Commit 7c1a95f8 authored by sajolida's avatar sajolida
Browse files

Merge remote-tracking branch 'origin/master' into doc/17492-secure-boot

parents d57d1315 91e831b2
......@@ -66,3 +66,6 @@
# The test suite's local configuration files
/features/config/local.yml
/features/config/*.d/
# workarounds
/config/chroot_local-includes/tmp/tails-workarounds
......@@ -59,6 +59,8 @@ ENV['ARTIFACTS'] ||= '.'
ENV['APT_SNAPSHOTS_SERIALS'] ||= ''
ENV['TAILS_WEBSITE_CACHE'] = '1'
class CommandError < StandardError
attr_reader :status, :stderr
......@@ -247,12 +249,21 @@ task :parse_build_options do
ENV['TAILS_PROXY_TYPE'] = 'noproxy'
when 'offline'
ENV['TAILS_OFFLINE_MODE'] = '1'
when 'cachewebsite'
when /cachewebsite(?:=([a-z]+))?/
value = $1
if is_release?
$stderr.puts "Building a release ⇒ ignoring #{opt} build option"
ENV['TAILS_WEBSITE_CACHE'] = '0'
else
ENV['TAILS_WEBSITE_CACHE'] = '1'
value = 'yes' if value.nil?
case value
when 'yes'
ENV['TAILS_WEBSITE_CACHE'] = '1'
when 'no'
ENV['TAILS_WEBSITE_CACHE'] = '0'
else
raise "Unsupported value for cachewebsite option: #{value}"
end
end
# SquashFS compression settings
when 'fastcomp', 'gzipcomp'
......
......@@ -146,6 +146,14 @@ BUILD_USB_IMAGE_FILENAME="${BUILD_BASENAME}.img"
cat config/chroot_sources/*.chroot
) > "$BUILD_APT_SOURCES"
# make workarounds available in the chroot, if any:
WORKAROUNDS_SRC="submodules/tails-workarounds"
WORKAROUNDS_DST="config/chroot_local-includes/tmp/"
if [ -d "$WORKAROUNDS_SRC" ]; then
mkdir -p "$WORKAROUNDS_DST"
cp -a "$WORKAROUNDS_SRC" "$WORKAROUNDS_DST"
fi
echo "I: Building ISO image ${BUILD_ISO_FILENAME}..."
time lb build noauto ${@}
[ -e binary.iso ] || fatal "lb build failed ($?)."
......
......@@ -38,3 +38,6 @@ rm -f config/chroot_local-includes/usr/share/tails/build/variables
# static wiki
rm -rf config/chroot_local-includes/usr/share/doc/tails/website wiki/src/.ikiwiki
find wiki/src -name *.pot -exec rm {} \;
# workarounds
rm -rf config/chroot_local-includes/tmp/tails-workarounds
......@@ -22,6 +22,9 @@ KEY_FILES = [
# A new implementation of the caching mechanism should
# invalidate older cached data
'auto/scripts/website-cache',
# The website includes dates derived from the last entry
# found in debian/changelog
'debian/changelog',
# ikiwiki configuration
'ikiwiki.setup',
# ikiwiki input directory
......
......@@ -21,6 +21,7 @@ def main():
)
parser.add_argument("--hashes-file", type=str, action="store", required=True)
parser.add_argument("--jenkins-build-id", type=int, action="store", required=True)
parser.add_argument("--work-dir", type=str, action="store", default=".")
parser.add_argument("-q", "--quiet", action="store_true",
help="quiet output")
parser.add_argument("--debug", action="store_true", help="debug output")
......@@ -45,31 +46,36 @@ def main():
send_hashes_file(
hashes_file=args.hashes_file,
desthost=RSYNC_SERVER_HOSTNAME,
destdir=args.work_dir,
)
if not args.skip_downloading_iuks:
download_iuks_from_jenkins(
hashes_file=args.hashes_file,
desthost=RSYNC_SERVER_HOSTNAME,
destdir=args.work_dir,
jenkins_iuks_base_url=JENKINS_IUKS_BASE_URL,
jenkins_build_id=args.jenkins_build_id,
)
verify_iuks(
desthost=RSYNC_SERVER_HOSTNAME,
hashes_file=Path(args.hashes_file).name,
iuks_dir=args.work_dir,
hashes_file=Path(args.work_dir, args.hashes_file).name,
)
def send_hashes_file(
hashes_file: str,
desthost: str) -> None:
log.info("Sending %(f)s to %(h)s…" % {
desthost: str,
destdir: str) -> None:
log.info("Sending %(f)s to %(d)s on %(h)s…" % {
"f": hashes_file,
"d": destdir,
"h": desthost,
})
subprocess.run(
["scp", hashes_file, "%s:" % (desthost)],
["scp", hashes_file, "%s:%s" % (desthost, destdir)],
check=True
)
......@@ -83,13 +89,14 @@ def iuks_listed_in(hashes_file: str) -> List[str]:
def download_iuks_from_jenkins(
hashes_file: str,
desthost: str,
destdir: str,
jenkins_iuks_base_url: str,
jenkins_build_id: int) -> None:
log.info("Downloading IUKs from Jenkins to %s…" % (desthost))
iuks = iuks_listed_in(hashes_file)
log.debug("IUKS: %s" % ', '.join(iuks))
for iuk in iuks:
log.debug("Downloading %s" % (iuk))
log.debug("Downloading %s to %s" % (iuk, destdir))
url = "%s/%s/archive/%s" % (
jenkins_iuks_base_url,
jenkins_build_id,
......@@ -97,17 +104,20 @@ def download_iuks_from_jenkins(
)
subprocess.run(
["ssh", desthost, "wget", "--quiet", "--no-clobber",
"-O", iuk, url],
"-O", "%s/%s" % (destdir, iuk), url],
check=True
)
def verify_iuks(desthost: str, hashes_file: str) -> None:
def verify_iuks(desthost: str, iuks_dir: str, hashes_file: str) -> None:
log.info("Verifying that IUKs built on Jenkins match those you've built…")
try:
subprocess.run(
["ssh", desthost, "sha256sum", "--check", "--strict",
Path(hashes_file).name],
["ssh", desthost,
"cd '%(d)s' && sha256sum --check --strict '%(f)s'" % {
"d": iuks_dir,
"f": Path(hashes_file).name,
}],
check=True
)
except subprocess.CalledProcessError:
......
......@@ -27,15 +27,16 @@ member () {
RELEASING_VERSION="$1"
RELEASING_MAJOR_VERSION=$(major_version "$RELEASING_VERSION")
git tag | while read tag ; do
if member "$tag" $IGNORED_TAGS; then
continue
fi
version=$(echo "$tag" | perl -p -E 's,-,~,')
major_version=$(major_version "$version")
if [ "$major_version" = "$RELEASING_MAJOR_VERSION" ] && \
dpkg --compare-versions "$version" lt "$RELEASING_VERSION" ; then
echo "$version"
fi
done
(
git tag | while read tag ; do
if member "$tag" $IGNORED_TAGS; then
continue
fi
version=$(echo "$tag" | perl -p -E 's,-,~,')
major_version=$(major_version "$version")
if [ "$major_version" = "$RELEASING_MAJOR_VERSION" ] && \
dpkg --compare-versions "$version" lt "$RELEASING_VERSION" ; then
echo -n "$version "
fi
done
) | perl -p -E 's{\s*\z}{}'
......@@ -23,7 +23,7 @@ AMNESIA_APPEND="live-media=removable nopersistence noprompt timezone=Etc/UTC blo
AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63 --id 42 --verbose"
# Kernel version
KERNEL_VERSION='5.4.0-3'
KERNEL_VERSION='5.4.0-4'
KERNEL_SOURCE_VERSION=$(
echo "$KERNEL_VERSION" \
| perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms'
......
This diff is collapsed.
......@@ -96,10 +96,6 @@ Package: *
Pin: release l=Debian-Security,n=buster/updates
Pin-Priority: 990
Package: *
Pin: release o=Debian,n=buster-proposed-updates
Pin-Priority: 990
Package: *
Pin: release o=TorProject,n=buster
Pin-Priority: 990
......
#!/bin/sh
set -e
set -u
echo "Checking for possibly missing rtw88 firmware (#17323)"
# Decide where to copy from, and what:
WORKAROUNDS_FW_DIR='/tmp/tails-workarounds/linux-firmware'
DIR='rtw88'
FILES='rtw8822b_fw.bin rtw8822c_fw.bin'
# Sanity check:
orig_dir="$WORKAROUNDS_FW_DIR/$DIR"
if [ ! -d "$orig_dir" ]; then
echo "=> ERROR: Missing origin directory ($orig_dir)"
exit 1
fi
firmware_dir="/lib/firmware/$DIR"
if [ ! -d "$firmware_dir" ]; then
echo "=> Missing parent directory ($firmware_dir), creating"
mkdir -p "$firmware_dir"
fi
for file in $FILES; do
path="$firmware_dir/$file"
if [ ! -f "$path" ]; then
echo "=> Missing firmware ($file), copying"
cp "$orig_dir/$file" "$path"
else
echo "=> ERROR: Firmware for $file found, maybe this hook could be dropped"
exit 1
fi
done
From 619c17e0dc3d1cbfdf3859b18c9e71ec00694f9c Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Wed, 27 Feb 2019 10:59:33 +0100
From: intrigeri <intrigeri@boum.org>
Date: Sun, 16 Feb 2020 09:29:00 +0000
Subject: [PATCH] Add pref for whether to accept plaintext protocols during
autoconfiguration.
Let's make it possible for security-focused distributions (and
extensions like TorBirdy) to prevent insecure configurations to ever
be displayed to users; for other users there is a warning explaining
the consequences of accepting a non-SSL configuration.
Author: anonym <anonym@riseup.net>
---
.../components/accountcreation/content/readFromXML.js | 10 ++++++++++
comm/mailnews/mailnews.js | 6 ++++++
comm/mail/components/accountcreation/content/readFromXML.js | 10 ++++++++++
comm/mailnews/mailnews.js | 6 ++++++
2 files changed, 16 insertions(+)
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 780229f..6a9fef9 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -34,6 +34,8 @@ function readFromXML(clientConfigXML) {
......@@ -26,10 +22,10 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
var exception;
if (
typeof clientConfigXML != "object" ||
@@ -113,6 +115,10 @@ function readFromXML(clientConfigXML) {
@@ -115,6 +117,10 @@ function readFromXML(clientConfigXML) {
}
exception = null;
+ if (ssl_only && iO.socketType == 1) {
+ continue;
+ }
......@@ -37,10 +33,10 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
for (let iXauth of array_or_undef(iX.$authentication)) {
try {
iO.auth = sanitize.translate(iXauth, {
@@ -255,6 +261,10 @@ function readFromXML(clientConfigXML) {
@@ -257,6 +263,10 @@ function readFromXML(clientConfigXML) {
}
exception = null;
+ if (ssl_only && oO.socketType == 1) {
+ continue;
+ }
......@@ -49,9 +45,10 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
try {
oO.auth = sanitize.translate(oXauth, {
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index 8f598b2..7dda1ad 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -962,6 +962,12 @@ pref("mailnews.auto_config.guess.sslOnly", false);
@@ -969,6 +969,12 @@ pref("mailnews.auto_config.guess.sslOnly", false);
pref("mailnews.auto_config.guess.timeout", 10);
// Whether we allow fetched configurations using OAuth2.
pref("mailnews.auto_config.account_constraints.allow_oauth2", true);
......@@ -63,3 +60,4 @@ diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
+pref("mailnews.auto_config.sslOnly", false);
// Work around bug 1454325 by disabling mimetype mungling in XmlHttpRequest
pref("dom.xhr.standard_content_type_normalization", false);
From bd42ea2e3864f97608530d3f79efb8f816f2c71a Mon Sep 17 00:00:00 2001
From: anonym <anonym@riseup.net>
Date: Wed, 27 Feb 2019 10:34:33 +0100
From: intrigeri <intrigeri@boum.org>
Date: Sun, 16 Feb 2020 09:23:28 +0000
Subject: [PATCH] Add pref for whether we accept OAuth2 during
autoconfiguration.
......@@ -9,29 +8,41 @@ disabled autoconfiguration then result in a terrible UX (e.g. the web
login fails, has to manually alter the authentication method). Let's
provide a pref that discards OAuth2 configurations so e.g. extensions
that disables JavaScript (like TorBirdy) can provide a workaround.
Original author: anonym <anonym@riseup.net>
---
.../accountcreation/content/emailWizard.js | 74 ++++++++++---------
.../accountcreation/content/readFromXML.js | 13 ++++
comm/mailnews/mailnews.js | 2 +
3 files changed, 54 insertions(+), 35 deletions(-)
.../accountcreation/content/emailWizard.js | 64 ++++++++++++----------
.../accountcreation/content/readFromXML.js | 13 +++++
comm/mailnews/mailnews.js | 2 +
3 files changed, 49 insertions(+), 30 deletions(-)
diff --git a/comm/mail/components/accountcreation/content/emailWizard.js b/comm/mail/components/accountcreation/content/emailWizard.js
index 3780792..86bef64 100644
--- a/comm/mail/components/accountcreation/content/emailWizard.js
+++ b/comm/mail/components/accountcreation/content/emailWizard.js
@@ -1338,25 +1338,27 @@ EmailConfigWizard.prototype = {
@@ -1432,21 +1432,23 @@ EmailConfigWizard.prototype = {
}
this.fillPortDropdown(config.incoming.type);
- // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
- // If the incoming server hostname supports OAuth2, enable OAuth2 for it.
- let iDetails = OAuth2Providers.getHostnameDetails(config.incoming.hostname);
- e("in-authMethod-oauth2").hidden = !iDetails;
- if (iDetails) {
- gEmailWizardLogger.info(
- "OAuth2 details for incoming server " +
- config.incoming.hostname +
- " is " +
- iDetails
- );
- config.oauthSettings = {};
- [config.oauthSettings.issuer, config.oauthSettings.scope] = iDetails;
- // oauthsettings are not stored nor changeable in the user interface, so just
- // store them in the base configuration.
- this._currentConfig.oauthSettings = config.oauthSettings;
+ if (Services.prefs.getBoolPref("mailnews.auto_config.account_constraints.allow_oauth2")) {
+ // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
+ // If the incoming server hostname supports OAuth2, enable OAuth2 for it.
+ let iDetails = OAuth2Providers.getHostnameDetails(config.incoming.hostname);
+ e("in-authMethod-oauth2").hidden = !iDetails;
+ if (iDetails) {
+ gEmailWizardLogger.info(
+ "OAuth2 details for incoming server " +
......@@ -39,21 +50,6 @@ that disables JavaScript (like TorBirdy) can provide a workaround.
+ " is " +
+ iDetails
+ );
+ }
+ e("in-authMethod-oauth2").hidden = !(
+ iDetails && e("incoming_protocol").value == 1
);
- }
- e("in-authMethod-oauth2").hidden = !(
- iDetails && e("incoming_protocol").value == 1
- );
- if (!e("in-authMethod-oauth2").hidden) {
- config.oauthSettings = {};
- [config.oauthSettings.issuer, config.oauthSettings.scope] = iDetails;
- // oauthsettings are not stored nor changeable in the user interface, so just
- // store them in the base configuration.
- this._currentConfig.oauthSettings = config.oauthSettings;
+ if (!e("in-authMethod-oauth2").hidden) {
+ config.oauthSettings = {};
+ [config.oauthSettings.issuer, config.oauthSettings.scope] = iDetails;
+ // oauthsettings are not stored nor changeable in the user interface, so just
......@@ -61,14 +57,15 @@ that disables JavaScript (like TorBirdy) can provide a workaround.
+ this._currentConfig.oauthSettings = config.oauthSettings;
+ }
}
// outgoing server
@@ -1381,23 +1383,25 @@ EmailConfigWizard.prototype = {
@@ -1471,21 +1473,23 @@ EmailConfigWizard.prototype = {
this.adjustOutgoingPortToSSLAndProtocol(config);
}
- // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
- // If the smtp hostname supports OAuth2, enable OAuth2 for it.
- let oDetails = OAuth2Providers.getHostnameDetails(config.outgoing.hostname);
- e("out-authMethod-oauth2").hidden = !oDetails;
- if (oDetails) {
- gEmailWizardLogger.info(
- "OAuth2 details for outgoing server " +
......@@ -76,17 +73,15 @@ that disables JavaScript (like TorBirdy) can provide a workaround.
- " is " +
- oDetails
- );
- }
- e("out-authMethod-oauth2").hidden = !oDetails;
- if (!e("out-authMethod-oauth2").hidden) {
- config.oauthSettings = {};
- [config.oauthSettings.issuer, config.oauthSettings.scope] = oDetails;
- // oauthsettings are not stored nor changeable in the user interface, so just
- // store them in the base configuration.
- this._currentConfig.oauthSettings = config.oauthSettings;
+ if (Services.prefs.getBoolPref("mailnews.auto_config.account_constraints.allow_oauth2")) {
+ // If the hostname supports OAuth2 and imap is enabled, enable OAuth2.
+ // If the smtp hostname supports OAuth2, enable OAuth2 for it.
+ let oDetails = OAuth2Providers.getHostnameDetails(config.outgoing.hostname);
+ e("out-authMethod-oauth2").hidden = !oDetails;
+ if (oDetails) {
+ gEmailWizardLogger.info(
+ "OAuth2 details for outgoing server " +
......@@ -94,9 +89,6 @@ that disables JavaScript (like TorBirdy) can provide a workaround.
+ " is " +
+ oDetails
+ );
+ }
+ e("out-authMethod-oauth2").hidden = !oDetails;
+ if (!e("out-authMethod-oauth2").hidden) {
+ config.oauthSettings = {};
+ [config.oauthSettings.issuer, config.oauthSettings.scope] = oDetails;
+ // oauthsettings are not stored nor changeable in the user interface, so just
......@@ -104,9 +96,10 @@ that disables JavaScript (like TorBirdy) can provide a workaround.
+ this._currentConfig.oauthSettings = config.oauthSettings;
+ }
}
// populate fields even if existingServerKey, in case user changes back
diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/mail/components/accountcreation/content/readFromXML.js
index 8c7ecdd..780229f 100644
--- a/comm/mail/components/accountcreation/content/readFromXML.js
+++ b/comm/mail/components/accountcreation/content/readFromXML.js
@@ -32,6 +32,8 @@ function readFromXML(clientConfigXML) {
......@@ -118,7 +111,7 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
var exception;
if (
typeof clientConfigXML != "object" ||
@@ -124,6 +126,12 @@ function readFromXML(clientConfigXML) {
@@ -126,6 +128,12 @@ function readFromXML(clientConfigXML) {
NTLM: Ci.nsMsgAuthMethod.NTLM,
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
......@@ -131,10 +124,10 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
break; // take first that we support
} catch (e) {
exception = e;
@@ -267,6 +275,11 @@ function readFromXML(clientConfigXML) {
@@ -269,6 +277,11 @@ function readFromXML(clientConfigXML) {
OAuth2: Ci.nsMsgAuthMethod.OAuth2,
});
+ if (!allow_oauth2 && oO.auth == Ci.nsMsgAuthMethod.OAuth2) {
+ oO.auth = null;
+ continue;
......@@ -144,9 +137,10 @@ diff --git a/comm/mail/components/accountcreation/content/readFromXML.js b/comm/
} catch (e) {
exception = e;
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index bde86d3..8f598b2 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -960,6 +960,8 @@ pref("mailnews.auto_config.guess.enabled", true);
@@ -967,6 +967,8 @@ pref("mailnews.auto_config.guess.enabled", true);
pref("mailnews.auto_config.guess.sslOnly", false);
// The timeout (in seconds) for each guess
pref("mailnews.auto_config.guess.timeout", 10);
......@@ -154,3 +148,4 @@ diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
+pref("mailnews.auto_config.account_constraints.allow_oauth2", true);
// Work around bug 1454325 by disabling mimetype mungling in XmlHttpRequest
pref("dom.xhr.standard_content_type_normalization", false);
# This patch is based on the patch "Bug 902573 - Avoid local timestamp disclosure in Date header".
# Link to the original patch: https://bug902573.bmoattachments.org/attachment.cgi?id=8684089
# The original author is Arthur Edelstein <arthuredelstein@gmail.com>.
# It is licensed under Mozilla Public License Version 2.0:
# https://www.mozilla.org/en-US/MPL/
From 611d58eb2ee6a67a6c1c112eebbc04551d98065b Mon Sep 17 00:00:00 2001
From: segfault <segfault@riseup.net>
Date: Wed, 27 Nov 2019 16:47:24 +0100
Subject: [PATCH] Bug 902573 - Avoid local timestamp disclosure in Date header
This patch is based on the patch "Bug 902573 - Avoid local timestamp disclosure in Date header".
Link to the original patch: https://bug902573.bmoattachments.org/attachment.cgi?id=8684089
The original author is Arthur Edelstein <arthuredelstein@gmail.com>.
It is licensed under Mozilla Public License Version 2.0:
https://www.mozilla.org/en-US/MPL/
---
comm/mailnews/mailnews.js | 7 ++++
comm/mailnews/mime/jsmime/jsmime.js | 42 +++++++++++++++----
comm/mailnews/mailnews.js | 7 +++++++
comm/mailnews/mime/jsmime/jsmime.js | 42 +++++++++++++++++++++++++++++--------
2 files changed, 40 insertions(+), 9 deletions(-)
diff --git a/comm/mailnews/mailnews.js b/comm/mailnews/mailnews.js
index 270cef339f8..3418ad12b65 100644
index 7dda1ad..2673c8b 100644
--- a/comm/mailnews/mailnews.js
+++ b/comm/mailnews/mailnews.js
@@ -1022,3 +1022,10 @@ pref("mail.imap.qos", 0);
@@ -1029,3 +1029,10 @@ pref("mail.imap.qos", 0);
// PgpMime Addon
pref("mail.pgpmime.addon_url", "https://addons.mozilla.org/addon/enigmail/");
......@@ -29,7 +29,7 @@ index 270cef339f8..3418ad12b65 100644
+// the user across accounts more difficult.
+pref("mail.mime.avoid_fingerprinting", false);
diff --git a/comm/mailnews/mime/jsmime/jsmime.js b/comm/mailnews/mime/jsmime/jsmime.js
index 75ee0c8d773..74183b885bf 100644
index 75ee0c8..74183b8 100644
--- a/comm/mailnews/mime/jsmime/jsmime.js
+++ b/comm/mailnews/mime/jsmime/jsmime.js
@@ -3450,9 +3450,34 @@
......@@ -99,6 +99,3 @@ index 75ee0c8d773..74183b885bf 100644
tzOffsetStr,
].join(" ");
this.addText(dayTime, false);
--
2.24.0
From 2a943f8a23977e5d0ac87fac7536fedd001c1efc Mon Sep 17 00:00:00 2001
From: segfault <segfault@riseup.net>
Date: Wed, 27 Nov 2019 23:37:55 +0100
Subject: [PATCH] Bug 1370217 - Avoid spellchecking language disclosure in
......@@ -9,10 +8,10 @@ Subject: [PATCH] Bug 1370217 - Avoid spellchecking language disclosure in
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/comm/mail/components/compose/content/MsgComposeCommands.js b/comm/mail/components/compose/content/MsgComposeCommands.js
index be339ba0173..6fa60636b6c 100644