commit c90110d354e7f7dded306a61d5bf9fc7677dca53 Author: Georg Koppen gk@torproject.org Date: Fri Apr 14 20:19:34 2017 +0000

Release preparations for 7.0a3 --- Bundle-Data/Docs/ChangeLog.txt | 81 +++++++++++++++++++++++++++++++++++++++ gitian/versions.alpha | 16 ++++---- tools/update-responses/config.yml | 17 ++++---- 3 files changed, 99 insertions(+), 15 deletions(-)

diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt index 58dc3d1..0b7daa1 100644 --- a/Bundle-Data/Docs/ChangeLog.txt +++ b/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,84 @@ +Tor Browser 7.0a3 -- March 20 2017 + * All Platforms + * Update Firefox to 45.9.0esr + * Tor to 0.3.0.5-rc + * Update Torbutton to 1.9.7.2 + * Bug 21865: Update our JIT preferences in the security slider + * Bug 21747: Make 'New Tor Circuit for this Site' work in ESR52 + * Bug 21745: Fix handling of catch-all circuit + * Bug 21547: Fix circuit display under e10s + * Bug 21268: e10s compatibility for New Identity + * Bug 21267: Remove window resize implementation for now + * Bug 21201: Make Torbutton multiprocess compatible + * Translations update + * Update Tor Launcher to 0.2.12 + * Bug 21920: Don't show locale selection dialog + * Bug 21546: Mark Tor Launcher as multiprocess compatible + * Bug 21264: Add a README file + * Translations update + * Update HTTPS-Everywhere to 5.2.14 + * Update NoScript to 5.0.2 + * Update sandboxed-tor-browser to 0.0.5 + * Bug 21764: Use bubblewrap's `--die-with-parent` when supported + * Fix e10s Web Content crash on systems with grsec kernels + * Bug 21928: Force a reinstall if an existing hardened bundle is present + * Bug 21929: Remove hardened/ASAN related code + * Bug 21927: Remove the ability to install/update the hardened bundle + * Bug 21244: Update the MAR signing key for 7.0 + * Bug 21536: Remove asn's scramblesuit bridge from Tor Browser + * Add `prlimit64` to the firefox system call whitelist + * Fix compilation with Go 1.8 + * Use Config.Clone() to clone TLS configs when available + * Update Go to 1.7.5 (bug 21709) + * Bug 21555+16450: Don't remove Authorization header on subdomains (e.g. Twitter) + * Bug 21887: Fix broken error pages on higher security levels + * Bug 21876: Enable e10s by default on all supported platforms + * Bug 21876: Always use esr policies for e10s + * Bug 20905: Fix resizing issues after moving to a direct Firefox patch + * Bug 21875: Modal dialogs are maximized in ESR52 nightly builds + * Bug 21885: SVG is not disabled in Tor Browser based on ESR52 + * Bug 17334: Hide Referer when leaving a .onion domain (improved patch) + * Bug 3246: Double-key cookies + * Bug 8842: Fix XML parsing error + * Bug 16886: 16886: "Add-on compatibility check dialog" contains Firefox logo + * Bug 19192: Untrust Blue Coat CA + * Bug 19955: Avoid confusing warning that favicon load request got cancelled + * Bug 20005: Backport fixes for memory leaks investigation + * Bug 20755: ltn.com.tw is broken in Tor Browser + * Bug 21896: Commenting on website is broken due to CAPTCHA not being disaplyed + * Bug 20680: Rebase Tor Browser patches to 52 ESR + * Bug 21917: Add new obfs4 bridges + * Bug 21918: Move meek-amazon to d2cly7j4zqgua7.cloudfront.net backend + * Windows + * Bug 21795: Fix Tor Browser crashing on github.com + * Bug 12426: Make use of HeapEnableTerminationOnCorruption + * Bug 19316: Make sure our Windows updates can deal with the SSE2 requirement + * Bug 21868: Fix build bustage with FIREFOX_52_0_2esr_RELEASE for Windows + * OS X + * Bug 21723: Fix inconsistent generation of MOZ_MACBUNDLE_ID + * Bug 21724: Make Firefox and Tor Browser distinct macOS apps + * Bug 21931: Backport OSX SetupMacCommandLine updater fixes + * Linux + * Bug 21907: Fix runtime error on CentOS 6 + * Bug 21748: Fix broken Snowflake build and update bridge details + * Build system + * Windows + * Bug 21837: Fix reproducibility of accessibility code for Windows + * Bug 21240: Create patches to fix mingw-w64 compilation of Firefox ESR 52 + * Bug 21904: Bump mingw-w64 commit to help with sandbox compilation + * Bug 18831: Use own Yasm for Firefox cross-compilation + * OS X + * Bug 21328: Updating to clang 3.8.0 + * Bug 21754: Remove old GCC toolchain and macOS SDK + * Bug 19783: Remove unused macOS helper scripts + * Bug 10369: Don't use old GCC toolchain anymore for utils + * Bug 21753: Replace our old GCC toolchain in PT descriptor + * Bug 18530: ESR52 based Tor Browser only runs on macOS 10.9+ + * Linux + * Bug 21930: NSS libraries are missing from mar-tools archive + * Bug 21239: Adapt Linux Firefox descriptor to ESR52 (use GTK2) + * Bug 21629: Fix broken ASan builds when switching to ESR 52 + Tor Browser 7.0a2-hardened -- March 7 2017 * All Platforms * Update Firefox to 45.8.0esr diff --git a/gitian/versions.alpha b/gitian/versions.alpha index dbdaa97..30de9d3 100755 --- a/gitian/versions.alpha +++ b/gitian/versions.alpha @@ -10,15 +10,15 @@ DATA_OUTSIDE_APP_DIR=1

VERIFY_TAGS=1

-FIREFOX_VERSION=45.8.0esr +FIREFOX_VERSION=52.1.0esr

TORBROWSER_UPDATE_CHANNEL=alpha

TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-7.0-1-build1 -TOR_TAG=tor-0.3.0.4-rc -TORLAUNCHER_TAG=0.2.10.2 -TORBUTTON_TAG=1.9.7.1 -HTTPSE_TAG=5.2.11 +TOR_TAG=tor-0.3.0.5-rc +TORLAUNCHER_TAG=0.2.12 +TORBUTTON_TAG=1.9.7.2 +HTTPSE_TAG=5.2.14 NSIS_TAG=v0.3.1 ZLIB_TAG=v1.2.8 LIBEVENT_TAG=release-2.0.22-stable @@ -41,7 +41,7 @@ OBFS4_TAG=obfs4proxy-0.0.5 NOTOFONTS_TAG=720e34851382ee3c1ef024d8dffb68ffbfb234c2 ERRORS_TAG=248dadf4e9068a0b3e79f02ed0a610d935de5302 GB_TAG=06cc925cce6592e922dcc4839a8b44feb384e71e -SANDBOX_TAG=sandboxed-tor-browser-0.0.3 +SANDBOX_TAG=sandboxed-tor-browser-0.0.5 DEPOT_TOOLS_TAG=28216cd14b44716db5c83634afbdc6e90492652b WEBRTC_TAG=c279861207c5b15fc51069e96595782350e0ac12 # https://chromium.googlesource.com/external/webrtc.git/+/refs/branch-heads/58 GO_WEBRTC_TAG=ab1b64862e0c4b4182010699911c2c5818f0a101 @@ -75,7 +75,7 @@ YASM_VER=1.2.0 ## File names for the source packages OPENSSL_PACKAGE=openssl-${OPENSSL_VER}.tar.gz GMP_PACKAGE=gmp-${GMP_VER}.tar.bz2 -NOSCRIPT_PACKAGE=noscript_security_suite-2.9.5.3-fx+sm.xpi +NOSCRIPT_PACKAGE=noscript_security_suite-5.0.2-fx+sm.xpi CCTOOLS_PACKAGE=cctools.tar.gz OSXSDK_PACKAGE=MacOSX10.7.sdk.tar.gz MSVCR100_PACKAGE=msvcr100.dll @@ -110,7 +110,7 @@ YASM_PACKAGE=yasm-${YASM_VER}.tar.gz OPENSSL_HASH=6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0 GMP_HASH=752079520b4690531171d0f4532e40f08600215feefede70b24fabdc6f1ab160 OSXSDK_HASH=da77bb0003fcca5ea8c4e8cb2da8828ded750c54afdcac29ec6f3b46ad5e3adf -NOSCRIPT_HASH=ce9779a3a5a2574b958f8e4d079a99d43a8f84193bef52c587c704ed81c2fbbd +NOSCRIPT_HASH=31ba7743699deefb606bcc49197d26d926f6b4e3d3526cd2f8a339f857a04fb1 CCTOOLS_HASH=e908fdebc2886ee5491ebfc7e7950af451b3c4e2439c2d7a923ed06ad05113e4 MSVCR100_HASH=1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067 PYCRYPTO_HASH=f2ce1e989b272cfcb677616763e0a2e7ec659effa67a88aa92b3a65528f60a3c diff --git a/tools/update-responses/config.yml b/tools/update-responses/config.yml index 1861a8c..78f3a2c 100644 --- a/tools/update-responses/config.yml +++ b/tools/update-responses/config.yml @@ -19,7 +19,7 @@ build_targets: osx32: Darwin_x86-gcc3 osx64: Darwin_x86_64-gcc3 channels: - alpha: 7.0a2 + alpha: 7.0a3 release: 6.0.1 versions: 6.0.1: @@ -33,15 +33,18 @@ versions: osx32: minSupportedOSVersion: 10.8 detailsURL: https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs#updat... - 7.0a2: - platformVersion: 45.8.0 - detailsURL: https://blog.torproject.org/blog/tor-browser-70a2-released + 7.0a3: + platformVersion: 52.1.0 + detailsURL: https://blog.torproject.org/blog/tor-browser-70a3-released incremental_from: - - 7.0a1 + - 7.0a2 migrate_archs: osx32: osx64 migrate_langs: pt-PT: pt-BR + win32: + minSupportedInstructionSet: SSE2 osx32: - minSupportedOSVersion: 10.8 - detailsURL: https://blog.torproject.org/blog/end-life-plan-tor-browser-32-bit-macs#updat... + minSupportedOSVersion: 10.9 + osx64: + minSupportedOSVersion: 10.9