diff options
authoranonym <>2015-05-11 17:35:43 +0200
committeranonym <>2015-05-11 17:39:55 +0200
commit8680e02404eb2304b7cba4660b89bbe821291493 (patch)
parent9b7787386fb7d58cd3f021465a907c08481076a4 (diff)
Update changelog for 1.4.
1 files changed, 87 insertions, 15 deletions
diff --git a/debian/changelog b/debian/changelog
index 1d6f289..1babef6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,26 +1,28 @@
-tails (1.4) UNRELEASED; urgency=medium
- * Dummy changelog entry.
- -- Tails developers <> Mon, 04 May 2015 14:22:41 +0200
-tails (1.4~rc1) unstable; urgency=medium
+tails (1.4) unstable; urgency=medium
* Major new features
- - Upgrade Tor Browser to 4.5, which introduces many major new
- features for usability, security and privacy. Unfortunately its
- per-tab circuit view did not make it into Tails yet since it
- requires exposing more Tor state to the user running the Tor
- Browser than we are currently comfortable with.
+ - Upgrade Tor Browser to 4.5.1, based on Firefox 31.7.0 ESR, which
+ introduces many major new features for usability, security and
+ privacy. Unfortunately its per-tab circuit view did not make it
+ into Tails yet since it requires exposing more Tor state to the
+ user running the Tor Browser than we are currently comfortable
+ with. (Closes: #9031, #9369)
- Upgrade Tor to Like in the Tor
bundled with the Tor Browser, we patch it so that circuits used
for SOCKSAuth streams have their lifetime increased indefinitely
while in active use. This currently only affects the Tor Browser
in Tails, and should improve the experience on certain web sites
that otherwise would switch language or log you out every ten
- minutes or so when Tor switches circuit.
+ minutes or so when Tor switches circuit. (Closes: #7934)
* Security fixes
+ - tor-browser wrapper script: avoid offering avenues to arbitrary
+ code execution to e.g. an exploited Pidgin. AppArmor Ux rules
+ don't sanitize $PATH, which can lead to an exploited application
+ (that's allowed to run this script unconfined, e.g. Pidgin)
+ having this script run arbitrary code, violating that
+ application's confinement. Let's prevent that by setting PATH to
+ a list of directories where only root can write. (Closes: #9370)
- Upgrade Linux to 3.16.7-ckt9-3.
- Upgrade curl to 7.26.0-1+wheezy13.
- Upgrade dpkg to 1.16.16.
@@ -60,6 +62,9 @@ tails (1.4~rc1) unstable; urgency=medium
- Fix set_simple_config_key(). If the key already existed in the
config file before the call, all other lines would be removed
due to the sed option -n and p combo. (Closes: #9122)
+ - Remove illegal instance of local outside of function definition.
+ Together with `set -e` that error has prevented this script from
+ restarting Vidalia, like it should. (Closes: #9328)
* Minor improvements
- Upgrade I2P to 0.9.19-3~deb7u+1.
@@ -82,6 +87,25 @@ tails (1.4~rc1) unstable; urgency=medium
- Hide the Tor logo in Tor Launcher. (Closes: #8696)
- Remove useless log() instance in tails-unblock-network. (Closes:
+ - Install cdrdao: this enables Brasero to burn combined data/audio
+ CDs and to do byte-to-byte disc copy.
+ - Hide access to the Add-ons manager in the Unsafe Browser. It's
+ currently broken (#9307) but we any way do not want users to
+ install add-ons in the Unsafe Browser. (Closes: #9305)
+ - Disable warnings on StartTLS for POP3 and IMAP (Will-fix: #9327)
+ The default value of this option activates warnings on ports
+ 23,109,110,143. This commit disables the warnings for POP3 and
+ IMAP as these could be equally used in encrypted StartTLS
+ connections. (Closes: #9327)
+ - Completely rework how we localize our browser by generating our
+ branding add-on, and search plugins programatically. This
+ improves the localization for the ar, es, fa, ko, nl, pl, ru,
+ tr, vi and zh_CN locales by localizing the Startpage and
+ search plugins. Following Tor Browser 4.5's recent
+ switch, we now use as the default search
+ engine. (Closes: #9309)
+ * Actively set Google as the Unsafe Browser's default search
+ engine.
* Build system
- Encode in Git which APT suites to include when building Tails.
@@ -89,6 +113,21 @@ tails (1.4~rc1) unstable; urgency=medium
- Clean up the list of packages we install. (Closes: #6073)
- Run auto/{build,clean,config} under `set -x' for improved
+ - Zero-pad our ISO images so their sizes are divisible by 2048.
+ The data part of an ISO image's sectors are 2048 bytes, which
+ implies that ISO images should always have a size divisible
+ by 2048. Some application, e.g. VirtualBox, use this as a sanity
+ check, treating ISO images for which this isn't true as garbage.
+ Our isohybrid post-processing does not ensure this,
+ however. Also Output ISO size before/after isohybrid'ing and
+ truncate'ing it. This will help detect if/when truncate is
+ needed at all, so that we can report back to syslinux
+ maintainers more useful information. (Closes: #8891)
+ - Vagrant: raise apt-cacher-ng's ExTreshold preference to 50. The
+ goal here is to avoid Tor Browser tarballs being deleted by
+ apt-cacher-ng's daily expiration cronjob: they're not listed in
+ any APT repo's index file, so acng will be quite eager to clean
+ them up.
* Test suite
- Bring dependency checks up-to-date (Closes: #8988).
@@ -109,8 +148,41 @@ tails (1.4~rc1) unstable; urgency=medium
- Improve how we start subprocesses in the test suite, mostly by
bypassing the shell for greater security and robustness (Closes:
- -- Tails developers <> Sat, 02 May 2015 23:55:26 +0200
+ - Add Electrum test feature. (Closes #8963)
+ - Test that Tails Installer detacts when usb devices are
+ removed. (Closes: #9131)
+ - Test Tails Installer with devices which are too small. (Closes:
+ #9129)
+ - Test that the Report an Error launcher works in German. (Closes:
+ #9143)
+ - Verify that no extensions are installed using about:support
+ instead of about:addons, which is broken (#9307). (Closes:
+ #9306)
+ - Retry GNOME application menu actions when it glitches. The
+ GNOME application menus seem to have issues with clicks or
+ hovering actions not registering, and hence sometimes submenus
+ are not opened when they should, and sometimes clicks on the
+ final application shortcut are lost. There seems to be a
+ correlation between this and CPU load on the host running the
+ test suite. We workaround this by simply re-trying the last
+ action when it seem to fail. (Closes: #8928)
+ - Work around Seahorse GUI glitchiness (Closes: #9343):
+ * When Seahorse appears to be frozen--apparently due to network
+ issues--it can often be worked around by refreshing the screen
+ or activating a new window.
+ * Open Seahorse's preferences dialog using the mouse.
+ * Access menu entries with the mouse.
+ - Wait for systray icons to finish loading before interacting with
+ the systray. (Closes: #9258)
+ - Test suite configuration: generalize local.d support to *.d. We
+ now load features/config/*.d/*.yml.
+ - Use code blocks in "After Scenario" hooks. This is much simpler
+ to use (and more readable!) compared to hooking functions and
+ arguments like we used to do.
+ - Create filesystem share sources in the temporary directory and
+ make them world-readable. (Closes: #8950)
+ -- Tails developers <> Mon, 11 May 2015 16:45:04 +0200
tails (1.3.2) unstable; urgency=medium