Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
tails
tails
Commits
f438bcf2
Commit
f438bcf2
authored
Jul 02, 2014
by
Tails developers
Browse files
Update changelog for 1.1~rc1.
parent
5c0426aa
Changes
1
Hide whitespace changes
Inline
Side-by-side
debian/changelog
View file @
f438bcf2
tails
(
1.1
)
UNRELEASED
;
urgency
=
medium
tails
(
1.1
~
rc1
)
unstable
;
urgency
=
medium
*
Dummy
entry
for
next
release
.
*
Security
fixes
-
Don
't allow the desktop user to pass arguments to
tails-upgrade-frontend (Closes: #7410).
- Make persistent file permissions safer (Closes #7443):
* Make the content of /etc/skel non-world-readable. Otherwise,
such files may be copied to /home/amnesia, and in turn to the
persistent volume, with unsafe permissions. That'
s
no
big
deal
in
/
home
/
amnesia
(
that
is
itself
not
world
-
readable
),
*
but
*
the
root
of
the
persistent
volume
has
to
be
world
-
readable
.
*
Have
activate_custom_mounts
create
new
directories
with
safe
permissions
.
*
Set
strict
permissions
on
/
home
/
amnesia
(
Closes
:
#
7463
).
*
Fix
permissions
on
persistent
directories
that
were
created
with
unsafe
permissions
(
Closes
:
#
7458
).
*
Fix
files
ownership
while
copying
persistence
(
Closes
:
#
7216
).
The
previous
instructions
to
copy
the
persistent
data
were
creating
personal
files
that
belong
to
root
.
I
don
't think
there is a way of preserving the original ownership using
Nautilus (unless doing a "move" instead of a "copy" but that'
s
not
what
we
are
trying
to
do
here
).
-
Disable
FoxyProxy
's proxy:// protocol handler (Closes: #7479).
FoxyProxy adds the proxy:// protocol handler, which can be used
to configure the proxy via an URI. A malicious web page can
include (or a malicious exit node can inject) some JavaScript
code to visit such an URI and disable or otherwise change
Iceweasel'
s
proxy
settings
.
While
using
this
to
disable
proxying
will
be
dealt
with
safely
by
our
firewall
,
this
could
be
used
to
defeat
stream
isolation
,
although
the
user
must
be
tricked
into
accepting
the
new
proxy
settings
.
*
Bugfixes
-
Disable
GNOME
keyring
's GnuPG functionality. (Closes: #7330) In
feature/regular-gnupg-agent, we installed the regular GnuPG
agent so that it is used instead of GNOME keyring'
s
one
.
This
is
not
enough
on
Wheezy
,
so
let
's disable the starting of the "gpg"
component of GNOME keyring.
- Prevent iproute2 from being installed from wheezy-backports
(Closes: #7337).
- Remove dselect when purging other unwanted packages. (Closes: #7336)
- Make sure /etc/default/locale exists, with a sensible default
value (Closes: #7333). Before Tails Greeter'
s
PostLogin
script
are
run
,
/
etc
/
default
/
locale
does
not
exist
on
Wheezy
.
Our
tails
-
kexec
initscript
(
and
quite
a
few
other
scripts
we
run
)
depends
on
this
file
to
exist
.
So
,
let
's make sure it exists,
with a sensible default value.
- Create the tails-persistence-setup user with the same UID/GID it
had on Tails/Squeeze. (Closes: #7343) Else, our various checks
for safe access rights on persistence.conf fail.
- Revert back to browsing the offline documentation using Iceweasel
instead of Yelp (Closes: #7390, #7285).
- Make the new NetworkManager configuration directory persistent,
when the old one was, but disable the old one (Closes: #7338).
- The Unsafe Web Browser can now be started while the Windows 8
camouflage feature is activated (Closes: #7329).
--
Tails
developers
<
tails
@
boum
.
org
>
Fri
,
30
May
2014
17
:
03
:
06
+
0200
* Minor improvements
- Various improvements to the Windows 8 camouflage:
* Set iceweasel and pidgin camouflage icons.
* Set claws-mail application icon.
* Set florence tray icon.
* Set gpgApplet tray icon.
* Set volume tray icon.
* Configure Iceweasel camouflage.
* Remove launchers (Closes #7381).
* Make the Unsafe Browser use the Windows 8 camouflage.
- Also install linux-base and linux-compiler-gcc-4.8-x86 from
sid. This way, we can get rid of our linux-compiler-gcc-4.8-x86
3.12, and it makes things a bit more consistent.
- Include the syslinux binary, and its MBR, in the ISO filesystem.
This in turn allows Tails Installer to use this binary and MBR,
which is critical for avoiding problems (such as #7345) on
"Upgrade from ISO".
- Include syslinux.exe for win32 in utils/win32/ on the ISO
filesystem (Closes: #7425).
- Tails Installer:
* Increase font size (Closes: #5673).
* Add consistent marigins in GUI.
* Always reset the target drive'
s
MBR
,
without
asking
for
confirmation
,
after
installing
or
upgrading
.
*
Install
the
bootloader
using
the
syslinux
binary
found
on
the
target
device
,
once
the
Live
OS
has
been
extracted
/
copied
there
.
-
Enable
double
-
clicking
to
pick
entries
in
the
language
or
keyboard
layout
lists
in
Tails
Greeter
.
-
Install
backport
of
shared
-
mime
-
info
1.3
(
Closes
:
#
7079
).
-
Make
sanity
-
check
prompts
closable
in
Tails
Persistence
Setup
(
Closes
:
#
7119.
*
Automated
test
suite
-
Actually
run
"Upgrade from ISO"
from
a
USB
drive
running
the
old
version
.
That
's what users do, and is buggy.
- Automatically test persistent directories permissions (Closes: #7560).
- Use read-write persistence when testing upgraded USB
installations. Otherwise e.g. the permission fixes won'
t
get
applied
,
and
the
subsequent
steps
testing
the
permissions
will
fail
.
-
Actually
check
that
the
ISO
's Tails is installed. The step
"Tails is installed on USB drive $TARGET" only checks that the
*running* Tails is installed on $TARGET, which obviously fails
when doing an upgrade from ISO running an old Tails. That it
worked for the same scenario running the current Tails is just
coincidental.
-- Tails developers <tails@boum.org> Wed, 02 Jul 2014 03:11:43 +0200
tails (1.0.1) unstable; urgency=medium
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment