Commits · HEAD

Changelog update, version bumps, and config.yml update

Due to a bug in NoScript's XSS filter Tor Browser freezes on some websites.
We disable that filter for now while waiting on a NoScript update.

Those wrappers are no longer necessary to produce PIE binaries.

We need to allow JavaScript on `about:cache` explicitly. Otherwise it is
broken on higher security levels.

With the changes to integrate Selfrando (#20683), we are using our build
of gcc and binutils to build other libraries in the linux/gitian-utils.yml
descriptor, which removed the use of the hardening wrappers. We fix that
by adding the hardening wrappers to our builds of gcc and binutils.
Because we add the wrappers to gcc and binutils zip files, we don't need
to add them anymore in the other descriptors where they are used.

This reverts commit f27d2cab.

The problem was the script for recreating the .dmg files after the
code-signing set the permissions wrong. No need to fix anything in the
bundle descriptor.

We don't ship the clearkey DRM system yet, thus we don't need to strip
the respective binaries.

We need to allow JavaScript on `about:tabcrashed` pages explicitly.
Otherwise are those pages broken on higher security levels.

Add the hardened wrappers to the PATH before running the firefox
configure script. It seems that the wrappers are not used in the build
if they were not in the PATH during the configure step.

This makes it easier to track build times.

Version bumps, Changelog update, and update of config.yml

We actually released sandboxed-tor-browser 0.0.6 with 7.0a3 due to a
last minute fix.

boklm authored May 12, 2017 and Georg Koppen committed May 12, 2017

ESR52 includes this commit:
https://hg.mozilla.org/mozilla-central/rev/f8cf0fe7c810
which changes the compiler used from 'c++' to 'g++'.

We need to allow JavaScript on feed pages explicitly. Otherwise are
those pages broken on higher security levels.

Kathleen Brade authored Jan 31, 2017 and Georg Koppen committed May 12, 2017

Remove the SocksPort and ControlPort configuration from
torrc-defaults. Tor Launcher configures the ports via args
when starting tor, and we must avoid conflicts.

Also, strengthen the warning to users about not editing
torrc-defaults.

Kathleen Brade authored May 10, 2017 and Georg Koppen committed May 10, 2017

Use chmod to grant permission for "other" to access files within
TorBrowser.app.

Account for the changes Mozilla to support localized default bookmarks
(see: https://bugzilla.mozilla.org/show_bug.cgi?id=1235107).
Currently, Tor Browser uses the same bookmarks for all locales.

We are not showing the language prompt on first start anymore. Thus, the
multi lingual setup has stopped working for nightlies. We remove that
experiment until we solve #17400 properly or have a new prototype to
try.

Selfrando is a new defense against code reuse attacks developed by the
Redactor and Readactor++ people. We should give it a wider testing
audience by including it in the alpha series.

This is currently only available for 64bit Linux builds, though.
Supporting other platforms and architectures is work in progress.

David Fifield authored Mar 13, 2017 and Georg Koppen committed Apr 21, 2017

Remove workaround for fixed upstream bug, GitHub #17732
(__MAC_OS_X_VERSION_MAX_ALLOWED).

I wasn't able to remove the cc-for-target workaround for GitHub #15457
(CC_FOR_TARGET). Even though according to
https://github.com/golang/go/issues/15457 it has been
been fixed, make.bash still seems to lose all but the first argument of
CC_FOR_TARGET somewhere.

We need to allow JavaScript on `about:certerror` pages explicitly.
Otherwise are those pages broken on higher security levels.

Thanks arma.

Arlo Breault authored Apr 15, 2017 and Georg Koppen committed Apr 15, 2017

This was mistakenly removed in 121de1ca (see bug 21748).