|author||Tails developers <firstname.lastname@example.org>||2014-10-08 23:58:13 +0200|
|committer||Tails developers <email@example.com>||2014-10-08 23:58:13 +0200|
Update changelog for 1.2~rc1.
1 files changed, 99 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index bafbe49..e0a9a2c 100644
@@ -1,8 +1,104 @@
-tails (1.2) UNRELEASED; urgency=medium
+tails (1.2~rc1) unstable; urgency=medium
- * Dummy entry for next release.
+ * Major new features
+ - Migrate from Iceweasel to the Tor Browser from the Tor Browser
+ Bundle 4.0 nightly build from 2014-10-07 (based on Firefox
+ esr31-pre). The installation in Tails is made global
+ (multi-profile), uses the system-wide Tor instance, does not use
+ the Tor Browser updater, and keeps the desired deviations
+ previously present in Iceweasel, e.g. we install the addon
+ AdBlock Plus but not Tor Launcher (since we run it as a
+ standalone XUL application), among other things.
+ - Install AppArmor's userspace tools and apparmor-profiles-extra
+ from Wheezy Backports, and enable the AppArmor Linux security
+ module. This adds Mandatory Access control for several critical
+ applications in Tails, including:
+ * Tor
+ * Vidalia
+ * Pidgin
+ * Evince
+ * Totem
+ - Isolate I2P traffic from the Tor Browser by adding a dedicated
+ I2P Browser, which can be reached via GNOME's menu -> Internet
+ -> I2P Browser. It is set up similarly to the Unsafe Browser,
+ but further disables features that are irrelevant for I2P, like
+ search plugins and the AdBlock Plus addon, and keeps Tor Browser
+ security features like the NoScript and Torbutton addons.
+ * Security fixes
+ - Disable TCP timestamps (Closes: #6579).
+ * Bugfixes
+ - Remove expired Pidgin certificates (Closes: #7730).
+ - Use sudo instead of gksudo for running tails-upgrade-frontend to
+ make stderr more easily accessible (Closes: #7431).
+ - Run tails-persistence-setup with sudo instead of gksudo to make
+ stderr more easily accessible, and allow the desktop user to
+ pass the --verbose parameter. (Closes: #7623)
+ - Disable cups in the Unsafe Browser. This will prevent the
+ browser from hanging for several minutes when accidentally
+ pressing CTRL+P or trying to go to File -> Print.
+ * Minor improvements
+ - Install Linux 3.16-2 from Debian unstable.
+ - Install cryptsetup and friends from wheezy-backports (Closes:
+ - Install Monkeysign dependencies for qrcodes scanning.
+ - Upgrade syslinux to 3:6.03~pre20+dfsg-2~bpo70+1, and install
+ the new syslinux-efi package.
+ - Upgrade I2P to 0.9.15-1~deb7u+1
+ - Upgrade Tor to 0.2.5.8-rc-1~d70.wheezy+1.
+ - Enable Wheezy proposed-updates APT repository and setup APT
+ pinnings to install packages from it.
+ - Enable Tor's syscall sandbox. This feature (new in 0.2.5.x)
+ should make Tor a bit harder to exploit. It is only be enabled
+ when when no special Tor configuration is requested in Tails
+ Greeter due to incompatibility with Tor bridges.
+ - Start I2P automatically when the network connects via a
+ NetworkManager hook, and "i2p" is present on the kernel command
+ line. The router console is no longer opened automatically, but
+ can be accessed through the I2P Browser.
+ - Simplify the IPv6 ferm rules.
+ - Include persistence.conf in WhisperBack reports (Closes: #7461)
+ - Pin packages from testing to 500, so that they can be upgraded.
+ - Don't set Torbutton environment vars globally (Closes: #5648).
+ - Make it clear in the TrueCrypt wrapper that it'll be removed in
+ Tails 1.3 or earlier (Closes: #7739).
+ - Enable VirtualBox guest additions by default (Closes: #5730). In
+ particular this enables VirtualBox's display management service.
+ - In the Unsafe Browser, hide option for "Tor Browser Health
+ report", and the "Get Addons" section in the Addon manager
+ (Closes: #7952).
+ - Show Pidgin's formatting toolbar (Closes: #7356). Having the
+ formatting toolbar displayed in Pidgin makes the OTR status more
+ explicit by displaying it with words.
- -- Tails developers <firstname.lastname@example.org> Mon, 14 Jul 2014 16:15:19 +0200
+ * Automated test suite
+ - Add --pause-on-fail to ease VM state debugging when tests
+ - Add execute_successfully() and assert_vmcommand_success() for
+ added robustness when executing some command in the testing VM.
+ - Use Test::Unit::Assertions instead of our home-made assert().
+ - Add test for persistent browser bookmarks.
+ - Test Unsafe Browser theme for Windows while testing Windows
+ - Add basic tests for Pidgin, Totem and Evince, including their
+ AppArmor enforcement.
+ - Factorize some common step pattern into single steps.
+ - Factorize running a command in GNOME Terminal.
+ - Add common steps to copy a file and test for its existence.
+ - Add a wait_and_double_click Sikuli helper method.
+ - Add a VM.file_content method, to avoid repeating ourselves, and
+ use it whenever easily doable.
+ - Drop test that diffs syslinux' exithelp.cfg: we don't ship this
+ file anymore.
+ - In the Unsafe Browser tests, rely on subtle timing less (Closes:
+ - Use the same logic to determine when Tor is working in the test
+ suite as in Tails itself. The idea is to avoid spamming the Tor
+ control port during bootstrap, since we've seen problems with
+ that already.
+ -- Tails developers <email@example.com> Wed, 08 Oct 2014 22:20:04 +0200
tails (1.1.2) unstable; urgency=medium