changelog 163 KB
Newer Older
1
tails (1.4) UNRELEASED; urgency=medium
2

intrigeri's avatar
intrigeri committed
3
  * Dummy changelog entry for next major release.
4

intrigeri's avatar
intrigeri committed
5
6
 -- Tails developers <tails@boum.org>  Tue, 12 May 2015 12:34:56 +0000

7
8
9
10
11
12
tails (1.3.3) UNRELEASED; urgency=medium

  * Dummy entry.

 -- Tails developers <tails@boum.org>  Tue, 31 Mar 2015 21:56:58 +0200

anonym's avatar
anonym committed
13
tails (1.3.2) unstable; urgency=medium
14

anonym's avatar
anonym committed
15
16
  * Security fixes
    - Upgrade Tor Browser to 4.0.6, based on Firefox 31.6.0 ESR.
anonym's avatar
anonym committed
17
    - Upgrade OpenSSL to 1.0.1e-2+deb7u16.
anonym's avatar
anonym committed
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

  * Bugfixes
    - Make Florence usable with touchpads by forcing syndaemon to
      always use the `-t` option, which only disables tapping and
      scrolling and not mouse movements (Closes: #9011).
    - Make tails-spoof-mac log the correct macchanger exit code on
      failure (Closes: #8687).
    - Tails Installer:
      · Ignore devices with less than 3.5 GB of storage since they
        do not fit a Tails installation (Closes: #6538).
      · Remove devices from the device list as they are unplugged
        (Closes: #8691).

  * Minor improvements
    - Install obfs4proxy 0.0.4-1~tpo1, which adds support for
intrigeri's avatar
intrigeri committed
33
      client-mode ScrambleSuit.
anonym's avatar
anonym committed
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
    - Don't start Vidalia if Windows Camouflage is enabled. (Closes:
      #7400)
    - I2P Browser:
      · Remove "Add-ons" from the Tools menu, and hide "Keyboard
        Shortcuts" and "Take a Tour" since they point to resources on
        the open Internet (Closes: #7970).
      · Hide TorButton button from the customize toolbar options, and
        remove configs whose only purpose was to make Torbutton "green"
        (Closes: #8893).

  * Test suite
    - New tests:
      · Test non-LAN SSH, and SFTP via GNOME's "Connect to Server"
        (Closes: #6308).
      · Verify that Tails' Tor binary has the expected Tor authorities
        hard coded (Closes: #8960).
    - Improvements:
      · Programmatically determine the supported languages when testing
        the Unsafe Browser (Closes: #8918).
      · Rename --temp-dir to --tmpdir and make it behave more like
        mktemp, and honour TMPDIR if set in the environment. (Closes:
        #8709).
    - Bugfixes:
      · Make --temp-dir (now --tmpdir) actually work.
58

anonym's avatar
anonym committed
59
 -- Tails developers <tails@boum.org>  Mon, 30 Mar 2015 16:54:20 +0200
60

intrigeri's avatar
intrigeri committed
61
tails (1.3.1) unstable; urgency=medium
62

intrigeri's avatar
intrigeri committed
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
  * Security fixes
    - Upgrade Tor Browser to 4.0.5, based on Firefox 31.5.3 ESR. This addresses:
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
    - Upgrade Linux to 3.16.7-ckt7-1.
    - Upgrade libxfont to 1:1.4.5-5.
    - Upgrade OpenSSL to 1.0.1e-2+deb7u15.
    - Upgrade tcpdump to 4.3.0-1+deb7u2.
    - Upgrade bsdtar to 3.0.4-3+wheezy1.
    - Upgrade CUPS to 1.5.3-5+deb7u5.
    - Upgrade file and libmagic to 5.11-2+deb7u8.
    - Upgrade GnuPG to 1.4.12-7+deb7u7.
    - Upgrade libarchive to 3.0.4-3+wheezy1.
    - Upgrade libav to 6:0.8.17-1.
    - Upgrade FreeType 2 to 2.4.9-1.1+deb7u1.
    - Upgrade libgcrypt11 1.5.0-5+deb7u3.
    - Upgrade libgnutls26 to 2.12.20-8+deb7u3.
    - Upgrade libgtk2-perl to 2:1.244-1+deb7u1.
    - Upgrade ICU to 4.8.1.1-12+deb7u2.
    - Upgrade NSS to 2:3.14.5-1+deb7u4.
    - Upgrade libssh2 to 1.4.2-1.1+deb7u1.
84

intrigeri's avatar
intrigeri committed
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
  * Bugfixes
    - Upgrade Tor to 0.2.5.11-1~d70.wheezy+1+tails1. Changes include:
      · Directory authority changes.
      · Fix assertion errors that may trigger under high DNS load.
      · No longer break on HUP with seccomp2 enabled.
      · and more - please consult the upstream changelog.
    - Upgrade Tor Launcher to 0.2.7.2, and update the test suite accordingly
      (Closes: #8964, #6985). Changes include:
      · Ask about bridges before proxy in wizard.
      · Hide logo if TOR_HIDE_BROWSER_LOGO set.
      · Remove firewall prompt from wizard.
      · Feedback when “Copy Tor Log” is clicked.
      · Improve behavior if tor exits.
      · Add option to hide TBB's logo
      · Change "Tor Browser Bundle" to "Tor Browser"
      · Update translations from Transifex.
intrigeri's avatar
intrigeri committed
101
    - Fix the Tor Launcher killer. (Closes: #9067)
102
103
    - Allow Seahorse to communicate with keyservers when run from Tails
      OpenPGP Applet. (Closes: #6394)
104
105
    - SSH client: don't proxy connections to 172.17.* to 172.31.*.
      (Closes: #6558)
intrigeri's avatar
intrigeri committed
106
107
108
109
110
111
112
113
114
115
    - Repair config/chroot_local-packages feature, that was broken in Tails 1.3
      by 19-install-tor-browser-AppArmor-profile. (Closes: #8910)
    - language_statistics.sh: count original words instead of translated words.
      Otherwise we get >100% translation if translated strings are longer than
      original strings. (Closes: #9016)

  * Minor improvements
    - Only ship the new Tails signing key, and have Tails Upgrader stop trusting
      the old one. Update the documentation and test suite accordingly.
      (Closes: #8735, #8736, #8882, #8769, #8951)
116
117
118
119
120
    - Polish and harden a bit the WhisperBack configuration (Closes: #8991):
      · Only allow the `amnesia' user to run tails-debugging info as root
        with no arguments.
      · Fix spelling and grammar mistakes, improve phrasing a bit.
      · Quote variables consistently.
intrigeri's avatar
intrigeri committed
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

  * Test suite
    - New tests:
      · Chatting over XMPP in Pidgin, both peer-to-peer and in a multi-user
        chatroom. (Closes: #8002)
      · Chatting with OTR enabled over XMPP in Pidgin. (Closes: #8001)
      · Check that Pidgin only responds to the expected CTCP requests.
        (Closes: #8966)
      · Fetching keys using Seahorse started via the OpenPGP Applet.
      · Sync'ing keys using Seahorse.
    - Bugfixes:
      · Fix a race condition between the remote shell's and Tails Greeter's
        startup, by making sure the remote shell is ready before we start
        GDM. (Closes: #8941)
      · Kill virt-viewer properly. (Closes: #9070)
      · Make sure the display is stopped on destroy_and_undefine().
        Where we had it earlier, it could be skipped if anything else in the
        block threw an exception.
      · Fix wrong use of "$@". (Closes: #9071)
      · Enable the pipefail option in run_test_suite.
      · Improve the GNOME screenshot test's robustness. (Closes: #8952)
    - Refactoring:
      · turn the focus_pidgin_window() helper into a more generic
        VM.focus_xorg_window() one.
      · Reorganize the Display class.
      · Use clearer method to check process status in the Display class.
    - New developer-oriented features:
      · Add a --log-to-file option to run_test_suite. (Closes: #8894)
      · Add helpers for generating random strings.
      · Make it possible to hook arbitrary calls on scenario end. This is useful
        for dynamically adding cleanup functions, instead of having
        to explicitly deal with them in some After hook.

 -- Tails developers <tails@boum.org>  Mon, 23 Mar 2015 12:34:56 +0000
155

Tails developers's avatar
Tails developers committed
156
tails (1.3) unstable; urgency=medium
157

158
  * Major new features
Tails developers's avatar
Tails developers committed
159
160
161
162
163
    - Produce the Tails image in hybrid mode (again) so that the same
      image can be installed both on DVD *and* "hard disks" like USB
      storage and similar. (Closes: #8510)
    - Confine the Tor Browser using AppArmor. (Closes: #5525)
    - Install the Electrum bitcoin client from wheezy-backports, and
164
165
      add a persistence preset for the Live user's bitcoin wallet. If
      electrum is started without the persistence preset enabled, a
Tails developers's avatar
Tails developers committed
166
      warning is shown. (Closes: #6739)
167

Tails developers's avatar
Tails developers committed
168
169
170
171
  * Security fixes
    - Upgrade Tor Browser to 4.0.4 (based on Firefox 31.5.0esr)
      (Closes: #8938).

172
173
174
175
176
177
  * Bugfixes
    - Have tor_bootstrap_progress echo 0 if no matching log line is
      found. (Closes: #8257)
    - Always pass arguments through wrappers (connect-socks, totem,
      wget, whois) with "$@". $* doesn't handle arguments with
      e.g. embedded spaces correctly. (Closes: #8603, #8830)
178
    - Upgrade Linux to 3.16.7-ckt4-3.
179
180

  * Minor improvements
Tails developers's avatar
Tails developers committed
181
182
183
    - Install a custom-built Tor package with Seccomp enabled;
      enable the Seccomp sandbox when no pluggable transport is used.
      (Closes: #8174)
184
    - Install obfs4proxy instead of obfsproxy, which adds support for
Tails developers's avatar
Tails developers committed
185
      the obfs4 Tor pluggable transport. (Closes: #7980)
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
    - Install GnuPG v2 and associated tools from wheezy-backports,
      primarily for its improved support for OpenPGP smartcards. It
      lives side-by-side with GnuPG v1, which still is the
      default. (Closes: #6241)
    - Install ibus-unikey, a Vietnamese input method for IBus. (Closes:
      #7999)
    - Install torsocks (2.x) from wheezy-backports. (Closes: #8220)
    - Install keyringer from Debian Jessie. (Closes: #7752)
    - Install pulseaudio-utils.
    - Remove all traces of Polipo: we don't use it anymore. This
      closes #5379 and #6115 because:
      * Have APT directly use the Tor SOCKS proxy. (Closes: #8194)
      * Wrap wget with torsocks. (Closes: #6623)
      * Wrap Totem to torify it with torsocks. (Closes: #8219)
      * Torify Git with tsocks, instead of setting GIT_PROXY_COMMAND.
        (Closes: #8680)
    - Use torsocks for whois and Gobby, instead of torify.
Tails developers's avatar
Tails developers committed
203
    - Upgrade I2P to 0.9.18-1~deb7u+1.
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
    - Refactor the Unsafe and I2P browser code into a common shell
      library. A lot of duplicated code is now shared, and the code
      has been cleaned up and made more reliable. Several
      optimizations of memory usage and startup time were also
      implemented. (Closes: #7951)
    - Invert Exit and About in gpgApplet context menu. This is a
      short-term workaround for making it harder to exit the
      application by mistake (e.g. a double right-click). (Closes:
      #7450)
    - Implement new touchpad settings. This enables tap-to-click,
      2-fingers scrolling, and disable while typing. We don't enable
      reverse scrolling nor horizontal scrolling. (Closes: #7779)
    - Include the mount(8) output and live-additional-software.conf in
      WhisperBack bug reports (Closes: #8719, #8491).
    - Reduce brightness and saturation of background color. (Closes:
      #7963)
    - Have ALSA output sound via PulseAudio by default. This gives us
      centralized sound volume controls, and... allows to easily, and
      automatically, test that audio output works from Tor Browser,
      thanks to the PulseAudio integration into the GNOME sound
      control center.
    - Import the new Tails signing key, which we will use for Tails
      1.3.1, and have Tails Upgrader trust both it and the "old"
      (current) Tails signing key. (Closes: #8732)
    - tails-security-check: error out when passed an invalid CA file.
      Unfortunately, the underlying HTTPS stack we use here fails open
      in those case, so we have to check it ourselves. Currently, we
      check that the file exists, is readable, is a plain file and is
      not empty. Also support specifying the CA file via an
      environment variable. This will ease development and bug-fixing
      quite a bit.
    - Fix racy code in Tails Installer that sometimes made the
236
      automated test suite stall for scenarios installing Tails
237
      to USB disks. (Closes: #6092)
238
    - Make it possible to use Tails Upgrader to upgrade a Tails
239
240
241
242
243
244
245
246
      installation that has cruft files on the system partition.
      (Closes: #7678)

  * Build system
    - Install syslinux-utils from our builder-wheezy APT repository in
      Vagrant. We need version 6.03~pre20 to make the Tails ISO image
      in hybrid mode
    - Update deb.tails.boum.org apt repo signing key. (Closes: #8747)
247
    - Revert "Workaround build failure in lb_source, after creating
248
249
250
251
252
253
254
255
256
      the ISO." This is not needed anymore given the move to the Tor
      SOCKS proxy. (Closes: #5307)
    - Remove the bootstrap stage usage option and disable all
      live-build caching in Vagrant. It introduces complexity and
      potential for strange build inconsistencies for a meager
      reduction in build time. (Closes: #8725)
    - Hardcode the mirrors used at build and boot time in auto/config.
      Our stuff will be more consistent, easier to reproduce, and our
      QA process will be more reliable if we all use the same mirrors
257
      at build time as the ones we configure in the ISO. E.g. we won't
258
259
260
261
      have issues such as #8715 again. (Closes: #8726)
    - Don't attempt to retrieve source packages from local-packages so
      local packages can be installed via
      config/chroot_local-packages. (Closes: #8756)
Tails developers's avatar
Tails developers committed
262
263
    - Use our own Tor Browser archive when building an ISO. (Closes:
      #8125)
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301

  * Test suite
    - Use libguestfs instead of parted when creating partitions and
      filsystems, and to check that only the expected files
      persist. We also switch to qcow2 as the default disk image
      format everywhere to reduce disk usage, enable us to use
      snapshots that includes the disks (in the future), and to use
      the same steps for creating disks in all tests. (Closes: #8673)
    - Automatically test that Tails ignores persistence volumes stored
      on non-removable media, and doesn't enable swaps. (Closes:
      #7822)
    - Actually make sure that Tails can boot from live systems stored
      on a hard drive. Running the 'I start Tails from DVD ...' step
      will override the earlier 'the computer is set to boot from ide
      drive "live_hd"' step, so let's make the "from DVD" part
      optional; it will be the default any way.
    - Make it possible to use an old iso with different persistence
      presets. (Closes: #8091)
    - Hide the cursor between steps when navigating the GNOME
      applications menu. This makes it a bit more robust, again:
      sometimes the cursor is partially hiding the menu entry we're
      looking for, hence preventing Sikuli from finding it (in
      particular when it's "Accessories", since we've just clicked on
      "Applications" which is nearby). (Closes: #8875)
    - Ensure that the test will fail if "apt-get X" commands fail.
    - Test 'Tor is ready' notification in a separate scenario. (Closes:
      #8714)
    - Add automated tests for torified wget and whois. This should
      help us identify future regressions such as #8603 in their
      torifying wrappers.
    - Add automated test for opening an URL from Pidgin.
    - And add automated tests for the Tor Browser's AppArmor
      sandboxing.
    - Test that "Report an Error Launcher" opens the support
      documentation.
    - Test that the Unsafe Browser:
      * starts in various locales.
      * complains when DNS isn't configured.
302
      * tears down its chroot on shutdown.
303
304
305
306
307
308
      * runs as the correct user.
      * has no plugins or add-ons installed.
      * has no unexpected bookmarks.
      * has no proxy configured.
    - Bump the "I2P router console is ready" timeout in its test to
      deal with slow Internet connections.
Tails developers's avatar
Tails developers committed
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
    - Make the automatic tests of gpgApplet more robust by relying
      more on graphical elements instead of keyboard shortcuts and
      static sleep():s. (Closes: #5632)
    - Make sure that enough disk space is available when creating
      virtual storage media. (Closes: #8907)
    - Test that the Unsafe Browser doesn't generate any non-user
      initiated traffic, and in particular that it doesn't check for
      upgrades, which is a regression test for #8694. (Closes: #8702)
    - Various robustness improvements to the Synaptic tests. (Closes:
      #8742)
    - Automatically test Git. (Closes: #6307)
    - Automatically test GNOME Screenshot, which is a regression test
      for #8087. (Closes: #8688)
    - Fix a quoting issue with `tails_persistence_enabled?`. (Closes:
      #8919)
    - Introduce an improved configuration system that also can store
      local secrets, like user credentials needed for some
      tests. (Closes: #6301, #8188)
    - Actually verify that we successfully set the time in our time
      syncing tests. (Closes: #5836)
    - Automatically test Tor. This includes normal functionality and
      the use pluggable transports, that our Tor enforcement is
      effective (e.g. only the Tor network or configured bridges are
      contacted) and that our stream isolation configuration is
      working. (Closes: #5644, #6305, #7821)
334

Tails developers's avatar
Tails developers committed
335
 -- Tails developers <tails@boum.org>  Mon, 23 Feb 2015 17:14:00 +0100
336

Tails developers's avatar
Tails developers committed
337
tails (1.2.3) unstable; urgency=medium
338

Tails developers's avatar
Tails developers committed
339
  * Security fixes
340
341
342
    - Upgrade Linux to 3.16.7-ckt2-1.
    - Upgrade Tor Browser to 4.0.3 (based on Firefox 31.4.0esr)
      (Closes: #8700).
Tails developers's avatar
Tails developers committed
343
344
345
346
347
348
349
350
351
352
    - Fail safe by entering panic mode if macchanger exits with an
      error, since in this situation we have to treat the
      driver/device state as undefined. Also, we previously just
      exited the script in this case, not triggering the panic mode
      and potentially leaking the real MAC address (Closes: #8571).
    - Disable upgrade checking in the Unsafe Browser. Until now the
      Unsafe Browser has checked for upgrades of the Tor Browser in
      the clear (Closes: #8694).

  * Bugfixes
353
    - Fix startup of the Unsafe Browser in some locales (Closes: #8693).
Tails developers's avatar
Tails developers committed
354
355
356
357
358
359
360
361
362
    - Wait for notification-daemon to run before showing the MAC
      spoofing panic mode notifications. Without this, the "Network
      card disabled" notification is sometimes lost when MAC spoofing
      fails. Unfortunately this only improves the situation, but
      doesn't fix it completely (see #8685).
    - Log that we're going to stop NetworkManager before trying to do
      it in the MAC spoofing scripts. Without this we wouldn't get the
      log message in case stopping NetworkManager fails (thanks to
      `set -e`).
363
    - Set GNOME Screenshot preferences to save the screenshots in
Tails developers's avatar
Tails developers committed
364
      /home/amnesia (Closes: #8087).
365
366
    - Do not suspend to RAM when closing the lid on battery power
      (Closes: #8071).
Tails developers's avatar
Tails developers committed
367
368
369
370
371
    - Properly update the Tails Installer's status when plugging in a
      USB drive after it has started (Closes: #8353).
    - Make rsync compare file contents by using --checksum for more
      reliable generation of the squashfs filesystem in
      IUKs. Previously it used the default, which is checking
372
373
374
      timestamps and file size, but that doesn't play well with the
      Tor browser files, that have a fixed mtime, which could result
      in updated files not ending up in the IUK.
Tails developers's avatar
Tails developers committed
375
376

  * Minor improvements
377
378
    - Finish migrating tails-security-check's and tails-iuk's pinning
      to our website's new X.509 certificate authority (Closes: #8404).
Tails developers's avatar
Tails developers committed
379
380

  * Build system
381
    - Update to Vagrant build box tails-builder-20141201. The only
Tails developers's avatar
Tails developers committed
382
383
384
385
      change is the removal of a reference to an ISO image which
      doesn't exist (except on the system that generated the build
      box) which causes an error for some users (Closes: #7644).
    - Generate the list of packages used during build, after building
386
387
388
      with Jenkins (Closes: #8518). This allows tracking their status
      on the Debian reproducible build front:
      https://reproducible.debian.net/index_pkg_sets.html#tails
Tails developers's avatar
Tails developers committed
389
390

  * Automated test suite
391
    - Check PO files with i18nspector (Closes: #8359).
Tails developers's avatar
Tails developers committed
392
393
394
395
396
397
398
399
400
401
    - Fix the expected image of a check.tp.o failure. Previously we
      looked for the "Sorry. You are not using Tor." text, but it
      seems it recently changed enough for Sikuli to not find it. To
      prevent future errors of the same kind we'll look for the
      crossed-over onion icon instead (Closes: #8533).
    - Bump timeout when waiting for Tor to re-bootstrap. We have a
      dreaded issue with timeouts that are multiple of 2 minutes, and
      then Tor succeeds soon after, so in order to allow for this
      timeout to be reached twice, and then possibly succeed, let's
      use N*2 minutes + 30 seconds, with N=2.
402

Tails developers's avatar
Tails developers committed
403
 -- Tails developers <tails@boum.org>  Wed, 14 Jan 2015 16:12:26 +0100
404

Tails developers's avatar
Tails developers committed
405
tails (1.2.2) unstable; urgency=medium
406

Tails developers's avatar
Tails developers committed
407
408
  * Bugfixes
    - Create a CA bundle for Tails Upgrader at ISO build time, and
409
      patch Tails Upgrader to use it. Specifically this will make it
Tails developers's avatar
Tails developers committed
410
411
412
      possible to check for Tails upgrades after our website changes
      certificate around the 2014 to 2015 transition (Partially fixes
      #8404).
413

Tails developers's avatar
Tails developers committed
414
 -- Tails developers <tails@boum.org>  Mon, 15 Dec 2014 10:05:17 +0100
415

Tails developers's avatar
Tails developers committed
416
tails (1.2.1) unstable; urgency=low
417

Tails developers's avatar
Tails developers committed
418
419
420
  * Security fixes
    - Upgrade Linux to 3.16.0-4, i.e. 3.16.7-1.
    - Install Tor Browser 4.0.2 (based on Firefox 31.3.0esr).
421

Tails developers's avatar
Tails developers committed
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
  * Bugfixes
    - Install syslinux-utils, to get isohybrid back (Closes: #8155).
    - Update xserver-xorg-input-evdev to 1:2.7.0-1+tails1 which
      includes a patch that restores mouse scrolling in KVM/Spice
      (Closes: 7426).
    - Set Torbutton logging preferences to the defaults (Closes:
      #8160). With the default settings, no site-specific information is
      logged.
    - Use the correct stack of rootfs:s for the chroot browsers (Closes:
      #8152, #8158). After installing incremental upgrades Tails' root
      filesystem consists of a stack squashfs:s, not only
      filesystem.squashfs. When not stacking them correct we may end up
      using the Tor Browser (Firefox) from an older version of Tails, or
      with no Tor Browser at all, as in the upgrade from Tails 1.1.2 to
      1.2, when we migrated from Iceweasel to the Tor Browser. Based on
      a patch contributed by sanic.
    - Use the Tor Browser for MIME type that GNOME associates with
      Iceweasel (Closes: #8153). Open URLs from Claws Mail, KeePassX
      etc. should be possible again.
    - Update patch to include all Intel CPU microcodes (Closes: #8189).
    - AppArmor: allow Pidgin to run Tor Browser unconfined, with
      scrubbed environment (Closes: #8186). Links opened in Pidgin are
      now handled by the Tor Browser.
    - Install all localized Iceweasel search plugins (Closes: #8139).
    - When generating the boot profile, ignore directories in
      process_IN_ACCESS as well (Closes: #7925). This allows ut to
      update the squashfs-ordering again in Tails 1.2.1.
    - gpgApplet: Don't pass already encoded data to GTK2 (Closes:
      #7968). It's now possible to clearsign text including non-ASCII
      characters.
    - Do not run the PulseAudio initscript, neither at startup nor
      shutdown (Closes: #8082).

  * Minor improvements
    - Upgrade I2P to 0.9.17-1~deb7u+1.
    - Make GnuPG configuration closer to the best practices one
      (Closes: #7512).
    - Have GnuPG directly use the Tor SOCKS port (Closes: #7416).
    - Remove TrueCrypt support and documentat how to open TrueCrypt
      volumes using cryptsetup (Closes: #5373).
    - Install hopenpgp-tools from Debian Jessie.

  * Build system
    - Add gettext >= 0.18.3 as a Tails build dependency. We need it for
      xgettext JavaScript support in feature/jessie.

  * Automated test suite
    - Don't click to open a sub-menu in the GNOME applications menu
      (Closes: #8140).
    - When testing the Windows camouflage, look for individual systray
      applets, to avoid relying on their ordering (Closes: #8059).
    - Focus the Pidgin Buddy List before looking for something
      happening in it (Closes: #8161).
    - Remove workaround for showing the TBB's menu bar (Closes #8028).

 -- Tails developers <tails@boum.org>  Tue, 02 Dec 2014 11:34:03 +0100
478

Tails developers's avatar
Tails developers committed
479
tails (1.2) unstable; urgency=medium
Tails developers's avatar
Tails developers committed
480

481
482
  * Major new features
    - Migrate from Iceweasel to the Tor Browser from the Tor Browser
483
484
      Bundle 4.0 (based on Firefox 31.2.0esr). This fixes the POODLE
      vulnerability.
485
486
487
488
489
      The installation in Tails is made global (multi-profile), uses
      the system-wide Tor instance, disables the Tor Browser updater,
      and keeps the desired deviations previously present in Iceweasel,
      e.g. we install the AdBlock Plus add-on, but not Tor Launcher (since
      we run it as a standalone XUL application), among other things.
490
    - Install AppArmor's userspace tools and apparmor-profiles-extra
491
492
493
494
      from Wheezy Backports, and enable the AppArmor Linux Security
      Module. This adds Mandatory Access Control for several critical
      applications in Tails, including Tor, Vidalia, Pidgin, Evince
      and Totem.
495
    - Isolate I2P traffic from the Tor Browser by adding a dedicated
496
      I2P Browser. It is set up similarly to the Unsafe Browser,
497
      but further disables features that are irrelevant for I2P, like
498
      search plugins and the AdBlock Plus addon, while keeping Tor Browser
499
      security features like the NoScript and Torbutton addons.
500
    - Upgrade Tor to 0.2.5.8-rc-1~d70.wheezy+1.
Tails developers's avatar
Tails developers committed
501

502
503
504
505
506
507
508
509
510
  * Security fixes
    - Disable TCP timestamps (Closes: #6579).

  * Bugfixes
    - Remove expired Pidgin certificates (Closes: #7730).
    - Use sudo instead of gksudo for running tails-upgrade-frontend to
      make stderr more easily accessible (Closes: #7431).
    - Run tails-persistence-setup with sudo instead of gksudo to make
      stderr more easily accessible, and allow the desktop user to
511
512
      pass the --verbose parameter (Closes: #7623).
    - Disable CUPS in the Unsafe Browser. This will prevent the
513
      browser from hanging for several minutes when accidentally
514
      pressing CTRL+P or trying to go to File -> Print (Closes: #7771).
515
516

  * Minor improvements
517
518
519
520
521
    - Install Linux 3.16-3 (version 3.16.5-1) from Debian
      unstable (Closes: #7886, #8100).
    - Transition away from TrueCrypt: install cryptsetup and friends
      from wheezy-backports (Closes: #5932), and make it clear that
      TrueCrypt will be removed in Tails 1.2.1 (Closes: #7739).
522
523
524
525
526
527
528
529
530
    - Install Monkeysign dependencies for qrcodes scanning.
    - Upgrade syslinux to 3:6.03~pre20+dfsg-2~bpo70+1, and install
      the new syslinux-efi package.
    - Upgrade I2P to 0.9.15-1~deb7u+1
    - Enable Wheezy proposed-updates APT repository and setup APT
      pinnings to install packages from it.
    - Enable Tor's syscall sandbox. This feature (new in 0.2.5.x)
      should make Tor a bit harder to exploit. It is only be enabled
      when when no special Tor configuration is requested in Tails
531
      Greeter due to incompatibility with pluggable transports.
532
533
534
    - Start I2P automatically when the network connects via a
      NetworkManager hook, and "i2p" is present on the kernel command
      line. The router console is no longer opened automatically, but
535
536
      can be accessed through the I2P Browser (Closes: #7732).
    - Simplify the IPv6 ferm rules (Closes: #7668).
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
    - Include persistence.conf in WhisperBack reports (Closes: #7461)
    - Pin packages from testing to 500, so that they can be upgraded.
    - Don't set Torbutton environment vars globally (Closes: #5648).
    - Enable VirtualBox guest additions by default (Closes: #5730). In
      particular this enables VirtualBox's display management service.
    - In the Unsafe Browser, hide option for "Tor Browser Health
      report", and the "Get Addons" section in the Addon manager
      (Closes: #7952).
    - Show Pidgin's formatting toolbar (Closes: #7356). Having the
      formatting toolbar displayed in Pidgin makes the OTR status more
      explicit by displaying it with words.

  * Automated test suite
    - Add --pause-on-fail to ease VM state debugging when tests
      misbehave.
    - Add execute_successfully() and assert_vmcommand_success() for
      added robustness when executing some command in the testing VM.
    - Use Test::Unit::Assertions instead of our home-made assert().
    - Add test for persistent browser bookmarks.
    - Add basic tests for Pidgin, Totem and Evince, including their
      AppArmor enforcement.
    - Factorize some common step pattern into single steps.
    - Factorize running a command in GNOME Terminal.
    - Add common steps to copy a file and test for its existence.
    - Add a wait_and_double_click Sikuli helper method.
    - Add a VM.file_content method, to avoid repeating ourselves, and
      use it whenever easily doable.
    - Drop test that diffs syslinux' exithelp.cfg: we don't ship this
      file anymore.
    - In the Unsafe Browser tests, rely on subtle timing less (Closes:
      #8009).
    - Use the same logic to determine when Tor is working in the test
      suite as in Tails itself. The idea is to avoid spamming the Tor
      control port during bootstrap, since we've seen problems with
      that already.

Tails developers's avatar
Tails developers committed
573
 -- Tails developers <tails@boum.org>  Wed, 15 Oct 2014 18:34:50 +0200
Tails developers's avatar
Tails developers committed
574

Tails developers's avatar
Tails developers committed
575
tails (1.1.2) unstable; urgency=medium
576

Tails developers's avatar
Tails developers committed
577
578
579
580
  * Security fixes
    - Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
      (fixes Mozilla#1064636).
    - Install Linux 3.16-1 from sid (Closes: #7886).
581
582
583
584
585
    - Upgrade file to 5.11-2+deb7u5 (fixes CVE-2014-0207,
      CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479,
      CVE-2014-3480, CVE-2014-3487, CVE-2014-3538 and CVE-2014-3587).
    - Upgrade curl to 7.26.0-1+wheezy10 (fixes CVE-2014-3613 and
      CVE-2014-3620).
586
587
    - Upgrade bind9-based packages to 1:9.8.4.dfsg.P1-6+nmu2+deb7u2
      (fixes CVE-2014-0591).
588
589
    - Upgrade gnupg to 1.4.12-7+deb7u6 (fixes CVE-2014-5270).
    - Upgrade apt to 0.9.7.9+deb7u5 (fixes CVE-2014-0487,
590
591
      CVE-2014-0488, CVE-2014-0489, CVE-2014-0490, and
      CVE-2014-6273.).
592
593
594
595
    - Upgrade dbus to 1.6.8-1+deb7u4 (fixes CVE-2014-3635,
      CVE-2014-3636, CVE-2014-3637, CVE-2014-3638 and CVE-2014-3639).
    - Upgrade libav-based pacakges to 6:0.8.16-1 (fixes
      CVE-2013-7020).
596
    - Upgrade bash to 4.2+dfsg-0.1+deb7u1 (fixes CVE-2014-6271).
597

Tails developers's avatar
Tails developers committed
598
 -- Tails developers <tails@boum.org>  Tue, 23 Sep 2014 23:01:40 -0700
599

Tails developers's avatar
Tails developers committed
600
tails (1.1.1) unstable; urgency=medium
601

Tails developers's avatar
Tails developers committed
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
  * Security fixes
    - Upgrade the web browser to 24.8.0esr-0+tails1~bpo70+1
      (Firefox 24.8.0esr + Iceweasel patches + Torbrowser patches).
      Also import the Tor Browser profile at commit
      271b64b889e5c549196c3ee91c888de88148560f from
      ttp/tor-browser-24.8.0esr-3.x-1.
    - Upgrade Tor to 0.2.4.23-2~d70.wheezy+1 (fixes CVE-2014-5117).
    - Upgrade I2P to 0.9.14.1-1~deb7u+1.
    - Upgrade Linux to 3.14.15-2 (fixes CVE-2014-3534, CVE-2014-4667
      and CVE-2014-4943).
    - Upgrade CUPS-based packages to 1.5.3-5+deb7u4 (fixes
      CVE-2014-3537, CVE-2014-5029, CVE-2014-5030 and CVE-2014-5031).
    - Upgrade libnss3 to 2:3.14.5-1+deb7u1 (fixes CVE-2013-1741,
      CVE-2013-5606, CVE-2014-1491 and CVE-2014-1492).
    - Upgrade openssl to 1.0.1e-2+deb7u12 (fixes CVE-2014-3505,
      CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509,
      CVE-2014-3510, CVE-2014-3511, CVE-2014-3512 and CVE-2014-5139).
    - Upgrade krb5-based packages to 1.10.1+dfsg-5+deb7u2 (fixes
      CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344 and
      CVE-2014-4345).
    - Upgrade libav-based packages to 6:0.8.15-1 (fixes CVE-2011-3934,
      CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851,
      CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672,
      CVE-2013-3674 and CVE-2014-2263.
    - Upgrade libgpgme11 to 1.2.0-1.4+deb7u1 (fixes CVE-2014-5117).
    - Upgrade python-imaging to 1.1.7-4+deb7u1 (fixes CVE-2014-3589).
    - Prevent dhclient from sending the hostname over the network
      (Closes: #7688).
    - Override the hostname provided by the DHCP server (Closes: #7769).
    - Add an I2P boot parameter. Without adding "i2p" to the kernel
      command line, I2P will not be accessible for the Live user.
    - Stricter I2P firewall rules:
      * deny I2P from accessing the LAN
      * deny I2P from accessing the loopback device, except for select
        whitelisted services
      * allow I2P access to the Internet
      The ACCEPT rules will only be enabled when the string 'i2p' is
      passed at the boot prompt. The rules which DENY or REJECT
      access for the 'i2psvc' user will always be applied.
    - Disable I2P plugins, since it doesn't make much sense without
      persistence, and should eliminate some attack vectors.
    - Disable I2P's BOB port. No maintained I2P application uses it.
644

Tails developers's avatar
Tails developers committed
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
  * Bugfixes
    - Fix condition clause in tails-security-check (Closes: #7657).
    - Don't ship OpenJDK 6: I2P prefers v7, and we don't need both.
    - Prevent Tails Installer from updating the system partition
      properties on MBR partitions (Closes: #7716).

  * Minor improvements
    - Upgrade to Torbutton 1.6.12.1.
    - Install gnome-user-guide (Closes: #7618).
    - Install cups-pk-helper (Closes: #7636).
    - Update the SquashFS sort file.
    - Compress the SquashFS more aggressively (Closes: #7706).
    - I2P: Keep POP3 email on server. The default in the I2P webmail
      app was to keep mail on the server, but that setting was changed
      recently. This configuration setting (susimail.config) will only
      be copied over in I2P 0.9.14 and newer.
    - Add a Close button to the Tails Installer launcher window.

  * Build system
    - Migrate Vagrant basebox to Debian Wheezy (Closes #7133, #6736).
    - Consistently use the same Debian mirror.
    - Disable runtime APT proxy configuration when using APT in
      binary_local-hooks (Closes: #7691).

  * Automated test suite
    - Automatically test hostname leaks (Closes: #7712).
    - Move autotest live-config hook to be run last. This way we'll
      notice if some earlier live-config hook cancels all hooks by
      running the automated test suite since the remote shell won't be
      running in that case.
    - Test that the I2P boot parameter does what it's supposed to do
      (Closes: #7760).
    - Start applications by using the GNOME Applications menu instead
      of the GNOME Run Dialog (Closes: #5550, #7060).
679

Tails developers's avatar
Tails developers committed
680
 -- Tails developers <tails@boum.org>  Sun, 31 Aug 2014 20:49:28 +0000
681

Tails developers's avatar
Tails developers committed
682
tails (1.1) unstable; urgency=medium
683

684
685
686
687
688
689
  * Rebase on Debian Wheezy
    - Upgrade literally thousands of packages.
    - Migrate to GNOME3 fallback mode.
    - Install LibreOffice instead of OpenOffice.
    - Remove custom LSB logging: Wheezy has fancy colored init
      logging.
690

691
  * Major new features
692
    - UEFI boot support.
693
694
    - Replace the Windows XP camouflage with an experimental Windows 8
      camouflage.
695
    - Install Linux 3.14.12-1 from Debian unstable.
696
697
698
    - Bring back VirtualBox guest modules, installed from Wheezy
      backports. Full functionality is only available when using the
      32-bit kernel.
699

700
  * Security fixes
701
    - Fix write access to boot medium via udisks (#6172).
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
    - Don't allow the desktop user to pass arguments to
      tails-upgrade-frontend (Closes: #7410).
    - Make persistent file permissions safer (Closes #7443):
      * Make the content of /etc/skel non-world-readable. Otherwise,
        such files may be copied to /home/amnesia, and in turn to the
        persistent volume, with unsafe permissions. That's no big deal
        in /home/amnesia (that is itself not world-readable), *but*
        the root of the persistent volume has to be world-readable.
      * Have activate_custom_mounts create new directories with safe
        permissions.
      * Set strict permissions on /home/amnesia (Closes: #7463).
      * Fix permissions on persistent directories that were created
        with unsafe permissions (Closes: #7458).
      * Fix files ownership while copying persistence (Closes: #7216).
        The previous instructions to copy the persistent data were
        creating personal files that belong to root. I don't think
        there is a way of preserving the original ownership using
        Nautilus (unless doing a "move" instead of a "copy" but that's
        not what we are trying to do here).
    - Disable FoxyProxy's proxy:// protocol handler (Closes: #7479).
      FoxyProxy adds the proxy:// protocol handler, which can be used
      to configure the proxy via an URI. A malicious web page can
      include (or a malicious exit node can inject) some JavaScript
      code to visit such an URI and disable or otherwise change
      Iceweasel's proxy settings. While using this to disable
      proxying will be dealt with safely by our firewall, this could
      be used to defeat stream isolation, although the user must be
      tricked into accepting the new proxy settings.
730
731
732
733
734
735
736
    - Upgrade the web browser to 24.7.0esr-0+tails1~bpo70+1
      (Firefox 24.7.0esr + Iceweasel patches + Torbrowser patches).
    - Upgrade to Linux 3.14.12-1 (fixes CVE-2014-4699).
    - Upgrade libav-based packages to 0.8.13-1 (fixes CVE-2014-4609).
    - Upgrade to libxml2 2.8.0+dfsg1-7+wheezy1 (fixes CVE-2014-0191).
    - Upgrade to dbus 1.6.8-1+deb7u3 (fixes CVE-2014-3477,
      CVE-2014-3532 and CVE-2014-3533).
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756

  * Bugfixes
    - Disable GNOME keyring's GnuPG functionality. (Closes: #7330) In
      feature/regular-gnupg-agent, we installed the regular GnuPG
      agent so that it is used instead of GNOME keyring's one. This is
      not enough on Wheezy, so let's disable the starting of the "gpg"
      component of GNOME keyring.
    - Make sure /etc/default/locale exists, with a sensible default
      value (Closes: #7333). Before Tails Greeter's PostLogin script
      are run, /etc/default/locale does not exist on Wheezy. Our
      tails-kexec initscript (and quite a few other scripts we run)
      depends on this file to exist. So, let's make sure it exists,
      with a sensible default value.
    - Create the tails-persistence-setup user with the same UID/GID it
      had on Tails/Squeeze. (Closes: #7343) Else, our various checks
      for safe access rights on persistence.conf fail.
    - Revert back to browsing the offline documentation using Iceweasel
      instead of Yelp (Closes: #7390, #7285).
    - Make the new NetworkManager configuration directory persistent,
      when the old one was, but disable the old one (Closes: #7338).
Tails developers's avatar
Tails developers committed
757
758
759
760
    - Before running tails-upgrade-frontend, chdir to a world-readable
      place (Closes: #7641). In particular, Archive::Tar::Wrapper,
      when called by tails-install-iuk, wants to chdir back to the
      original cwd after it has chdir'd elsewhere to do its job.
761
762
763

  * Minor improvements
    - Install seahorse-nautilus, replacing seahorse-plugins (Closes #5516).
764
    - Install hledger (custom backport, for now): our accountants need this.
765
766
767
768
769
770
771
772
773
774
775
776
    - Install stable Scribus instead of scribus-ng.
    - Install the printer driver for Epson Inkjet that use ESC/P-R.
    - Install the BookletImposer PDF imposition toolkit. It's tiny,
      and really helpful e.g. when producing booklets.
    - Install gtkhash and nautilus-gtkhash (Closes #6763).
    - Import new version of Tor Launcher:
      · Now based on upstream Tor Launcher 0.2.5.4.
      · Tor bug #11772: Proxy Type menu not set correctly
      · Tor bug #11699: Change &amp;#160 to &#160; in network-settings.dtd
      · Correctly handle startup paths that contain dot.
    - Upgrade to Torbutton 1.6.9.0.
    - Avoid shipping python2.6 in addition to python2.7.
777
778
    - Don't install Gobby 0.4 anymore. Gobby 0.5 has been available in
      Debian since Squeeze, now is a good time to drop the obsolete
779
780
781
782
783
784
785
786
787
788
789
790
791
      0.4 implementation.
    - Require a bit less free memory before checking for upgrades with
      Tails Upgrader. The general goal is to avoid displaying "Not
      enough memory available to check for upgrades" too often due to
      over-cautious memory requirements checked in the wrapper.
    - Make Tails Greeter's help window resolution-aware. Previously it
      used a static 800x600 which was problematic on lower resolutions,
      and sub-optimal on higher resolutions. Now it adapts itself
      according to the screen resolution.
    - Whisperback now sanitizes attached logs better with respect to
      DMI data, IPv6 addresses, and serial numbers (Closes #6797,
      #6798, #6804).
    - Integrate the new logo in Tails Installer (Closes #7095)
792
793
794
795
796
797
798
799
800
801
    - Also install linux-base and linux-compiler-gcc-4.8-x86 from
      sid. This way, we can get rid of our linux-compiler-gcc-4.8-x86
      3.12, and it makes things a bit more consistent.
    - Include the syslinux binary, and its MBR, in the ISO filesystem.
      This in turn allows Tails Installer to use this binary and MBR,
      which is critical for avoiding problems (such as #7345) on
      "Upgrade from ISO".
    - Include syslinux.exe for win32 in utils/win32/ on the ISO
      filesystem (Closes: #7425).
    - Tails Installer:
802
      * Add consistent margins in GUI.
803
804
805
806
807
808
809
810
811
      * Always reset the target drive's MBR, without asking for
        confirmation, after installing or upgrading.
      * Install the bootloader using the syslinux binary found on the
        target device, once the Live OS has been extracted/copied
        there.
    - Enable double-clicking to pick entries in the language or
      keyboard layout lists in Tails Greeter.
    - Install backport of shared-mime-info 1.3 (Closes: #7079).
    - Make sanity-check prompts closable in Tails Persistence Setup
Tails developers's avatar
Tails developers committed
812
      (Closes: #7119).
813
    - Fix quick search in Tails Greeter's Other languages window
Tails developers's avatar
Tails developers committed
814
      (Closes: #5387).
815
816
817
818
819
    - Install systemd. It is not enabled by default, but having it
      around will help doing the migration work.
    - Enable AppArmor on the kernel command-line. This is a no-op
      without the userspace tools and with no profile shipped, but it
      will make it easier to fix this part of the situation.
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841

  * Build system
    - Bump Vagrant builder's memory for RAM builds. Wheezy requires
      more space to build, and the resulting image is larger.
    - Fix Vagrant compatibility issue. Some classes' methods/fields
      have been renamed between Vagrant versions, so we need a simple
      compatibility layer to support all versions. Without this, it's
      not possible to issue e.g. a `build` command to an already
      running (i.e. `vm:up`:ed) Vagrant instance.
    - Move cpu and mem checks to the `build` task. Previously, when
      they were checked in `vm:up` *only* when issued while the VM
      already is up, so these checks weren't run if one issues a
      `build` when the VM is off. Now we'll fail earlier with a more
      informative error message, and it looks like a more logical home
      for them too.
    - Fix buggy memory checks for RAM building. We have to take into
      account which state the Vagrant VM is in for determining *where*
      we check if enough memory is available for a RAM build. If it's
      off, we check the host; if it's on we check the VM. Previously
      we always checked the host, which doesn't make sense when the VM
      is already started.

842
  * Automated test suite
843
844
845
    - Bump the tester VM's RAM by 256 MiB. There is not enough free
      RAM to run Tails Upgrader with just 1 GiB of RAM after the
      migration to Wheezy.
846
847
848
849
850
851
    - Always adjust OOM and memory overcommit settings. The kernel
      freezes seem to also happen for the amd64 kernel when filling
      the memory.
    - Add option to make Sikuli rety on FindFailed. This makes it
      possible to update manu images for Sikuli in just *one* test
      suite run, by continuously updating outdated pictures as we go.
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
    - Actually run "Upgrade from ISO" from a USB drive running the old
      version. That's what users do, and is buggy.
    - Automatically test persistent directories permissions (Closes: #7560).
    - Use read-write persistence when testing upgraded USB
      installations.  Otherwise e.g. the permission fixes won't get
      applied, and the subsequent steps testing the permissions will
      fail.
    - Actually check that the ISO's Tails is installed. The step
      "Tails is installed on USB drive $TARGET" only checks that the
      *running* Tails is installed on $TARGET, which obviously fails
      when doing an upgrade from ISO running an old Tails. That it
      worked for the same scenario running the current Tails is just
      coincidental.
    - Use OpenJDK 7 to run our test suite (Closes #7175).
    - Use qemu-system-x86_64 directly, instead of kvm, for running the
      automated test suite (Closes: #7605).

 -- Tails developers <tails@boum.org>  Sun, 20 Jul 2014 23:16:13 +0200

tails (1.0.1) unstable; urgency=medium
872

873
874
875
876
877
878
879
880
881
882
883
  * Security fixes
    - Upgrade the web browser to 24.6.0esr-0+tails1~bpo60+1
      (Firefox 24.6.0esr + Iceweasel patches + Torbrowser patches).
      Also import the Tor Browser profile at commit
      90ba8fbaf6f23494f1a0e38d63153b3b7e65d3d3 from
      ttp/tor-browser-24.6.0esr-3.x-1.
    - Install Linux 3.14 from Debian unstable (fixes CVE-2014-3153 and
      others).
    - Install openssl from Squeeze LTS (fixes CVE-2014-0076,
      CVE-2014-0195, CVE-2014-0221, CVE-2014-3470 and CVE-2014-0224).
    - Install GnuTLS from Squeeze LTS (fixes CVE-2014-3466.).
884

885
886
887
888
889
890
891
892
  * Minor improvements
    - Add Squeeze LTS APT sources. It has been given a low pinning
      priority so explicit pinning must be used to actually install
      anything from it.
    - Upgrade Tor to 0.2.4.22-1~d60.squeeze+1.
    - Upgrade I2P to 0.9.13-1~deb6u+1.

 -- Tails developers <tails@boum.org>  Sun, 08 Jun 2014 19:14:00 +0200
893

Tails developers's avatar
Tails developers committed
894
tails (1.0) unstable; urgency=medium
895

Tails developers's avatar
Tails developers committed
896
897
898
  * Security fixes
    - Upgrade the web browser to 24.5.0esr-0+tails1~bpo60+1
      (Firefox 24.5.0esr + Iceweasel patches + Torbrowser patches).
899
900
901
    - Upgrade Tor to 0.2.4.21-1+tails1~d60.squeeze+1:
      * Based on 0.2.4.21-1~d60.squeeze+1.
      * Backport the fix for Tor bug #11464. It adds client-side blacklists for
Tails developers's avatar
Tails developers committed
902
903
904
        all Tor directory authority keys that was vulnerable to Heartbleed.
        This protects clients in case attackers were able to compromise a
        majority of the authority signing and identity keys.
905

Tails developers's avatar
Tails developers committed
906
   * Bugfixes
Tails developers's avatar
Tails developers committed
907
    - Disable inbound I2P connections. Tails already restricts incoming
908
909
910
      connections, but this change tells I2P about it.
    - Fix link to the system requirements documentation page in the Tails
      Upgrader error shown when too little RAM is available.
911

912
913
914
915
916
917
918
919
920
921
922
923
924
  * Minor improvements
    - Upgrade I2P to 0.9.12-2~deb6u+1.
    - Import TorBrowser profile. This was forgotten in Tails 0.23 and even
      though we didn't explicitly set those preferences in that release
      they defaulted to the same values. This future-proofs us in case the
      defaults would ever change.
    - Import new custom version of tor-launcher:
      * Based on upstream Tor Launcher 0.2.5.3.
      * Improve how Tor Launcher handles incomplete translation.
        (Tor bug #11483; more future-proof fix for Tails bug #6885)
      * Remove the bridge settings prompt. (Tor bug #11482; closes Tails
        bug #6934,)
      * Always show bridge help button. (Tor bug #11484)
Tails developers's avatar
Tails developers committed
925
926
927
928
    - Integrate the new Tails logo into various places:
      * The website
      * The boot splash
      * The "About Tails" dialog
929
930
931
932
933
934
935
936

  * Build system
    - Use the stable APT suite when building from the stable Git branch
      (Closes: #7022).

  * Test suite
    - Add test for the #7022 fix.

Tails developers's avatar
Tails developers committed
937
 -- Tails developers <tails@boum.org>  Sun, 27 Apr 2014 19:34:01 +0200
938

Tails developers's avatar
Tails developers committed
939
tails (0.23) unstable; urgency=medium
940

941
942
943
944
  * Security fixes
    - Upgrade the web browser to 24.4.0esr-0+tails1~bpo60+1
      (Firefox 24.4.0esr + Iceweasel patches + Torbrowser patches).

945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
  * Major new features
    - Spoof the network interfaces' MAC address by default (Closes: #5421),
      as designed on https://tails.boum.org/contribute/design/MAC_address/.
    - Rework the way to configure how Tor connects to the network
      (bridges, proxy, fascist firewall): add an option to Tails Greeter,
      start Tor Launcher when needed (Closes: #5920, #5343).

  * Bugfixes
    - Additional software: do not crash when persistence is disabled
      (Closes: #6440).
    - Upgrade Pidgin to 2.10.9, that fixes some regressions introduced
      in the 2.10.8 security update (Closes: #6661).
    - Wait for Tor to have fully bootstrapped, plus a bit more time,
      before checking for upgrades (Closes: #6728) and unfixed known
      security issues.
    - Disable the Intel Management Engine Interface driver (Closes: #6460).
      We don't need it in Tails, it might be dangerous, and it causes bugs
      on various hardware such as systems that reboot when asked to shut down
    - Add a launcher for the Tails documentation. This makes it available
      in Windows Camouflage mode (Closes: #5374, #6767).
    - Remove the obsolete wikileaks.de account from Pidgin (Closes: #6807).

  * Minor improvements
    - Upgrade Tor to 0.2.4.21-1~d60.squeeze+1.
    - Upgrade obfsproxy to 0.2.6-2~~squeeze+1.
    - Upgrade I2P to 0.9.11-1deb6u1.
    - Install 64-bit kernel instead of the 686-pae one (Closes: #5456).
      This is a necessary first step towards UEFI boot support.
    - Install Monkeysign (in a not-so-functional shape yet).
    - Disable the autologin text consoles (Closes: #5588). This was one of
      the blockers before a screen saver can be installed
      in a meaningful way (#5684).
    - Don't localize the text consoles anymore: it is broken on Wheezy,
      the intended users can as well use loadkeys, and we now do not have
      to trust setupcon to be safe for being run as root by the desktop user.
    - Make it possible to manually start IBus.
    - Reintroduce the possibility to switch identities in the Tor Browser,
      using a filtering proxy in front of the Tor ControlPort to avoid giving
      full control over Tor to the desktop user (Closes: #6383).
    - Incremental upgrades improvements:
      · Drop the Tails Upgrader launcher, to limit users' confusion
        (Closes: #6513).
      · Lock down sudo credentials a bit.
988
      · Hide debugging information (Closes: #6505).
989
990
      · Include ~/.xsession-errors in WhisperBack bug reports.
        This captures the Tails Upgrader errors and debugging information.
991
992
993
      · Report more precisely why an incremental upgrade cannot be done
        (Closes: #6575).
      · Various user interface and phrasing improvements.
994
995
996
997
998
999
1000
    - Don't install the Cookie Monster browser extension (Closes: #6790).
    - Add a browser bookmark pointing to Tor's Stack Exchange (Closes: #6632).
    - Remove the preconfigured #tor channel from the Pidgin: apparently,
      too many Tails users go ask Tails questions there, without making
      it clear that they are running Tails, hence creating a user-support
      nightmare (Closes: #6679).
    - Use (most of) Tor Browser's mozconfig (Closes: #6474).