/dev/null # Call Mullvad's github workflow for new releases (mullvad-browser#466) View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/b… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-13.5] Update legacy release blog post template.
by ma1 (＠ma1) 11 Nov '25

11 Nov '25

ma1 pushed to branch maint-13.5 at The Tor Project / Applications / tor-browser-build Commits: 37a4c792 by hackademix at 2025-11-11T10:43:08+01:00 Update legacy release blog post template. - - - - - 1 changed file: - tools/signing/create-blog-post Changes: ===================================== tools/signing/create-blog-post ===================================== @@ -57,6 +57,11 @@ Tor Browser $tbb_version is now available from the [Tor Browser download page]($ This version includes important [security updates](https://www.mozilla.org/en-US/security/advisories/) to Firefox. +__Important__: this release is part of the legacy channel, meant to extend the support for Windows 7/8/8.1 and macOS 10.12-10.14. +If your OS is not one of these, you should download the latest stable from the 15.0 series instead. + +__Further updates to this 13.5.x legacy channel are not guaranteed: please upgrade to 15.0.x as soon as possible.__ + ## Send us your feedback If you find a bug or have a suggestion for how we could improve this release, [please let us know](https://support.torproject.org/misc/bug-or-feedback/). View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/3… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-update-responses][main] 6 commits: release: new version, 15.0.1 (linux-i686)
by ma1 (＠ma1) 11 Nov '25

11 Nov '25

ma1 pushed to branch main at The Tor Project / Applications / Tor Browser update responses Commits: 15f0bab1 by hackademix at 2025-11-11T09:10:54+01:00 release: new version, 15.0.1 (linux-i686) - - - - - f4505461 by hackademix at 2025-11-11T09:10:54+01:00 release: new version, 15.0.1 (linux-x86_64) - - - - - 4dbeaf77 by hackademix at 2025-11-11T09:10:55+01:00 release: new version, 15.0.1 (macos) - - - - - 277ed6b2 by hackademix at 2025-11-11T09:10:55+01:00 release: new version, 15.0.1 (windows-i686) - - - - - 3bd5ae61 by hackademix at 2025-11-11T09:10:55+01:00 release: new version, 15.0.1 (windows-x86_64) - - - - - e07362af by hackademix at 2025-11-11T09:10:56+01:00 release: new version, 15.0.1 - - - - - 73 changed files: - update_3/release/download-android-aarch64.json - update_3/release/download-android-armv7.json - update_3/release/download-android-x86.json - update_3/release/download-android-x86_64.json - update_3/release/download-linux-i686.json - update_3/release/download-linux-x86_64.json - update_3/release/download-macos.json - update_3/release/download-windows-i686.json - update_3/release/download-windows-x86_64.json - update_3/release/downloads.json - update_3/release/linux-i686/.htaccess - − update_3/release/linux-i686/update-14.5.6-15.0+13.5.23-linux-i686.xml - − update_3/release/linux-i686/update-14.5.7-15.0+13.5.23-linux-i686.xml - + update_3/release/linux-i686/update-14.5.7-15.0.1+13.5.24-linux-i686.xml - − update_3/release/linux-i686/update-14.5.8-15.0+13.5.23-linux-i686.xml - + update_3/release/linux-i686/update-14.5.8-15.0.1+13.5.24-linux-i686.xml - − update_3/release/linux-i686/update-15.0+13.5.23-linux-i686.xml - + update_3/release/linux-i686/update-15.0-15.0.1+13.5.24-linux-i686.xml - + update_3/release/linux-i686/update-15.0.1+13.5.24-linux-i686.xml - update_3/release/linux-x86_64/.htaccess - − update_3/release/linux-x86_64/update-14.5.6-15.0+13.5.23-linux-x86_64.xml - − update_3/release/linux-x86_64/update-14.5.7-15.0+13.5.23-linux-x86_64.xml - + update_3/release/linux-x86_64/update-14.5.7-15.0.1+13.5.24-linux-x86_64.xml - − update_3/release/linux-x86_64/update-14.5.8-15.0+13.5.23-linux-x86_64.xml - + update_3/release/linux-x86_64/update-14.5.8-15.0.1+13.5.24-linux-x86_64.xml - − update_3/release/linux-x86_64/update-15.0+13.5.23-linux-x86_64.xml - + update_3/release/linux-x86_64/update-15.0-15.0.1+13.5.24-linux-x86_64.xml - + update_3/release/linux-x86_64/update-15.0.1+13.5.24-linux-x86_64.xml - update_3/release/macos/.htaccess - − update_3/release/macos/update-13.5.20-15.0+13.5.23-macos.xml - − update_3/release/macos/update-13.5.21-15.0+13.5.23-macos.xml - + update_3/release/macos/update-13.5.21-15.0.1+13.5.24-macos.xml - − update_3/release/macos/update-13.5.22-15.0+13.5.23-macos.xml - + update_3/release/macos/update-13.5.22-15.0.1+13.5.24-macos.xml - + update_3/release/macos/update-13.5.23-15.0.1+13.5.24-macos.xml - − update_3/release/macos/update-14.5.6-15.0+13.5.23-macos.xml - − update_3/release/macos/update-14.5.7-15.0+13.5.23-macos.xml - + update_3/release/macos/update-14.5.7-15.0.1+13.5.24-macos.xml - − update_3/release/macos/update-14.5.8-15.0+13.5.23-macos.xml - + update_3/release/macos/update-14.5.8-15.0.1+13.5.24-macos.xml - − update_3/release/macos/update-15.0+13.5.23-macos.xml - + update_3/release/macos/update-15.0-15.0.1+13.5.24-macos.xml - + update_3/release/macos/update-15.0.1+13.5.24-macos.xml - update_3/release/windows-i686/.htaccess - − update_3/release/windows-i686/update-13.5.20-15.0+13.5.23-windows-i686.xml - − update_3/release/windows-i686/update-13.5.21-15.0+13.5.23-windows-i686.xml - + update_3/release/windows-i686/update-13.5.21-15.0.1+13.5.24-windows-i686.xml - − update_3/release/windows-i686/update-13.5.22-15.0+13.5.23-windows-i686.xml - + update_3/release/windows-i686/update-13.5.22-15.0.1+13.5.24-windows-i686.xml - + update_3/release/windows-i686/update-13.5.23-15.0.1+13.5.24-windows-i686.xml - − update_3/release/windows-i686/update-14.5.6-15.0+13.5.23-windows-i686.xml - − update_3/release/windows-i686/update-14.5.7-15.0+13.5.23-windows-i686.xml - + update_3/release/windows-i686/update-14.5.7-15.0.1+13.5.24-windows-i686.xml - − update_3/release/windows-i686/update-14.5.8-15.0+13.5.23-windows-i686.xml - + update_3/release/windows-i686/update-14.5.8-15.0.1+13.5.24-windows-i686.xml - − update_3/release/windows-i686/update-15.0+13.5.23-windows-i686.xml - + update_3/release/windows-i686/update-15.0-15.0.1+13.5.24-windows-i686.xml - + update_3/release/windows-i686/update-15.0.1+13.5.24-windows-i686.xml - update_3/release/windows-x86_64/.htaccess - − update_3/release/windows-x86_64/update-13.5.20-15.0+13.5.23-windows-x86_64.xml - − update_3/release/windows-x86_64/update-13.5.21-15.0+13.5.23-windows-x86_64.xml - + update_3/release/windows-x86_64/update-13.5.21-15.0.1+13.5.24-windows-x86_64.xml - − update_3/release/windows-x86_64/update-13.5.22-15.0+13.5.23-windows-x86_64.xml - + update_3/release/windows-x86_64/update-13.5.22-15.0.1+13.5.24-windows-x86_64.xml - + update_3/release/windows-x86_64/update-13.5.23-15.0.1+13.5.24-windows-x86_64.xml - − update_3/release/windows-x86_64/update-14.5.6-15.0+13.5.23-windows-x86_64.xml - − update_3/release/windows-x86_64/update-14.5.7-15.0+13.5.23-windows-x86_64.xml - + update_3/release/windows-x86_64/update-14.5.7-15.0.1+13.5.24-windows-x86_64.xml - − update_3/release/windows-x86_64/update-14.5.8-15.0+13.5.23-windows-x86_64.xml - + update_3/release/windows-x86_64/update-14.5.8-15.0.1+13.5.24-windows-x86_64.xml - − update_3/release/windows-x86_64/update-15.0+13.5.23-windows-x86_64.xml - + update_3/release/windows-x86_64/update-15.0-15.0.1+13.5.24-windows-x86_64.xml - + update_3/release/windows-x86_64/update-15.0.1+13.5.24-windows-x86_64.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-update-responses… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/mullvad-browser-update-responses][main] 4 commits: release: new version, 15.0.1 (linux-x86_64)
by ma1 (＠ma1) 11 Nov '25

11 Nov '25

ma1 pushed to branch main at The Tor Project / Applications / mullvad-browser-update-responses Commits: b427d9b9 by hackademix at 2025-11-11T07:16:57+01:00 release: new version, 15.0.1 (linux-x86_64) - - - - - a5ec5438 by hackademix at 2025-11-11T07:16:57+01:00 release: new version, 15.0.1 (macos) - - - - - d921100c by hackademix at 2025-11-11T07:16:58+01:00 release: new version, 15.0.1 (windows-x86_64) - - - - - dfb5ac1e by hackademix at 2025-11-11T07:16:59+01:00 release: new version, 15.0.1 - - - - - 31 changed files: - update_1/release/download-linux-x86_64.json - update_1/release/download-macos.json - update_1/release/download-windows-x86_64.json - update_1/release/downloads.json - update_1/release/linux-x86_64/.htaccess - − update_1/release/linux-x86_64/update-14.5.6-15.0-linux-x86_64.xml - − update_1/release/linux-x86_64/update-14.5.7-15.0-linux-x86_64.xml - + update_1/release/linux-x86_64/update-14.5.7-15.0.1-linux-x86_64.xml - − update_1/release/linux-x86_64/update-14.5.8-15.0-linux-x86_64.xml - + update_1/release/linux-x86_64/update-14.5.8-15.0.1-linux-x86_64.xml - + update_1/release/linux-x86_64/update-15.0-15.0.1-linux-x86_64.xml - − update_1/release/linux-x86_64/update-15.0-linux-x86_64.xml - + update_1/release/linux-x86_64/update-15.0.1-linux-x86_64.xml - update_1/release/macos/.htaccess - − update_1/release/macos/update-14.5.6-15.0-macos.xml - − update_1/release/macos/update-14.5.7-15.0-macos.xml - + update_1/release/macos/update-14.5.7-15.0.1-macos.xml - − update_1/release/macos/update-14.5.8-15.0-macos.xml - + update_1/release/macos/update-14.5.8-15.0.1-macos.xml - + update_1/release/macos/update-15.0-15.0.1-macos.xml - − update_1/release/macos/update-15.0-macos.xml - + update_1/release/macos/update-15.0.1-macos.xml - update_1/release/windows-x86_64/.htaccess - − update_1/release/windows-x86_64/update-14.5.6-15.0-windows-x86_64.xml - − update_1/release/windows-x86_64/update-14.5.7-15.0-windows-x86_64.xml - + update_1/release/windows-x86_64/update-14.5.7-15.0.1-windows-x86_64.xml - − update_1/release/windows-x86_64/update-14.5.8-15.0-windows-x86_64.xml - + update_1/release/windows-x86_64/update-14.5.8-15.0.1-windows-x86_64.xml - + update_1/release/windows-x86_64/update-15.0-15.0.1-windows-x86_64.xml - − update_1/release/windows-x86_64/update-15.0-windows-x86_64.xml - + update_1/release/windows-x86_64/update-15.0.1-windows-x86_64.xml The diff was not included because it is too large. View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/mullvad-browser-update-respo… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser][tor-browser-115.30.0esr-13.5-1] Bug 1984940: Make sec-fetch user-triggered check default to secure r=ckerschb
by ma1 (＠ma1) 10 Nov '25

10 Nov '25

ma1 pushed to branch tor-browser-115.30.0esr-13.5-1 at The Tor Project / Applications / Tor Browser Commits: 7a746281 by Simon Friedberger at 2025-11-10T18:31:53+01:00 Bug 1984940: Make sec-fetch user-triggered check default to secure r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D265744 - - - - - 1 changed file: - dom/security/SecFetch.cpp Changes: ===================================== dom/security/SecFetch.cpp ===================================== @@ -232,6 +232,8 @@ bool IsSameSite(nsIChannel* aHTTPChannel) { // Helper function to determine whether a request was triggered // by the end user in the context of SecFetch. +// The more secure/closed state to return for this function is "false". +// A user triggered action is less restricted because it is not cross-origin. bool IsUserTriggeredForSecFetchSite(nsIHttpChannel* aHTTPChannel) { /* * The goal is to distinguish between "webby" navigations that are controlled @@ -243,8 +245,7 @@ bool IsUserTriggeredForSecFetchSite(nsIHttpChannel* aHTTPChannel) { ExtContentPolicyType contentType = loadInfo->GetExternalContentPolicyType(); // A request issued by the browser is always user initiated. - if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal() && - contentType == ExtContentPolicy::TYPE_OTHER) { + if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) { return true; } @@ -279,12 +280,12 @@ bool IsUserTriggeredForSecFetchSite(nsIHttpChannel* aHTTPChannel) { if (referrerInfo) { nsCOMPtr<nsIURI> originalReferrer; referrerInfo->GetOriginalReferrer(getter_AddRefs(originalReferrer)); - if (originalReferrer) { - return false; + if (!originalReferrer) { + return true; } } - return true; + return false; } void mozilla::dom::SecFetch::AddSecFetchDest(nsIHttpChannel* aHTTPChannel) { View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/7a74628… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/7a74628… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag mb-15.0.1-build1
by morgan (＠morgan) 10 Nov '25

10 Nov '25

morgan pushed new tag mb-15.0.1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/mb-… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build] Pushed new tag tbb-15.0.1-build1
by morgan (＠morgan) 10 Nov '25

10 Nov '25

morgan pushed new tag tbb-15.0.1-build1 at The Tor Project / Applications / tor-browser-build -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/tree/tbb… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-15.0] Bug 41610,41611: Prepare Tor, Mullvad Browser 15.0.1
by morgan (＠morgan) 10 Nov '25

10 Nov '25

morgan pushed to branch maint-15.0 at The Tor Project / Applications / tor-browser-build Commits: 6aa82d7f by Morgan at 2025-11-10T13:37:17+00:00 Bug 41610,41611: Prepare Tor, Mullvad Browser 15.0.1 - - - - - 9 changed files: - projects/application-services/config - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/translation/config - rbm.conf Changes: ===================================== projects/application-services/config ===================================== @@ -16,7 +16,7 @@ container: use_container: 1 var: - build_number: 5 + build_number: 6 # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 12 gradle_version: 8.13 ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,18 @@ +Mullvad Browser 15.0.1 - November 11 2025 + * All Platforms + * Updated Firefox to 140.5.0esr + * Updated NoScript to 13.4 + * Updated uBlock Origin to 1.67.0 + * Bug 484: Rebase Mullvad Browser stable onto 140.5.0esr [mullvad-browser] + * Bug 487: Search engines are sorted alphabetically rather than the desired order [mullvad-browser] + * Bug 44275: Reduce console noise on security level guessing [tor-browser] + * Bug 44310: Default zoom always resets to 100% [tor-browser] + * Bug 44325: Backport Security Fixes from Firefox 145 [tor-browser] + * Bug 44333: Add the "No AI" version of DuckDuckGo to available search engines [tor-browser] + * Linux + * Bug 44273: Restore Noto CJK as Jigmo has a too low readability [tor-browser] + * Bug 44315: Font/text issue with self-upgrade window [tor-browser] + Mullvad Browser 15.0 - October 28 2025 * All Platforms * Updated Firefox to 140.4.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,30 @@ +Tor Browser 15.0.1 - November 11 2025 + * All Platforms + * Updated NoScript to 13.4 + * Bug 44319: Rebase Tor Browser onto 140.5.0esr [tor-browser] + * Bug 44325: Backport Security Fixes from Firefox 145 [tor-browser] + * Bug 44333: Add the "No AI" version of DuckDuckGo to available search engines [tor-browser] + * Bug 487: Search engines are sorted alphabetically rather than the desired order [mullvad-browser] + * Windows + macOS + Linux + * Updated Firefox to 140.5.0esr + * Bug 44310: Default zoom always resets to 100% [tor-browser] + * Bug 44314: Upgrade message not shown in about:tor [tor-browser] + * Linux + * Bug 44273: Restore Noto CJK as Jigmo has a too low readability [tor-browser] + * Bug 44315: Font/text issue with self-upgrade window [tor-browser] + * Android + * Updated GeckoView to 140.5.0esr + * Bug 44303: Extension update job might never work on Android [tor-browser] + * Build System + * All Platforms + * Bug 41618: Restore the expert bundle's version in the final release directory [tor-browser-build] + * Windows + Linux + Android + * Updated Go to 1.24.10 + * Android + * Bug 41617: Pass page size to zipalign [tor-browser-build] + * Bug 41620: Do not rerun zipalign when signing [tor-browser-build] + * Bug 41621: Remove support using older android build tools when signing 14.5 releases in tools/signing/wrappers/sign-apk [tor-browser-build] + Tor Browser 15.0 - October 28 2025 * All Platforms * Updated NoScript to 13.2.2 ===================================== projects/browser/config ===================================== @@ -113,12 +113,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: dmg-root enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4597669/noscript-13.2.2.x… + - URL: https://addons.mozilla.org/firefox/downloads/file/4609561/noscript-13.4.xpi name: noscript - sha256sum: f5ae80f2858057a3c8ebbafc12269659003f937e1cd781e05c01cc668e025c70 - - URL: https://addons.mozilla.org/firefox/downloads/file/4578681/ublock_origin-1.6… + sha256sum: 9496d2bc785f2b6dff36a3d6f60fa1a70d7b9a1895bc738c30387c94cd945168 + - URL: https://addons.mozilla.org/firefox/downloads/file/4598854/ublock_origin-1.6… name: ublock-origin - sha256sum: bc62cd930601212f1568964389352bbd4b1808466f2c9ac1198c754338077fb0 + sha256sum: b83c6ec49f817a8d05d288b53dbc7005cceccf82e9490d8683b3120aab3c133a enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.9.5/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -16,12 +16,12 @@ container: use_container: 1 var: - firefox_platform_version: '140.4.0' + firefox_platform_version: '140.5.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 5 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser @@ -114,8 +114,6 @@ targets: updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' mar_id_prefix: 'mullvadbrowser-mullvad' nightly_updates_publish_dir_prefix: mullvadbrowser- - browser_build: 4 - linux-x86_64: var: arch_deps: ===================================== projects/geckoview/config ===================================== @@ -18,12 +18,12 @@ container: build_apk: 1 var: - firefox_platform_version: '140.4.0' + firefox_platform_version: '140.5.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 5 + browser_build: 2 gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: ===================================== projects/go/config ===================================== @@ -1,11 +1,11 @@ # vim: filetype=yaml sw=2 -version: '1.24.9' +version: '1.24.10' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: - source_sha256: c72f81ba54fe00efe7f3e7499d400979246881b13b775e9a9bb85541c11be695 + source_sha256: 34000dcc47a517b78fcf2657ee7d033328a57079fe60c4ed8b7b84260d1d19d3 no_crosscompile: 1 setup: | mkdir -p /var/tmp/dist ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: cdd3da6308bb3beb916744057af92331025053bb + git_hash: df313475cfd9eba31009edca530803dd991264d7 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 3395fe5bdb7556490e31d3c6804e6240278bc708 + git_hash: 4fcb19da2c6b62bdd96828172162bea89ee3231e targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 807271d57878187b08fbd004276a3eea624421e6 + git_hash: d9fe5b503d0795a584caa2ce99ee101831967220 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -74,11 +74,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '15.0' - torbrowser_build: 'build2' + torbrowser_version: '15.0.1' + torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/10/28 09:45:00' + browser_release_date: '2025/11/10 09:19:47' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' browser_default_channel: release browser_platforms: @@ -128,13 +128,13 @@ var: updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - '15.0' - 14.5.8 - 14.5.7 - - 14.5.6 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.23 - torbrowser_legacy_platform_version: 115.29.0 + torbrowser_legacy_version: 13.5.24 + torbrowser_legacy_platform_version: 115.30.0 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/6… You're receiving this email because of your account on gitlab.torproject.org.

1 0

[Git][tpo/applications/tor-browser-build][maint-15.0] Bug 41610,41611: Prpeare Tor, Mullvad Browser 15.0.1
by morgan (＠morgan) 10 Nov '25

10 Nov '25

morgan pushed to branch maint-15.0 at The Tor Project / Applications / tor-browser-build Commits: ccec0f0a by Morgan at 2025-11-10T09:55:51+00:00 Bug 41610,41611: Prpeare Tor, Mullvad Browser 15.0.1 - - - - - 9 changed files: - projects/application-services/config - projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt - projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt - projects/browser/config - projects/firefox/config - projects/geckoview/config - projects/go/config - projects/translation/config - rbm.conf Changes: ===================================== projects/application-services/config ===================================== @@ -16,7 +16,7 @@ container: use_container: 1 var: - build_number: 5 + build_number: 6 # This should be updated when the list of gradle dependencies is changed. gradle_dependencies_version: 12 gradle_version: 8.13 ===================================== projects/browser/Bundle-Data/Docs-MB/ChangeLog.txt ===================================== @@ -1,3 +1,18 @@ +Mullvad Browser 15.0.1 - November 11 2025 + * All Platforms + * Updated Firefox to 140.5.0esr + * Updated NoScript to 13.4 + * Updated uBlock Origin to 1.67.0 + * Bug 484: Rebase Mullvad Browser stable onto 140.5.0esr [mullvad-browser] + * Bug 487: Search engines are sorted alphabetically rather than the desired order [mullvad-browser] + * Bug 44275: Reduce console noise on security level guessing [tor-browser] + * Bug 44310: Default zoom always resets to 100% [tor-browser] + * Bug 44325: Backport Security Fixes from Firefox 145 [tor-browser] + * Bug 44333: Add the "No AI" version of DuckDuckGo to available search engines [tor-browser] + * Linux + * Bug 44273: Restore Noto CJK as Jigmo has a too low readability [tor-browser] + * Bug 44315: Font/text issue with self-upgrade window [tor-browser] + Mullvad Browser 15.0 - October 28 2025 * All Platforms * Updated Firefox to 140.4.0esr ===================================== projects/browser/Bundle-Data/Docs-TBB/ChangeLog.txt ===================================== @@ -1,3 +1,30 @@ +Tor Browser 15.0.1 - November 11 2025 + * All Platforms + * Updated NoScript to 13.4 + * Bug 44319: Rebase Tor Browser onto 140.5.0esr [tor-browser] + * Bug 44325: Backport Security Fixes from Firefox 145 [tor-browser] + * Bug 44333: Add the "No AI" version of DuckDuckGo to available search engines [tor-browser] + * Bug 487: Search engines are sorted alphabetically rather than the desired order [mullvad-browser] + * Windows + macOS + Linux + * Updated Firefox to 140.5.0esr + * Bug 44310: Default zoom always resets to 100% [tor-browser] + * Bug 44314: Upgrade message not shown in about:tor [tor-browser] + * Linux + * Bug 44273: Restore Noto CJK as Jigmo has a too low readability [tor-browser] + * Bug 44315: Font/text issue with self-upgrade window [tor-browser] + * Android + * Updated GeckoView to 140.5.0esr + * Bug 44303: Extension update job might never work on Android [tor-browser] + * Build System + * All Platforms + * Bug 41618: Restore the expert bundle's version in the final release directory [tor-browser-build] + * Windows + Linux + Android + * Updated Go to 1.24.10 + * Android + * Bug 41617: Pass page size to zipalign [tor-browser-build] + * Bug 41620: Do not rerun zipalign when signing [tor-browser-build] + * Bug 41621: Remove support using older android build tools when signing 14.5 releases in tools/signing/wrappers/sign-apk [tor-browser-build] + Tor Browser 15.0 - October 28 2025 * All Platforms * Updated NoScript to 13.2.2 ===================================== projects/browser/config ===================================== @@ -113,12 +113,12 @@ input_files: enable: '[% ! c("var/android") %]' - filename: dmg-root enable: '[% ! c("var/android") %]' - - URL: https://addons.mozilla.org/firefox/downloads/file/4597669/noscript-13.2.2.x… + - URL: https://addons.mozilla.org/firefox/downloads/file/4609561/noscript-13.4.xpi name: noscript - sha256sum: f5ae80f2858057a3c8ebbafc12269659003f937e1cd781e05c01cc668e025c70 - - URL: https://addons.mozilla.org/firefox/downloads/file/4578681/ublock_origin-1.6… + sha256sum: 9496d2bc785f2b6dff36a3d6f60fa1a70d7b9a1895bc738c30387c94cd945168 + - URL: https://addons.mozilla.org/firefox/downloads/file/4598854/ublock_origin-1.6… name: ublock-origin - sha256sum: bc62cd930601212f1568964389352bbd4b1808466f2c9ac1198c754338077fb0 + sha256sum: b83c6ec49f817a8d05d288b53dbc7005cceccf82e9490d8683b3120aab3c133a enable: '[% c("var/mullvad-browser") %]' - URL: https://cdn.mullvad.net/browser-extension/0.9.5/mullvad-browser-extension-0… name: mullvad-extension ===================================== projects/firefox/config ===================================== @@ -16,12 +16,12 @@ container: use_container: 1 var: - firefox_platform_version: '140.4.0' + firefox_platform_version: '140.5.0' firefox_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 5 + browser_build: 2 copyright_year: '[% exec("git show -s --format=%ci " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }).remove("-.*") %]' nightly_updates_publish_dir: '[% c("var/nightly_updates_publish_dir_prefix") %]nightly-[% c("var/osname") %]' gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser @@ -114,8 +114,6 @@ targets: updater_url: 'https://cdn.mullvad.net/browser/update_responses/update_1/' mar_id_prefix: 'mullvadbrowser-mullvad' nightly_updates_publish_dir_prefix: mullvadbrowser- - browser_build: 4 - linux-x86_64: var: arch_deps: ===================================== projects/geckoview/config ===================================== @@ -18,12 +18,12 @@ container: build_apk: 1 var: - firefox_platform_version: '140.4.0' + firefox_platform_version: '140.5.0' geckoview_version: '[% c("var/firefox_platform_version") %]esr' browser_series: '15.0' browser_rebase: 1 browser_branch: '[% c("var/browser_series") %]-[% c("var/browser_rebase") %]' - browser_build: 5 + browser_build: 2 gitlab_project: https://gitlab.torproject.org/tpo/applications/tor-browser git_commit: '[% exec("git rev-parse " _ c("git_hash") _ "^{commit}", { exec_noco => 1 }) %]' deps: ===================================== projects/go/config ===================================== @@ -1,11 +1,11 @@ # vim: filetype=yaml sw=2 -version: '1.24.9' +version: '1.24.10' filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %].tar.[% c("compress_tar") %]' container: use_container: 1 var: - source_sha256: c72f81ba54fe00efe7f3e7499d400979246881b13b775e9a9bb85541c11be695 + source_sha256: 34000dcc47a517b78fcf2657ee7d033328a57079fe60c4ed8b7b84260d1d19d3 no_crosscompile: 1 setup: | mkdir -p /var/tmp/dist ===================================== projects/translation/config ===================================== @@ -12,13 +12,13 @@ compress_tar: 'gz' steps: base-browser: base-browser: '[% INCLUDE build %]' - git_hash: cdd3da6308bb3beb916744057af92331025053bb + git_hash: df313475cfd9eba31009edca530803dd991264d7 targets: nightly: git_hash: 'base-browser' tor-browser: tor-browser: '[% INCLUDE build %]' - git_hash: 3395fe5bdb7556490e31d3c6804e6240278bc708 + git_hash: 4fcb19da2c6b62bdd96828172162bea89ee3231e targets: nightly: git_hash: 'tor-browser' @@ -32,7 +32,7 @@ steps: fenix: '[% INCLUDE build %]' # We need to bump the commit before releasing but just pointing to a branch # might cause too much rebuidling of the Firefox part. - git_hash: 807271d57878187b08fbd004276a3eea624421e6 + git_hash: d9fe5b503d0795a584caa2ce99ee101831967220 compress_tar: 'zst' targets: nightly: ===================================== rbm.conf ===================================== @@ -74,11 +74,11 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '15.0' - torbrowser_build: 'build2' + torbrowser_version: '15.0.1' + torbrowser_build: 'build1' # This should be the date of when the build is started. For the build # to be reproducible, browser_release_date should always be in the past. - browser_release_date: '2025/10/28 09:45:00' + browser_release_date: '2025/11/10 09:19:47' browser_release_date_timestamp: '[% USE date; date.format(c("var/browser_release_date"), "%s") %]' browser_default_channel: release browser_platforms: @@ -128,13 +128,13 @@ var: updater_enabled: 1 build_mar: 1 torbrowser_incremental_from: + - '15.0' - 14.5.8 - 14.5.7 - - 14.5.6 mar_channel_id: '[% c("var/projectname") %]-torproject-[% c("var/channel") %]' - torbrowser_legacy_version: 13.5.23 - torbrowser_legacy_platform_version: 115.29.0 + torbrowser_legacy_version: 13.5.24 + torbrowser_legacy_platform_version: 115.30.0 # By default, we sort the list of installed packages. This allows sharing # containers with identical list of packages, even if they are not listed View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… -- View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/commit/c… You're receiving this email because of your account on gitlab.torproject.org.

1 0