[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.

ma1 (@ma1) git at gitlab.torproject.org
Mon Oct 7 11:20:50 UTC 2024 


ma1 pushed to branch tor-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser


Commits:
70c7a53e by hackademix at 2024-10-07T13:20:44+02:00
fixup! Firefox preference overrides.

MB361: Disable only cyphersuites using SH1 for signing (ECDSA).

- - - - -


1 changed file:

- browser/app/profile/001-base-profile.js


Changes:

=====================================
browser/app/profile/001-base-profile.js
=====================================
@@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true);
 // [4] https://www.ssllabs.com/ssl-pulse/
 pref("security.ssl.require_safe_negotiation", true);
 
-// Bug 40183: Disable TLS ciphersuites using SHA-1
-// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183
+// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA)
+// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437
+pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
+pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
+// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765
 pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked);
 pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked);
-pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked);
-pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked);
-pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked);
-pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked);
-pref("security.ssl3.rsa_aes_128_sha", false, locked);
-pref("security.ssl3.rsa_aes_256_sha", false, locked);
 
 // Wrapping a static pref to lock it and prevent changing.
 // See tor-browser#40565.



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53e9c40d75f5103e27cd10a59301c8e8625

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/70c7a53e9c40d75f5103e27cd10a59301c8e8625
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20241007/afcd6cc1/attachment-0001.htm>

More information about the tor-commits mailing list