summaryrefslogtreecommitdiffstats
path: root/debian/changelog
blob: 58783b5d58e3ffef08de0b58f299095a089d31ff (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
tails (2.9.1) UNRELEASED; urgency=medium

  * Dummy entry.

 -- Tails developers <tails@boum.org>  Tue, 13 Dec 2016 17:28:46 +0100

tails (2.9) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 6.0.8 based on Firefox 45.6. If you pay
      close attention you'll see that we import -build1 but there was
      a -build2. The only change is Tor Button 1.9.5.13 which makes
      some changes to the donation campaign banner in `about:tor`,
      which we safely can skip. (Closes: #12028)
    - Upgrade Icedove to 45.5.1-1~deb8u1+tails1. (Closes: #12029)

  * Minor improvements
    - Switch to DuckDuckGo as the default search engine in the tor
      Browser. This is what Tor Browser has, and Disconnect.me (the
      previous default) has been re-directing to DDG for some time,
      which has been confusing users. In addition, we localize the DDG
      user interface for the locales with availablelangpacks. (Closes:
      #11913)
    - Improve the display name for the Wikipedia search plugin.
    - Enable contrib and non-free for our own APT repos.
    - Upgrade Tor to 0.2.8.10. (Closes: #12015)
    - Upgrade obfs4proxy to 0.0.7-1~tpo1.

  * Bugfixes
    - AppArmor Totem profile: add permissions needed to avoid warning
      on startup. (Closes: #11984)
    - Upgrade the VirtualBox Guest additions and modules to version
      5.1.8. This should prevent Xorg from crashing unless the video
      memory for the VMs are significantly bumped. (Closes: #11965)
      Users will still have to enable I/O APIC due to a bug in Linux.
    - Drop unwanted search plugins from the Tor Browser langpacks.
      Otherwise they are only removed from English locales. Note that
      the langpacks contain copies of the English plugins, not
      localized versions, so we actually lose nothing.

  * Test suite
    - Add support for SikuliX, which recently hit Debian Unstable,
      while still supporting Sikuli for Jessie users. (Closes: #11991)
    - Fix some instances where we were trying to use the mouse outside
      of the Sikuli screen.
    - Use "TorBirdy" instead of "amnesia branding" as the "anchor"
      addon.  I.e. the addon that we use to find the other ones. The
      "amnesia branding" addon has been removed, so we must use
      something else. (Fixup: #11906)
    - Dogtailify "the support documentation page opens in Tor Browser"
      step. We previously relied on Sikuli, and the image was made
      outdated thanks to our donation campaign. No more! (Closes:
      #11911)
    - Resolve dl.amnesia.boum.org instead of picking a static address.
      Just hours after updating the dustri.org IP address, its web
      server went down => test suite failures. Let's make this test as
      robust as actually downloading the Tails ISO image -- if that
      fails, we probably have more serious problems on our hands than
      a failing test suite. (Closes: #11960)
    - Switch MAT scenario from testing PDFs to PNGs. Also add
      anti-test and test using using a tool *different* from MAT, the
      tool being tested here. (Closes: #11901)

 -- Tails Developers <tails@boum.org>  Mon, 12 Dec 2016 18:13:35 +0100

tails (2.7.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 6.0.7 (build3) based on Firefox 45.5.1.
    - Upgrade gstreamer0.10-based packages to 0.10.31-3+nmu4+deb8u2.
    - Upgrade imagemagick-based packages to 8:6.8.9.9-5+deb8u6.
    - Upgrade libicu52 to 52.1-8+deb8u4.
    - Upgrade vim-based packages to 2:7.4.488-7+deb8u1.

  * Minor improvements
    - Reserve 64 MiB for the kernel and 128 MiB for privileged
      processes before the memory is wiped. We hope that this might
      help (but not solve, sadly) some crashes experienced while
      wiping the memory.

  * Build system
    - Make the wiki shipped inside Tails build deterministically
      (Closes: #11966):
      * Enable ikiwiki's "deterministic" option, and require it when
        building.
      * Use our custom backport of discount (2.2.1-1~bpo8+1~0.tails1),
        to fix reproducibility issues (Debian#782315). This can be
        dropped once our ISO builders use Stretch.
      * Install ikiwiki from our builder-jessie APT suite, to make the
        pagestats plugin output deterministic.
    - refresh-translations: don't update PO files unless something
      other than POT-Creation-Date was changed. (Closes: #11967)
    - Fix Vagrant's is_release? check. Per auto/build, we consider it
      a release when we build from detached head, and HEAD is tagged.
    - Enforce `cleanall` when building a release. I.e. don't allow the
      user supplied options to override this behaviour. This is
      important since Vagrant caches wiki builds, and we do not want
      leftovers from a previous builds ending up in a release. Also,
      this is required for making Tails images build reproducibly.
    - Make the build system's `cleanall` option really clean
      everything.  At the moment it doesn't clean the cached wiki
      build (which basically was its only job).
    - import-package: support contrib and non-free sections.

  * Test suite
    - Wait a bit between opening the shutdown applet menu, and
      clicking one of its widgets. (Closes: #11616).
    - Adapt Icedove test after removing the amnesia branding add-on.
      (Closes: #11906)
    - Replace --pause-on-fail with --interactive-debugging. It does
      the same thing, but also offers an interactive Ruby shell, via
      pry, with the Cucumber world context.

 -- Tails developers <tails@boum.org>  Wed, 30 Nov 2016 17:27:37 +0100

tails (2.7) unstable; urgency=medium

  * Security fixes
    - Upgrade to Linux 4.7. (Closes: #11885, #11818)
    - Upgrade to Tor 0.2.8.9. (Closes: #11832, #11891)
    - Upgrade Tor Browser to 6.0.6 based on Firefox 45.5. (Closes: #11910)
    - Upgrade Icedove to 1:45.4.0-1~deb8u1+tails1. (Closes: #11854,
      #11860)
    - Upgrade imagemagick to 8:6.8.9.9-5+deb8u5.
    - Upgrade openssl to 1.0.1t-1+deb8u5.
    - Upgrade libarchive to 3.1.2-11+deb8u3.
    - Upgrade bind9 to 1:9.9.5.dfsg-9+deb8u8.
    - Upgrade libav to 6:11.8-1~deb8u1.
    - Upgrade ghostscript to 9.06~dfsg-2+deb8u3.
    - Upgrade c-ares to 1.10.0-2+deb8u1.
    - Upgrade nspr to 2:4.12-1+debu8u1.
    - Upgrade nss to 2:3.26-1+debu8u1.
    - Upgrade tar to 1.27.1-2+deb8u1.
    - Upgrade curl to 7.38.0-4+deb8u5.
    - Upgrade libgd3 to 2.1.0-5+deb8u7.
    - Upgrade opendjk-7 to 7u111-2.6.7-2~deb8u1.
    - Upgrade mat to 0.5.2-3+deb8u1.
    - Upgrade libxslt to 1.1.28-2+deb8u2.
    - Upgrade pillow to 2.6.1-2+deb8u3.

  * Minor improvements
    - Ship Let's encrypt intermediate certificate to prepare the
      the next certificate renewal of our website. Also unify the
      way our upgrades and security checkers verify this SSL
      certificate using our dedicated perl lib code. (Closes: #11810)

  * Bugfixes
    - Fix multiarch support in Synaptic. (Closes: #11820)
    - Set default spelling language to en_US in Icedove. (Closes: #11037)

  * Build system
    - Disable debootstrap merged-usr option. (Closes: #11903)

  * Test suite
    - Add test for incremental upgrades. (Closes: #6309)
    - Add tests for Icedove. (Closes: #6304)
    - Decrease timeout to Tails Greeter to speed up testing of branches
      where it is broken. (Closes: #11449)
    - Add a ID field to the remote shell responses to filter out
      unrelated ones. (Closes: #11846)
    - Reliabily wait for the Greeter PostLogin script. (Closes: #5666)
    - Reliabily type the kernel command line in the prompt at the boot
      menu to ensure the remote shell is started. (Closes: #10777)
    - Remove DVDROM device when not used, to workaround QEMU/Libvirt
      compatibility issue. (Closes: #11874)

 -- Tails developers <tails@boum.org>  Sun, 13 Nov 2016 14:46:04 +0100

tails (2.6) unstable; urgency=medium

  * Major new features and changes
    - Install Tor 0.2.8.7. (Closes: #11351)
    - Enable kASLR in the Linux kernel. (Closes: #11281)
    - Upgrade Icedove to 1:45.2.0-1~deb8u1+tails1: (Closes: #11714)
      · Drop auto-fetched configurations using Oauth2.  They do not
        work together with Torbirdy since it disables needed
        functionality (like JavaScript and cookies) in the embedded
        browser. This should make auto-configuration work for GMail
        again, for instance.  (Closes: ##11536)
      · Pin Icedove to be installed from our APT repo. Debian's
        Icedove packages still do not have our secure Icedove
        autoconfig wizard patches applied, so installing them would be
        a serious security regression. (Closes: #11613)
      · Add missing icedove-l10n-* packages to our custom APT
        repository (Closes: #11550)
    - Upgrade to Linux 4.6: (Closes: #10298)
      · Install the 686 kernel flavour instead of the obsolete 586
        one.
      · APT, dpkg: add amd64 architecture. The amd64 kernel flavour is
        not built anymore for the i386 architecture, so we need to use
        multiarch now.
      · Build and install the out-of-tree aufs4 module. (Closes: #10298)
      · Disable kernel modesetting for QXL: it's not compatible with
        Jessie's QXL X.Org driver.

  * Security fixes
    - Hopefully fixed an issue which would sometimes make the Greeter
      ignore the "disable networking" or "bridge mode"
      options. (Closes: #11593)

  * Minor improvements
    - Install firmware-intel-sound and firmware-ti-connectivity.  This
      adds support for some sound cards and Wi-Fi adapters.  (Closes:
      #11502)
    - Install OpenPGP Applet from Debian. (Closes: #10190)
    - Port the "About Tails" dialog to python3.
    - Run our initramfs memory erasure hook earlier (Closes:
      #10733). The goal here is to:
      · save a few seconds on shutdown (it might matter especially for
        the emergency one);
      · work in a less heavily multitasking / event-driven
        environment, for more robust operation.
    - Install rngd, and make rng-tools initscript return success when
      it can't find any hardware RNG device. Most Tails systems around
      probably have no such device, and we don't want systemd to
      believe they failed to boot properly. (Closes: #5650)
    - Don't force using the vboxvideo X.Org driver. According to our
      tests, this forced setting is:
       · harmful: it breaks X startup when the vboxvideo *kernel*
         driver is loaded;
       · useless: X.Org now autodetects the vboxvideo X.Org driver and
         uses it when running in VirtualBox and the vboxvideo kernel
         is not present.
    - Port boot-profile to python3 (Closes: #10083). Thanks to
      heartsucker <heartsucker@autistici.org> for the patch!
    - Include /proc/cmdline and the content of persistent APT sources
      in WhisperBack bug reports. (Closes: #11675, #11635)
    - Disable non-free APT sources at boot time. (Closes: #10130)
    - Have a dedicated page for the homepage of Tor Browser in
      Tails. (Closes: # 11725)
    - Only build the VirtualBox kernel modules for the 32-bit kernel.
      It's both hard and useless to build it for 64-bit in the current
      state of things, as long as we're shipping a 32-bit userspace.
      Also, install virtualbox-* from jessie-backports, since the
      version in Jessie is not compatible with Linux 4.x.

  * Build system
    - Don't install+remove dpatch during the build. It's not been
      needed in this hook for ages.
    - Bump BUILD_SPACE_REQUIREMENT: at least one of us needed that to
      build feature/10298-linux-4.x-aufs with the gzipcomp option.

  * Test suite
    - Send Tails Installer's debug log to the Cucumber debug log on
      failure. This is meant to debug #10720 since I can't
      reproduce it locally.
    - Give the system under testing 2 vCPUs. (Closes: #6729)
    - Split scenarios from checks.feature. (Closes: #5707)
    - Add retry-logic to the Synaptic tests. (Closes: #10412, #10441,
      #10991)
    - Run usb_upgrade.feature earlier, when there is enough free disk
      space left. (Closes: #11582)
    - Use more recent virtual hardware in the system under test,
      i.e. USB 3.0 (nec-xhci) on a pc-i440fx-2.5 machine. Switching
      USB controllers has helped with problems we see on Jenkins when
      booting from USB (#11588). Also, there are chances that more
      recent virtual hardware sees more testing these days, so it
      sounds potentially useful to "upgrade".
    - Add support for Cucumber 2.4. (Closes: #11690)
    - Always write {pretty,debug} logs and JSON output to the artifact
      directory.
    - Disable info level logging on Chutney nodes to save disk
      space. For our network all these add up to > 1 GiB and we didn't
      take this into account when budgeting RAM to the isotesters on
      Jenkins.

 -- Tails developers <tails@boum.org>  Tue, 20 Sep 2016 04:16:33 +0200

tails (2.5) unstable; urgency=medium

  * Major new features and changes
    - Upgrade Icedove to 1:45.1.0-1~deb8u1+tails2. (Closes: #11530)
      · Fix long delay causing bad UX in the autoconfig wizard,
        when it does not manage to guess proper settings on some domains.
        (Closes: #11486)
      · Better support sending email through some ISPs, such as Riseup.
        (Closes: #10933)
      · Fix spurious error message when creating an account and providing
        its password. (Closes: #11550)

  * Security fixes
    - Upgrade Tor Browser to 6.0.3 based on Firefox 45.3. (Closes: #11611)
    - Upgrade GIMP to 2.8.14-1+deb8u1.
    - Upgrade libav to 6:11.7-1~deb8u1.
    - Upgrade expat to 2.1.0-6+deb8u3.
    - Upgrade libgd3 to 2.1.0-5+deb8u6.
    - Upgrade libmodule-build-perl to 0.421000-2+deb8u1.
    - Upgrade perl to 5.20.2-3+deb8u6.
    - Upgrade Pidgin to 2.11.0-0+deb8u1.
    - Upgrade LibreOffice to 1:4.3.3-2+deb8u5.
    - Upgrade libxslt1.1 to 1.1.28-2+deb8u1.
    - Upgrade Linux to 3.16.7-ckt25-2+deb8u3.
    - Upgrade OpenSSH to 1:6.7p1-5+deb8u3.
    - Upgrade p7zip to 9.20.1~dfsg.1-4.1+deb8u2.

  * Minor improvements
    - htpdate: replace obsolete and unreliable URIs in HTP pools, and decrease
      timeout for HTTP operations for more robust time synchronization.
      (Closes: #11577)
    - Hide settings panel for the Online Accounts component of GNOME,
      that we don't support. (Closes: #11545)
    - Vastly improve graphics performance in KVM guest with QXL driver.
      (Closes: #11500)
    - Fix graphics artifacts in Tor Browser in KVM guest with QXL driver.
      (Closes: #11489)

  * Build system
    - Wrap Pidgin in a more maintainable way. (Closes: #11567)

  * Test suite
    - Add a test scenario for the persistence "dotfiles" feature.
      (Closes: #10840)
    - Improve robustness of most APT, Git, SFTP and SSH scenarios,
      enough to enable them on Jenkins. (Closes: #10444, #10496, #10498)
    - Improve robustness of checking for persistence partition. (Closes: #11558)
    - Treat Tails booting from /dev/sda as OK, to support all cases
      including a weird one caused by hybrid ISO images. (Closes: #10504)
    - Bump a bunch of timeouts to cope with the occasional slowness on Jenkins.
    - Only query A records when exercising DNS lookups, to improve robustness.

 -- Tails developers <tails@boum.org>  Sun, 31 Jul 2016 16:50:35 +0000

tails (2.4) unstable; urgency=medium

  * Major new features and changes
    - Upgrade Tor Browser to 6.0.1 based on Firefox 45.2. (Closes:
      #11403, #11513).
    - Enable Icedove's automatic configuration wizard. We patch the
      wizard to only use secure protocols when probing, and only
      accept secure protocols, while keeping the improvements done by
      TorBirdy in its own non-automatic configuration wizard. (Closes:
      #6158, #11204)

  * Security fixes
    - Upgrade bsdtar and libarchive13 to 3.1.2-11+deb8u1.
    - Upgrade icedove to 38.8.0-1~deb8u1+tails3.
    - Upgrade imagemagick to 8:6.8.9.9-5+deb8u3.
    - Upgrade libexpat1 to 2.1.0-6+deb8u2.
    - Upgrade libgd3 to 2.1.0-5+deb8u3.
    - Upgrade gdk-pixbuf-based packages to 2.31.1-2+deb8u5.
    - Upgrade libidn11 to 1.29-1+deb8u1.
    - Upgrade libndp0 to 1.4-2+deb8u1.
    - Upgrade poppler-based packages to 0.26.5-2+deb8u1.
    - Upgrade librsvg2-2 to 2.40.5-1+deb8u2.
    - Upgrade libsmbclient to 2:4.2.10+dfsg-0+deb8u3.
    - Upgrade OpenSSL to 1.0.1k-3+deb8u5.
    - Upgrade libtasn1-6 to 4.2-3+deb8u2.
    - Upgrade libxml2 to 2.9.1+dfsg1-5+deb8u2.
    - Upgrade openjdk-7-jre to 7u101-2.6.6-1~deb8u1.

  * Bugfixes
    - Enable Packetization Layer Path MTU Discovery for IPv4. If any
      system on the path to the remote host has a MTU smaller than the
      standard Ethernet one, then Tails will receive an ICMP packet
      asking it to send smaller packets. Our firewall will drop such
      ICMP packets to the floor, and then the TCP connection won't
      work properly. This can happen to any TCP connection, but so far
      it's been reported as breaking obfs4 for actual users. Thanks to
      Yawning for the help! (Closes: #9268)
    - Make Tails Upgrader ship other locales than English. (Closes:
      #10221)
    - Make it possible to add local USB printers again. Bugfix on
      Tails 2.0. (Closes #10965).

  * Minor improvements
    - Remove custom SSH ciphers and MACs settings. (Closes: #7315)
    - Bring back "minimize" and "maximize" buttons in titlebars by
      default. (Closes: #11270)
    - Icedove improvements:
      * Stop patching in our default into Torbirdy. We've upstreamed
        some parts, and the rest we set with pref branch overrides in
        /etc/xul-ext/torbirdy.js. (Closes: #10905)
      * Use hkps keyserver in Enigmail. (Closes: #10906)
      * Default to POP if persistence is enabled, IMAP is
        not. (Closes: #10574)
      * Disable remote email account creation in Icedove. (Closes:
        #10464)
    - Firewall hardening (Closes: #11391):
      * Don't accept RELATED packets. This enables quite a lot of code
        in the kernel that we don't need. Let's reduce the attack
        surface a bit.
      * Restrict debian-tor user to NEW TCP syn packets. It doesn't
        need to do more, so let's do a little bit of security in
        depth.
      * Disable netfilter's nf_conntrack_helper.
      * Fix disabling of automatic conntrack helper assignment.
    - Kernel hardening:
      * Set various kernel boot options: slab_nomerge slub_debug=FZ
        mce=0 vsyscall=none. (Closes: #11143)
      * Remove the kernel .map files. These are only useful for kernel
        debugging and slightly make things easier for malware, perhaps
        and otherwise just occupy disk space. Also stop exposing
        kernel memory addresses through /proc etc. (Closes: #10951)
    - Drop zenity hacks to "focus" the negative answer. Jessie's
      zenity introduced the --default-cancel option, finally!
      (Closes: #11229)
    - Drop useless APT pinning for Linux.
    - Remove gnome-tweak-tool. (Closes: #11237)
    - Install python-dogtail, to enable accessibility technologies in
      our automated test suite (see below). (Part of: #10721)
    - Install libdrm and mesa from jessie-backports. (Closes: #11303)
    - Remove hledger. (Closes: #11346)
    - Don't pre-configure the #tails chan on the default OFTC account.
      (Part of: #11306)
    - Install onioncircuits from jessie-backports. (Closes: #11443)
    - Remove nmh. (Closes: #10477)
    - Drop Debian experimental APT source: we don't use it.
    - Use APT codenames (e.g. "stretch") instead of suites, to be
      compatible with our tagged APT snapshots.
    - Drop module-assistant hook and its cleanup. We've not been using
      it since 2010.
    - Remove 'Reboot' and 'Power Off' entries from Applications →
      System Tools. (Closes: #11075)
    - Pin our custom APT repo to the same level as Debian ones, and
      explicitly pin higher the packages we want to pull from our custom
      APT repo, when needed.
    - config/chroot_local-hooks/59-libdvd-pkg: verify libdvdcss
      package installation. (Closes: #11420)
    - Make Tails Upgrader use our new mirror pool design. (Closes:
      #11123)
    - Drop custom OpenSSH client ciphers and MACs settings. We did a
      pretty bad job at maintaining them compared to the Debian
      upstream. (Closes: #7315)
    - Install jessie-backports version of all binary packages built
      from src:hplip. This adds support for quite a few new
      printers.
    - Install printer-driver-postscript-hp, which adds support for
      some more printers.

  * Build system
    - Use a freezable APT repo when building Tails. This is a first
      step towards reproducible builds, and improves our QA and
      development processes by making our builds more predictable. For
      details, see: https://tails.boum.org/contribute/APT_repository/
    - There has been a massive amount of improvements to the
      Vagrant-based build system, and now it could be considered the
      de-facto build system for Tails! Improvements and fixes include:
      * Migrate Vagrant to use libvirt/KVM instead of
        Virtualbox. (Closes: #6354)
      * Make apt-get stuff non-interactive while provisioning.
        Because there is no interaction, so that will results in
        errors.
      * Bump disk space (=> RAM for RAM builds) needed to build with
        Vagrant. Since the Jessie migration it seems impossible to
        keep this low enough to fit in 8 GiB or RAM. For this reason
        we also drop the space optimization where we build inside a
        crazy aufs stack; now we just build in a tmpfs.
      * Clean up apt-cacher-ng cache on vm:provision to save disk
        space on the builder.
      * Add convenient Rake task for SSH:ing into the builder VM:
        `rake vm:ssh`.
      * Add rake task for generating a new Vagrant base box.
      * Automatically provision the VM on build to keep things up-to-date.
      * Don't enable extproxy unless explicitly given as an
        option. Previously it would automatically be enabled when
        `http_proxy` is set in the environment, unlike what is
        documented. This will hopefully lead to fewer surprises for users
        who e.g. point http_proxy to a torified polipo, or similar.
      * Re-fetch tags when running build-tails with Vagrant. That
        should fix an annoyance related to #7182 that I frequently
        encounter: when I, as the RM, rebuild the release image the
        second time from the force-updated tag, the build system would
        not have the force-updated tag. (Closes: #7182)
      * Make sure we use the intended locale in the Tails builder VM.
        Since we communicate via SSH, and e.g. Debian forward the
        locale env vars by default, we have to take some steps
        ensuring we do not do that.
    - Pull monkeysphere from stretch to avoid failing to install under
      eatmydata. Patch submitted by Cyril Brulebois <cyril@debamax.com>.

  * Test suite
    - Add wrapper around dogtail (inside Tails) for "remote" usage in
      the automated test suite. This provides a simple interface for
      generating dogtail python code, sending it to the guest, and
      executing it, and should allow us to write more robust tests
      leveraging assistive technologies. (Closes: #10721)
    - A few previously sikuli-based tests has been migrated to use
      dogtail instead, e.g. GNOME Applications menu interaction.
    - Add a test for re-configuring an existing persistent volume.
      This is a regression test for #10809. (Closes: #10834)
    - Use a simulated Tor network provided by Chutney in the automated
      test suite. The main motivation here is improved robustness --
      since the "Tor network" we now use will exit from the host
      running the automated test suite, we won't have to deal with Tor
      network blocking, or unreliable circuits. Performance should
      also be improved. (Closes: #9521)
    - Drop the usage of Tor Check in our tests. It doesn't make sense
      now when we use Chutney since that always means it will report
      that Tor is not being used.
    - Stop testing obsolete pluggable transports.
    - Completely rewrite the firewall leak detector to something more
      flexible and expressive.
    - Run tcpdump with --immediate-mode for the network sniffer. With
      this option, "packets are delivered to tcpdump as soon as they
      arrive, rather than being buffered for efficiency" which is
      required to make the sniffing work reliable the way we use it.
    - Remove most scenarios testing "tordate". It just isn't working
      well in Tails, so we shouldn't expect the tests to actually work
      all of the time. (Closes: #10440)
    - Close Pidgin before we inspect or persist its accounts.xml.
      I've seen a case when that file is _not_ saved (and thus, not
      persisted) if we shut down the system while Pidgin is still
      running. (Closes: #11413)
    - Close the GNOME Notification bar by pressing ESC, instead of
      opening the Applications menu. The Applications menu often
      covers other elements that we're looking for on the
      screen. (Closes #11401)
    - Hide Florence keyboard window when it doesn't vanish by itself
      (Closes: #11398) and wait a bit less for Florence to disappear
      (Closes: #11464).

 -- Tails developers <tails@boum.org>  Mon, 06 Jun 2016 20:10:56 +0200

tails (2.3) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.5.5. (Fixes: #11362)
    - Upgrade icedove to 38.7.0-1~deb8u1
    - Upgrade git to 1:2.1.4-2.1+deb8u2
    - Upgrade libgd3 to 2.1.0-5+deb8u1
    - Upgrade pidgin-otr to 4.0.1-1+deb8u1
    - Upgrade srtp to 1.4.5~20130609~dfsg-1.1+deb8u1
    - Upgrade imagemagick to 8:6.8.9.9-5+deb8u1
    - Upgrade samba to 2:4.2.10+dfsg-0+deb8u2
    - Upgrade openssh to 1:6.7p1-5+deb8u2

  * Bugfixes
    - Refresh Tor Browser's AppArmor profile patch against the one from
      torbrowser-launcher 0.2.4-1. (Fixes: #11264)
    - Pull monkeysphere from stretch to avoid failing to install under
      eatmydata. (Fixes: #11170)
    - Start gpg-agent with no-grab option due to issues with pinentry and
      GNOME's top bar. (Fixes: #11038)
    - Tails Installer: Update error message to match new name of 'Clone
      & Install'. (Fixes: #11238)
    - Onion Circuits:
      * Cope with a missing geoipdb. (Fixes: #11203)
      * Make both panes of the window scrollable. (Fixes #11192)
    - WhisperBack: Workaround socks bug. When the Tor fails to connect to
      the host, WisperBack used to display a ValueError.  This is caused by
      a socks bug that is solved in upstream's master but not in Tails.
      This commit workarounds this bug Unclear error message in WhisperBack
      when failing to connect to the server. (Fixes: #11136)

  * Minor improvements
    - Upgrade to Debian 8.4, a Debian point release with many minor upgrades
      and fixes to various packages . (Fixes: #11232)
    - Upgrade I2P to 0.9.25. (Fixes: #11363)
    - Pin pinentry-gtk2 to jessie-backports. The new version allows pasting
      passwords from the clipboard. (Fixes: #11239)
    - config/chroot_local-hooks/59-libdvd-pkg: cleanup /usr/src/libdvd-pkg.
      (Fixes: #11273)
    - Make the Tor Status "disconnected" icon more contrasted with the
      "connected" one. (Fixes: #11199)

  * Test suite
    - Add UTF-8 support to OTR Bot. (Fixes: #10866)
    - Don't explicitly depend on openjdk-7-jre or any JRE for that
      matter. Sikuli will pull in a suitable one, so depending on one
      ourselves is only risks causing trouble. (Fixes: #11335)

 -- Tails developers <tails@boum.org>  Mon, 25 Apr 2016 14:12:22 +0200

tails (2.2.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.5.4. (Closes: #11254)
    - Upgrade bind9-related packages to 1:9.9.5.dfsg-9+deb8u6
    - Upgrade libotr to 4.1.0-2+deb8u1
    - Upgrade samba-related packages to 2:4.1.17+dfsg-2+deb8u2.
    - Upgrade libgraphite2 to 1.3.6-1~deb8u1.

 -- Tails developers <tails@boum.org>  Thu, 17 Mar 2016 15:03:52 +0100

tails (2.2) unstable; urgency=medium

  * Major new features and changes
    - Replace Vidalia (which has been unmaintained for years) with:
      (Closes: #6841)
      * the Tor Status GNOME Shell extension, which adds a System Status
        icon indicating whether Tor is ready or not.
      * Onion Circuits, a simple Tor circuit monitoring tool.

  * Security fixes
    - Upgrade Tor Browser to 5.5.3 (Closes: #11189).
    - Upgrade Linux to 3.16.7-ckt20-1+deb8u4.
    - Upgrade cpio to 2.11+dfsg-4.1+deb8u1.
    - Upgrade glibc to 2.19-18+deb8u3.
    - Upgrade libav to 6:11.6-1~deb8u1.
    - Upgrade libgraphite2 to 1.3.5-1~deb8u1.
    - Upgrade libjasper1 to 1.900.1-debian1-2.4+deb8u1.
    - Upgrade libreoffice to 4.3.3-2+deb8u3.
    - Upgrade libssh2 to 1.4.3-4.1+deb8u1.
    - Upgrade openssl to 1.0.1k-3+deb8u4.
    - Upgrade perl to 5.20.2-3+deb8u4.
    - Upgrade python-imaging, python-pil to 2.6.1-2 2.6.1-2+deb8u2.

  * Bugfixes
    - Hide "Laptop Mode Tools Configuration" menu entry. We don't
      support configuring l-m-t in Tails, and it doesn't work out of
      the box. (Closes: #11074)
    - WhisperBack:
      * Actually write a string when saving bug report to
        disk. (Closes: #11133)
      * Add missing argument to OpenPGP dialog so the optional OpenPGP
        key can be added again. (Closes: #11033)

  * Minor improvements
    - Upgrade I2P to 0.9.24-1~deb8u+1.
    - Add support for viewing DRM protected DVD videos using
      libdvdcss2. Patch series submitted by Austin English
      <austinenglish@gmail.com>. (Closes: #7674)
    - Automatically save KeePassX database after every change by default.
      (Closes: #11147)
    - Implement Tor stream isolation for WhisperBack
    - Delete unused tor-tsocks-mua.conf previously used by Claws
      Mail. (Closes: #10904)
    - Add set -u to all gettext:ized shell scripts. In gettext-base <
      1.8.2, like the one we had in Wheezy, gettext.sh references the
      environment variable ZSH_VERSION, which we do not set. This has
      prevented us from doing `set -u` without various hacks. (Closes:
      #9371)
    - Also set -e in some shell scripts which lacked it for no good
      reason.
    - Make Git verify the integrity of transferred objects. (Closes:
      #11107)
    - Remove LAlt+Shift and LShift+RShift keyboard layout toggling
      shortcuts. (Closes: #10913, #11042)

  * Test suite
    - Reorder the execution of feature to decrease peak disk
      usage. (Closes: #10503)
    - Paste into the GTK file chooser, instead of typing. (Closes:
      #10775)
    - Pidgin: wait a bit for text to have stopped scrolling before we
      click on it. (Closes: #10783)
    - Fix step that runs commands in GNOME Terminal, that was broken
      on Jessie when a Terminal is running already. (Closes: #11176)
    - Let ruby-rjb guess JAVA_HOME instead fixing on one jvm
      version. (Closes: #11190)

  * Build system
    - Upgrade build system to Debian Jessie. This includes migrating to a
      new Vagrant basebox based on Debian Jessie.
    - Rakefile: print git status when there are uncommitted
      changes. Patch submitted by Austin English
      <austinenglish@gmail.com>. (Closes: #11108)
    - .gitignore: add .rake_tasks~. Patch submitted by Austin English
      <austinenglish@gmail.com>. (Closes: #11134)
    - config/amnesia: use --show-field over sed filtering. Patch
      submitted by Chris Lamb <lamby@debian.org>.
    - Umount and clean up leftover temporary directories from old
      builds. (Closes: #10772)

 -- Tails developers <tails@boum.org>  Mon, 07 Mar 2016 18:09:50 +0100

tails (2.0.1) unstable; urgency=medium

  * Major new features and changes
    - Enable the Tor Browser's font fingerprinting protection
      (Closes: #11000). We do it for all browsers (including
      the Unsafe Browser and I2P Browser mainly to avoid making our
      automated test suite overly complex. This implied to set an appropriate
      working directory when launching the Tor Browser, to accommodate for
      the assumptions it makes about this.

  * Security fixes
    - Upgrade Tor Browser to 5.5.2 (Closes: #11105).

  * Bugfixes
    - Repair 32-bit UEFI support (Closes: #11007); bugfix on 2.0.
    - Add libgnome2-bin to installed packages list to provide gnome-open,
      which fixes URL handling at least in KeePassX, Electrum and Icedove
      (Closes: #11031); bugfix on 2.0. Thanks to segfault for the patch!

  * Minor improvements
    - Refactor and de-duplicate the chrooted browsers' configuration:
      prefs.js, userChrome.css (Closes: #9896).
    - Make the -profile Tor Launcher workaround simpler (Closes: #7943).
    - Move Torbutton environment configuration to the tor-browser script,
      instead of polluting the default system environment with it.
    - Refresh patch against the Tor Browser AppArmor profile
      (Closes: #11078).
    - Propagate Tor Launcher options via the wrapper.
    - Move tor-launcher script to /usr/local/bin.
    - Move tor-launcher-standalone to /usr/local/lib.
    - Move Tor Launcher env configuration closer to the place where it is used,
      for simplicity's sake.

  * Test suite
    - Mass update browser and Tor Launcher related images due to font change,
      caused by Tor Browser 5.5's font fingerprinting protection
      (Closes: #11097). And then, use separate PrintToFile.png for the browsers,
      and Evince, since it cannot be shared anymore.
    - Adjust to the refactored chrooted browsers configuration handling.
    - Test that Tor Launcher uses the correct Tor Browser libraries.
    - Allow more slack when verifying that the date that was set.
    - Bump a bit the timeout used when waiting for the remote shell.
    - Bump timeout for the process to disappear, when closing Evince.
    - Bump timeout when saving persistence configuration.
    - Bump timeout for bootstrapping I2P.

  * Build system
    - Remove no longer relevant places.sqlite cleanup procedure.

 -- Tails developers <tails@boum.org>  Fri, 12 Feb 2016 13:00:15 +0000

tails (2.0) unstable; urgency=medium

  * Major new features and changes
    - Upgrade to Debian 8 (Jessie).
    - Migrate to GNOME Shell in Classic mode.
    - Use systemd as PID 1, and convert all custom initscripts to systemd units.
    - Remove the Windows camouflage feature: our call for help to port
      it to GNOME Shell (issued in January, 2015) was unsuccessful.
    - Remove Claws Mail: Icedove is now the default email client
      (Closes: #10167).
    - Upgrade Tor Browser to 5.5 (Closes: #10858, #10983).

  * Security fixes
    - Minimally sandbox many services with systemd's namespacing features.
    - Upgrade Linux to 3.16.7-ckt20-1+deb8u3.
    - Upgrade Git to 1:2.1.4-2.1+deb8u1.
    - Upgrade Perl to 5.20.2-3+deb8u3.
    - Upgrade bind9-related packages to 1:9.9.5.dfsg-9+deb8u5.
    - Upgrade FUSE to 2.9.3-15+deb8u2.
    - Upgrade isc-dhcp-client tot 4.3.1-6+deb8u2.
    - Upgrade libpng12-0 to 1.2.50-2+deb8u2.
    - Upgrade OpenSSH client to 1:6.7p1-5+deb8u1.

  * Bugfixes
    - Restore the logo in the "About Tails" dialog.
    - Don't tell the user that "Tor is ready" before htpdate is done
      (Closes: #7721).
    - Upgrader wrapper: make the check for free memory more accurate
      (Closes: #10540, #8263).
    - Allow the desktop user, when active, to configure printers;
      fixes regression introduced in Tails 1.1 (Closes: #8443).
    - Close Vidalia before we restart Tor. Otherwise Vidalia will be running
      and showing errors while we make sure that Tor bootstraps, which could
      take a while.
    - Allow Totem to read DVDs, by installing apparmor-profiles-extra
      from jessie-backports (Closes: #9990).
    - Make memory erasure on shutdown more robust (Closes: #9707, #10487):
      · don't forcefully overcommit memory
      · don't kill the allocating task
      · make sure the kernel doesn't starve from memory
      · make parallel sdmem handling faster and more robust
    - Don't offer the option, in Tor Browser, to open a downloaded file with
      an external application (Closes: #9285). Our AppArmor confinement was
      blocking most such actions anyway, resulting in poor UX; bugfix on 1.3.
      Accordingly, remove the now-obsolete exception we had in the Tor
      Browser AppArmor profile, that allowed executing seahorse-tool.
    - Fix performance issue in Tails Upgrader, that made it very slow to apply
      an automatic upgrade; bugfix on 1.7 (Closes: #10757).
    - Use our wrapper script to start Icedove from the GNOME menus.
    - Make it possible to localize our Icedove wrapper script.
    - List Icedove persistence option in the same position where Claws Mail
      used to be, in the persistent volume assistant (Closes: #10832).
    - Fix Electrum by installing the version from Debian Testing
      (Closes: #10754). We need version >=2.5.4-2, see #9713;
      bugfix on 2.0~beta1. And, explicitly install python-qt4 to enable
      Electrum's GUI: it's a Recommends, and we're not pulling it ourselves
      via other means anymore.
    - Restore default file associations (Closes: #10798);
      bugfix on 2.0~beta1.
    - Update 'nopersistent' boot parameter to 'nopersistence'; bugfix on 0.12
      (Closes: #10831). Thanks to live-media=removable, this had no security
      impact in practice.
    - Repair dotfiles persistence feature, by adding a symlink from
      /lib/live/mount/persistence to /live/persistence; bugfix on 2.0~beta1
      (Closes: #10784).
    - Fix ability to re-configure an existing persistent volume using
      the GUI; bugfix on 2.0~beta1 (Closes: #10809).
    - Associate armored OpenPGP public keys named *.key with Seahorse,
      to workaround https://bugs.freedesktop.org/show_bug.cgi?id=93656;
      bugfix on 1.1 (Closes: #10889).
    - Update the list of enabled GNOME Shell extensions, which might fix
      the "GNOME Shell sometimes leaves Classic mode" bug seen in 2.0~beta1:
      · Remove obsolete "Alternative Status Menu", that is not shipped
        in Debian anymore.
      · Explicitly enable the GNOME Shell extensions that build
        the Classic mode.
    - Make _get_tg_setting() compatible with set -u (Closes: #10785).
    - laptop-mode-tools: don't control autosuspend. Some USB input
      devices don't support autosuspend. This change might help fix
      #10850, but even if it doesn't, it makes sense to me that we
      don't let laptop-mode-tools fiddle with this on a Live system
      (Closes (for now): #10850).

  * Minor improvements
    - Remove obsolete code from various places.
    - Tails Greeter:
      · hide all windows while logging in
      · resize and re-position the panel when the screen size grows
      · PostLogin: log into the Journal instead of a dedicated log file
      · use localectl to set the system locale and keyboard mapping
      · delete the Live user's password if no administration password is set
        (Closes: #5589)
      · port to GDBus greeter interface, and adjust to other GDM
        and GNOME changes
    - Tails Installer:
      · port to UDisks2, and from Qt4 to GTK3
      · adapt to work on other GNU/Linux operating systems than Tails
      · clean up enough upstream code and packaging bits to make it
        deserve being uploaded to Debian
      · rename everything from liveusb-creator to tails-installer
    - Port tails-perl5lib to GTK3 and UDisks2. In passing, do some minor
      refactoring and a GUI improvement.
    - Persistent Volume Assistant:
      · port to GTK3 and UDisks2
      · handle errors when deleting persistent volume (Closes: #8435)
      · remove obsolete workarounds
    - Don't install UDisks v1.
    - Adapt custom udev and polkit rules to UDisks v2 (Closes: #9054, #9270).
    - Adjust import-translations' post-import step for Tails Installer,
      to match how its i18n system works nowadays.
    - Use socket activation for CUPS, to save some boot time.
    - Set memlockd.service's OOMScoreAdjust to -1000.
    - Don't bother creating /var/lib/live in tails-detect-virtualization.
      If it does not exist at this point, we have bigger and more
      noticeable problems.
    - Simplify the virtualization detection & reporting system, and do it
      as a non-root user with systemd-detect-virt rather than virt-what.
    - Replace rsyslog with the systemd Journal (Closes: #8320), and adjust
      WhisperBack's logs handling accordingly.
    - Drop tails-save-im-environment.
      It's not been used since we stopped automatically starting the web browser.
    - Add a hook that aborts the build if any *.orig file is found. Such files
      appear mainly when a patch of ours is fuzzy. In most cases they are no big
      deal, but in some cases they end up being taken into account
      and break things.
    - Replace the tor+http shim with apt-transport-tor (Closes: #8198).
    - Install gnome-tweak-tool.
    - Don't bother testing if we're using dependency based boot.
    - Drop workaround to start spice-vdagent in GDM (Closes: #8025).
      This has been fixed in Jessie proper.
    - Don't install ipheth-utils anymore. It seems to be obsolete
      in current desktop environments.
    - Stop installing the buggy unrar-free, superseded in Jessie (Closes: #5838)
    - Drop all custom fontconfig configuration, and configure fonts rendering
      via dconf.
    - Drop zenity patch (zenity-fix-whitespacing-box-sizes.diff),
      that was applied upstream.
    - Install libnet-dbus-perl (currently 1.1.0) from jessie-backports,
      it brings new features we need.
    - Have the security check and the upgrader wait for Tor having bootstrapped
      with systemd unit ordering.
    - Get rid of tails-security-check's wrapper.
      Its only purpose was to wait for Tor to have bootstrapped,
      which is now done via systemd.
    - Don't allow the amnesia and tails-upgrade-frontend users to run
      tor-has-bootstrapped as root with sudo. They don't need it anymore,
      thanks to using systemd for starting relevant units only once Tor
      has bootstrapped.
    - Install python-nautilus, that enables MAT's context menu item in Nautilus.
      (Closes: #9151).
    - Configure GDM with a snippet file instead of patching its
      greeter.dconf-defaults.
    - WhisperBack:
      · port to Python 3 and GObject Introspection (Closes: #7755)
      · migrate from the gnutls module to the ssl one
      · use PGP/MIME for better attachments handling
      · migrate from the gnupginterface module to the gnupg one
      · natively support SOCKS ⇒ don't wrap with torsocks anymore
        (Closes: #9412)
      · don't try to include the obsolete .xession-errors in bug reports
        (Closes: #9966)
    - chroot-browser.sh: don't use static DISPLAY.
    - Simplify debugging:
      · don't hide the emergency shutdown's stdout
      · tails-unblock-network: trace commands so that they end up in the Journal
    - Configure the console codeset at ISO build time, instead of setting it
      to a constant via the Greeter's PostLogin.default.
    - Order the AppArmor policy compiling in a way that is less of a blocker
      during boot.
    - Include the major KMS modules in the initramfs. This helps seamless
      transition to X.Org when booting, and back to text mode on shutdown,
      can help for proper graphics hardware reinitialization post-kexec,
      and should improve GNOME Shell support in some virtual machines.
    - Always show the Universal Access menu icon in the GNOME panel.
    - Drop notification for not-migrated-yet persistence configuration,
      and persistence settings disabled due to wrong access rights.
      That migration happened more two years ago.
    - Remove the restricted network detector, that has been broken for too long;
      see #10560 for next steps (Closes: #8328).
    - Remove unsupported, never completed kiosk mode support.
    - clock_gettime_monotonic: use Perl's own function to get the integer part,
      instead of forking out to sed.
    - Don't (try to) disable lvm2 initscripts anymore. Both the original reason
      and the implementation are obsolete on Jessie.
    - Lower potential for confusion (#8443), by removing system-config-printer.
      One GUI to configure printers is enough (Closes: #8505).
    - Add "set -u" to tails-unblock-network.
    - Add a systemd target whose completion indicates that Tor has bootstrapped,
      and use it everywhere sensible (Closes: #9393).
    - Disable udev's 75-persistent-net-generator.rules, to preventing races
      between MAC spoofing and interface naming.
    - Replace patch against NetworkManager.conf with drop-in files.
    - Replace resolvconf with simpler NetworkManager and dhclient configuration.
      (Closes: #7708)
    - Replace patching of the gdomap, i2p, hdparm, tor and ttdnsd initscripts
      with 'systemctl disable' (Closes: #9881).
    - Replace patches that wrapped apps with torsocks with dynamic patching with
      a hook, to ease maintenance. Also, patch D-Bus services as needed
      (Closes: #10603).
    - Notify the user if running Tails inside non-free virtualization software
      that does not try to hide its nature (Closes: #5315).
      Thanks to Austin English <austinenglish@gmail.com> for the patch.
    - Declare htpdate.service as being needed for time-sync.target, to ensure
      that "services where correct time is essential should be ordered after
      this unit".
    - Convert some of the X session startup programs to `systemd --user' units.
    - Let the Pidgin wrapper pass through additional command-line arguments
      (Closes: #10383)
    - Move out of the $PATH a bunch of programs that users should generally
      not run directly: connect-socks, end-profile, getTorBrowserUserAgent,
      generate-tor-browser-profile, kill-boot-profile, tails-spoof-mac,
      tails-set-wireless-devices-state, tails-configure-keyboard,
      do_not_ever_run_me, boot-profile, tails-unblock-network,
      tor-controlport-filter, tails-virt-notify-user, tails-htp-notify-user,
      udev-watchdog-wrapper (Closes: #10658)
    - Upgrade I2P to 0.9.23-2~deb8u+1.
    - Disable I2P's time syncing support.
    - Install Torbirdy from official Jessie backports, instead of from
      our own APT repository (Closes: #10804).
    - Make GNOME Disks' passphrase strength checking new feature work,
      by installing cracklib-runtime (Closes: #10862).
    - Add support for Japanese in Tor Browser.
    - Install xserver-xorg-video-intel from Jessie Backports (currently:
      2.99.917-2~bpo8+1). This adds support for recent chips such as
      Intel Broadwell's HD Graphics (Closes: #10841).
    - Improve a little bit post-Greeter network unblocking:
      · Sleep a bit longer between deleting the blacklist, and triggering udev;
        this might help cure #9012.
      · Increase logging, so that we get more information next time someone
        sees #9012.
      · Touch /etc/modprobe.d/ after deleting the blacklist; this might help,
        in case all this is caused by some aufs bug.
    - Enable and use the Debian jessie-proposed-updates APT repository,
      anticipating on the Jessie 8.3 point-release (Closes: #10897).
    - Upgrade most firmware packages to 20160110-1.
    - Upgrade Intel CPU microcodes to 3.20151106.1~deb8u1.
    - Disable IPv6 for the default wired connection, so that
      NetworkManager does not spam the logs with IPv6 router
      solicitation failure. Note that this does not fix the problem
      for other connections (Partially closes: #10939).

  * Test suite
    - Adapt to the new desktop environment and applications' look.
    - Adapt new changed nmcli syntax and output.
    - New NetworkManager connection files must be manually loaded in Jessie.
    - Adapt to new pkexec behavior.
    - Adapt to how we now disable networking.
    - Use sysctl instead of echo:ing into /proc/sys.
    - Use oom_score_adj instead of the older oom_adj.
    - Adapt everything depending on logs to the use of the Journal.
    - Port to UDisks v2.
    - Check that the system partition is an EFI System Partition.
    - Add ldlinux.c32 to the list of bootloader files that are expected
      to be modified when we run syslinux (Closes: #9053).
    - Use apt(8) instead of apt-get(8).
    - Don't hide the cursor after opening the GNOME apps menu.
    - Convert the remote shell to into a systemd native service and a Python 3,
      script that uses the sd_notify facility (Closes: #9057). Also, set its
      OOM score adjustment value via its unit file, and not from the test suite.
    - Adjust to match where screenshots are saved nowadays.
    - Check that all system units have started (Closes: #8262)
    - Simplify the "too small device" test.
    - Spawn `poweroff' and `halt' in the background, and don't wait for them
      to return: anything else would be racy vs. the remote shell's stopping.
    - Bump video memory allocated to the system under test, to fix out of video
      memory errors.
    - When configuring the CPU to lack PAE support, use a qemu32 CPU instead
      of a Pentium one: the latter makes GNOME Shell crash.
      See #8778 for details about how Mesa's CPU features detection has
      room for improvement.
    - Adjust free(1) output parsing for Jessie.
    - vm-execute: rename --type option to --spawn.
    - Add method to set the X.Org clipboard, and install its dependency
      (xsel) in the ISO.
    - Paste URLs in one go, to work around issue with lost key presses
      in the browser (Closes: #10467).
    - Reliably wait for Synaptic's search button to fade in.
    - Take into account that the sticky bit is not set on block devices
      on Jessie anymore.
    - Ensure that we can use a NetworkManager connection stored in persistence
      (Closes: #7966).
    - Use a stricter regexp when extracting logs for dropped packets.
    - Clone the host CPU for the test suite guests (Closes: #8778).
    - Run ping as root (aufs does not support file capabilities so we don't
      get cap_net_raw+ep, and if built on a filesystem that does support
      file capabilities, then /bin/ping is not setupd root).
    - Escape regexp special characters when constructing the firewall log
      parsing regexp, and pass -P to grep, since Ruby uses PCRE.
    - Adjust is_persistent?() helper to findmnt changes in Jessie.
    - Rework in depth how we measure pattern coverage in memory, with more
      reliable Linux OOM and VM settings, fundamental improvements
      in what exactly we measure, and custom OOM adjutments for fillram
      processes (Closes: #9705).
    - Use blkid instead of parted to determine the filesystem type.
    - Use --kiosk mode instead of --fullscreen in virt-viewer, to remove
      the tiny border of the in-viewer menu.
    - Remove now redundant desktop screenshot directory scenario.
    - Adapt GNOME notification handling for Debian Jessie (Closes: #8782)
    - Disable screen blanking in the automated test suite, which occasionally
      breaks some test cases (Closes: #10403).
    - Move upgrade scenarios to the feature dedicated to them.
    - Don't make libvirt storage volumes executable.
    - Refactor the PAUSE_ON_FAIL functionality, so that we can use `pause()`
      as a breakpoint when debugging.
    - Drop non-essential Totem test that is mostly a duplicate, and too painful
      to be worth automating on Jessie.
    - Retry Totem HTTPS test with a new Tor circuit on failure.
    - Replace iptables status regexp-based parser with a new XML-based
      status analyzer: the previous implementation could not be adjusted
      to the new ip6tables' output (Closes: #9704).
    - Don't reboot in one instance when it is not needed.
    - Optimize memory erasure anti-test: block the boot to save CPU on the host.
    - Update I2P tests for Jessie, and generally make them more robust.
    - Update Electrum tests for 2.5.4-2 (Closes: #10758).
    - Add workaround for libvirt vs. guestfs permissions issue, to allow
      running the test suite on current Debian sid.
    - Fix buggy code, that happened to work by mistake, in the Seahorse
      test cases; bugfix on 1.8.
    - Update test suite images due to CSS change on Tails' website.
    - Adapt Tor Browser tests to work with the 5.5 series.
    - Automatically test downloading files in Tor Browser.
    - Remove obsolete scenario, that tested opening a downloaded file with
      an external application, which we do not support anymore.
    - Improve robustness of the "Tails OpenPGP keys" scenario (Closes: #10378).
    - Automatically test the "Diable all networking" feature (Closes: #10430).
    - Automatically test that SSH works over LAN (Closes: #9087).
    - Bump some statuc sleeps to fix a few race conditions (Closes: #5330).
    - Automatically test that an emergency shutdown triggers on boot
      medium removal (Closes: #5472).
    - Make the AppArmor checks actually detect errors (Closes: #10926).

  * Build system
    - Bump amount of disk space needed to build Tails with Vagrant.
      The addition of the Japanese Tor Browser tarball made us reach
      the limit of the previous value.

  * Adjustments for Debian 8 (Jessie) with no or very little user-visible impact
    - Free the fixed UIDs/GIDs we need before creating the corresponding users.
    - Replace the real gnome-backgrounds with a fake, equivs generated one
      (Closes: #8055). Jessie's gnome-shell depends on gnome-backgrounds,
      which is too fat to ship considering we're not using it.
    - AppArmor: adjust CUPS profile to support our Live system environment
      (Closes: #8261):
      · Mangle lib/live/mount/overlay/... as usual for aufs.
      · Pass the the attach_disconnected flag, that's needed for compatibility
        with PrivateTmp.
    - Make sure we don't ship geoclue* (Closes: #7949).
    - Drop deprecated GDM configuration file.
    - Don't add the Live user to the deprecated 'fuse' group.
    - Drop hidepid mount option for /proc (Closes: #8256). In its current,
      simplistic form it cannot be supported by systemd.
    - Don't manually load acpi-cpufreq at boot time. It fails to load
      whenever no device it supports is present, which makes the
      systemd-modules-load.service fail. These days, the kernel
      should just automatically load such modules when they are needed.
    - Drop sysvinit-specific (sensigs.omit.d) tweaks for memlockd.
    - Disable the GDM unit file's Restart=always, that breaks our "emergency
      shutdown on boot medium removal" feature.
    - Update the implementation of the memory erasure on shutdown feature:
      · check for rebooting state using systemctl, instead of the obsolete
        $RUNLEVEL (Closes: #8306)
      · the kexec-load initscript normally silently exits unless systemd is
        currently running a reboot job. This is not the case when the emergency
        shutdown has been triggered, so we removed this check
      · migrate tails-kexec to the /lib/systemd/system-shutdown/ facility
      · don't (try to) switch to tty1 on emergency shutdown: it apparently
        requires data that we haven't locked into memory, and then it blocks
        the whole emergency shutdown process
    - Display a slightly darker version of the desktop wallpaper on the screen
      saver, instead of the default flashy "Debian 8" branding (Closes: #9038).
    - Disable software autorun from external media.
    - Disable a few unneeded D-Bus services. Some of these services are
      automatically started (via D-Bus activation) when GNOME Shell tries
      to use them. The only "use" I've seen for them, except eating
      precious RAM, is to display "No appointment today" in the calendar pop-up.
      (Closes: #9037)
    - Prevent NetworkManager services from starting at boot time
      (Closes: #8313). We start them ourselves after changing the MAC address.
    - Unfuzzy all patches (Closes: #8268) and drop a few obsolete ones.
    - Adapt IBus configuration for Jessie (Closes: #8270), i.e. merge the two
      places where we configure keyboard layout and input methods: both are now
      configured in the same place in Jessie's GNOME.
    - Migrate panel launchers to the favorite apps list (Closes: #7992).
    - Drop pre-GNOME Shell menu tweaks.
    - Hide "Log out" button in the GNOME Shell menu (Closes: #8364).
    - Add a custom shutdown-helper GNOME Shell extension (Closes: #8302, #5684
      and #5878) that removes the press-Alt-to-turn-shutdown-button-into-Suspend
      functionality from the GNOME user menu, and makes Restart and Shutdown
      immediate, without further user interaction. Accordingly remove our custom
      Shutdown Helper panel applet (#8302).
    - Drop GNOME Panel configuration, now deprecated.
    - Disable GNOME Shell's screen lock feature.
      We're not there yet (see #5684).
    - Disable GNOME Shell screen locker's user switch feature.
    - Explicitly install libany-moose-perl (Closes: #8051).
      It's needed by our OpenPGP applet. On Wheezy, this package was pulled
      by some other dependency. This is not the case anymore on Jessie.
    - Don't install notification-daemon nor gnome-mag: GNOME Shell has taken
      over this functionality (Closes: #7481).
    - Don't install ntfsprogs: superseded on Jessie.
    - Don't install barry-util: not part of Jessie.
    - Link udev-watchdog dynamically, and lock it plus its dependencies
      in memory.
    - Migrate from gdm-simple-greeter to a custom gdm-tails session
      (Closes: #7599).
    - Update Plymouth installation and configuration:
      · install the plymouth packages via chroot_local-hooks: lb 2.x's "standard"
        packages list pulls console-common in, which plymouth now conflicts with
      · don't patch the plymouth initscript anymore, that was superseded
        by native systemd unit files
      · mask the plymouth-{halt,kexec,poweroff,reboot,shutdown} services,
        to prevent them from occupying the active TTY with an (empty) splash
        screen on shutdown/reboot, that would hide the messages we want to show
        to the user via tails-kexec (Closes: #9032)
    - Migrate GNOME keyboard layout settings from libgnomekbd to input-sources
      (Closes: #7898).
    - Explicitly install syslinux-efi, that we need and is not automatically
      pulled by anything else anymore.
    - Workaround #7248 for GDM: use a solid blue background picture,
      instead of a solid color fill, in the Greeter session.
    - De-install gcc-4.8-base and gcc-4.9 at the end of the ISO build process.
    - Revert the "Wrap syndaemon to always use -t" Wheezy-specific workaround.
    - htpdate: run date(1) in a Jessie-compatible (and nicer) way.
    - Remove obsolete dconf screenshot settings and the corresponding test.
    - Drop our patched python-dbus{,-dev} package (Closes: #9177).
    - live-persist: stop overriding live-boot's functions, we now have
      a recent enough blkid.
    - Adjust sdmem initramfs bits for Jessie:
      · Directly call poweroff instead of halt -p.
      · Don't pass -n to poweroff and reboot, it's not supported anymore.
    - Wrap text in the Unsafe Browser startup warning dialog
      (Jessie's zenity does not wrap it itself).
    - Associate application/pgp-keys with Seahorse's "Import Key" application
      (Closes: #10571).
    - Install topIcons GNOME Shell extension (v28), to work around the fact
      that a few of the applets we use hijack the notification area.
    - "cd /" to fix permissions issue at tails-persistence-setup startup
      (Closes: #8097).
    - Install gstreamer1.0-libav, so that Totem can play H264-encoded videos.
    - Adjust APT sources configuration:
      · remove explicit jessie and jessie-updates sources:
        automatically added by live-build
      · add Debian testing
      · add jessie-backports
    - Firewall: white-list access to the accessibility daemon (Closes: #8075).
    - Adjust to changed desktop notification behavior and supported feature set
      (Closes: #7989):
      · pass the DBUS_SESSION_BUS_ADDRESS used by the GNOME session
        to notify-send
      · update waiting for a notification handler: gnome-panel and nm-applet
        are obsolete, GNOME Shell is now providing this facility, so instead
        wait for a process that starts once GNOME Shell is ready, namely
        ibus-daemon (Closes: #8685)
      · port tails-warn-about-disabled-persistence and tails-virt-notify-user
        to notification actions (instead of hyperlinks), and make the latter
        transient; to this end, add support to Desktop::Notify for "hints"
        and notification actions
      · tails-security-check: use a dialog box instead of desktop notifications
      · MAC spoofing failure notification: remove the link to the documentation;
        it was broken on Tails/Wheezy already, see #10559 for next steps
    - Don't explicitly install gnome-panel nor gnome-menus, so that they go away
      whenever the Greeter does not pull them in anymore.
    - Install gkbd-capplet, that provides gkbd-keyboard-display (Closes: #8363).
    - Install Tor 0.2.7 from deb.torproject.org: we don't need to rebuild it
      ourselves for seccomp support anymore.
    - Wrap Seahorse with torsocks when it is started as a D-Bus service too
      (Closes: #9792).
    - Rename the AppArmor profile for Tor, so it applies to the system-wide
      Tor service we run (Closes: #10528).
    - Essentially revert ALSA state handling to how it was pre-Jessie, so that
      mixer levels are unmuted and sanitized at boot time (Closes: #7591).
    - Pass --yes to apt-get when installing imagemagick.
    - Make removable devices, that we support installing Tails to, user writable:
      Tails Installer requires raw block device access to such devices
      (Closes: #8273). Similarly, allow the amnesia user, when active, to open
      non-system devices for writing with udisks2. This is roughly udisks2's
      equivalent of having direct write access to raw block storage devices.
      Here too, Tails Installer uses this functionality.
    - Disable networkd to prevent any risk of DNS leaks it might cause; and
      disable timesyncd, as we have our own time synchronization mechanism.
      They are not enabled by default in Jessie, but may be in Stretch,
      so let's be explicit about it.
    - Mask hwclock-save.service, to avoid sync'ing the system clock
      to the hardware clock on shutdown (Closes: #9363).
    - apparmor-adjust-cupsd-profile.diff: adjust to parse fine on Jessie
      (Closes: #9963)
    - Explicitly use tor@default.service when it's the one we mean.
    - Refactor GNOME/X env exporting to Tails' shell library, and grab
      more of useful bits of the desktop session environment.
      Then, use the result in the test suite's remote shell.
    - Stop tweaking /etc/modules. It's 2015, the kernel should load these things
      automatically (Closes: #10609).
    - Have systemd hardening let Tor modify its configuration (needed by Tor
      Launcher), and start obfs4proy (Closes: #10696, #10724).
    - Bump extensions.adblockplus.currentVersion and
      extensions.enigmail.configuredVersion to match what we currently get
      on Jessie.
    - I2P: switch from 'service' to 'systemctl' where possible.

 -- Tails developers <tails@boum.org>  Mon, 25 Jan 2016 18:06:33 +0100

tails (1.8.2) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.0.7.
    - Upgrade Linux to 3.16.7-ckt20-1+deb8u2.
    - Upgrade foomatic-filters to 4.0.17-1+deb7u1.
    - Upgrade git to 1:1.7.10.4-1+wheezy2.
    - Upgrade Icedove to 38.5.0-1~deb7u1.
    - Upgrade libxml2-related packages to 2.8.0+dfsg1-7+wheezy5.
    - Upgrade OpenSSL-related packages to 1.0.1e-2+deb7u19.
    - Upgrade libsmbclient to 2:3.6.6-6+deb7u6.

 -- Tails developers <tails@boum.org>  Sat, 09 Jan 2016 16:27:27 +0100

tails (1.8.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.0.6.
    - Upgrade Linux to 3.16.7-ckt20-1+deb8u1
    - Upgrade gdkpixbuf to 2.26.1-1+deb7u3
    - Upgrade bind9 tools to 1:9.8.4.dfsg.P1-6+nmu2+deb7u8

  * Bugfixes
    - Fix time synchronization in bridge mode by refreshing our patch
      against Tor's AppArmor profile.

 -- Tails developers <tails@boum.org>  Fri, 18 Dec 2015 19:05:18 +0000

tails (1.8) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor to 0.2.7.6-1~d70.wheezy+1+tails1.
    - Upgrade Tor Browser to 5.0.5. (Closes: #10751)
    - Upgrade LibreOffice to 1:3.5.4+dfsg2-0+deb7u5.
    - Upgrade krb5-based packages to 1.10.1+dfsg-5+deb7u6.
    - Upgrade Linux to 3.16.7-ckt11-1+deb8u6.
    - Upgrade wpasupplicant to 1.0-3+deb7u3.
    - Upgrade libpng12-0 to 1.2.49-1+deb7u1.
    - Upgrade openjdk-7 to 7u91-2.6.3-1~deb7u1.
    - Upgrade libnspr4 to 2:4.9.2-1+deb7u3
    - Upgrade dpkg to 1.16.17.
    - Upgrade gnutls26 to 2.12.20-8+deb7u4.
    - Upgrade Icedove to 1:38.0.1-1~deb7u1.
    - Upgrade OpenSSL to 1.0.1e-2+deb7u18.

  * Bugfixes
    - Upgrade to Electrum 2.5.4-2~d70.wheezy+1+tails1. Now Electrum
      should work again. Note that the documentation has not been
      adapted to the slight changes in the Electrum account setup
      wizard yet.

  * Minor improvements
    - Upgrade I2P to 0.9.23-2~deb7u+1.
    - Rebase our patch against the Tor Browser AppArmor profile on top
      of the one shipped in torbrowser-launcher 0.2.1-2.
    - Warn if the claws-mail persistence is enabled and contains a
      Claws Mail configuration when starting icedove. (Closes: #10458)
    - Replace the Claws Mail GNOME launcher with Icedove. (Closes:
      #10739)
    - Remove the Claws Mail persistence feature from the Persistence
      Assistant. (Closes: #10742)

  * Build system
    - Simplify ISO image naming rules by using the base rule we use
      for Jenkins all the time, except when building from a tag
      (i.e. building a release).  (Closes: #10349)

  * Test suite
    - Lower the waiting time for USB installation in the test suite.
      So far we were waiting up to one hour, which is just the same as
      our Jenkins inactivity timeout, so in practice when Tails
      Installer fails and displays an error message, instead of
      reporting that the job failed (which is the point of the
      exercise) we abort the job due to this timeout which
      communicates less clearly that there's probably a bug. (Closes:
      #10718)
    - Remove the check for the sound icon in the systray in the
      Windows Camouflage tests. (Closes: #10493)
    - Retry running whois when "LIMIT EXCEEDED" is in its output for
      increased robustness. (Closes: #10523)
    - Make Seahorse tests more robust. (Closes: #9095, #10501)
    - Make the handling of Pidgin's account manager more robust.
      (Closes: #10506)

 -- Tails developers <tails@boum.org>  Mon, 14 Dec 2015 23:07:19 +0100

tails (1.7) unstable; urgency=medium

  * Major new features and changes
    - Upgrade Tor Browser to 5.0.4. (Closes: #10456)
    - Add a technology preview of the Icedove Email client (a
      rebranded version of Mozilla Thunderbird), including OpenPGP
      support via the Enigmail add-on, general security and anonymity
      improvements via the Torbirdy add-on, and complete persistence
      support (which will be enabled automatically if you already have
      Claws Mail persistence enabled). Icedove will replace Claws Mail
      as the supported email client in Tails in a future
      release. (Closes: #6151, #9498, #10285)
    - Upgrade Tor to 0.2.7.4-rc-1~d70.wheezy+1+tails1. Among the many
      improvement of this new Tor major release, the new
      KeepAliveIsolateSOCKSAuth option allows us to drop the
      bug15482.patch patch (taken from the Tor Browse bundle) that
      enabled similar (but inferior) functionality for *all*
      SocksPort:s -- now the same circuit is only kept alive for
      extended periods for the SocksPort used by the Tor
      Browser. (Closes: #10194, #10308)
    - Add an option to Tails Greeter which disables networking
      completely. This is useful when intending to use Tails for
      offline work only. (Closes: #6811)

  * Security fixes
    - Fix CVE-2015-7665, which could lead to a network interface's IP
      address being exposed through wget. (Closes: #10364)
    - Prevent a symlink attack on ~/.xsession-errors via
      tails-debugging-info which could be used by the amnesia user to
      read the contents of any file, no matter the
      permissions. (Closes: #10333)
    - Upgrade libfreetype6 to 2.4.9-1.1+deb7u2.
    - Upgrade gdk-pixbuf packages to 2.26.1-1+deb7u2.
    - Upgrade Linux to 3.16.7-ckt11-1+deb8u5.
    - Upgrade openjdk-7 packages to 7u85-2.6.1-6~deb7u1.
    - Upgrade unzip to 6.0-8+deb7u4.

  * Bugfixes
    - Add a temporary workaround for an issue in our code which checks
      whether i2p has bootstrapped, which (due to some recent change
      in either I2P or Java) could make it appear it had finished
      prematurely. (Closes: #10185)
    - Fix a logical bug in the persistence preset migration code while
      real-only persistence is enabled. (Closes: #10431)

  * Minor improvements
    - Rework the wordings of the various installation and upgrade
      options available in Tails installer in Wheezy. (Closes: #9672)
    - Restart Tor if bootstrapping stalls for too long when not using
      pluggable transports. (Closes: #9516)
    - Install firmware-amd-graphics, and firmware-misc-nonfree instead
      of firmware-ralink-nonfree, both from Debian Sid.
    - Update the Tails signing key. (Closes: #10012)
    - Update the Tails APT repo signing key. (Closes: #10419)
    - Install the nmh package. (Closes: #10457)
    - Explicitly run "sync" at the end of the Tails Upgrader's upgrade
      process, and pass the "sync" option when remounting the system
      partition as read-write. This might help with some issues we've
      seen, such as #10239, and possibly for #8449 as well.

  * Test suite
    - Add initial automated tests for Icedove. (Closes: #10332)
    - Add automated tests of the MAC spoofing feature. (Closes: #6302)
    - Drop the concept of "background snapshots" and introduce a general
      system for generating snapshots that can be shared between
      features. This removes all silly hacks we previously used to
      "skip" steps, and greatly improves performance and reliability
      of the whole test suite. (Closes: #6094, #8008)
    - Flush to the log file in debug_log() so the debugging info can
      be viewed in real time when monitoring the debug log
      file. (Closes: #10323)
    - Force UTF-8 locale in automated test suite. Ruby will default to
      the system locale, and if it is non-UTF-8, some String-methods
      will fail when operating on non-ASCII strings. (Closes: #10359)
    - Escape regexp used to match nick in CTCP replies. Our Pidgin
      nick's have a 10% chance to include a ^, which will break that
      regexp. We need to escape all characters in the nick. (Closes:
      #10219)
    - Extract TBB languages from the Tails source code. This will
      ensure that valid locales are tested. As an added bonus, the
      code is greatly simplified. (Closes: #9897)
    - Automatically test that tails-debugging-info is not susceptible
      to the type of symlink attacks fixed by #10333.
    - Save all test suite artifacts in a dedicated directory with more
      useful infromation encoded in the path. This makes it easier to
      see which artifacts belongs to which failed scenario and which
      run. (Closes: #10151)
    - Log all useful information via Cucumber's formatters instead of
      printing to stderr, which is not included when logging to file
      via `--out`. (Closes: #10342)
    - Continue running the automated test suite's vnc server even if
      the client disconnects. (Closes: #10345)
    - Add more automatic tests for I2P. (Closes: #6406)
    - Bump the Tor circuit retry count to 10. (Closes: #10375)
    - Clean up dependencies: (Closes: #10208)
      * libxslt1-dev
      * radvd
      * x11-apps

 -- Tails developers <tails@boum.org>  Tue, 03 Nov 2015 01:09:41 +0100

tails (1.6) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.0.3. (Closes: #10223)
    - Upgrade bind9-based packages to 1:9.8.4.dfsg.P1-6+nmu2+deb7u7.
    - Upgrade liblcms1 to 1.19.dfsg2-1.2+deb7u1.
    - Upgrade libldap-2.4-2 to 2.4.31-2+deb7u1.
    - Upgrade libslp1 to 1.2.1-9+deb7u1.
    - Upgrade ssl-cert to 1.0.32+deb7u1.

  * Bugfixes
    - Fix a corner case for the MAC spoofing panic mode. If panic mode
      failed to disable the specific device that couldn't be spoofed
      (by unloading the module) we disable networking. Previously we
      only stopped NetworkManager. The problem is that NM isn't even
      started at this time, but will specifically be started when
      we're done with MAC spoofing. Therefore, let's completely
      disable NetworkManager so it cannot possibly be
      started. (Closes: #10160)
    - Avoid use of uninitialized value in restricted-network-detector.
      If NetworkManager decides that a wireless connection has timed
      out before "supplicant connection state" has occued, our idea of
      the state is `undef`, so it cannot be used in a string
      comparison. Hence, let's initialize the state to the empty
      string instead of `undef`. Also fix the state
      recording. Apparently NetworkManager can say a few different
      things when it logs the device state transitions. (Closes:
      #7689)

  * Minor improvements
    - Remove workaround for localizing search engine plugins. The
      workaround has recently become unnecessary, possibly due to the
      changes made for the seach bar after the Tor Browser was rebased
      on Firefox 38esr. (Closes: #9146)
    - Refer to the I2P Browser in the I2P notifications. Instead of
      some obscure links that won't work in the Tor Browser, where
      users likely will try them, and which I believe will open them
      by default. (Closes: #10182)
    - Upgrade I2P to 0.9.22. Also set the I2P apparmor profile to
      enforce mode. (Closes: #9830)

  * Test suite
    - Test that udev-watchdog is monitoring the correct device when
      booted from USB. (Closes: #9890)
    - Remove unused 'gksu' step. This causes a false-positive to be
      found for #5330. (Closes: #9877)
    - Make --capture capture individual videos for failed scenarios
      only, and --capture-all to capture videos for all scenarios.
      (Closes: #10148)
    - Use the more efficient x264 encoding when capturing videos using
      the --capture* options. (Closes: #10001)
    - Make --old-iso default to --iso if omitted. Using the same ISO
      for the USB upgrade tests most often still does what we want,
      e.g. test that the current version of Tails being tested has a
      working Tails installer. Hence this seems like a reasonable
      default. (Closes: #10147)
    - Avoid nested FindFailed exceptions in waitAny()/findAny(), and
      throw a new dedicated FindAnyFailed exception if these fail
      instead. Rjb::throw doesn't block Ruby's execution until the
      Java exception has been received by Ruby, so strange things can
      happen and we must avoid it. (Closes: #9633)
    - Fix the Download Management page in our browsers. Without the
      browser.download.panel.shown pref set, the progress being made
      will not update until after the browser has been restarted.
      (Closes: #8159)
    - Add a 'pretty_debug' (with an alias: 'debug') Cucumber formatter
      that deals with debugging instead of printing it to STDERR via
      the `--debug` option (which now has been removed). This gives us
      the full flexibility of Cucumber's formatter system, e.g. one
      easy-to-read formatter can print to the terminal, while we get
      the full debug log printed to a file. (Closes: #9491)
    - Import logging module in otr-bot.py. Our otr-bot.py does not use
      logging but the jabberbot library makes logging calls, causing a
      one-off message “No handlers could be found for logger
      "jabberbot"” to be printed to the console. This commit
      effectively prevents logging/outputting anything to the terminal
      which is at a level lower than CRITICAL. (Closes: 9375)
    - Force new Tor circuit and reload web site on browser
      timeouts. (Closes: #10116)
    - Focus Pidgin's buddy list before trying to access the tools
      menu. (Closes: #10217)
    - Optimize IRC test using waitAny. If connecting to IRC fails,
      such as when OFTC is blocking Tor, waiting 60 seconds to connect
      while a a Reconnect button is visible is sub-optimal. It would
      be better to try forcing a new Tor circuit and clicking the
      reconnect button. (Closes: #9653)
    - Wait for (and focus if necessary) Pidgin's Certificate windows.
      (Closes: #10222)

 -- Tails developers <tails@boum.org>  Sun, 20 Sep 2015 17:47:26 +0000

tails (1.5.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 5.0.2. (Closes: #10112)
    - Upgrade gdk-pixbuf packages to 2.26.1-1+deb7u1.
    - Upgrade libnss3 to 2:3.14.5-1+deb7u5.

  * Bugfixes
    - Refresh Tor Browser AppArmor profile patch. The old one doesn't
      apply on top of testing's torbrowser-launcher anymore.

  * Build system
    - Make sure Jenkins creates new jobs to build the testing branch
      after freezes. (Closes: #9925)

 -- Tails developers <tails@boum.org>  Fri, 28 Aug 2015 01:52:14 +0200

tails (1.5) unstable; urgency=medium

  * Major new features and changes
    - Move LAN web browsing from Tor Browser to the Unsafe Browser,
      and forbid access to the LAN from the former. (Closes: #7976)
    - Install a 32-bit GRUB EFI boot loader. This at least works
      on some Intel Baytrail systems. (Closes: #8471)

  * Security fixes
    - Upgrade Tor Browser to 5.0, and integrate it:
      · Disable Tiles in all browsers' new tab page.
      · Don't use geo-specific search engine prefs in our browsers.
      · Hide Tools -> Set Up Sync, Tools -> Apps (that links to the Firefox
        Marketplace), and the "Share this page" button in the Tool bar.
      · Generate localized Wikipedia search engine plugin icons so the
        English and localized versions can be distinguished in the new
        search bar. (Closes: #9955)
    - Fix panic mode on MAC spoofing failure. (Closes: #9531)
    - Deny Tor Browser access to global tmp directories with AppArmor,
      and give it its own $TMPDIR. (Closes: #9558)
    - Tails Installer: don't use a predictable file name for the subprocess
      error log. (Closes: #9349)
    - Pidgin AppArmor profile: disable the launchpad-integration abstraction,
      which is too wide-open.
    - Use aliases so that our AppArmor policy applies to
      /lib/live/mount/overlay/ and /lib/live/mount/rootfs/*.squashfs/ as well as
      it applies to /. And accordingly:
      · Upgrade AppArmor packages to 2.9.0-3~bpo70+1.
      · Install rsyslog from wheezy-backports, since the version from Wheezy
        conflicts with AppArmor 2.9.
      · Stop installing systemd for now: the migration work is being done in
        the feature/jessie branch, and it conflicts with rsyslog from
        wheezy-backports.
      · Drop apparmor-adjust-user-tmp-abstraction.diff: obsoleted.
      · apparmor-adjust-tor-profile.diff: simplify and de-duplicate rules.
      · Take into account aufs whiteouts in the system_tor profile.
      · Adjust the Vidalia profile to take into account Live-specific paths.
    - Upgrade Linux to 3.16.7-ckt11-1+deb8u3.
    - Upgrade bind9-host, dnsutils and friends to 1:9.8.4.dfsg.P1-6+nmu2+deb7u6.
    - Upgrade cups-filters to 1.0.18-2.1+deb7u2.
    - Upgrade ghostscript to 9.05~dfsg-6.3+deb7u2.
    - Upgrade libexpat1 to 2.1.0-1+deb7u2.
    - Upgrade libicu48 to 4.8.1.1-12+deb7u3.
    - Upgrade libwmf0.2-7 to 0.2.8.4-10.3+deb7u1.
    - Upgrade openjdk-7 to 7u79-2.5.6-1~deb7u1.

  * Bugfixes
    - Upgrade Tor to 0.2.6.10-1~d70.wheezy+1+tails1.

  * Minor improvements
    - Tails Installer: let the user know when it has rejected a candidate
      destination device because it is too small. (Closes: #9130)
    - Tails Installer: prevent users from trying to "upgrade" a device
      that contains no Tails, or that was not installed with Tails Installer.
      (Closes: #5623)
    - Install libotr5 and pidgin-otr 4.x from wheezy-backports. This adds
      support for the OTRv3 protocol and for multiple concurrent connections
      to the same account. (Closes: #9513)
    - Skip warning dialog when starting Tor Browser while being offline,
      in case it is already running. Thanks to Austin English for the patch!
      (Closes: #7525)
    - Install the apparmor-profiles package (Closes: #9539), but don't ship
      a bunch of AppArmor profiles we don't use, to avoid increasing
      boot time. (Closes: #9757)
    - Ship a /etc/apparmor.d/tunables/home.d/tails snippet, instead
      of patching /etc/apparmor.d/tunables/home.
    - live-boot: don't mount tmpfs twice on /live/overlay, so that the one which
      is actually used as the read-write branch of the root filesystem's union
      mount, is visible. As a consequence:
      · One can now inspect how much space is used, at a given time, in the
        read-write branch of the root filesystem's union mount.
      · We can make sure our AppArmor policy works fine when that filesystem
        is visible, which is safer in case e.g. live-boot's behavior changes
        under our feet in the future... or in case these "hidden" files are
        actually accessible somehow already.

  * Build system
    - Add our jenkins-tools repository as a Git submodule, and replace
      check_po.sh with a symlink pointing to the same script in that submodule.
      Adjust the automated test suite accordingly. (Closes: #9567)
    - Bump amount of RAM needed for Vagrant RAM builds to 7.5 GiB. In
      particular the inclusion of the Tor Browser 5.0 series has recently
      increased the amount of space needed to build Tails. (Closes: #9901)

  * Test suite
    - Test that the Tor Browser cannot access LAN resources.
    - Test that the Unsafe Browser can access the LAN.
    - Installer: test new behavior when trying to upgrade an empty device, and
      when attempting to upgrade a non-Tails FAT partition on GPT; also, take
      into account that all unsupported upgrade scenarios now trigger
      the same behavior.
    - Request a new Tor circuit and re-run the Seahorse and GnuPG CLI tests
      on failure. (Closes: #9518, #9709)
    - run_test_suite: remove control chars from log file even when cucumber
      exits with non-zero. (Closes: #9376)
    - Add compatibility with cucumber 2.0 and Debian Stretch. (Closes: #9667)
    - Use custom exception when 'execute_successfully' fails.
    - Retry looking up whois info on transient failure. (Closes: #9668)
    - Retry wget on transient failure. (Closes: #9715)
    - Test that Tor Browser cannot access files in /tmp.
    - Allow running the test suite without ntp installed. There are other means
      to have an accurate host system clock, e.g. systemd-timesyncd and tlsdate.
      (Closes: #9651)
    - Bump timeout in the Totem feature.
    - Grep memory dump using the --text option. This is necessary with recent
      versions of grep, such as the one in current Debian sid, otherwise it
      will count only one occurrence of the pattern we're looking for.
      (Closes: #9759)
    - Include execute_successfully's error in the exception, instead
      of writing it to stdout via puts. (Closes: #9795)
    - Test that udev-watchdog is actually monitoring the correct device.
      (Closes: #5560)
    - IUK: workaround weird Archive::Tar behaviour on current sid.
    - Test the SocksPort:s given in torrc in the Unsafe Browser.
      This way we don't get any sneaky errors in case we change them and
      forget to update this test.
    - Directly verify AppArmor blocking of the Tor Browser by looking in
      the audit log: Firefox 38 does no longer provide any graphical feedback
      when the kernel blocks its access to files the user wants to access.
    - Update browser-related automated test suite images, and workaround
      weirdness introduced by the new Tor Browser fonts.
    - Test that Pidgin, Tor Browser, Totem and Evince cannot access ~/.gnupg
      via alternate, live-boot generated paths.
    - Adjust tests to cope with our new AppArmor aliases.
    - Bump memory allocated to the system under test to 2 GB. (Closes: #9883)

 -- Tails developers <tails@boum.org>  Mon, 10 Aug 2015 19:12:58 +0200

tails (1.4.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 4.5.3, based on Firefox 31.8.0 ESR. (Closes: #9649)
    - Upgrade Tor to 0.2.6.9-1~d70.wheezy+1+tails2, which includes a circuit
      isolation bugfix. (Closes: #9560)
    - AppArmor: deny Tor Browser access to the list of recently used files.
      (Closes: #9126)
    - Upgrade OpenSSL to 1.0.1e-2+deb7u17.
    - Upgrade Linux to 3.16.7-ckt11-1.
    - Upgrade CUPS to 1.5.3-5+deb7u6.
    - Upgrade FUSE to 2.9.0-2+deb7u2.
    - Upgrade libsqlite3-0 to 3.7.13-1+deb7u2.
    - Upgrade ntfs-3g and ntfsprogs to 1:2012.1.15AR.5-2.1+deb7u2.
    - Upgrade p7zip-full to 9.20.1~dfsg.1-4+deb7u1.

  * Bugfixes
    - Fix automatic upgrades in Windows Camouflage mode. (Closes: #9413)
    - Don't ship the snakeoil SSL key pair generated by ssl-cert in the ISO.
      (Closes: #9416)
    - Partially fix the truncated notifications issue. (#7249)

  * Minor improvements
    - Disable the hwclock.sh initscript at reboot/shutdown time.
      This is an additional safety measure to ensure that the hardware clock
      is not modified. (Closes: #9364)
    - Stop shipping /var/cache/man/*, to make ISOs and IUKs smaller.
      (Closes: #9417)
    - Update torbrowser-AppArmor-profile.patch to apply cleanly on top of the
      profile shipped with torbrowser-launcher 0.2.0-1.
    - Add the jessie/updates APT repo and set appropriate pinning.
    - Upgrade Electrum to 1.9.8-4~bpo70+1.
    - Upgrade kernel firmware packages to 0.44.

  * Build system
    - Install the Linux kernel from Debian Jessie. (Closes: #9341)
    - Remove files that are not under version control when building in Jenkins.
      (Closes: #9406)
    - Don't modify files in the source tree before having possibly merged
      the base branch into it. (Closes: #9406)
    - Make it so eatmydata is actually used during a greater part of the build
      process. This includes using eatmydata from wheezy-backports.
      (Closes: #9419, #9523)
    - release script: adjust to support current Debian sid.

  * Test suite
    - Test the system clock sanity check we do at boot. (Closes: #9377)
    - Remove the impossible "Clock way in the past" scenarios.
      Thanks to config/chroot_local-includes/lib/live/config/0001-sane-clock,
      these scenarios cannot happen, and since we test that it works they
      can be safely removed.
    - Test that the hardware clock is not modified at shutdown. (Closes: #9557)
    - Pidgin: retry looking for the roadmap URL in the topic.
    - Avoid showing Pidgin's tooltips during test, potentially confusing Sikuli.
      (Closes: #9317)
    - Test all OpenPGP keys shipped with Tails. (Closes: #9402)
    - Check that notification-daemon is running when looking for notifications
      fails. (Closes: #9332)
    - Allow using the cucumber formatters however we want. (Closes: #9424)
    - Enable Spice in the guest, and blacklist the psmouse kernel module,
      to help with lost mouse events. (Closes: #9425)
    - Automate testing Torbutton's 'New Identity' feature. (Closes: #9286)
    - Test that Seahorse is configured to use the correct keyserver.
      (Closes: #9339)
    - Always export TMPDIR back to the test suite's shell environment.
      (Closes: #9479)
    - Make OpenPGP tests more reliable:
      · Retry accessing the OpenPGP applet menus on failure. (Closes: #9355)
      · Retry accessing menus in Seahorse on failure. (Closes: #9344)
    - Focus the Pidgin conversation window before any attempt to interact
      with it. (Closes: #9317)
    - Use convertkey from the (backported to Jessie) Debian package,
      instead of our own copy of that script. (Closes: #9066)
    - Make the memory erasure tests more robust (Closes: #9329):
      · Bump /proc/sys/vm/min_free_kbytes when running fillram.
      · Actually set oom_adj for the remote shell when running fillram.
      · Try to be more sure that we OOM kill fillram.
      · Run fillram as non-root.
    - Only try to build the storage pool if TailsToasterStorage isn't found.
      (Closes: #9568)

 -- Tails developers <tails@boum.org>  Sun, 28 Jun 2015 19:46:25 +0200

tails (1.4) unstable; urgency=medium

  * Major new features
    - Upgrade Tor Browser to 4.5.1, based on Firefox 31.7.0 ESR, which
      introduces many major new features for usability, security and
      privacy. Unfortunately its per-tab circuit view did not make it
      into Tails yet since it requires exposing more Tor state to the
      user running the Tor Browser than we are currently comfortable
      with. (Closes: #9031, #9369)
    - Upgrade Tor to 0.2.6.7-1~d70.wheezy+1+tails2. Like in the Tor
      bundled with the Tor Browser, we patch it so that circuits used
      for SOCKSAuth streams have their lifetime increased indefinitely
      while in active use. This currently only affects the Tor Browser
      in Tails, and should improve the experience on certain web sites
      that otherwise would switch language or log you out every ten
      minutes or so when Tor switches circuit. (Closes: #7934)

  * Security fixes
    - tor-browser wrapper script: avoid offering avenues to arbitrary
      code execution to e.g. an exploited Pidgin. AppArmor Ux rules
      don't sanitize $PATH, which can lead to an exploited application
      (that's allowed to run this script unconfined, e.g. Pidgin)
      having this script run arbitrary code, violating that
      application's confinement. Let's prevent that by setting PATH to
      a list of directories where only root can write. (Closes: #9370)
    - Upgrade Linux to 3.16.7-ckt9-3.
    - Upgrade curl to 7.26.0-1+wheezy13.
    - Upgrade dpkg to 1.16.16.
    - Upgrade gstreamer0.10-plugins-bad to 0.10.23-7.1+deb7u2.
    - Upgrade libgd2-xpm to 2.0.36~rc1~dfsg-6.1+deb7u1.
    - Upgrade openldap to 2.4.31-2.
    - Upgrade LibreOffice to 1:3.5.4+dfsg2-0+deb7u4.
    - Upgrade libruby1.9.1 to 1.9.3.194-8.1+deb7u5.
    - Upgrade libtasn1-3 to 2.13-2+deb7u2.
    - Upgrade libx11 to 2:1.5.0-1+deb7u2.
    - Upgrade libxml-libxml-perl to 2.0001+dfsg-1+deb7u1.
    - Upgrade libxml2 to 2.8.0+dfsg1-7+wheezy4.
    - Upgrade OpenJDK to 7u79-2.5.5-1~deb7u1.
    - Upgrade ppp to 2.4.5-5.1+deb7u2.

  * Bugfixes
    - Disable security warnings when connecting to POP3 and IMAP ports.
      (Closes: #9327)
    - Make the Windows 8 browser theme compatible with the Unsafe and I2P
      browsers. (Closes: #9138)
    - Hide Torbutton's "Tor Network Settings..." context menu entry.
      (Closes: #7647)
    - Upgrade the syslinux packages to support booting Tails on
      Chromebook C720-2800. (Closes: #9044)
    - Enable localization in Tails Upgrader. (Closes: #9190)
    - Make sure the system clock isn't before the build date during
      early boot. Our live-config hook that imports our signing keys
      depend on that the system clock isn't before the date when the
      keys where created. (Closes: #9149)
    - Set GNOME's OpenPGP keys via desktop.gnome.crypto.pgp to prevent
      us from getting GNOME's default keyserver in addition to our
      own. (Closes: #9233)
    - Prevent Firefox from crashing when Orca is enabled: grant
      it access to assistive technologies in its Apparmor
      profile. (Closes: #9261)
    - Add Jessie APT source. (Closes: #9278)
    - Fix set_simple_config_key(). If the key already existed in the
      config file before the call, all other lines would be removed
      due to the sed option -n and p combo. (Closes: #9122)
    - Remove illegal instance of local outside of function definition.
      Together with `set -e` that error has prevented this script from
      restarting Vidalia, like it should. (Closes: #9328)

  * Minor improvements
    - Upgrade I2P to 0.9.19-3~deb7u+1.
    - Install Tor Browser's bundled Torbutton instead of custom .deb.
      As of Torbutton 1.9.1.0 everything we need has been upstreamed.
    - Install Tor Browser's bundled Tor Launcher instead of our
      in-tree version. With Tor 0.2.6.x our custom patches for the
      ClientTransportPlugin hacks are not needed any more. (Closes:
      #7283)
    - Don't install msmtp and mutt. (Closes: #8727)
    - Install fonts-linuxlibertine for improved Vietnamese support in
      LibreOffice. (Closes: #8996)
    - Remove obsoletete #i2p-help IRC channel from the Pidgin
      configuration (Closes: #9137)
    - Add Gedit shortcut to gpgApplet's context menu. Thanks to Ivan
      Bliminse for the patch. (Closes: #9069).
    - Install printer-driver-gutenprint to support more printer
      models. (Closes: #8994).
    - Install paperkey for off-line OpenPGP key backup. (Closes: #8957)
    - Hide the Tor logo in Tor Launcher. (Closes: #8696)
    - Remove useless log() instance in tails-unblock-network. (Closes:
      #9034)
    - Install cdrdao: this enables Brasero to burn combined data/audio
      CDs and to do byte-to-byte disc copy.
    - Hide access to the Add-ons manager in the Unsafe Browser. It's
      currently broken (#9307) but we any way do not want users to
      install add-ons in the Unsafe Browser. (Closes: #9305)
    - Disable warnings on StartTLS for POP3 and IMAP (Will-fix: #9327)
      The default value of this option activates warnings on ports
      23,109,110,143. This commit disables the warnings for POP3 and
      IMAP as these could be equally used in encrypted StartTLS
      connections. (Closes: #9327)
    - Completely rework how we localize our browser by generating our
      branding add-on, and search plugins programatically. This
      improves the localization for the ar, es, fa, ko, nl, pl, ru,
      tr, vi and zh_CN locales by localizing the Startpage and
      Disconnect.me search plugins. Following Tor Browser 4.5's recent
      switch, we now use Disconnect.me as the default search
      engine. (Closes: #9309)
    * Actively set Google as the Unsafe Browser's default search
      engine.

  * Build system
    - Encode in Git which APT suites to include when building Tails.
      (Closes: #8654)
    - Clean up the list of packages we install. (Closes: #6073)
    - Run auto/{build,clean,config} under `set -x' for improved
      debugging.
    - Zero-pad our ISO images so their size is divisible by 2048.
      The data part of an ISO image's sectors is 2048 bytes, which
      implies that ISO images should always have a size divisible
      by 2048. Some applications, e.g. VirtualBox, use this as a sanity
      check, treating ISO images for which this isn't true as garbage.
      Our isohybrid post-processing does not ensure this,
      however. Also Output ISO size before/after isohybrid'ing and
      truncate'ing it. This will help detect if/when truncate is
      needed at all, so that we can report back to syslinux
      maintainers more useful information. (Closes: #8891)
    - Vagrant: raise apt-cacher-ng's ExTreshold preference to 50. The
      goal here is to avoid Tor Browser tarballs being deleted by
      apt-cacher-ng's daily expiration cronjob: they're not listed in
      any APT repo's index file, so acng will be quite eager to clean
      them up.

  * Test suite
    - Bring dependency checks up-to-date (Closes: #8988).
    - Adapt test suite to be run on Debian Jessie, which includes
      removing various Wheezy-specific workarounds, adding a few
      specific to Jessie, migrating from ffmpeg to libav, and
      more. (Closes: #8165)
    - Test that MAT can see that a PDF is dirty (Closes: #9136).
    - Allow throwing Timeout::Error in try_for() blocks, as well as
      nested try_for() (Closes: #9189, #9290).
    - Read test suite configuration files from the features/config/local.d
      directory. (Closes: #9220)
    - Kill virt-viewer with SIGTERM, not SIGINT, to prevent hordes of
      zombie processes from appearing. (Closes: #9139)
    - Kill Xvfb with SIGTERM, not SIGKILL, on test suite exit to allow
      it to properly clean up. (Closes: #8707)
    - Split SSH & SFTP configs in the test suite. (Closes: #9257)
    - Improve how we start subprocesses in the test suite, mostly by
      bypassing the shell for greater security and robustness (Closes:
      #9253)
    - Add Electrum test feature. (Closes #8963)
    - Test that Tails Installer detects when USB devices are
      removed. (Closes: #9131)
    - Test Tails Installer with devices which are too small. (Closes:
      #9129)
    - Test that the Report an Error launcher works in German. (Closes:
      #9143)
    - Verify that no extensions are installed in the Unsafe Browser
      using about:support instead of about:addons, which is broken
      (#9307). (Closes: #9306)
    - Retry GNOME application menu actions when they glitch. The
      GNOME application menus seem to have issues with clicks or
      hovering actions not registering, and hence sometimes submenus
      are not opened when they should, and sometimes clicks on the
      final application shortcut are lost. There seems to be a
      correlation between this and CPU load on the host running the
      test suite. We workaround this by simply re-trying the last
      action when it seems to fail. (Closes: #8928)
    - Work around Seahorse GUI glitchiness (Closes: #9343):
      * When Seahorse appears to be frozen--apparently due to network
        issues--it can often be worked around by refreshing the screen
        or activating a new window.
      * Open Seahorse's preferences dialog using the mouse.
      * Access menu entries with the mouse.
    - Wait for systray icons to finish loading before interacting with
      the systray. (Closes: #9258)
    - Test suite configuration: generalize local.d support to *.d. We
      now load features/config/*.d/*.yml.
    - Use code blocks in "After Scenario" hooks. This is much simpler
      to use (and more readable!) compared to hooking functions and
      arguments like we used to do.
    - Create filesystem share sources in the temporary directory and
      make them world-readable. (Closes: #8950)

 -- Tails developers <tails@boum.org>  Mon, 11 May 2015 16:45:04 +0200

tails (1.3.2) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 4.0.6, based on Firefox 31.6.0 ESR.
    - Upgrade OpenSSL to 1.0.1e-2+deb7u16.

  * Bugfixes
    - Make Florence usable with touchpads by forcing syndaemon to
      always use the `-t` option, which only disables tapping and
      scrolling and not mouse movements (Closes: #9011).
    - Make tails-spoof-mac log the correct macchanger exit code on
      failure (Closes: #8687).
    - Tails Installer:
      · Ignore devices with less than 3.5 GB of storage since they
        do not fit a Tails installation (Closes: #6538).
      · Remove devices from the device list as they are unplugged
        (Closes: #8691).

  * Minor improvements
    - Install obfs4proxy 0.0.4-1~tpo1, which adds support for
      client-mode ScrambleSuit.
    - Don't start Vidalia if Windows Camouflage is enabled. (Closes:
      #7400)
    - I2P Browser:
      · Remove "Add-ons" from the Tools menu, and hide "Keyboard
        Shortcuts" and "Take a Tour" since they point to resources on
        the open Internet (Closes: #7970).
      · Hide TorButton button from the customize toolbar options, and
        remove configs whose only purpose was to make Torbutton "green"
        (Closes: #8893).

  * Test suite
    - New tests:
      · Test non-LAN SSH, and SFTP via GNOME's "Connect to Server"
        (Closes: #6308).
      · Verify that Tails' Tor binary has the expected Tor authorities
        hard coded (Closes: #8960).
    - Improvements:
      · Programmatically determine the supported languages when testing
        the Unsafe Browser (Closes: #8918).
      · Rename --temp-dir to --tmpdir and make it behave more like
        mktemp, and honour TMPDIR if set in the environment. (Closes:
        #8709).
    - Bugfixes:
      · Make --temp-dir (now --tmpdir) actually work.

 -- Tails developers <tails@boum.org>  Mon, 30 Mar 2015 16:54:20 +0200

tails (1.3.1) unstable; urgency=medium

  * Security fixes
    - Upgrade Tor Browser to 4.0.5, based on Firefox 31.5.3 ESR. This addresses:
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
    - Upgrade Linux to 3.16.7-ckt7-1.
    - Upgrade libxfont to 1:1.4.5-5.
    - Upgrade OpenSSL to 1.0.1e-2+deb7u15.
    - Upgrade tcpdump to 4.3.0-1+deb7u2.
    - Upgrade bsdtar to 3.0.4-3+wheezy1.
    - Upgrade CUPS to 1.5.3-5+deb7u5.
    - Upgrade file and libmagic to 5.11-2+deb7u8.
    - Upgrade GnuPG to 1.4.12-7+deb7u7.
    - Upgrade libarchive to 3.0.4-3+wheezy1.
    - Upgrade libav to 6:0.8.17-1.
    - Upgrade FreeType 2 to 2.4.9-1.1+deb7u1.
    - Upgrade libgcrypt11 1.5.0-5+deb7u3.
    - Upgrade libgnutls26 to 2.12.20-8+deb7u3.
    - Upgrade libgtk2-perl to 2:1.244-1+deb7u1.
    - Upgrade ICU to 4.8.1.1-12+deb7u2.
    - Upgrade NSS to 2:3.14.5-1+deb7u4.
    - Upgrade libssh2 to 1.4.2-1.1+deb7u1.

  * Bugfixes
    - Upgrade Tor to 0.2.5.11-1~d70.wheezy+1+tails1. Changes include:
      · Directory authority changes.
      · Fix assertion errors that may trigger under high DNS load.
      · No longer break on HUP with seccomp2 enabled.
      · and more - please consult the upstream changelog.
    - Upgrade Tor Launcher to 0.2.7.2, and update the test suite accordingly
      (Closes: #8964, #6985). Changes include:
      · Ask about bridges before proxy in wizard.
      · Hide logo if TOR_HIDE_BROWSER_LOGO set.
      · Remove firewall prompt from wizard.
      · Feedback when “Copy Tor Log” is clicked.
      · Improve behavior if tor exits.
      · Add option to hide TBB's logo
      · Change "Tor Browser Bundle" to "Tor Browser"
      · Update translations from Transifex.
    - Fix the Tor Launcher killer. (Closes: #9067)
    - Allow Seahorse to communicate with keyservers when run from Tails
      OpenPGP Applet. (Closes: #6394)
    - SSH client: don't proxy connections to 172.17.* to 172.31.*.
      (Closes: #6558)
    - Repair config/chroot_local-packages feature, that was broken in Tails 1.3
      by 19-install-tor-browser-AppArmor-profile. (Closes: #8910)
    - language_statistics.sh: count original words instead of translated words.
      Otherwise we get >100% translation if translated strings are longer than
      original strings. (Closes: #9016)

  * Minor improvements
    - Only ship the new Tails signing key, and have Tails Upgrader stop trusting
      the old one. Update the documentation and test suite accordingly.
      (Closes: #8735, #8736, #8882, #8769, #8951)
    - Polish and harden a bit the WhisperBack configuration (Closes: #8991):
      · Only allow the `amnesia' user to run tails-debugging info as root
        with no arguments.
      · Fix spelling and grammar mistakes, improve phrasing a bit.
      · Quote variables consistently.

  * Test suite
    - New tests:
      · Chatting over XMPP in Pidgin, both peer-to-peer and in a multi-user
        chatroom. (Closes: #8002)
      · Chatting with OTR enabled over XMPP in Pidgin. (Closes: #8001)
      · Check that Pidgin only responds to the expected CTCP requests.
        (Closes: #8966)
      · Fetching keys using Seahorse started via the OpenPGP Applet.
      · Sync'ing keys using Seahorse.
    - Bugfixes:
      · Fix a race condition between the remote shell's and Tails Greeter's
        startup, by making sure the remote shell is ready before we start
        GDM. (Closes: #8941)
      · Kill virt-viewer properly. (Closes: #9070)
      · Make sure the display is stopped on destroy_and_undefine().
        Where we had it earlier, it could be skipped if anything else in the
        block threw an exception.
      · Fix wrong use of "$@". (Closes: #9071)
      · Enable the pipefail option in run_test_suite.
      · Improve the GNOME screenshot test's robustness. (Closes: #8952)
    - Refactoring:
      · turn the focus_pidgin_window() helper into a more generic
        VM.focus_xorg_window() one.
      · Reorganize the Display class.
      · Use clearer method to check process status in the Display class.
    - New developer-oriented features:
      · Add a --log-to-file option to run_test_suite. (Closes: #8894)
      · Add helpers for generating random strings.
      · Make it possible to hook arbitrary calls on scenario end. This is useful
        for dynamically adding cleanup functions, instead of having
        to explicitly deal with them in some After hook.

 -- Tails developers <tails@boum.org>  Mon, 23 Mar 2015 12:34:56 +0000

tails (1.3) unstable; urgency=medium

  * Major new features
    - Produce the Tails image in hybrid mode (again) so that the same
      image can be installed both on DVD *and* "hard disks" like USB
      storage and similar. (Closes: #8510)
    - Confine the Tor Browser using AppArmor. (Closes: #5525)
    - Install the Electrum bitcoin client from wheezy-backports, and
      add a persistence preset for the Live user's bitcoin wallet. If
      electrum is started without the persistence preset enabled, a
      warning is shown. (Closes: #6739)

  * Security fixes
    - Upgrade Tor Browser to 4.0.4 (based on Firefox 31.5.0esr)
      (Closes: #8938).

  * Bugfixes
    - Have tor_bootstrap_progress echo 0 if no matching log line is
      found. (Closes: #8257)
    - Always pass arguments through wrappers (connect-socks, totem,
      wget, whois) with "$@". $* doesn't handle arguments with
      e.g. embedded spaces correctly. (Closes: #8603, #8830)
    - Upgrade Linux to 3.16.7-ckt4-3.

  * Minor improvements
    - Install a custom-built Tor package with Seccomp enabled;
      enable the Seccomp sandbox when no pluggable transport is used.
      (Closes: #8174)
    - Install obfs4proxy instead of obfsproxy, which adds support for
      the obfs4 Tor pluggable transport. (Closes: #7980)
    - Install GnuPG v2 and associated tools from wheezy-backports,
      primarily for its improved support for OpenPGP smartcards. It
      lives side-by-side with GnuPG v1, which still is the
      default. (Closes: #6241)
    - Install ibus-unikey, a Vietnamese input method for IBus. (Closes:
      #7999)
    - Install torsocks (2.x) from wheezy-backports. (Closes: #8220)
    - Install keyringer from Debian Jessie. (Closes: #7752)
    - Install pulseaudio-utils.
    - Remove all traces of Polipo: we don't use it anymore. This
      closes #5379 and #6115 because:
      * Have APT directly use the Tor SOCKS proxy. (Closes: #8194)
      * Wrap wget with torsocks. (Closes: #6623)
      * Wrap Totem to torify it with torsocks. (Closes: #8219)
      * Torify Git with tsocks, instead of setting GIT_PROXY_COMMAND.
        (Closes: #8680)
    - Use torsocks for whois and Gobby, instead of torify.
    - Upgrade I2P to 0.9.18-1~deb7u+1.
    - Refactor the Unsafe and I2P browser code into a common shell
      library. A lot of duplicated code is now shared, and the code
      has been cleaned up and made more reliable. Several
      optimizations of memory usage and startup time were also
      implemented. (Closes: #7951)
    - Invert Exit and About in gpgApplet context menu. This is a
      short-term workaround for making it harder to exit the
      application by mistake (e.g. a double right-click). (Closes:
      #7450)
    - Implement new touchpad settings. This enables tap-to-click,
      2-fingers scrolling, and disable while typing. We don't enable
      reverse scrolling nor horizontal scrolling. (Closes: #7779)
    - Include the mount(8) output and live-additional-software.conf in
      WhisperBack bug reports (Closes: #8719, #8491).
    - Reduce brightness and saturation of background color. (Closes:
      #7963)
    - Have ALSA output sound via PulseAudio by default. This gives us
      centralized sound volume controls, and... allows to easily, and
      automatically, test that audio output works from Tor Browser,
      thanks to the PulseAudio integration into the GNOME sound
      control center.
    - Import the new Tails signing key, which we will use for Tails
      1.3.1, and have Tails Upgrader trust both it and the "old"
      (current) Tails signing key. (Closes: #8732)
    - tails-security-check: error out when passed an invalid CA file.
      Unfortunately, the underlying HTTPS stack we use here fails open
      in those case, so we have to check it ourselves. Currently, we
      check that the file exists, is readable, is a plain file and is
      not empty. Also support specifying the CA file via an
      environment variable. This will ease development and bug-fixing
      quite a bit.
    - Fix racy code in Tails Installer that sometimes made the
      automated test suite stall for scenarios installing Tails
      to USB disks. (Closes: #6092)
    - Make it possible to use Tails Upgrader to upgrade a Tails
      installation that has cruft files on the system partition.
      (Closes: #7678)

  * Build system
    - Install syslinux-utils from our builder-wheezy APT repository in
      Vagrant. We need version 6.03~pre20 to make the Tails ISO image
      in hybrid mode
    - Update deb.tails.boum.org apt repo signing key. (Closes: #8747)
    - Revert "Workaround build failure in lb_source, after creating
      the ISO." This is not needed anymore given the move to the Tor
      SOCKS proxy. (Closes: #5307)
    - Remove the bootstrap stage usage option and disable all
      live-build caching in Vagrant. It introduces complexity and
      potential for strange build inconsistencies for a meager
      reduction in build time. (Closes: #8725)
    - Hardcode the mirrors used at build and boot time in auto/config.
      Our stuff will be more consistent, easier to reproduce, and our
      QA process will be more reliable if we all use the same mirrors
      at build time as the ones we configure in the ISO. E.g. we won't
      have issues such as #8715 again. (Closes: #8726)
    - Don't attempt to retrieve source packages from local-packages so
      local packages can be installed via
      config/chroot_local-packages. (Closes: #8756)
    - Use our own Tor Browser archive when building an ISO. (Closes:
      #8125)

  * Test suite
    - Use libguestfs instead of parted when creating partitions and
      filsystems, and to check that only the expected files
      persist. We also switch to qcow2 as the default disk image
      format everywhere to reduce disk usage, enable us to use
      snapshots that includes the disks (in the future), and to use
      the same steps for creating disks in all tests. (Closes: #8673)
    - Automatically test that Tails ignores persistence volumes stored
      on non-removable media, and doesn't enable swaps. (Closes:
      #7822)
    - Actually make sure that Tails can boot from live systems stored
      on a hard drive. Running the 'I start Tails from DVD ...' step
      will override the earlier 'the computer is set to boot from ide
      drive "live_hd"' step, so let's make the "from DVD" part
      optional; it will be the default any way.
    - Make it possible to use an old iso with different persistence
      presets. (Closes: #8091)
    - Hide the cursor between steps when navigating the GNOME
      applications menu. This makes it a bit more robust, again:
      sometimes the cursor is partially hiding the menu entry we're
      looking for, hence preventing Sikuli from finding it (in
      particular when it's "Accessories", since we've just clicked on
      "Applications" which is nearby). (Closes: #8875)
    - Ensure that the test will fail if "apt-get X" commands fail.
    - Test 'Tor is ready' notification in a separate scenario. (Closes:
      #8714)
    - Add automated tests for torified wget and whois. This should
      help us identify future regressions such as #8603 in their
      torifying wrappers.
    - Add automated test for opening an URL from Pidgin.
    - And add automated tests for the Tor Browser's AppArmor
      sandboxing.
    - Test that "Report an Error Launcher" opens the support
      documentation.
    - Test that the Unsafe Browser:
      * starts in various locales.
      * complains when DNS isn't configured.
      * tears down its chroot on shutdown.
      * runs as the correct user.
      * has no plugins or add-ons installed.
      * has no unexpected bookmarks.
      * has no proxy configured.
    - Bump the "I2P router console is ready" timeout in its test to
      deal with slow Internet connections.
    - Make the automatic tests of gpgApplet more robust by relying
      more on graphical elements instead of keyboard shortcuts and
      static sleep():s. (Closes: #5632)
    - Make sure that enough disk space is available when creating
      virtual storage media. (Closes: #8907)
    - Test that the Unsafe Browser doesn't generate any non-user
      initiated traffic, and in particular that it doesn't check for
      upgrades, which is a regression test for #8694. (Closes: #8702)
    - Various robustness improvements to the Synaptic tests. (Closes:
      #8742)
    - Automatically test Git. (Closes: #6307)
    - Automatically test GNOME Screenshot, which is a regression test
      for #8087. (Closes: #8688)
    - Fix a quoting issue with `tails_persistence_enabled?`. (Closes:
      #8919)
    - Introduce an improved configuration system that also can store
      local secrets, like user credentials needed for some
      tests. (Closes: #6301, #8188)
    - Actually verify that we successfully set the time in our time
      syncing tests. (Closes: #5836)
    - Automatically test Tor. This includes normal functionality and
      the use pluggable transports, that our Tor enforcement is
      effective (e.g. only the Tor network or configured bridges are
      contacted) and that our stream isolation configuration is
      working. (Closes: #5644, #6305, #7821)

 -- Tails developers <tails@boum.org>  Mon, 23 Feb 2015 17:14:00 +0100

tails (1.2.3) unstable; urgency=medium

  * Security fixes
    - Upgrade Linux to 3.16.7-ckt2-1.
    - Upgrade Tor Browser to 4.0.3 (based on Firefox 31.4.0esr)
      (Closes: #8700).
    - Fail safe by entering panic mode if macchanger exits with an
      error, since in this situation we have to treat the
      driver/device state as undefined. Also, we previously just
      exited the script in this case, not triggering the panic mode
      and potentially leaking the real MAC address (Closes: #8571).
    - Disable upgrade checking in the Unsafe Browser. Until now the
      Unsafe Browser has checked for upgrades of the Tor Browser in
      the clear (Closes: #8694).

  * Bugfixes
    - Fix startup of the Unsafe Browser in some locales (Closes: #8693).
    - Wait for notification-daemon to run before showing the MAC
      spoofing panic mode notifications. Without this, the "Network
      card disabled" notification is sometimes lost when MAC spoofing
      fails. Unfortunately this only improves the situation, but
      doesn't fix it completely (see #8685).
    - Log that we're going to stop NetworkManager before trying to do
      it in the MAC spoofing scripts. Without this we wouldn't get the
      log message in case stopping NetworkManager fails (thanks to
      `set -e`).
    - Set GNOME Screenshot preferences to save the screenshots in
      /home/amnesia (Closes: #8087).
    - Do not suspend to RAM when closing the lid on battery power
      (Closes: #8071).
    - Properly update the Tails Installer's status when plugging in a
      USB drive after it has started (Closes: #8353).
    - Make rsync compare file contents by using --checksum for more
      reliable generation of the squashfs filesystem in
      IUKs. Previously it used the default, which is checking
      timestamps and file size, but that doesn't play well with the
      Tor browser files, that have a fixed mtime, which could result
      in updated files not ending up in the IUK.

  * Minor improvements
    - Finish migrating tails-security-check's and tails-iuk's pinning
      to our website's new X.509 certificate authority (Closes: #8404).

  * Build system
    - Update to Vagrant build box tails-builder-20141201. The only
      change is the removal of a reference to an ISO image which
      doesn't exist (except on the system that generated the build
      box) which causes an error for some users (Closes: #7644).
    - Generate the list of packages used during build, after building
      with Jenkins (Closes: #8518). This allows tracking their status
      on the Debian reproducible build front:
      https://reproducible.debian.net/index_pkg_sets.html#tails

  * Automated test suite
    - Check PO files with i18nspector (Closes: #8359).
    - Fix the expected image of a check.tp.o failure. Previously we
      looked for the "Sorry. You are not using Tor." text, but it
      seems it recently changed enough for Sikuli to not find it. To
      prevent future errors of the same kind we'll look for the
      crossed-over onion icon instead (Closes: #8533).
    - Bump timeout when waiting for Tor to re-bootstrap. We have a
      dreaded issue with timeouts that are multiple of 2 minutes, and
      then Tor succeeds soon after, so in order to allow for this
      timeout to be reached twice, and then possibly succeed, let's
      use N*2 minutes + 30 seconds, with N=2.

 -- Tails developers <tails@boum.org>  Wed, 14 Jan 2015 16:12:26 +0100

tails (1.2.2) unstable; urgency=medium

  * Bugfixes
    - Create a CA bundle for Tails Upgrader at ISO build time, and
      patch Tails Upgrader to use it. Specifically this will make it
      possible to check for Tails upgrades after our website changes
      certificate around the 2014 to 2015 transition (Partially fixes
      #8404).

 -- Tails developers <tails@boum.org>  Mon, 15 Dec 2014 10:05:17 +0100

tails (1.2.1) unstable; urgency=low

  * Security fixes
    - Upgrade Linux to 3.16.0-4, i.e. 3.16.7-1.
    - Install Tor Browser 4.0.2 (based on Firefox 31.3.0esr).

  * Bugfixes
    - Install syslinux-utils, to get isohybrid back (Closes: #8155).
    - Update xserver-xorg-input-evdev to 1:2.7.0-1+tails1 which
      includes a patch that restores mouse scrolling in KVM/Spice
      (Closes: 7426).
    - Set Torbutton logging preferences to the defaults (Closes:
      #8160). With the default settings, no site-specific information is
      logged.
    - Use the correct stack of rootfs:s for the chroot browsers (Closes:
      #8152, #8158). After installing incremental upgrades Tails' root
      filesystem consists of a stack squashfs:s, not only
      filesystem.squashfs. When not stacking them correct we may end up
      using the Tor Browser (Firefox) from an older version of Tails, or
      with no Tor Browser at all, as in the upgrade from Tails 1.1.2 to
      1.2, when we migrated from Iceweasel to the Tor Browser. Based on
      a patch contributed by sanic.
    - Use the Tor Browser for MIME type that GNOME associates with
      Iceweasel (Closes: #8153). Open URLs from Claws Mail, KeePassX
      etc. should be possible again.
    - Update patch to include all Intel CPU microcodes (Closes: #8189).
    - AppArmor: allow Pidgin to run Tor Browser unconfined, with
      scrubbed environment (Closes: #8186). Links opened in Pidgin are
      now handled by the Tor Browser.
    - Install all localized Iceweasel search plugins (Closes: #8139).
    - When generating the boot profile, ignore directories in
      process_IN_ACCESS as well (Closes: #7925). This allows ut to
      update the squashfs-ordering again in Tails 1.2.1.
    - gpgApplet: Don't pass already encoded data to GTK2 (Closes:
      #7968). It's now possible to clearsign text including non-ASCII
      characters.
    - Do not run the PulseAudio initscript, neither at startup nor
      shutdown (Closes: #8082).

  * Minor improvements
    - Upgrade I2P to 0.9.17-1~deb7u+1.
    - Make GnuPG configuration closer to the best practices one
      (Closes: #7512).
    - Have GnuPG directly use the Tor SOCKS port (Closes: #7416).
    - Remove TrueCrypt support and documentat how to open TrueCrypt
      volumes using cryptsetup (Closes: #5373).
    - Install hopenpgp-tools from Debian Jessie.

  * Build system
    - Add gettext >= 0.18.3 as a Tails build dependency. We need it for
      xgettext JavaScript support in feature/jessie.

  * Automated test suite
    - Don't click to open a sub-menu in the GNOME applications menu
      (Closes: #8140).
    - When testing the Windows camouflage, look for individual systray
      applets, to avoid relying on their ordering (Closes: #8059).
    - Focus the Pidgin Buddy List before looking for something
      happening in it (Closes: #8161).
    - Remove workaround for showing the TBB's menu bar (Closes #8028).

 -- Tails developers <tails@boum.org>  Tue, 02 Dec 2014 11:34:03 +0100

tails (1.2) unstable; urgency=medium

  * Major new features
    - Migrate from Iceweasel to the Tor Browser from the Tor Browser
      Bundle 4.0 (based on Firefox 31.2.0esr). This fixes the POODLE
      vulnerability.
      The installation in Tails is made global (multi-profile), uses
      the system-wide Tor instance, disables the Tor Browser updater,
      and keeps the desired deviations previously present in Iceweasel,
      e.g. we install the AdBlock Plus add-on, but not Tor Launcher (since
      we run it as a standalone XUL application), among other things.
    - Install AppArmor's userspace tools and apparmor-profiles-extra
      from Wheezy Backports, and enable the AppArmor Linux Security
      Module. This adds Mandatory Access Control for several critical
      applications in Tails, including Tor, Vidalia, Pidgin, Evince
      and Totem.
    - Isolate I2P traffic from the Tor Browser by adding a dedicated
      I2P Browser. It is set up similarly to the Unsafe Browser,
      but further disables features that are irrelevant for I2P, like
      search plugins and the AdBlock Plus addon, while keeping Tor Browser
      security features like the NoScript and Torbutton addons.
    - Upgrade Tor to 0.2.5.8-rc-1~d70.wheezy+1.

  * Security fixes
    - Disable TCP timestamps (Closes: #6579).

  * Bugfixes
    - Remove expired Pidgin certificates (Closes: #7730).
    - Use sudo instead of gksudo for running tails-upgrade-frontend to
      make stderr more easily accessible (Closes: #7431).
    - Run tails-persistence-setup with sudo instead of gksudo to make
      stderr more easily accessible, and allow the desktop user to
      pass the --verbose parameter (Closes: #7623).
    - Disable CUPS in the Unsafe Browser. This will prevent the
      browser from hanging for several minutes when accidentally
      pressing CTRL+P or trying to go to File -> Print (Closes: #7771).

  * Minor improvements
    - Install Linux 3.16-3 (version 3.16.5-1) from Debian
      unstable (Closes: #7886, #8100).
    - Transition away from TrueCrypt: install cryptsetup and friends
      from wheezy-backports (Closes: #5932), and make it clear that
      TrueCrypt will be removed in Tails 1.2.1 (Closes: #7739).
    - Install Monkeysign dependencies for qrcodes scanning.
    - Upgrade syslinux to 3:6.03~pre20+dfsg-2~bpo70+1, and install
      the new syslinux-efi package.
    - Upgrade I2P to 0.9.15-1~deb7u+1
    - Enable Wheezy proposed-updates APT repository and setup APT
      pinnings to install packages from it.
    - Enable Tor's syscall sandbox. This feature (new in 0.2.5.x)
      should make Tor a bit harder to exploit. It is only be enabled
      when when no special Tor configuration is requested in Tails
      Greeter due to incompatibility with pluggable transports.
    - Start I2P automatically when the network connects via a
      NetworkManager hook, and "i2p" is present on the kernel command
      line. The router console is no longer opened automatically, but
      can be accessed through the I2P Browser (Closes: #7732).
    - Simplify the IPv6 ferm rules (Closes: #7668).
    - Include persistence.conf in WhisperBack reports (Closes: #7461)
    - Pin packages from testing to 500, so that they can be upgraded.
    - Don't set Torbutton environment vars globally (Closes: #5648).
    - Enable VirtualBox guest additions by default (Closes: #5730). In
      particular this enables VirtualBox's display management service.
    - In the Unsafe Browser, hide option for "Tor Browser Health
      report", and the "Get Addons" section in the Addon manager
      (Closes: #7952).
    - Show Pidgin's formatting toolbar (Closes: #7356). Having the
      formatting toolbar displayed in Pidgin makes the OTR status more
      explicit by displaying it with words.

  * Automated test suite
    - Add --pause-on-fail to ease VM state debugging when tests
      misbehave.
    - Add execute_successfully() and assert_vmcommand_success() for
      added robustness when executing some command in the testing VM.
    - Use Test::Unit::Assertions instead of our home-made assert().
    - Add test for persistent browser bookmarks.
    - Add basic tests for Pidgin, Totem and Evince, including their
      AppArmor enforcement.
    - Factorize some common step pattern into single steps.
    - Factorize running a command in GNOME Terminal.
    - Add common steps to copy a file and test for its existence.
    - Add a wait_and_double_click Sikuli helper method.
    - Add a VM.file_content method, to avoid repeating ourselves, and
      use it whenever easily doable.
    - Drop test that diffs syslinux' exithelp.cfg: we don't ship this
      file anymore.
    - In the Unsafe Browser tests, rely on subtle timing less (Closes:
      #8009).
    - Use the same logic to determine when Tor is working in the test
      suite as in Tails itself. The idea is to avoid spamming the Tor
      control port during bootstrap, since we've seen problems with
      that already.

 -- Tails developers <tails@boum.org>  Wed, 15 Oct 2014 18:34:50 +0200

tails (1.1.2) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1
      (fixes Mozilla#1064636).
    - Install Linux 3.16-1 from sid (Closes: #7886).
    - Upgrade file to 5.11-2+deb7u5 (fixes CVE-2014-0207,
      CVE-2014-0237, CVE-2014-0238, CVE-2014-3478, CVE-2014-3479,
      CVE-2014-3480, CVE-2014-3487, CVE-2014-3538 and CVE-2014-3587).
    - Upgrade curl to 7.26.0-1+wheezy10 (fixes CVE-2014-3613 and
      CVE-2014-3620).
    - Upgrade bind9-based packages to 1:9.8.4.dfsg.P1-6+nmu2+deb7u2
      (fixes CVE-2014-0591).
    - Upgrade gnupg to 1.4.12-7+deb7u6 (fixes CVE-2014-5270).
    - Upgrade apt to 0.9.7.9+deb7u5 (fixes CVE-2014-0487,
      CVE-2014-0488, CVE-2014-0489, CVE-2014-0490, and
      CVE-2014-6273.).
    - Upgrade dbus to 1.6.8-1+deb7u4 (fixes CVE-2014-3635,
      CVE-2014-3636, CVE-2014-3637, CVE-2014-3638 and CVE-2014-3639).
    - Upgrade libav-based pacakges to 6:0.8.16-1 (fixes
      CVE-2013-7020).
    - Upgrade bash to 4.2+dfsg-0.1+deb7u1 (fixes CVE-2014-6271).

 -- Tails developers <tails@boum.org>  Tue, 23 Sep 2014 23:01:40 -0700

tails (1.1.1) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.8.0esr-0+tails1~bpo70+1
      (Firefox 24.8.0esr + Iceweasel patches + Torbrowser patches).
      Also import the Tor Browser profile at commit
      271b64b889e5c549196c3ee91c888de88148560f from
      ttp/tor-browser-24.8.0esr-3.x-1.
    - Upgrade Tor to 0.2.4.23-2~d70.wheezy+1 (fixes CVE-2014-5117).
    - Upgrade I2P to 0.9.14.1-1~deb7u+1.
    - Upgrade Linux to 3.14.15-2 (fixes CVE-2014-3534, CVE-2014-4667
      and CVE-2014-4943).
    - Upgrade CUPS-based packages to 1.5.3-5+deb7u4 (fixes
      CVE-2014-3537, CVE-2014-5029, CVE-2014-5030 and CVE-2014-5031).
    - Upgrade libnss3 to 2:3.14.5-1+deb7u1 (fixes CVE-2013-1741,
      CVE-2013-5606, CVE-2014-1491 and CVE-2014-1492).
    - Upgrade openssl to 1.0.1e-2+deb7u12 (fixes CVE-2014-3505,
      CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509,
      CVE-2014-3510, CVE-2014-3511, CVE-2014-3512 and CVE-2014-5139).
    - Upgrade krb5-based packages to 1.10.1+dfsg-5+deb7u2 (fixes
      CVE-2014-4341, CVE-2014-4342, CVE-2014-4343, CVE-2014-4344 and
      CVE-2014-4345).
    - Upgrade libav-based packages to 6:0.8.15-1 (fixes CVE-2011-3934,
      CVE-2011-3935, CVE-2011-3946, CVE-2013-0848, CVE-2013-0851,
      CVE-2013-0852, CVE-2013-0860, CVE-2013-0868, CVE-2013-3672,
      CVE-2013-3674 and CVE-2014-2263.
    - Upgrade libgpgme11 to 1.2.0-1.4+deb7u1 (fixes CVE-2014-5117).
    - Upgrade python-imaging to 1.1.7-4+deb7u1 (fixes CVE-2014-3589).
    - Prevent dhclient from sending the hostname over the network
      (Closes: #7688).
    - Override the hostname provided by the DHCP server (Closes: #7769).
    - Add an I2P boot parameter. Without adding "i2p" to the kernel
      command line, I2P will not be accessible for the Live user.
    - Stricter I2P firewall rules:
      * deny I2P from accessing the LAN
      * deny I2P from accessing the loopback device, except for select
        whitelisted services
      * allow I2P access to the Internet
      The ACCEPT rules will only be enabled when the string 'i2p' is
      passed at the boot prompt. The rules which DENY or REJECT
      access for the 'i2psvc' user will always be applied.
    - Disable I2P plugins, since it doesn't make much sense without
      persistence, and should eliminate some attack vectors.
    - Disable I2P's BOB port. No maintained I2P application uses it.

  * Bugfixes
    - Fix condition clause in tails-security-check (Closes: #7657).
    - Don't ship OpenJDK 6: I2P prefers v7, and we don't need both.
    - Prevent Tails Installer from updating the system partition
      properties on MBR partitions (Closes: #7716).

  * Minor improvements
    - Upgrade to Torbutton 1.6.12.1.
    - Install gnome-user-guide (Closes: #7618).
    - Install cups-pk-helper (Closes: #7636).
    - Update the SquashFS sort file.
    - Compress the SquashFS more aggressively (Closes: #7706).
    - I2P: Keep POP3 email on server. The default in the I2P webmail
      app was to keep mail on the server, but that setting was changed
      recently. This configuration setting (susimail.config) will only
      be copied over in I2P 0.9.14 and newer.
    - Add a Close button to the Tails Installer launcher window.

  * Build system
    - Migrate Vagrant basebox to Debian Wheezy (Closes #7133, #6736).
    - Consistently use the same Debian mirror.
    - Disable runtime APT proxy configuration when using APT in
      binary_local-hooks (Closes: #7691).

  * Automated test suite
    - Automatically test hostname leaks (Closes: #7712).
    - Move autotest live-config hook to be run last. This way we'll
      notice if some earlier live-config hook cancels all hooks by
      running the automated test suite since the remote shell won't be
      running in that case.
    - Test that the I2P boot parameter does what it's supposed to do
      (Closes: #7760).
    - Start applications by using the GNOME Applications menu instead
      of the GNOME Run Dialog (Closes: #5550, #7060).

 -- Tails developers <tails@boum.org>  Sun, 31 Aug 2014 20:49:28 +0000

tails (1.1) unstable; urgency=medium

  * Rebase on Debian Wheezy
    - Upgrade literally thousands of packages.
    - Migrate to GNOME3 fallback mode.
    - Install LibreOffice instead of OpenOffice.
    - Remove custom LSB logging: Wheezy has fancy colored init
      logging.

  * Major new features
    - UEFI boot support.
    - Replace the Windows XP camouflage with an experimental Windows 8
      camouflage.
    - Install Linux 3.14.12-1 from Debian unstable.
    - Bring back VirtualBox guest modules, installed from Wheezy
      backports. Full functionality is only available when using the
      32-bit kernel.

  * Security fixes
    - Fix write access to boot medium via udisks (#6172).
    - Don't allow the desktop user to pass arguments to
      tails-upgrade-frontend (Closes: #7410).
    - Make persistent file permissions safer (Closes #7443):
      * Make the content of /etc/skel non-world-readable. Otherwise,
        such files may be copied to /home/amnesia, and in turn to the
        persistent volume, with unsafe permissions. That's no big deal
        in /home/amnesia (that is itself not world-readable), *but*
        the root of the persistent volume has to be world-readable.
      * Have activate_custom_mounts create new directories with safe
        permissions.
      * Set strict permissions on /home/amnesia (Closes: #7463).
      * Fix permissions on persistent directories that were created
        with unsafe permissions (Closes: #7458).
      * Fix files ownership while copying persistence (Closes: #7216).
        The previous instructions to copy the persistent data were
        creating personal files that belong to root. I don't think
        there is a way of preserving the original ownership using
        Nautilus (unless doing a "move" instead of a "copy" but that's
        not what we are trying to do here).
    - Disable FoxyProxy's proxy:// protocol handler (Closes: #7479).
      FoxyProxy adds the proxy:// protocol handler, which can be used
      to configure the proxy via an URI. A malicious web page can
      include (or a malicious exit node can inject) some JavaScript
      code to visit such an URI and disable or otherwise change
      Iceweasel's proxy settings. While using this to disable
      proxying will be dealt with safely by our firewall, this could
      be used to defeat stream isolation, although the user must be
      tricked into accepting the new proxy settings.
    - Upgrade the web browser to 24.7.0esr-0+tails1~bpo70+1
      (Firefox 24.7.0esr + Iceweasel patches + Torbrowser patches).
    - Upgrade to Linux 3.14.12-1 (fixes CVE-2014-4699).
    - Upgrade libav-based packages to 0.8.13-1 (fixes CVE-2014-4609).
    - Upgrade to libxml2 2.8.0+dfsg1-7+wheezy1 (fixes CVE-2014-0191).
    - Upgrade to dbus 1.6.8-1+deb7u3 (fixes CVE-2014-3477,
      CVE-2014-3532 and CVE-2014-3533).

  * Bugfixes
    - Disable GNOME keyring's GnuPG functionality. (Closes: #7330) In
      feature/regular-gnupg-agent, we installed the regular GnuPG
      agent so that it is used instead of GNOME keyring's one. This is
      not enough on Wheezy, so let's disable the starting of the "gpg"
      component of GNOME keyring.
    - Make sure /etc/default/locale exists, with a sensible default
      value (Closes: #7333). Before Tails Greeter's PostLogin script
      are run, /etc/default/locale does not exist on Wheezy. Our
      tails-kexec initscript (and quite a few other scripts we run)
      depends on this file to exist. So, let's make sure it exists,
      with a sensible default value.
    - Create the tails-persistence-setup user with the same UID/GID it
      had on Tails/Squeeze. (Closes: #7343) Else, our various checks
      for safe access rights on persistence.conf fail.
    - Revert back to browsing the offline documentation using Iceweasel
      instead of Yelp (Closes: #7390, #7285).
    - Make the new NetworkManager configuration directory persistent,
      when the old one was, but disable the old one (Closes: #7338).
    - Before running tails-upgrade-frontend, chdir to a world-readable
      place (Closes: #7641). In particular, Archive::Tar::Wrapper,
      when called by tails-install-iuk, wants to chdir back to the
      original cwd after it has chdir'd elsewhere to do its job.

  * Minor improvements
    - Install seahorse-nautilus, replacing seahorse-plugins (Closes #5516).
    - Install hledger (custom backport, for now): our accountants need this.
    - Install stable Scribus instead of scribus-ng.
    - Install the printer driver for Epson Inkjet that use ESC/P-R.
    - Install the BookletImposer PDF imposition toolkit. It's tiny,
      and really helpful e.g. when producing booklets.
    - Install gtkhash and nautilus-gtkhash (Closes #6763).
    - Import new version of Tor Launcher:
      · Now based on upstream Tor Launcher 0.2.5.4.
      · Tor bug #11772: Proxy Type menu not set correctly
      · Tor bug #11699: Change &amp;#160 to &#160; in network-settings.dtd
      · Correctly handle startup paths that contain dot.
    - Upgrade to Torbutton 1.6.9.0.
    - Avoid shipping python2.6 in addition to python2.7.
    - Don't install Gobby 0.4 anymore. Gobby 0.5 has been available in
      Debian since Squeeze, now is a good time to drop the obsolete
      0.4 implementation.
    - Require a bit less free memory before checking for upgrades with
      Tails Upgrader. The general goal is to avoid displaying "Not
      enough memory available to check for upgrades" too often due to
      over-cautious memory requirements checked in the wrapper.
    - Make Tails Greeter's help window resolution-aware. Previously it
      used a static 800x600 which was problematic on lower resolutions,
      and sub-optimal on higher resolutions. Now it adapts itself
      according to the screen resolution.
    - Whisperback now sanitizes attached logs better with respect to
      DMI data, IPv6 addresses, and serial numbers (Closes #6797,
      #6798, #6804).
    - Integrate the new logo in Tails Installer (Closes #7095)
    - Also install linux-base and linux-compiler-gcc-4.8-x86 from
      sid. This way, we can get rid of our linux-compiler-gcc-4.8-x86
      3.12, and it makes things a bit more consistent.
    - Include the syslinux binary, and its MBR, in the ISO filesystem.
      This in turn allows Tails Installer to use this binary and MBR,
      which is critical for avoiding problems (such as #7345) on
      "Upgrade from ISO".
    - Include syslinux.exe for win32 in utils/win32/ on the ISO
      filesystem (Closes: #7425).
    - Tails Installer:
      * Add consistent margins in GUI.
      * Always reset the target drive's MBR, without asking for
        confirmation, after installing or upgrading.
      * Install the bootloader using the syslinux binary found on the
        target device, once the Live OS has been extracted/copied
        there.
    - Enable double-clicking to pick entries in the language or
      keyboard layout lists in Tails Greeter.
    - Install backport of shared-mime-info 1.3 (Closes: #7079).
    - Make sanity-check prompts closable in Tails Persistence Setup
      (Closes: #7119).
    - Fix quick search in Tails Greeter's Other languages window
      (Closes: #5387).
    - Install systemd. It is not enabled by default, but having it
      around will help doing the migration work.
    - Enable AppArmor on the kernel command-line. This is a no-op
      without the userspace tools and with no profile shipped, but it
      will make it easier to fix this part of the situation.

  * Build system
    - Bump Vagrant builder's memory for RAM builds. Wheezy requires
      more space to build, and the resulting image is larger.
    - Fix Vagrant compatibility issue. Some classes' methods/fields
      have been renamed between Vagrant versions, so we need a simple
      compatibility layer to support all versions. Without this, it's
      not possible to issue e.g. a `build` command to an already
      running (i.e. `vm:up`:ed) Vagrant instance.
    - Move cpu and mem checks to the `build` task. Previously, when
      they were checked in `vm:up` *only* when issued while the VM
      already is up, so these checks weren't run if one issues a
      `build` when the VM is off. Now we'll fail earlier with a more
      informative error message, and it looks like a more logical home
      for them too.
    - Fix buggy memory checks for RAM building. We have to take into
      account which state the Vagrant VM is in for determining *where*
      we check if enough memory is available for a RAM build. If it's
      off, we check the host; if it's on we check the VM. Previously
      we always checked the host, which doesn't make sense when the VM
      is already started.

  * Automated test suite
    - Bump the tester VM's RAM by 256 MiB. There is not enough free
      RAM to run Tails Upgrader with just 1 GiB of RAM after the
      migration to Wheezy.
    - Always adjust OOM and memory overcommit settings. The kernel
      freezes seem to also happen for the amd64 kernel when filling
      the memory.
    - Add option to make Sikuli rety on FindFailed. This makes it
      possible to update manu images for Sikuli in just *one* test
      suite run, by continuously updating outdated pictures as we go.
    - Actually run "Upgrade from ISO" from a USB drive running the old
      version. That's what users do, and is buggy.
    - Automatically test persistent directories permissions (Closes: #7560).
    - Use read-write persistence when testing upgraded USB
      installations.  Otherwise e.g. the permission fixes won't get
      applied, and the subsequent steps testing the permissions will
      fail.
    - Actually check that the ISO's Tails is installed. The step
      "Tails is installed on USB drive $TARGET" only checks that the
      *running* Tails is installed on $TARGET, which obviously fails
      when doing an upgrade from ISO running an old Tails. That it
      worked for the same scenario running the current Tails is just
      coincidental.
    - Use OpenJDK 7 to run our test suite (Closes #7175).
    - Use qemu-system-x86_64 directly, instead of kvm, for running the
      automated test suite (Closes: #7605).

 -- Tails developers <tails@boum.org>  Sun, 20 Jul 2014 23:16:13 +0200

tails (1.0.1) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.6.0esr-0+tails1~bpo60+1
      (Firefox 24.6.0esr + Iceweasel patches + Torbrowser patches).
      Also import the Tor Browser profile at commit
      90ba8fbaf6f23494f1a0e38d63153b3b7e65d3d3 from
      ttp/tor-browser-24.6.0esr-3.x-1.
    - Install Linux 3.14 from Debian unstable (fixes CVE-2014-3153 and
      others).
    - Install openssl from Squeeze LTS (fixes CVE-2014-0076,
      CVE-2014-0195, CVE-2014-0221, CVE-2014-3470 and CVE-2014-0224).
    - Install GnuTLS from Squeeze LTS (fixes CVE-2014-3466.).

  * Minor improvements
    - Add Squeeze LTS APT sources. It has been given a low pinning
      priority so explicit pinning must be used to actually install
      anything from it.
    - Upgrade Tor to 0.2.4.22-1~d60.squeeze+1.
    - Upgrade I2P to 0.9.13-1~deb6u+1.

 -- Tails developers <tails@boum.org>  Sun, 08 Jun 2014 19:14:00 +0200

tails (1.0) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.5.0esr-0+tails1~bpo60+1
      (Firefox 24.5.0esr + Iceweasel patches + Torbrowser patches).
    - Upgrade Tor to 0.2.4.21-1+tails1~d60.squeeze+1:
      * Based on 0.2.4.21-1~d60.squeeze+1.
      * Backport the fix for Tor bug #11464. It adds client-side blacklists for
        all Tor directory authority keys that was vulnerable to Heartbleed.
        This protects clients in case attackers were able to compromise a
        majority of the authority signing and identity keys.

   * Bugfixes
    - Disable inbound I2P connections. Tails already restricts incoming
      connections, but this change tells I2P about it.
    - Fix link to the system requirements documentation page in the Tails
      Upgrader error shown when too little RAM is available.

  * Minor improvements
    - Upgrade I2P to 0.9.12-2~deb6u+1.
    - Import TorBrowser profile. This was forgotten in Tails 0.23 and even
      though we didn't explicitly set those preferences in that release
      they defaulted to the same values. This future-proofs us in case the
      defaults would ever change.
    - Import new custom version of tor-launcher:
      * Based on upstream Tor Launcher 0.2.5.3.
      * Improve how Tor Launcher handles incomplete translation.
        (Tor bug #11483; more future-proof fix for Tails bug #6885)
      * Remove the bridge settings prompt. (Tor bug #11482; closes Tails
        bug #6934,)
      * Always show bridge help button. (Tor bug #11484)
    - Integrate the new Tails logo into various places:
      * The website
      * The boot splash
      * The "About Tails" dialog

  * Build system
    - Use the stable APT suite when building from the stable Git branch
      (Closes: #7022).

  * Test suite
    - Add test for the #7022 fix.

 -- Tails developers <tails@boum.org>  Sun, 27 Apr 2014 19:34:01 +0200

tails (0.23) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.4.0esr-0+tails1~bpo60+1
      (Firefox 24.4.0esr + Iceweasel patches + Torbrowser patches).

  * Major new features
    - Spoof the network interfaces' MAC address by default (Closes: #5421),
      as designed on https://tails.boum.org/contribute/design/MAC_address/.
    - Rework the way to configure how Tor connects to the network
      (bridges, proxy, fascist firewall): add an option to Tails Greeter,
      start Tor Launcher when needed (Closes: #5920, #5343).

  * Bugfixes
    - Additional software: do not crash when persistence is disabled
      (Closes: #6440).
    - Upgrade Pidgin to 2.10.9, that fixes some regressions introduced
      in the 2.10.8 security update (Closes: #6661).
    - Wait for Tor to have fully bootstrapped, plus a bit more time,
      before checking for upgrades (Closes: #6728) and unfixed known
      security issues.
    - Disable the Intel Management Engine Interface driver (Closes: #6460).
      We don't need it in Tails, it might be dangerous, and it causes bugs
      on various hardware such as systems that reboot when asked to shut down
    - Add a launcher for the Tails documentation. This makes it available
      in Windows Camouflage mode (Closes: #5374, #6767).
    - Remove the obsolete wikileaks.de account from Pidgin (Closes: #6807).

  * Minor improvements
    - Upgrade Tor to 0.2.4.21-1~d60.squeeze+1.
    - Upgrade obfsproxy to 0.2.6-2~~squeeze+1.
    - Upgrade I2P to 0.9.11-1deb6u1.
    - Install 64-bit kernel instead of the 686-pae one (Closes: #5456).
      This is a necessary first step towards UEFI boot support.
    - Install Monkeysign (in a not-so-functional shape yet).
    - Disable the autologin text consoles (Closes: #5588). This was one of
      the blockers before a screen saver can be installed
      in a meaningful way (#5684).
    - Don't localize the text consoles anymore: it is broken on Wheezy,
      the intended users can as well use loadkeys, and we now do not have
      to trust setupcon to be safe for being run as root by the desktop user.
    - Make it possible to manually start IBus.
    - Reintroduce the possibility to switch identities in the Tor Browser,
      using a filtering proxy in front of the Tor ControlPort to avoid giving
      full control over Tor to the desktop user (Closes: #6383).
    - Incremental upgrades improvements:
      · Drop the Tails Upgrader launcher, to limit users' confusion
        (Closes: #6513).
      · Lock down sudo credentials a bit.
      · Hide debugging information (Closes: #6505).
      · Include ~/.xsession-errors in WhisperBack bug reports.
        This captures the Tails Upgrader errors and debugging information.
      · Report more precisely why an incremental upgrade cannot be done
        (Closes: #6575).
      · Various user interface and phrasing improvements.
    - Don't install the Cookie Monster browser extension (Closes: #6790).
    - Add a browser bookmark pointing to Tor's Stack Exchange (Closes: #6632).
    - Remove the preconfigured #tor channel from the Pidgin: apparently,
      too many Tails users go ask Tails questions there, without making
      it clear that they are running Tails, hence creating a user-support
      nightmare (Closes: #6679).
    - Use (most of) Tor Browser's mozconfig (Closes: #6474).
    - Rebase the browser on top of iceweasel 24.3.0esr-1, to get
      the certificate authorities added by Debian back (Closes: #6704).
    - Give access to the relevant documentation pages from Tails Greeter.
    - Hide Tails Greeter's password mismatch warning when entry is changed.
    - Persistent Volume Assistant:
      · Take into account our installer is now called Tails Installer.
      · Optimize window height (Closes: #5458).
      · Display device paths in a more user-friendly way (Closes: #5311).

  * Build system
    - Ease updating POT and PO files at release time, and importing translations
      from Transifex (Closes: #6288, #6207).
    - Drop custom poedit backport, install it from squeeze-backports-sloppy.
    - Make ISO and IUK smaller (Closes: #6390, #6425):
      · Exclude more files from being included in the ISO.
      · Remove *.pyc later so that they are not recreated.
      · Truncate log files later so that they are not filled again.
      · At ISO build time, set mtime to the epoch for large files whose content
        generally does not change between releases. This forces rsync
        to compare the actual content of these files, when preparing an IUK,
        instead of blindly adding it to the IUK merely because the mtime
        has changed, while the content is the same.
    - Make local hooks logging consistent.

  * Test suite
    - Migrate from JRuby to native Ruby + rjb.
    - The test suite can now be run on Debian Wheezy + backports.
    - Fix buggy "persistence is not enabled" step (Closes: #5465).
    - Use IPv6 private address as of RFC 4193 for the test suite's virtual
      network. Otherwise dnsmasq from Wheezy complains, as it is not capable
      of handling public IPv6 addresses.
    - Delete volumes after each scenario unless tagged @keep_volumes.
    - Add an anti-test to make sure the memory erasure test works fine.
    - A *lot* of bugfixes, simplifications and robustness improvements.

 -- Tails developers <tails@boum.org>  Tue, 18 Mar 2014 00:58:50 +0100

tails (0.22.1) unstable; urgency=medium

  * Security fixes
    - Upgrade the web browser to 24.3.0esr-0+tails1~bpo60+2
      (Firefox 24.3.0esr + Iceweasel patches + Torbrowser patches).
    - Upgrade NSS to 3.14.5-1~bpo60+1.
    - Upgrade Pidgin to 2.10.8.
    - Workaround browser size fingerprinting issue by using small icons
      in the web browser's navigation toolbar (Closes: #6377).
      We're actually hit by Tor#9268, and this is the best workaround gk
      and I were able to find when discussing this on Tor#10095.

  * Major new features
    - Check for upgrades availability using Tails Upgrader, and propose
      to apply an incremental upgrade whenever possible (Closes: #6014).
      · Run tails-update-frontend at session login time.
      · Have tails-security-check only report unfixed security issues.
      · Greatly improve the Tails Upgrader UI and strings phrasing.
      · Enable startup notification for Tails Upgrader.
    - Install Linux 3.12 (3.12.6-2) from Debian testing. Unfortunately,
      this breaks the memory wipe feature on some hardware (#6460), but
      it fixes quite a few security issues, and improves hardware support.
    - Update the build system to be compatible with Vagrant 1.2 and 1.3,
      in addition to the already supported versions (Closes: #6221).
      Thanks to David Isaac Wolinsky <isaac.wolinsky@gmail.com>.

  * Bugfixes
    - Do not start IBus for languages that don't need it. This fixes
      the keybindings problems introduced in 0.22 (Closes: #6478).
      Thanks to WinterFairy.
    - Disable network.proxy.socks_remote_dns in the Unsafe Browser.
      Bugfix against 0.22 (Closes: #6479).
    - Fetch Tor Browser User-Agent from its own prefs, rather than from
      the obsolete Torbutton ones. Bugfix against 0.22 (Closes: #6477).
    - Upgrade Vagrant basebox to include up-to-date Debian archive keys
      (Closes: #6515, #6527).
    - Do not use a non-working proxy for downloading the Vagrant basebox
      (Closes: #6514).
    - Use IE's icon in Windows camouflage mode.
      Bugfix against 0.22 (Closes: #6536).
    - Support "upgrading" a partial Tails installation (Closes: #6438)
      and fix missing confirmation dialog in Tails Installer (Closes: #6437).
      Thanks to Andres Gomez Ramirez <andres.gomez@cern.ch>.
    - Fix browser homepage in Spanish locales (Closes: #6612).

  * Minor improvements
    - Tor 0.2.4 is stable! Adapt APT sources accordingly.
    - Update Tor Browser to 24.2.0esr-1+tails1, that uses its own NSS
      library instead of the system one.
    - Update Torbutton to 1.6.5.3.
    - Do not start Tor Browser automatically, but notify when Tor is ready.
      Warn the user when they attempt to start Tor Browser before Tor is ready.
    - Import Tor Browser profile at
      3ed5d9511e783deb86835803a6f40e7d5a182a12 from ttp/tor-browser-24.2.0esr-1.
    - Use http.debian.net for Vagrant builds, instead of the mostly broken
      (and soon obsolete) cdn.debian.net.
    - Phrasing and UI improvements in tails-upgrade-frontend.
    - Style and robustness improvements in tails-security-check.
    - Make room for upcoming UEFI support in Tails Installer.

 -- Tails developers <tails@boum.org>  Wed, 29 Jan 2014 15:08:13 +0100

tails (0.22) unstable; urgency=medium

  [Tails developers]
  * Security fixes
    - Upgrade to Iceweasel 24.2.0esr that fixes a few serious security issues.
    - Stop migrating persistence configuration and access rights. Instead,
      disable all persistence configuration files if the mountpoint has wrong
      access rights (Closes: #6413).
    - Upgrade to NSS 3.15.3 that fixes a few serious security issues affecting
      the browser, such as CVE-2013-1741, CVE-2013-5605 and CVE-2013-5606.

  * Major improvements
    - Switch to Iceweasel 24 (Closes: #6370).
      · Resync' (most) Iceweasel prefs with TBB 3.0-beta-1 and get rid
        of many obsolete or default settings.
      · Disable WebRTC (Closes: #6468).
      · Import TorBrowser profile at commit
        51bf06502c46ee6c1f587459e8370aef11a3422d from the tor-browser-24.2.0esr-1
        branch at https://git.torproject.org/tor-browser.git.
    - Switch to Torbutton 1.6.5 (Closes: #6371).
      · Prevent Torbutton from asking users to "upgrade TBB".
      · Use the same Tor SOCKS port as the TBB (9151) for our web browser.
        This should be enough to avoid being affected by Tor#8511.
      · Disable Torbutton 1.6's check for Tor.
        Unfortunately, the new check.torproject.org breaks the remote Tor
        check. We cannot use the local Tor check with the control port. So,
        the shortest and sanest path to fixing the check issue, because the
        remote Tor check is broken" seems to simply disable this check.
        Patch submitted upstream as Tor#10216.
    - Prepare incremental upgrades to be the next default way to upgrade Tails,
      on point-releases at least.

  * Bugfixes
    - Deny X authentication only after Vidalia exits (Closes: #6389).
    - Disable DPMS screen blanking (Closes: #5617).
    - Fix checking of the persistent volume's ACL.
    - Sanitize more IP and MAC addresses in bug reports (Closes: #6391).
    - Do not fail USB upgrade when the "tmp" directory exists on the
      destination device.
    - Tails Installer: list devices with isohybrid Tails installed
      (Closes: #6462).

  * Minor improvements
    - Create a configuration file for additional software if needed
      (Closes: #6436).
    - Translations all over the place.
    - Enable favicons in Iceweasel.
    - Do not propose to make permanent NoScript exceptions.
      In Tails, every such thing is temporary, so better only display the menu
      entry that's about temporarily allowing something.
    - Clearer warning when deleting persistent volume (thanks to Andres Gomez
      Ramirez <andres.gomez@cern.ch> for the patch).
    - Make wording in Tails Installer more consistent.

  [ WinterFairy ]
  * Use IBus instead of SCIM (Closes: #5624, #6206).
    It makes it possible to input passwords in pinentry for at least Japanese,
    Chinese and Korean languages.
  * Add an import-translation script.
    This automates the importation process of completed translations
    from Transifex.
  * Always list optimal keyboard layout in the greeter (Closes: #5741).
  * Fix on-the-fly translation of the greeter in various languages
    (Closes: #5469).

  [ Kytv]
  * Update I2P to 0.9.8.1 (Closes: #6080, #5889).
  * Improve I2P configuration:
    - Disable IPv6 support in a nicer way.
    - Disable i2cp (allows java clients to communicate from outside the JVM). If
      this is unset an exception for port 7654 would need to be added to ferm.
    - Disable "in-network" updates (this is also done in the regular I2P
      packages).
    - Disable the outproxies. Access to the Internet is already routed through
      Tor so these are unnecessary. If end-users have a good reason to go
      through one of the I2P outproxies they can turn them back on.
  * Add a couple of default I2P IRC channels to Pidgin.
  * Allow access to the local 'eepsite' through FoxyProxy.
  * Add firewall exceptions for the standard I2P ports.

 -- Tails developers <tails@boum.org>  Sat, 30 Nov 2013 16:47:18 +0100

tails (0.21) unstable; urgency=low

  * Security fixes
    - Don't grant access to the Tor control port for the desktop user
      (amnesia). Else, an attacker able to run arbitrary code as this user
      could obtain the public IP with a get_info command.
      · Vidalia is now run as a dedicated user.
      · Remove the amnesia user from the debian-tor group.
      · Remove the Vidalia launcher in the Applications menu.
        The Vidalia instance it starts is useless, since it can't connect
        to the Tor control port.
    - Don't allow the desktop user to directly change persistence settings.
      Else, an attacker able to run arbitrary code as this user could
      leverage this feature to gain persistent root access, as long as
      persistence is enabled.
      · Fully rework the persistent filesystem and files ownership
        and permissions.
      · Run the Persistent Volume Assistant as a dedicated user, that is
        granted the relevant udisks and filesystem -level credentials.
      · At persistence activation time, don't trust existing persistence
        configuration files, migrate to the new ownership and permissions,
        migrate every known-safe existing settings and backup what's left.
        Warn the user when not all persistence settings could be migrated.
      · Persistent Volume Assistant uses the new ownership and permissions
        scheme when initializing a new persistent volume, and refuses to
        read persistence.conf if it, or the parent directory, hasn't the
        expected permissions.
      · Make boot medium 'system internal' for udisks with bilibop.
        Once Tails is based on Wheezy, this will further complete the
        protection (see #6172 for details).
    - Update Iceweasel to 17.0.10esr-0+tails2~bpo60+1.
    - Update Torbutton to 1.5.2-2, including a patch cherry-picked from
      upstream to make window resizing closer to what the design says.

  * Major new features
    - Add a persistence preset for printing settings (Closes: #5686).
      Reload CUPS configuration after persistence activation.
    - Support SD card connected through a SDIO host adapter (Closes: #6324).
      · Rebrand Tails USB installer to Tails installer.
      · Display devices brand, model and size in the Installer
        (Closes: #6292).
      · Ask for confirmation before installing Tails onto a device
        (Closes: #6293).
      · Add support for SDIO and MMC block devices to the Tails Installer
        (Closes: #5744) and the Persistent Volume Assistant (Closes: #6325).
      · Arm the udev watchdog when booted from SD (plugged in SDIO) too
        (Closes: #6327).

  * Minor improvements
    - Provide a consistent path to the persistent volume mountpoint
      (Closes: #5854).
    - Add a KeePassX launcher to the top GNOME panel (Closes: #6290).
    - Rework bug reporting workflow: point the desktop launcher to
      the troubleshooting page.
    - Make /home world-readable at build time, regardless of the Git
      working copy permissions. This makes the build process more robust
      against strict umasks.
    - Add signing capabilities to the tails-build script (Closes: #6267).
      This is in turn used to sign ISO images built by our Jenkins setup
      (Closes: #6193).
    - Simplify the ikiwiki setup and make more pages translatable.
    - Exclude the version string in GnuPG's ASCII armored output.
    - Prefer stronger ciphers (AES256,AES192,AES,CAST5) when encrypting
      data with GnuPG.
    - Use the same custom Startpage search URL than the TBB.
      This apparently disables the new broken "family" filter.
    - Update AdBlock Plus patterns.
    - Install Linux from Debian testing.
      (That is, the same version that was shipped in 0.20.1.)

  * Test suite
    - Look for "/tmp/.X11-unix/X${1#:}" too when detecting displays in use.
    - Adapt tests to match the Control Port access security fix:
      · Take into account that the amnesia user isn't part of the debian-tor
        group anymore.
      · Run as root the checks to see if a process is running: this
        is required to see other users' processes.

 -- Tails developers <tails@boum.org>  Sat, 26 Oct 2013 23:42:46 +0200

tails (0.20.1) unstable; urgency=low

  * Major new features
  - Install Tor 0.2.4.17-rc-1~d60.squeeze+1 from the Tor project's repository.
  - Install Iceweasel 17.0.9esr with Torbrowser patches.
  - Install Linux kernel 3.10-3 (version 3.10.11-1) from sid.

  * Bugfixes
  - Remount persistence devices read-only at shutdown/reboot time
    (Closes: #6228).
  - Greeter: display a warning icon on admin password mismatch and on
    persistence unlocking failure. Thanks to Andres Gomez Ramirez
    <andres.gomez@cern.ch> for the fix!
  - Don't torsocksify Pidgin.
    Instead we disable Pidgin's GNOME integration to get the "Global proxy
    configuration", which we set to use Tor. This fixes the I2P IRC account.
  - Additional software: fix typo in notification.
  - Allow installing "Priority: standard" packages that we do not install
    by default: remove them late in the build process instead of assigning
    them a -1 APT pinning level.

  * Minor improvements
  - Update AdBlock Plus patterns.
  - Use more unique ISO file name when building from Jenkins.
  - Additional software: point to the system log on upgrade failure.
  - Set SOCKS5_USER and SOCKS5_PASSWORD in the connect-socks wrapper (used
    by Git). Else, Tor 0.2.4's IsolateSOCKSAuth and connect-proxy
    sometimes play together in some way that makes connect-proxy ask for
    a password to connect to the SocksPort. SOCKS5_USER and
    SOCKS5_PASSWORD are passed through unchanged if they were manually set
    by the user already.
  - Use our custom connect-socks wrapper for SSH. Else, Tor 0.2.4's
    IsolateSOCKSAuth and connect-proxy sometimes play together in some way
    that makes connect-proxy ask for a password to connect to the
    SocksPort. Note that connect-socks uses the default SocksPort too, so
    no change here wrt. our connection isolation design.

  * Localization
  - Import new translations from Transifex.

  * Test suite
  - Fix old ISO checking for consistent error reporting.
  - Remove custom persistence test from manual test suite.
    It was removed for the GUI in t-p-s 0.33.

 -- Tails developers <tails@boum.org>  Sun, 15 Sep 2013 15:49:36 +0200

tails (0.20) unstable; urgency=low

  * Major new features
  - Install Linux kernel 3.10.3-1 from Debian unstable.
  - Iceweasel 17.0.8esr + Torbrowser patches.

  * Bugfixes
  - Prevent Iceweasel from displaying a warning when leaving HTTPS web sites.
  - Make Iceweasel use the correct, localized search engine.
  - Fix Git access to https:// repositories.

  * Minor improvements
  - Install Dasher, a predictive text entry tool.
  - Add a wrapper around TrueCrypt which displays a warning about it soon
    being deprecated in Tails.
  - Remove Pidgin libraries for all protocols but IRC and Jabber/XMPP.
    Many of the other protocols Pidgin support are broken in Tails and
    haven't got any security auditting.
  - Disable the pre-defined Pidgin accounts so they do not auto-connect
    on Pidgin start.
  - Include information about Alsa in WhisperBack reports.
  - Explicitly restrict access to ptrace. While this setting was enabled
    by default in Debian's Linux 3.9.6-1, it will later disabled in 3.9.7-1.
    It's unclear what will happen next, so let's explicitly enable it ourselves.
  - Do not display dialog when a message is sent in Claws Mail.
  - Sync iceweasel preferences with the Torbrowser's.

  * Localization
  - Many translation updates all over the place.
  - Merge all Tails-related POT files into one, and make use of intltoolize
    for better integration with Transifex.

 -- Tails developers <tails@boum.org>  Tue, 30 Jul 2013 14:19:57 +0200

tails (0.19) unstable; urgency=low

  * Major new features
  - Install Linux kernel 3.9.5-1 from Debian unstable.
    Features of particular interest for Tails are the Yama LSM
    (ptrace scope restrictions) and improved hardware support.
    As a corollary, install initramfs-tools from there too.
  - Iceweasel 17.0.7esr + Torbrowser patches.
  - Unblock Bluetooth, Wi-Fi, WWAN and WiMAX; block every other type of
    wireless device. Next steps are described on the
    todo/protect_against_external_bus_memory_forensics ticket.

  * Bugfixes
  - Fix write access to boot medium at the block device level,
    by installing bilibop-udev. Thanks to quidame for his support.
  - tails-greeter l10n-related fixes, thanks to winterfairy:
    · Fix so translations is applied on password mismatch messages.
    · Separate forward and login buttons and make them translatable.
  - Fix link to documentation when no sudo password is set.
  - gpgApplet: partial fix for clipboard emptying after a wrong passphrase
    was entered.
  - Workaround aufs bug in Unsafe Browser script.

  * Minor improvements
  - Drop GNOME proxy settings: we did not find any use of it we were keen
    to support, other than two programs (Seahorse, Pidgin) that are now run
    with torsocks.
  - Format newly created persistent volumes as ext4.
  - GnuPG: don't connect to the keyserver specified by the key owner.
    This feature opens the door to a variety of subtle attacks.
  - GnuPG: locate keys only from local keyrings.
    This is probably the default, but better safe than sorry.
  - Install virt-what from Wheezy.
    The version from Squeeze does not detect at least Parallels for Mac v.8.
  - Upgrade live-boot and live-config to the 3.0.x final version from Wheezy.
    · Remove /live and /lib/live/image compatibility symlinks.
    · Add /live/overlay -> /lib/live/mount/overlay symlink.
      The live-boot changes (commit d2b2a461) brought to fix Debian bug
      #696495 revert some of our previous changes (commit 77dab1cb), and as
      a result, at the time live-persist runs, no tmpfs is mounted on
      /live/overlay, which breaks the aufs mount. So, let's just ensure
      /live/overlay points to a tmpfs.
    · Really disable policykit and sudo live-config hooks.
      ... by making it believe they've already been run.
      This workarounds new live-config's default behavior.

  * Localization
  - Many translation updates all over the place.

  * Test suite
  - Re-enable previously disabled boot device permissions test.

 -- Tails developers <tails@boum.org>  Wed, 26 Jun 2013 12:36:20 +0200

tails (0.18) unstable; urgency=low

  * New features
  - Support obfs3 bridges.
  - Automatically install a custom list of additional packages chosen by
    the user at the beginning of every working session, and upgrade them
    once a network connection is established (technology preview).

  * Iceweasel
  - Upgrade to Iceweasel 17.0.6esr-0+tails1~bpo60+1.
  - Update Torbrowser patches to current maint-2.4 branch (567682b).
  - Isolate DOM storage to first party URI, and enable DOM storage:
    don't set dom.storage.enabled anymore, and set Torbutton's
    disable_domstorage to false.
  - Isolate the image cache per url bar domain.
  - Torbutton 1.5.2, and various prefs hacks to fix breakage:
    · Add .saved version of the Torbutton preferences the TBB also sets.
    · Set TOR_SOCKS_HOST and TOR_SOCKS_PORT.
    · Move some prefs (network.proxy.*, extensions.autoDisableScopes,
      extensions.foxyproxy.last-version) to user.js.
      Else, with Torbutton 1.5.x, these ones are not taken into account.
    · Set network.proxy.socks_version.
      Else we get the meaningless user_pref("network.proxy.socks_version", 9063);
      in prefs.js after the initial startup.
    · Set extensions.foxyproxy.socks_remote_dns to true.
      Else, it overrides the various ways we set network.proxy.socks_remote_dns,
      which in turn makes Torbutton think it should start in non-Tor mode.
    · Also pass the TOR_SOCKS_* environment variables to iceweasel when
      generating the profile: Torbutton behaves differently depending on
      these variables, so we don't want the initial profile generation to be
      done without them. In practice, this has no implication that we could
      see right now, but better safe than sorry.
    · Import all version overrides from the TBB prefs.
      Else, the User-Agent sent in the HTTP headers is fine, but real
      values leak with JavaScript, as demonstrated by ip-check's "Browser
      type" test.
    · Move a bunch of settings to user_pref(), that are not applied otherwise.
      For some, this fixes a regression in 0.18~rc1.
      For other, the  bug was already present in Tails 0.17.2.
  - HTTPS Everywhere 3.2.
  - Update prefs to match the TBB's, fix bugs, and take advantage of the latest
    Torbrowser patches:
    · Increase pipeline randomization.
    · Fix @font-face handling of local() fonts.
      Also disable fallback font rendering.
    · Explicitly disable SPDY v2 and v3.
    · Update http pipelining prefs.
  - Make prefs organization closer to the TBB's:
    · Remove Torbutton prefs that we set at their default value.
    · Import Torbutton preferences from the TBB.
    · Organize iceweasel config files in sections the same way as the TBB.
  - Cleanup prefs:
    · Don't set extensions.torbutton.clear_cookies nor
      extensions.torbutton.saved.share_proxy_settings:
      we don't care about toggling anymore.
    · Don't set extensions.torbutton.saved.download_retention nor
      extensions.torbutton.saved.search_suggest:
      these settings are not used in Torbutton anymore.
  - Update unsafe browser prefs mangling accordingly.
  - Move network.protocol-handler.warn-external.* to user_pref().
    Else they're not applied.
    These prefs are actually ignored by Firefox these days -- the TBB
    design doc reads "They are set still anyway out of respect for the
    dead". Let's go on doing the same.
  - Update extensions.adblockplus.currentVersion.
  - Fetch xul-ext-https-everywhere (3.2-2) and xul-ext-noscript (2.6.6.1-1)
    from Debian unstable. They were uploaded there, and accordingly removed
    from experimental.

  * Bugfixes
  - Linux 3.2.41-2+deb7u2.
  - Fixed swapped filenames of tails-{reboot,shutdown}.desktop.
    Thanks to Mikko Harhanen for the patch.
  - Only add ClientTransportPlugin to torrc when bridge mode is enabled.
    This should bring back support for proxies of type other than obfsproxy.

  * Minor improvements
  - Set kernel.dmesg_restrict=1, and make /proc/<pid>/ invisible
    and restricted for other users. It makes it slightly harder for an attacker
    to gather information that may allow them to escalate privileges.
  - Install gnome-screenshot.
  - Don't disable IPv6 on all network interfaces anymore.
    It turns out the IPv6 leaks we wanted to fix actually don't exist.
  - Add a "About Tails" launcher in the System menu.
  - Install GNOME accessibility themes.
  - Use 'Getting started...' as the homepage for Tails documentation button.
  - Stop relying on the obsolete /live/image compatibility symlink.
  - Disable audio preview in Nautilus.
  - Wheezy was released => Squeeze is now oldstable.
  - Pick Tor from deb.torproject.org regardless of the release name they
    advertise. At some point we needed it, their APT repository still thought
    that stable == Squeeze.
  - Add Wheezy APT sources.
  - Install Linux and related packages from Wheezy.
    Debian sid just got Linux 3.8, and we don't want to switch to a new kernel
    yet.
  - Fetch laptop-mode-tools from Wheezy.
    Wheezy has the version we've been installing in 0.18~rc1,
    while a newer one was uploaded to sid in the meantime.
  - Fetch a few packages from Wheezy instead of unstable.
    Namely: spice-vdagent, libregexp-common-perl, macchanger, service-wrapper,
    libservice-wrapper-java and libservice-wrapper-jni.
    Wheezy has the versions we've been installing for a while, so let's
    avoid having unstable push a newer one to us uselessly at some point.
    Note that at the time of this writing, the versions in sid and in Wheezy
    are the same, so this commit is effectively a no-op as of today: it is
    merely a safeguard for the future.

  * Localization
  - Many translation updates all over the place.

  * Build process
  - Make Vagrant's build-tails script support Jenkins too.

  * Test suite
  - Fix Unsafe Browser test broken by hidepid.

 -- Tails developers <tails@boum.org>  Mon, 13 May 2013 22:17:38 +0200

tails (0.17.2) unstable; urgency=low

  * Iceweasel
  - Upgrade to Iceweasel 17.0.5esr-0+tails2~bpo60+1.
  - Stop displaying obsolete context menu entries ("Open Tor URL" and friends).

  * Hardware support
  - Update Linux to 3.2.41-2

  * Bugfixes
  - Use more reliable OpenPGP keyservers:
    · use the hkps pool in GnuPG (and import their SSL CA)
    · use hkp://pool.sks-keyservers.net in Seahorse (as it does not support
      hkps yet)
  - Keep udisks users (GNOME Disk Utility, tails-persistence-setup, etc.)
    from resetting the system partition's attributes when manipulating the
    partition table. To this end, backport the relevant bugfix from Wheezy
    into parted 2.3-5+tails1. This allowed to remove the sgdisk-based
    workaround in tais-persistence-setup, and to stop installing
    python-parted. All this is a first needed step to fix
    todo/make_system_disk_read-only in a future release.

  * Minor improvements
  - Disable NoScript's HTML5 media click-to-play for better user experience.

  * Localization
  - Tails USB installer: update translations for French, German, Spanish,
    Finnish, Greek, Italian, Latvian, Dutch, Polish and Chinese.
  - Tails Greeter: update translations for Farsi, Chinese, French;
    new translations: Finnish, Norwegian Bokmål, Galician.
  - tails-persistence-setup: update Farsi and Chinese translations;
    import new translations for Finnish and Swedish.
  - WhisperBack: update translations for Arabic, French, German, Greek,
    Spanish, Korean, Polish, Russian. New translations: Finnish, Chinese.

  * Build process
  - Add automated testing framework (Sikuli, Cucumber, libvirt -based)
    with a bunch of tests.

 -- Tails developers <amnesia@boum.org>  Sun, 07 Apr 2013 12:17:26 +0200

tails (0.17.1) unstable; urgency=low

  * Iceweasel
  - Upgrade to Iceweasel 17.0.4esr-0+tails1~bpo60+1.

  * Hardware support
  - Update Linux to 3.2.39-2.
    It includes the drm and agp subsystems from Linux 3.4.29.
  - Don't install xserver-xorg-video-rendition backport.
    xserver-xorg-video-rendition has been removed from squeeze-backports
    due to an upstream tarball mismatch discover when merging backports
    into the main Debian archive, and xserver-xorg-video-all still depends
    on it, so we explicitly install all drivers from -all but -rendition
    as a (hopefully temporary) workaround.

  * Minor improvements
  - Remove Indymedia IRC account, until we ship a version of Pidgin
    with SASL support, that is when Tails is based on Wheezy.

  * Build system
  - Don't ship the wiki's todo and bugs on ISO images.

 -- Tails developers <amnesia@boum.org>  Thu, 21 Mar 2013 18:54:11 +0100

tails (0.17) unstable; urgency=low

  * New features
  - Install the KeePassX password manager, with a configuration and
    documentation that makes it easy to persist the password database.

  * Iceweasel
  - Upgrade to Iceweasel 17.0.3esr-1+tails1~bpo60+1.
  - Install xul-ext-adblock-plus from squeeze-backports.
  - Do not allow listing all available fonts.
    Set browser.display.max_font_attempts and browser.display.max_font_count
    to enable the Torbrowser Limit-the-number-of-fonts-per-document patch.
  - Set default spellchecker dictionary to English (USA),
    and localize it according to locale with our custom branding extension.
  - Disable the add-ons automatic update feature.
  - Make the generated profile world-readable.
  - Remove NoScript click-to-play confirmation.
  - Sync some prefs set by Torbutton, to be ready when it stops setting these.
  - Disable navigation timing.
  - Disable SPDY. It stores state and may have keepalive issues.
  - More aggressive iceweasel HTTP pipelining settings.
  - Enable WebGL (as click-to-play only).
  - Disable network.http.connection-retry-timeout.
  - Disable full path information for plugins.
  - Remove NoScript blocks of WebFonts.
  - Disable DOM storage in Torbutton.
    Since we don't apply the 0026-Isolate-DOM-storage-to-first-party-URI.patch
    Torbrowser patch yet, and still disable DOM storage, we need to tell
    Torbutton not to use it.
  - Synchronize iceweasel's general.useragent.override with TBB based on FF17.
    The User-Agent settings are not kept up-to-date anymore in Torbutton, so
    we have to keep in sync manually with TBB's settings.
  - Remove obsolete APT pining for Torbutton.
    It's not maintained in Debian anymore, so we now fetch it from our own
    APT repository.
  - Fetch FoxyProxy from Debian experimental and libnspr4-0d from
    squeeze-backports, for compatibility with Iceweasel 17.
  - Rebase bookmarks file on top of the default iceweasel 17 one.
  - Explicitly disable AdBlock Plus "correct typos" feature.
    This feature connects to http://urlfixer.org/.
    It is disabled by default in 2.2-1, but let's be careful.

  * Minor improvements
  - Upgrade to live-boot 3.0~b11-1 and live-config 3.0.12-1.
    Accordingly update the 9980-permissions hook, live-persist,
    unsafe-browser and boot-profile.
    Add compatibility symlinks from /live to /lib/live, and from /live/image
    to /lib/live/mount/medium, to ease the transition.
  - Check for errors when sourcing live-boot files, e.g. to detect when
    they have been renamed upstream.
  - Don't add "quiet" to the kernel command-line ourselves.
    Else, it appears twice as live-build's lb_binary_syslinux adds it too.
    Historically, we've been adding it ourselves on top of that because
    lb_binary_yaboot does not add it, but since we gave up the PowerPC support
    attempt, we're now only interested in syslinux, so let's make it easier
    for the general case, e.g. when one wants to remove the "quiet" parameter
    as suggested by our "Tails does not start" debugging documentation.
  - Upgrade I2P to 0.9.4.

  * Bugfixes
  - Many bugfixes brought by the Debian Squeeze 6.0.7 point-release.
  - Use the regular GnuPG agent + pinentry-gtk2 instead of Seahorse
    as a GnuPG agent. This fixes usage of OpenPGP in Claws Mail,
    and brings support for OpenPGP smartcards.
  - Enable I2P hidden mode.
    Else, killing I2P ungracefully is bad for the I2P network.
  - live-persist: move error() function before the first potential usecase.
  - Add missing executable bit on restart-tor and restart-vidalia.
  - Add shutdown and reboot launchers to the menu.
    This workarounds the lack of a shutdown helper applet in camouflage mode.
  - Remove Pidgin's MXit and Sametime support.
    ... at least until CVE-2013-0273, CVE-2013-0272 and CVE-2013-0271 are
    fixed in Debian stable. While we're at it, don't force file removal in
    these "set -e" build scripts: fail hard, instead of silently ignoring
    the fact that files may have moved or disappeared.

  * Hardware support
  - Install recent Intel and AMD microcode from squeeze-backports,
    explicitly excluding the iucode-tool package that's not a good idea
    for Live systems.
  - Install firmware loader for Qualcomm Gobi USB chipsets.
    This is needed to have various mobile broadband chipsets work.
  - Upgrade barry to 0.18.3-5~bpo60+1.
    This much improved new version supports more hardware & ISP,
    and does not display dozens of spurious error messages at boot time.

  * Build system
  - Remove APT local cache (/Var/cache/apt/{,src}pkgcache.bin).

 -- Tails developers <amnesia@boum.org>  Sat, 23 Feb 2013 10:37:57 +0100

tails (0.16) unstable; urgency=low

  * Minor improvements
  - Replace the too-easy-to-misclick shutdown button with a better
    "Shutdown Helper" Gnome applet.
  - Display ~/Persistent in GNOME Places and GtkFileChooser if it is mounted.
  - Set Unsafe Browser's window title to "Unsafe Browser".
  - Install ekeyd to support the EntropyKey.
  - Install font for Sinhala.
  - Update Poedit to 1.5.4.
  - Kill Vidalia when restarting Tor.
    Doing this as early as possible exposes Vidalia's "broken onion" icon
    to users less.
  - Hide the persistence setup launchers in kiosk mode.
  - Add a shell library for Tor functions.
    These are shared among multiple of our scripts.
  - Install dictionaries for supported languages.
    Install hunspell dictionaries when possible,
    fall back on myspell ones else.

  * Bugfixes
  - Disable IPv6 on all network interfaces.
    This is a workaround for the IPv6 link-local multicast leak that was recently
    discovered. Tails has no local service that listens on IPv6, so there should be
    no regression, hopefully, unless one wants to play with OnionCat and VoIP,
    but those of us should know how to workaround this anyway.
  - live-persist: Fix variable mismatch, fixing probe white-list.
    Tails may previously have been able to list GPT partitions labelled
    "TailsData" on hard drives (!) as valid persistence volumes...
  - live-persist: Fix --media option when no devices are attached.
    Earlier, if it was set to e.g. 'removable-usb' and no USB storage was
    connected, $whitelistdev would be empty, which is interpreted like
    all devices are ok by the rest of the code.
  - Fix SCIM in the autostarted web browser: save IM environment variables
    to a file during Desktop session startup, and export them into the
    autostarted browser's environment.
  - Talk of DVD, not of CD, in the shutdown messages.
  - Make tordate work in bridge mode with an incorrect clock.
    When using a bridge Tor reports TLS cert lifetime errors (e.g. when
    the system clock is way off) with severity "info", but when no bridge
    is used the severity is "warn". tordate/20-time.sh depends on grepping
    these error messages, so we termporarily increase Tor's logging
    severity when using bridge mode. If we don't do this tordate will
    sleep forever, leaving Tor in a non-working state.
    · White-list root to use Tor's ControlPort.
    · Add logging for is_clock_way_off().
    · Remove Tor's log before time syncing.
      We depend on grepping stuff from the Tor log (especially for
      tordate/20-time.sh), so deleting it seems like a Good Thing(TM).
    · Stop Tor before messing with its log or data dir.
  - live-persist: limit searched devices the same way as live-boot.
    If no --media argument is specified, use live-boot's
    "(live-media|bootfrom)=removable(|-usb)" argument to limit devices
    searched for a persistent volume.
  - tails-greeter: do not pass media=removable to live-persist.
    Now that we have autodetection with kernel command-line,
    it should not be needed anymore.
  - Start memlockd after configuring it,
    instead of starting it before and restarting it after.
    This avoids running memlockd twice, and prevents other possibly
    surprising race-conditions.
    As a consequence, also have tails-sdmem-on-media-removal start after the
    memlockd service *and* tails-reconfigure-memlockd: to start the watchdog,
    we need memlockd to be properly configured *and* running.

  * iceweasel
  - Set iceweasel homepage to the news section on the Tails website.
    ... using the localized one when possible.
  - Hide the iceweasel add-on bar by default.
    Now that we don't want to ship the Monkeysphere addon anymore,
    that was the only one displayed in there, we can as well hide the whole bar.
  - Don't hide the AdBlock-Plus button in the add-on bar anymore. Now that
    we hide the whole addon bar, we can get rid of this old
    UX improvement.
  - Do not install a placeholder (fake) FireGPG iceweasel extension anymore.
    It was shipped from 0.10 (early 2012) to 0.15 (late November),
    so the migration period should be over now.
  - Don't install xul-ext-monkeysphere anymore.
    The implication of the current keyserver policy are not well
    understood, Monkeysphere is little used in Tails, and we're not sure
    anymore it would be our first bet for the web browser profile with no
    CA. Let's keep the various configuration bits (e.g. FoxyProxy,
    patching MSVA), though, so that advanced users who are used to have
    Monkeysphere in Tails just have to install the package.

  * Build system
  - Install the "standard" task with tasksel for better consistency in the
    Tails ISO images built in various environments.
  - Install p7zip-full. It's a dep by file-roller, but we explicily use it
    elsewhere, and it's better to be safe than sorry.
  - Remove pinning of libvpx0 to sid.
    This package is part of Squeeze, and not from testing/sid.
    We have been shipping the version from Squeeze for a while.
  - Remove config/chroot_local-packages/ from .gitignore.
    The documented way for "external" contributors to add custom packages
    is to put them in chroot_local-packages, and once we pull we import
    any such package into our APT repo and rewrite the
    history appropriately.
    Also, the ability to add packages in there and not see them in "git
    status" makes it very easy to build tainted ISO images with
    non-standard packages, which makes some of us fear can lead to hard to
    debug situations.
  - Make it clearer what can and cannot be done in terms of local packages.

 -- Tails developers <amnesia@boum.org>  Thu, 10 Jan 2013 12:47:42 +0100

tails (0.15) unstable; urgency=low

  * Major new features
  - Persistence for browser bookmarks.
  - Support for obfsproxy bridges.

  * Minor improvements
  - Add the Hangul (Korean) Input Method Engine for SCIM.
  - Add vendor-specific dpkg origin information. This makes dpkg-vendor
    return correct information.
  - Install pcscd and libccid from squeeze-backports. This is needed to
    support, to some extent, some OpenPGP SmartCard readers.
  - Install HPIJS PPD files and the IJS driver (hpijs).
    This adds support for some printers, such as Xerox DocumentCenter400.
  - Optimize fonts display for LCD.
  - Update TrueCrypt to version 7.1a.

  * Bugfixes
  - Do not use pdnsd anymore. It has been orphaned in Debian, has quite
    some bugs in there, and apparently Tor's DNSPort's own caching is
    be good enough.
  - Remove useless iceweasel cookies exceptions. They are useless as
    per-session cookies are allowed.
  - Do not run setupcon on X. This call is only needed on the Linux
    console, no need to annoy the user with a weird "Press enter to
    activate this console" when the open a root shell in a GNOME
    Terminal.
  - Allow the tails-iuk-get-target-file user to connect to the SOCKSPort
    dedicated for Tails-specific software.
  - Fix gpgApplet menu display in Windows camouflage mode.
  - Fix Tor reaching an inactive state if it's restarted in "bridge mode",
    e.g. during the time sync' process.

  * Iceweasel
  - Update iceweasel to 10.0.11esr-1+tails1.
  - User profile is now generated at build time in order to support persistent
    bookmarks.
  - Update HTTPS Everywhere to version 3.0.4.
  - Update NoScript to version 2.6.
  - Fix bookmark to I2P router console.
  - Re-enable Monkeysphere extension to connect to the validation agent.

  * Localization
  - The Tails USB installer, tails-persistence-setup and tails-greeter
    are now translated into Bulgarian.
  - Update Chinese translation for tails-greeter.
  - Update Euskadi translation for WhisperBack.

  * Build system
  - Custom packages are now retrieved from Tails APT repository instead
    of bloating the Git repository.
  - Allow '~' in wiki filenames. This makes it possible to ship
    update-description files for release candidates.
  - Document how to create incremental update kit.
  - Handle release candidates when generating custom APT sources.
  - Remove pinning for xul-ext-adblock-plus.
    It is obsolete since we've added this package to our APT repository.

 -- Tails developers <amnesia@boum.org>  Sun, 25 Nov 2012 12:59:17 +0100

tails (0.14) unstable; urgency=low

  * Major new features
  - Enable Tor stream isolation; several new SocksPorts with
    appropriate Isolate* options have been added for different use
    cases (i.e. applications). All application's have been
    reconfigured to use these new SocksPorts, which should increase
    anonymity by making it more difficulte to correlate traffic from
    different applications or "online identities".
  - The web browser now has the anonymity enhancing patches from the
    TorBrowser applied.
  - gpgApplet can now handle public-key cryptography.
  - Install an additional, PAE-enabled kernel with NX-bit
    support. This kernel is auto-selected when the hardware supports
    it and will:
    * provide executable space protection, preventing certain types of
      buffer overflows from being exploitable.
    * enable more than 4 GiB of system memory.
    * make all processors/cores available, including their
      power-saving functionality.
  - Add a persistence preset for NetworkManager connections.

  * Minor improvements
  - On kexec reboot, make the boot quiet only if debug=wipemem was not
    enabled.
  - Update torproject.org's APT repo key.
  - Update the embedded Tails signing key.
  - Use symlinks instead of duplicating localized searchplugins.
  - Rewrite Tails firewall using ferm. Tails firewall was written in
    very unsophisticated iptables-save/restore format. As more feature
    creeped in, it started to be quite unreadable.
  - Optimize VirtualBox modules build at runtime to avoid installing the
    userspace utils N times.
  - Drop most of Vidalia's configuration. Our custom lines just caused
    trouble (with multiple SocksPorts) and the default works well.
  - Blacklist PC speaker module. On some computers, having the pcspkr
    module loaded means loud beeps at bootup, shutdown and when using
    the console. As it draws useless attention to Tails users, it is
    better to prevent Linux from loading it by default.
  - Remove all addons from the Unsafe Browser. No addons are essential
    for the Unsafe Browser's intent. If anything they will modify the
    network fingerprint compared to a normal Iceweasel install, which
    is undesirable.
  - Prevent some unwanted packages to be installed at all, rather than
    uninstalling them later. This should speed up the build a bit.
  - Add a symlink from /etc/live/config to /etc/live/config.d. This
    makes the system compatible with live-config 3.0.4-1, without
    breaking backward compatibility with various parts of the system
    that use the old path.
  - Do not run unecessary scripts during shutdown sequence, to make
    shutdown faster.
  - Make live-persist deal with persistent ~/.gconf subdirs so that
    any options saved therein actually get persistent.
  - Prevent memlockd unload on shutdown, to make sure that all
    necessary tools for memory wiping are available when the new
    kernel has kexec'd.
  - Patch initscripts headers instead of fiddling with update-rc.d. We
    now let insserv figure out the correct ordering for the services
    during startup and shutdown, i.e. use dependency-based boot
    sequencing.
  - Remove the last absolute path in our isolinux config, which makes
    it easier to migrate from isolinux to syslinux (just rename the
    directory), and hence might make it easier for 3rd party USB
    installers (like the Universal USB Installer) to support Tails.

  * Bugfixes
  - Include `seq` in the ramdisk environment: it is used to wipe more
    memory. This fixes the long-standing bug about Tails not cleaning
    all memory on shutdown.
  - Fix Yelp crashing on internal links
  - Allow amnesia user to use Tor's TransPort. This firewall exception
    is necessary for applications that doesn't have in-built SOCKS
    support and cannot use torsocks. One such example is Claws Mail,
    which uses tsocks since torsocks makes it leak the hostname. This
    exception, together with Tor's automatic .onion mapping makes
    Claws Mail able to use hidden service mail providers again.
  - Force threads locking support in Python DBus binding. Without this
    liveusb-creator doesn't work with a PAE-enabled kernel.
  - Fix localized search plugins for 'es' and 'pt'
  - Fix live-boot's readahead, which caused an unnecessary pause
    during boot.
  - Factorize GCC wanted / available version numbers in VirtualBox
    modules building hook. This, incidentally, fixes a bug caused by
    duplication and not updating all instances.
  - Fix tordate vs. Tor 0.2.3.x. Since 0.2.3.x Tor doesn't download a
    consensus for clocks that are more than 30 days in the past or 2
    days in the future (see commits f4c1fa2 and 87622e4 in Tor's git
    repo). For such clock skews we set the time to the Tor authority's
    cert's valid-after date to ensure that a consensus can be
    downloaded.

  * Tor
  - Update to version 0.2.3.24-rc-1~~squeeze+1, a new major
    version. It's not a stable release, but we have been assured by
    the Tor developers that this is the right move.
  - Stop setting custom value for the Tor LongLivedPorts
    setting. Gobby's port was upstreamed in Tor 0.2.3.x.

  * Iceweasel
  - Update to 10.0.10esr-1+tails1, which has all the anonymity enhancing
    patches from the TorBrowser applied.
  - Install iceweasel from our own repo, http://deb.tails.boum.org.
  - Fix Iceweasel's file associations. No more should you be suggested
    to open a PDF in the GIMP.

  * htpdate
  - Use curl instead of wget, and add a --proxy option passed through
    to curl.
  - Remove the --fullrequest option, we don't need it anymore.
  - Remove --dns-timeout option, we don't need it anymore.
  - Change --proxy handling to support Debian Squeeze's curl.
  - Clarify what happens if --proxy is not used.
  - Compute the median of the diffs more correctly.

  * Hardware support
  - Update Linux to 3.2.32-1.

  * Software
  - Update vidalia to 0.2.20-1+tails1.
  - Update bundled WhisperBack package to 1.6.2:
    * Raise the socket library timeout to 120 seconds
    * Use smtplib's timeout parameter
    * Fix error output when calling send a 2nd time
  - Update liveusb-creator to 3.11.6-3.
  - Update i2p to 0.9.2.
  - Update tails-persistence-setup to 0.20-1, which should make it
    possible to install Tails on large (>= 32 GiB) USB drives.
  - Install console-setup and keyboard-configuration from unstable
    (required by new initramfs-tools).
  - Update tails-greeter to 0.7.3:
    * Import pt_BR translation.
    * Let langpanel usable during option selection stage
    * Print less debugging messages by default
    (below are changes in tails-greeter 0.7.2:)
    * Use correct test operators.
    * Generate language codes of available locales at package build
      time.
    * Read list of language codes from where we have saved it at
      package build time.
    * Drop tails-lang-helper, not used anymore.
    * Do not compile locales at login time anymore. Tails now ships
      locales-all.
  - Import live-config{,-sysvinit} 3.0.8-1. live-config >= 3.0.9-1
    has basically nothing useful for us, and it migrates to new paths
    brought by live-boot 3.0~b7, which we're not ready for yet (see:
    todo/newer_live-boot).

  * Localization
  - Fix Tails specific Iceweasel localization for pt-BR
  - Add Japanese input system: scim-anthy.
  - whisperback is now also translated into German, Hebrew, Hungarian,
    Italian and Korean.
  - tails-persistence-setup is now also translated into Arabic.
  - tails-greeter is now also translated into Arabic, Hebrew, Basque,
    Hungarian, Italian and Chinese.

  * Build system
  - Catch more errors in during build time:
    - Ensure that all local hooks start with 'set -e'.
    - Fail hard if adduser fails in local hooks.
    - Fail hard if 'rm' fails in local hooks.
  - vagrant: Ensure we have the set of Perl packages needed by our
    Ikiwiki
  - vagrant: Configure live-build to ship with ftp.us.debian.org.
    Using cdn.debian.net leads to bad interactions with Tor.
  - vagrant: Don't use gzip compression when building from a tag, i.e.
    a release.
  - vagrant: Optionally use bootstrap stage cache for faster builds
    via the 'cache' build option.
  - vagrant: Make sure release builds are clean, i.e. they don't use
    any potentially dangerous build options.
  - vagrant: Disable live-build package caching. This build system is
    meant to use an external caching proxy, so live-build's cache just
    wastes RAM (for in-memory builds) or disk space.
  - vagrant: use aufs magic instead of copying source into tmpfs.
    This reduces the amount of RAM required for building Tails in.
  - vagrant: Allow in-memory builds when a VM with enough memory is
    already started.

 -- Tails developers <amnesia@boum.org>  Sat, 10 Nov 2012 12:34:56 +0000

tails (0.13) unstable; urgency=low

  * Major new features
  - Use white-list/principle of least privelege approach for local services.
    Only users that need a certain local (i.e. hosted on loopback) service
    (according to our use cases) are granted access to it by our firewall;
    all other users are denied access.
  - Ship a first version of the incremental update system. Updates are not
    currently triggered automatically, but this will allow tests to be done
    on larger scales.

  * Minor improvements
  - Enable four workspaces in the Windows XP camouflage. This allows
    users to quickly switch to a more innocent looking workspace in case
    they are working on sensitive data and attract unwanted attention.
    The workspace switcher applet isn't there, though, since there's no
    such thing in Windows XP, so switching is only possible via keyboard
    shortcuts.
  - Ship with precompiled locales instead of generating them upon login.
  - Add support for wireless regulation.
  - Use color for Git output, not intended for machine consumption,
    written to the terminal.
  - Have ttdnsd use OpenDNS. Using Google's DNS servers was very
    glitchy, and rarely succeeded when it should. It can probably be
    attributed to Google's DNS, which is known to take issue with Tor
    exits.
  - Upgrade WhisperBack to 1.6, with many UI improvements and new translations.
  - Include GDM logs and dmidecode informations in the reports.
  - Allow to modify language and layout in the "Advanced options" screen
    of the greeter.
  - GnuPG: bump cert-digest-algo to SHA512.
  - Update torproject.org's APT repo key.

  * Bugfixes
  - Make Claws Mail save local/POP emails in its dot-directory. The
    default is to save them at ~/Mail, which isn't included in our
    current Claws Mail persistence preset.
  - Fix the System Monitor applet.
  - Remove broken ttdnsd from the default DNS resolution loop.
  - Hide the 'TailsData' partition in desktop applications.
  - Ship unrar-free again, so that the GNOME archive manager knows about
    it.
  - Ship with an empty whitelist for Noscript.
  - Disable FoxyProxy's advertisement on proxy error page.
  - Fix slow browsing experience for offline documentation.
  - Raise the socket timeout to 120 seconds in WhisperBack.
  - Enable the ikiwiki trail plugin for the locally built wiki too.

  * Iceweasel
  - Upgrade iceweasel to 10.0.6esr-1 (Extended Support Release) and install it
    and its dependencies from squeeze-backports.

  * Hardware support
  - Upgrade Linux to 3.2.23-1.

  * Software
  - Update tor to version 0.2.2.39.
  - Update Iceweasel to version 10.0.7esr-2.
  - Update i2p to version 0.9.1.

  * Build system
  - vagrant: Install Ikiwiki from Debian unstable. The 'mirrorlist'
    patches have finally been merged in upstream Ikiwiki. So instead of
    building Ikiwiki by hand, we can now install the package directly
    from Debian unstable.
  - Do not build the ikiwiki forum on the bundled static website copy.

 -- Tails developers <amnesia@boum.org>  Mon, 17 Sep 2012 15:19:25 +0200

tails (0.12.1) unstable; urgency=low

  This is a brown paper bag release to fix two major problems introduced in
  Tails 0.12.

  * Iceweasel
  - Upgrade Torbutton to 1.4.6.
  - Upgrade AdBlock Plus to 2.1.
  - Update AdBlock Plus patterns.

  * Hardware support
  - Upgrade Linux to 3.2.21-3 (linux-image-3.2.0-3-486).

  * Software
  - Install MAT from Debian backports, drop custom package.
  - Install python-pdfrw to re-add PDF support to the MAT.
  - Upgrade tails-greeter to 0.7.1, which fixes the race condition that
    broke administration password and locale settings on some systems.

  * Boot
  - Remove the Tails specific plymouth theme. The theme interfers heavily with
    the boot process on some hardware.

 -- Tails developers <amnesia@boum.org>  Mon, 17 Sep 2012 13:06:03 +0200

tails (0.12) unstable; urgency=low

  * Major new features
  - Add the Unsafe Web Browser, which has direct access to the Internet and
    can be used to login to captive portals.
  - The (previously experimental, now deemed stable) Windows camouflage can now
    be enabled via a check box in Tails greeter.

  * Tor
  - Upgrade to 0.2.2.37-1~~squeeze+1.

  * Iceweasel
  - Upgrade iceweasel to 10.0.5esr-1 (Extended Support Release) and install it
    and its dependencies from squeeze-backports.
  - Add a bookmark for the offline Tails documentation.
  - Update AdBlock patterns.

  * Persistence
  - Allow using larger USB drives by increasing the mkfs timeout to 10 minutes.
  - Tell the user what's going on when the Tails boot device cannot be found.

  * Hardware support
  - Upgrade Linux to 3.2.20-1 (linux-image-3.2.0-2-amd64).

  * Software
  - Install rfkill.
  - Install torsocks. Note that this makes `torify' use `torsocks' instead of
    `tsocks'. The `tsocks' binary is dropped to avoid problems, but remaining
    files (the library) are kept since ttdnsd depends on them.
  - Fetch live-config-sysvinit from sid so that it matches live-config version.
  - Update virtualbox backports to 4.1.10-dfsg-1~bpo60+1.
  - Install pciutils (needed by virtualbox-guest-utils).
  - Install mousetweaks. This is needed to use the mouse accessibility settings
    in System -> Preferences -> Mouse -> Accessibility.
  - Install the "hardlink" files deduplicator.
  - Do not install cryptkeeper anymore. See todo/remove_cryptkeeper for reason.
    Users of cryptkeeper are encouraged to install cryptkeeper via `apt-get
    update; apt-get install --yes cryptkeeper`, open their volume and move
    their to Tails' built-in persistence instead, as a one-time migration.
  - Upgrade I2P to version 0.9.
  - Don't install GParted. GNOME Disk Utility has been on par with GParted
    since Squeeze was released.
  - Upgrade live-boot to 3.0~a27-1+tails2~1.gbp319fe6.
  - Upgrade live-config to 3.0~a39-1 and install it from Debian experimental.
  - Upgrade tails-greeter to 0.7.
  - Upgrade tails-persistence-setup to 0.17-1.
  - Install libyaml-libyaml-perl.
  - Upgrade MAT, the metadata anonymisation toolkit, 0.3.2-1~bpo60+1.
  - Fetch python-pdfrw from backports, drop custom package.

  * Internationalization
  - The Tails website and documentation now has a (partial) Portuguese
    translation.

  * Build system
  - Tails can now be built without using a HTTP proxy.
  - Tails can now easily be built by using Vagrant. See the updated
    contribute/build page for instructions.

  * Boot
  - Remove obsolete noswap boot parameter. live-boot now handles swap on an
    opt-in basis.
  - The squashfs.sort files generated with boot-profile should now be ok which
    makes the generate images boot noticeably faster on optical media. See
    bugs/weird_squashfs.sort_entries for more information.
  - Set Tails specific syslinux and plymouth themes.
  - Add NVidia KMS video drivers to the initrd in order to show our shiny new
    plymouth theme on more systems.

 -- Tails developers <amnesia@boum.org>  Mon, 11 Jun 2012 13:37:00 +0200

tails (0.11) unstable; urgency=low

  * Major new features
  - Do not grant the desktop user root credentials by default.
  - A graphical boot menu (tails-greeter 0.6.3) allows choosing among
    many languages, and setting an optional sudoer password.
  - Support opt-in targeted persistence
    · tails-persistence-setup 0.14-1
    · live-boot 3.0~a25-1+tails1~5.gbp48d06c
    · live-config 3.0~a35-1
  - USB installer: liveusb-creator 3.11.6-1

  * iceweasel
  - Install iceweasel 10.0.4esr-1 (Extended Support Release).
    Let's stop tracking a too fast moving target.
    Debian Wheezy will ship ESR versions.
  - Install needed dependencies from squeeze-backports.
  - Search plugins:
    · Remove bing.
      bing appeared due to our upgrading iceweasel.
      Removing it makes things consistent with the way they have been
      until now, that is: let's keep only the general search engines
      we've been asked to add, plus Google, and a few specialized ones.
    · Replace Debian-provided DuckDuckGo search plugin with the "HTML SSL"
      one, version 20110219. This is the non-JavaScript, SSL, POST flavour.
    · Add ixquick.com.
    · Install localized search engines in the correct place.
      No need to copy them around at boot time anymore.
    · Remove Scroogle. RIP.
  - Enable TLS false start, like the TBB does since December.
  - Adblock Plus: don't count and save filter hits, supress first run dialog.
  - Install neither the GreaseMonkey add-on, nor any GreaseMonkey script.
    YouTube's HTML5 opt-in program is over.
    HTML5 video support is now autodetected and used.

  * Vidalia
  - Upgrade to 0.2.17-1+tails1: drop Do-not-warn-about-Tor-version.patch,
    applied upstream.
  - Set SkipVersionCheck=true.
    Thanks to chiiph for implementing this upstream (needs Vidalia 0.2.16+).

  * Internationalization
  - Install all available iceweasel l10n packages.
  - Remove syslinux language choosing menu.
    tails-greeter allows choosing a non-English language.
  - Add fonts for Hebrew, Thai, Khmer, Lao and Korean languages.
  - Add bidi support.
  - Setup text console at profile time.
    Context: Tails runs with text console autologin on.
    These consoles now wait, using a "Press enter to activate this console"
    message, for the user. When they press enter in there, they should have chosen
    their preferred keyboard layout in tails-greeter by now. Then, we run setupcon.
    As a result, the resulting shell is properly localized, and setupcon
    sets the correct keyboard layout, both according to the preferences expressed by
    the user in tails-greeter.
  - Don't use localepurge, don't remove any Scribus translations anymore,
    don't localize environment at live-config time:
    tails-greeter allows us to support many, many more languages.

  * Hardware support
  - Linux 3.2.15-1 (linux-image-3.2.0-2-amd64).
  - Fix low sound level on MacBook5,2.
  - Disable laptop-mode-tools automatic modules. This modules set often
    needs some amount of hardware-specific tweaking to work properly.
    This makes them rather not well suited for a Live system.

  * Software
  - Install GNOME keyring.
    This is needed so that NetworkManager remembers the WEP/WPA secrets
    for the time of a Tails session. Initialize GNOME keyring at user
    creation time.
  - Install usbutils to have the lsusb command.
  - Install the Traverso multitrack audio recorder and editor.

  * Miscellaneous
  - GNOME Terminal: keep 8192 scrollback lines instead of the smallish
    default.
  - Replaced tails-wifi initscript with laptop-mode-tools matching feature.
  - Disable gdomap service.
  - Fetch klibc-utils and libklibc from sid.
    The last initramfs-tools depends on these.
  - Set root password to "root" if debug=root is passed on the
    kernel cmdline. Allow setting root password on kernel cmdline via
    rootpw=. Looks like we implemented this feature twice.
  - Append a space on the kernel command line. This eases manually adding
    more options.
  - Rename sudoers.d snippets to match naming scheme.
    Sudo credentials that shall be unconditionally granted to the Tails
    default user are named zzz_*, to make sure they are applied.
  - WhisperBack: also include /var/log/live-persist and
    /var/lib/gdm3/tails.persistence.
  - Add a wrapper to torify whois.
  - Rework the VirtualBox guest modules building hook to support
    multiple kernels.
  - Consistently wait for nm-applet when waiting for user session to come up.
    Waiting for gnome-panel or notification-daemon worked worse.
  - Don't start the NetworkManager system service via init.
    Some Tails NM hooks need the user to be logged in to run properly.
    That's why tails-greeter starts NetworkManager at PostLogin time.
  - Also lock /bin/echo into memory. For some reason, kexec-load needs it.
  - Pidgin: don't use the OFTC hidden service anymore.
    It proved to be quite unreliable, being sometimes down for days.
  - Do not display storage volumes on Desktop, by disabling
    /apps/nautilus/desktop/volumes_visible GConf entry. Enabling that
    GConf setting avoids displaying the bind-mounted persistent
    directories on the Desktop, and reduces user confusion. It also is
    a first step towards a bigger UI change: GNOME3 does not manage the
    Desktop anymore, so volume icons and other Desktop icons are meant to
    disappear anyway. It implies we'll have to move all Desktop icons
    elsewhere. Let's start this move now: this will smooth the UI change
    Wheezy will carry for our users, by applying some of it progressively.

  * Build system
  - Don't build hybrid ISO images anymore. They boot less reliably on
    a variety of hardware, and are made less useful by us shipping
    a USB installer from now on.
  - Append .conf to live-config configuration filenames:
    live-config >3.0~a36-1 only takes into account files named *.conf
    in there. Accordingly update scripts that source these files.
  - Remove long-obsolete home-refresh script and its configuration.

  * Virtualization support
  - Support Spice and QXL: install the Spice agent from Debian sid,
    install xserver-xorg-video-qxl from squeeze-backports.

 -- Tails developers <amnesia@boum.org>  Tue, 17 Apr 2012 14:54:00 +0200

tails (0.10.2) unstable; urgency=low

  * Iceweasel
  - Update to 10.0.2-1.
  - Disable HTTPS-Everywhere's SSL Observatory (plus first-run pop-up).
  - Revert "FoxyProxy: don't enclose regexps between ^ and $."
    Currently "http://www.i2p2.de" (and everything similar) is captured by
    the I2P filter, which is incorrect. It seems isMultiLine="false" does
    *not* make RE into ^RE$ any longer.
  - Remove file:// from NoScript's exception lists.
    This will fix the JavaScript toggles in the local copy of the documentation.
  - Update AdBlock patterns.

  * Software
  - Upgrade I2P to 0.8.13.
  - Install libvpx0 from sid.
  - Fetch klibc-utils and libklibc from sid.
    The last initramfs-tools depends on these.

  * Hardware support
  - Upgrade Linux kernel to 3.2.7-1.
  - Install firmware-libertas.
    This adds support for wireless network cards with Marvell Libertas
    8xxx chips supported by the libertas_cs, libertas_sdio, libertas_spi,
    libertas_tf_usb, mwl8k and usb8xxx drivers.

  * Miscellaneous
  - Revert "Set time to middle of [valid-after, fresh-until] from consensus."
    This reverts commit 18d23a500b9412b4b0fbe4e38a9398eb1a3eadef.
    With this vmid clocks that are E minutes back in time may cause issues
    (temporary Tor outages) after consensus updates that happen at the
    (60-E):th minute or later during any hour. Full analysis:
    https://mailman.boum.org/pipermail/tails-dev/2012-January/000873.html
  - Add the default user to the vboxsf group.
    This will allow the user to get full access to automounted VirtualBox
    shared folders as they are mounted with guid vboxsf and rwx group
    permissions.

 -- Tails developers <amnesia@boum.org>  Thu, 01 Mar 2012 20:26:21 +0100

tails (0.10.1) unstable; urgency=low

  * Iceweasel
  - Make Startpage the default web search engine. Scroogle does not look
    reliable enough these days.

  * Software
  - Upgrade WhisperBack to 1.5.1 (update link to bug reporting documentation).
  - Update MAT to 0.2.2-2~bpo60+1 (fixes a critical bug in the GUI).

  * Hardware support
  - Upgrade Linux kernel to 3.2.1-2

  * Time synchronization
    Serious rework that should fix most, if not all, of the infamous
    time-sync' related bugs some Tails users have experienced recently.
    - Make htpdate more resilient by using three server pools, and
      allowing some failure ratio.
    - Set time from Tor's unverified-consensus if needed.
    - Set time to middle of [valid-after, fresh-until] from consensus.
    - Many robustness, performance and fingerprinting-resistance improvements.
    - Display time-sync' notification much earlier.

  * Miscellaneous
  - Fix access to "dumb" git:// protocol by using a connect-socks wrapper
    as GIT_PROXY_COMMAND.
  - SSH client: fix access to SSH servers on the Internet by correcting
    Host / ProxyCommand usage.
  - Pidgin: use OFTC hidden service to workaround Tor blocking.
  - Claws Mail: disable draft autosaving.
    When composing PGP encrypted email, drafts are saved back to
    the server in plaintext. This includes both autosaved and manually
    saved drafts.
  - tails-security-check-wrapper: avoid eating all memory when offline.

 -- Tails developers <amnesia@boum.org>  Sat, 28 Jan 2012 10:00:31 +0100

tails (0.10) unstable; urgency=low

  * Tor: upgrade to 0.2.2.35-1.

  * Iceweasel
  - Install Iceweasel 9.0 from the Debian Mozilla team's APT repository.
  - Update Torbutton to 1.4.5.1-1.
  - Support viewing any YouTube video that is available in HTML5 format:
    install xul-ext-greasemonkey and the "Permanently Enable HTML5 on
    YouTube" GreaseMonkey script.
  - Stop using Polipo in Iceweasel. Its SOCKS support was fixed.
  - Install from Debian sid the iceweasel extensions we ship,
    for compatibility with FF9.
  - Use Scroogle (any languages) instead of Scroogle (English only) when
    booted in English. Many users choose English because their own
    language is not supported yet; let's not hide them search results in
    their own language.
  - Install Iceweasel language packs from Debian unstable:
    unfortunately they are not shipped on the mozilla.debian.net repository.
  - Install the NoScript Firefox extension; configure it the same way as
    the TBB does.
  - Disable third-party cookies.
    They can be used to track users, which is bad. Besides, this is what
    TBB has been doing for years.
  - FoxyProxy: allow direct connections to RFC1918 IPs.

  * Do not transparent proxy outgoing Internet connections through Tor.
  - Torify the SSH client using connect-proxy to all IPs but RFC1918 ones.
  - Torify APT using Polipo HTTP.
  - Torify wget in wgetrc.
  - Torify gobby clients using torsocks. It does not support proxies yet.
  - Torify tails-security-check using LWP::UserAgent's SOCKS proxy support.
  - Fix enabling of GNOME's HTTP proxy.

  * Software
  - Upgrade Vidalia to 0.2.15-1+tails1.
    · New upstream release.
    · Do not warn about Tor version.
  - Upgrade MAT to 0.2.2-1~bpo60+1.
  - Upgrade VirtualBox guest software to 4.1.6-dfsg-2~bpo60+1,
    built against the ABI of X.Org backports.
  - Upgrade I2P to 0.8.11 using KillYourTV's Squeeze packages;
    additionally, fix its start script that was broken by the tordate merge.
  - Install unar (The Unarchiver) instead of the non-free unrar.
  - Install Nautilus Wipe instead of custom Nautilus scripts.

  * Hardware support
  - Upgrade Linux kernel to 3.1.6-1.
  - Upgrade to X.Org from squeeze-backports.
  - Install more, and more recent b43 firmwares.
  - Upgrade barry to 0.15-1.2~bpo60+1.

  * Internationalization
  - Add basic language support for Russian, Farsi and Vietnamese.
  - Install some Indic fonts.
  - Install some Russian fonts.
  - Add Alt+Shift shortcut to switch keyboard layout.

  * Miscellaneous
  - Support booting in "Windows XP -like camouflage mode":
    · Install homebrewn local .debs for a Windows XP look-alike Gnome theme.
    · Add the "Windows XP Bliss" desktop wallpaper.
    · Added a script that's sets up Gnome to look like Microsoft Windows XP.
    · Add Windows XP "camouflage" icons for some programs.
    · Make Iceweasel use the IE icon when Windows XP camouflage is enabled.
    · Add special launcher icons for the Windows XP theme so that they're
      not too big.
  - Decrease Florence focus zoom to 1.2.
  - Do not fetch APT translation files. Running apt-get update is heavy enough.
  - Add MSN support thanks to msn-pecan.
  - Add custom SSH client configuration:
    · Prefer strong ciphers and MACs.
    · Enable maximum compression level.
     · Explicitly disable X11 forwarding.
    · Connect as root by default, to prevent fingerprinting when username
      was not specified.
  - Replace flawed FireGPG with a home-made GnuPG encryption applet;
    install a feature-stripped FireGPG that redirects users to
    the documentation, and don't run Seahorse applet anymore.
  - Enable Seahorse's GnuPG agent.
  - Blank screen when lid is closed, rather than shutting down the system.
    The shutdown "feature" has caused data losses for too many people, it seems.
    There are many other ways a Tails system can be shut down in a hurry
    these days.
  - Import Tails signing key into the keyring.
  - Fix bug in the Pidgin nick generation that resulted in the nick
    "XXX_NICK_XXX" once out of twenty.
  - Pre-configure the #tor IRC discussion channel in Pidgin.
  - Fix "technology preview" of bridge support: it was broken by tordate merge.
  - Install dependencies of our USB installer to ease its development.
  - Make vidalia NM hook sleep only if Vidalia is already running.
  - Reintroduce the htpdate notification, telling users when it's safe
    to use Tor Hidden Services.
  - htpdate: omit -f argument to not download full pages.
  - htpdate: write success file even when not within {min,max}adjust.
    Otherwise htpdate will not "succeed" when the time diff is 0 (i.e.
    the clock was already correct) so the success file cannot be used
    as an indicator that the system time now is correct, which arguably
    is its most important purpose.

  * Build system
  - Name built images according to git tag.

 -- Tails developers <tails@boum.org>  Wed, 04 Jan 2012 09:56:38 +0100

tails (0.9) unstable; urgency=low

  * Tor
  - Upgrade to 0.2.2.34 (fixes CVE-2011-2768, CVE-2011-2769).

  * Iceweasel
  - Upgrade to 3.5.16-11 (fixes CVE-2011-3647, CVE-2011-3648, CVE-2011-3650).
  - Upgrade FireGPG to 0.8-1+tails2: notify users that the FireGPG Text
    Editor is the only safe place for performing cryptographic operations,
    and make it impossible to do otherwise. Other ways open up several
    severe attacks through JavaScript (e.g. leaking plaintext when
    decrypting, signing messages written by the attacker).
  - Install Cookie Monster extension instead of CS Lite.
  - Always ask where to save files.
  - Upgrade Torbutton to 1.4.4.1-1, which includes support for the in-browser
    "New identity" feature.

  * Software
  - Install MAT, the metadata anonymisation toolkit.
  - Upgrade TrueCrypt to 7.1.
  - Upgrade WhisperBack to 1.5~rc1 (leads the user by the hand if an error
    occurs while sending the bugreport, proposes to save it after 2 faild
    attempts, numerous bugfixes).
  - Linux: upgrade to linux-image-3.0.0-2-486 (version 3.0.0-6); fixes
    a great number of bugs and security issues.

  * Miscellaneous
  - Fully rework date and time setting system.
  - Remove the htp user firewall exception.
  - Saner keyboard layouts for Arabic and Russian.
  - Use Plymouth text-only splash screen at boot time.
  - Color the init scripts output.
  - Suppress Tor's warning about applications doing their own DNS lookups.
    This is totally safe due to our Tor enforcement.
  - Disable hdparm boot-time service.
    We only want hdparm so that laptop-mode-tools can use it.
  - Run Claws Mail using torify.
    It's not as good as if Claws Mail supported SOCKS proxies itself,
    but still better than relying on the transparent netfilter torification.
  - Install HPLIP and hpcups for better printing support.

  * Erase memory at shutdown
  - Run many sdmem instances at once.
    In hope of erasing more memory until we come up with a proper fix for
    [[bugs/sdmem_does_not_clear_all_memory]].
  - Kill gdm3 instead of using its initscript on brutal shutdown.
  - Use absolute path to eject for more robust memory wipe on boot medium removal.

  * Space savings
  - Exclude kernel and initramfs from being put into the SquashFS.
    Those files are already shipped where they are needed, that is in the ISO
    filesystem. Adapt kexec and memlockd bits.
  - Do not ship the GNOME icon theme cache.
  - Do not ship .pyc files.
  - Do not ship NEWS.Debian.gz files.

  * Build system
  - Re-implement hook that modifies syslinux config to make future
    development easier.

 -- Tails developers <amnesia@boum.org>  Tue, 01 Nov 2011 13:26:38 +0100

tails (0.8.1) unstable; urgency=low

  * Iceweasel
    - Update to 3.5.16-10 (fixes DSA-2313-1).
    - FireGPG: force crypto action results to appear in a new window, otherwise
      JavaScript can steal decrypted plaintext. Advice: always use FireGPG's
      text editor when writing text you want to encrypt. If you write it in a
      textbox the plaintext can be stolen through JavaScript before it is
      encrypted in the same way.
    - Update HTTPS Everywhere extension to 1.0.3-1.
    - Stop using the small version of the Tor check page. The small version
      incorrectly tells Tails users to upgrade their Torbrowser, which has
      confused some users.

  * Software
    - Update Linux to 3.0.0-2 (fixes DSA-2310-1, CVE-2011-2905, CVE-2011-2909,
      CVE-2011-2723, CVE-2011-2699, CVE-2011-1162, CVE-2011-1161).
    - Update usb-modeswitch to 1.1.9-2~bpo60+1 and usb-modeswitch-data to
      20110805-1~bpo60+1 from Debian backports. This adds support for a few
      devices such as Pantech UMW190 CDMA modem.
    - Install libregexp-common-perl 2011041701-3 from Debian unstable. This
      fixes the bug: [[bugs/msva_does_not_use_configured_keyserver]].
    - Install hdparm so the hard drives can be spinned down in order to save
      battery power.
    - Install barry-util for better BlackBerry integration.
    - Debian security upgrades: OpenOffice.org (DSA-2315-1), openjdk-6
      (DSA-2311-1), policykit-1 (DSA-2319-1)

   * Protecting against memory recovery
    - Set more appropriate Linux VM config before wiping memory. These
      parameters should make the wipe process more robust and efficient.

 -- Tails developers <amnesia@boum.org>  Sun, 16 Oct 2011 11:31:18 +0200

tails (0.8) unstable; urgency=low

  * Rebase on the Debian Squeeze 6.0.2.1 point-release.

  * Tor
    - Update to 0.2.2.33-1.
    - Disabled ControlPort in favour of ControlSocket.
    - Add port 6523 (Gobby) to Tor's LongLivedPorts list.

  * I2P
    - Update to 0.8.8.
    - Start script now depends on HTP since I2P breaks if the clock jumps or is
      too skewed during bootstrap.

  * Iceweasel
    - Update to 3.5.16-9 (fixes CVE-2011-2374, CVE-2011-2376, CVE-2011-2365,
      CVE-2011-2373, CVE-2011-2371, CVE-2011-0083, CVE-2011-2363, CVE-2011-0085,
      CVE-2011-2362, CVE-2011-2982, CVE-2011-2981, CVE-2011-2378, CVE-2011-2984,
      CVE-2011-2983).
    - Enable HTTP pipelining (like TBB).
    - Update HTTPS Everywhere extension to 1.0.1-1 from Debian unstable.
    - Suppress FoxyProxy update prompts.
    - Prevent FoxyProxy from "phoning home" after a detected upgrade.
    - Fixed a bunch of buggy regular expressions in FoxyProxy's configuration.
      See [[bugs/exploitable_typo_in_url_regex?]] for details. Note that none of
      these issues are critical due to the transparent proxy.
    - Add DuckDuckGo SSL search engine.

  * Torbutton
    - Update to torbutton 1.4.3-1 from Debian unstable.
    - Don't show Torbutton status in the status bar as it's now displayed in the
      toolbar instead.

  * Pidgin
    - More random looking nicks in pidgin.
    - Add IRC account on chat.wikileaks.de:9999.

  * HTP
    - Upgrade htpdate script (taken from Git 7797fe9) that allows setting wget's
      --dns-timeout option.

  * Software
    - Update Linux to 3.0.0-1. -686 is now deprecated in favour of -486 and
      -686-pae; the world is not ready for -pae yet, so we now ship -486.
    - Update OpenSSL to 0.9.8o-4squeeze2 (fixes CVE-2011-1945 (revoke
      compromised DigiNotar certificates), CVE-2011-1945).
    - Update Vidalia to 0.2.14-1+tails1 custom package.
    - Install accessibility tools:
      - gnome-mag: screen magnifier
      - gnome-orca: text-to-speech
    - Replace the onBoard virtual keyboard with Florence.
    - Install the PiTIVi non-linear audio/video editor.
    - Install ttdnsd.
    - Install tor-arm.
    - Install lzma.

  * Arbitrary DNS queries
    - Tor can not handle all types of DNS queries, so if the Tor resolver fails
      we fallback to ttdnsd. This is now possible with Tor 0.2.2.x, since we
      fixed Tor bug #3369.

  * Hardware support
    - Install ipheth-utils for iPhone tethering.
    - Install xserver-xorg-input-vmmouse (for mouse integration with the host OS
      in VMWare and KVM).
    - Install virtualbox-ose 4.x guest packages from Debian backports.

  * Miscellaneous
    - Switch gpg to use keys.indymedia.org's hidden service, without SSL.
      The keys.indymedia.org SSL certificate is now self-signed. The hidden
      service gives a good enough way to authenticate the server and encrypts
      the connection, and just removes the certificates management issue.
    - The squashfs is now compressed using XZ which reduces the image size quite
      drastically.
    - Remove Windows autorun.bat and autorun.inf. These files did open a static
      copy of our website, which is not accessible any longer.

  * Build system
    - Use the Git branch instead of the Debian version into the built image's
      filename.
    - Allow replacing efficient XZ compression with quicker gzip.
    - Build and install documentation into the chroot (-> filesystem.squashfs).
      Rationale: our static website cannot be copied to a FAT32 filesystem due
      to filenames being too long. This means the documentation cannot be
      browsed offline from outside Tails. However, our installer creates GPT
      hidden partitions, so the doc would not be browseable from outside Tails
      anyway. The only usecase we really break by doing so is browsing the
      documentation while running a non-Tails system, from a Tails CD.

 -- Tails developers <amnesia@boum.org>  Thu, 09 Sep 2011 11:31:18 +0200

tails (0.7.2) unstable; urgency=high

  * Iceweasel
  - Disable Torbutton's external application launch warning.
    ... which advises using Tails. Tails *is* running Tails.
  - FoxyProxy: install from Debian instead of the older one we previously
    shipped.

  * Software
  - haveged: install an official Debian backport instead of a custom backport.
  - unrar: install the version from Debian's non-free repository.
    Users report unrar-free does not work well enough.

 -- Tails developers <amnesia@boum.org>  Sun, 12 Jun 2011 15:34:56 +0200

tails (0.7.1) unstable; urgency=high

  * Vidalia: new 0.2.12-2+tails1 custom package.

  * Iceweasel
  - Don't show Foxyproxy's status / icon in FF statusbar to prevent users
    from accidentaly / unconsciously put their anonymity at risk.
  - "amnesia branding" extension: bump Iceweasel compatibility to 4.0 to ease
    development of future releases.

  * Software
  - Upgrade Linux kernel to Debian's 2.6.32-33: fixes tons of bugs,
    including the infamous missing mouse cursor one. Oh, and it closes
    a few security holes at well.
  - Install unrar-free.
  - Do not install pppoeconf (superseeded by NetworkManager).
  - Upgrade macchanger to Debian testing package to ease development of
    future Tails releases.
  - Debian security upgrades: x11-xserver-utils (DSA-2213-1), isc-dhcp
    (DSA-2216-1), libmodplug (DSA-2226-1), openjdk-6 (DSA-2224-1).

  * Protecting against memory recovery
  - Add Italian translation for tails-kexec. Thanks to Marco A. Calamari.
  - Make it clear what it may mean if the system does not power off
    automatically.
  - Use kexec's --reset-vga option that might fix display corruption issues
    on some hardware.

  * WhisperBack (encrypted bug reporting software)
  - Upgrade WhisperBack to 1.4.1:
    localizes the documentation wiki's URL,
    uses WebKit to display the bug reporting help page,
    now is usable on really small screens.
  - Extract wiki's supported languages at build time, save this
    information to /etc/amnesia/environment, source this file into the
    Live user's environment so that WhisperBack 1.4+ can make good use
    of it.

  * Miscellaneous
  - Fix boot in Chinese.
  - Install mobile-broadband-provider-info for better 3G support.
  - Add back GNOME system icons to menus.
  - tails-security-check: avoid generating double-slashes in the Atom
    feeds URL.
  - Remove "vga=788" boot parameter which breaks the boot on some hardware.
  - Remove now useless "splash" boot parameter.
  - Fix a bunch of i386-isms.
  - Pass the noswap option to the kernel. This does not change actual Tails
    behaviour but prevents users from unnecessarily worrying because of 
    the "Activating swap" boot message.
  - Make use of check.torproject.org's Arabic version.

  * Build system
  - Enable squeeze-backports. It is now ready and will be used soon.
  - Install eatmydata in the chroot.
  - Convert ikiwiki setup files to YAML.

 -- Tails developers <amnesia@boum.org>  Fri, 29 Apr 2011 17:14:53 +0200

tails (0.7) unstable; urgency=low

  * Hardware support
  - Install foomatic-filters-ppds to support more printers.
  - Give the default user the right to manage printers.

  * Software
  - Deinstall unwanted packages newly pulled by recent live-build.
  
 -- Tails developers <amnesia@boum.org>  Wed, 06 Apr 2011 22:58:51 +0200

tails (0.7~rc2) unstable; urgency=low

  ** SNAPSHOT build @824f39248a08f9e190146980fb1eb0e55d483d71 **

  * Rebase on Debian Squeeze 6.0.1 point-release.
  
  * Vidalia: new 0.2.10-3+tails5 custom package..

  * Hardware support
  - Install usb-modeswitch and modemmanager to support mobile broadband
    devices such as 3G USB dongles. Thanks to Marco A. Calamari for the
    suggestion.

  * Misc
  - Website relocated to https://tails.boum.org/ => adapt various places.
  - Configure keyboard layout accordingly to the chosen language for
    Italian and Portuguese.

 -- Tails developers <amnesia@boum.org>  Fri, 25 Mar 2011 15:44:25 +0100

tails (0.7~rc1) UNRELEASED; urgency=low

  ** SNAPSHOT build @98987f111fc097a699b526eeaef46bc75be5290a **

  * Rebase on Debian Squeeze.

  * T(A)ILS has been renamed to Tails.
  
  * Protecting against memory recovery
    New, safer way to wipe memory on shutdown which is now also used when
    the boot media is physically removed.

  * Tor
  - Update to 0.2.1.30-1.

  * Iceweasel
  - Add HTTPS Everywhere 0.9.4 extension.
  - Better preserve Anonymity Set: spoof US English Browser and timezone
    the same way as the Tor Browser Bundle, disable favicons and picture
    iconification.
  - Install AdBlock Plus extension from Debian.
  - Add Tor-related bookmarks.
  - Support FTP, thanks to FoxyProxy.
  - Update AdBlock patterns.
  - Disable geolocation and the offline cache.

  * Software
  - Update Vidalia to 0.2.10-3+tails4.
  - Install gnome-disk-utility (Palimpsest) and Seahorse plugins.
  - Add opt-in i2p support with Iceweasel integration through FoxyProxy.
  - onBoard: fix "really quits when clicking the close window icon" bug.
  - Optionally install TrueCrypt at boot time.
  - Install laptop-mode-tools for better use of battery-powered hardware.
  - Replace xsane with simple-scan which is part of GNOME and way easier
    to use.
  - Upgrade WhisperBack to 1.3.1 (bugfixes, French translation).
  - Install scribus-ng instead of scribus. It is far less buggy in Squeeze.
  
  * Firewall
  - Drop incoming packets by default.
  - Forbid queries to DNS resolvers on the LAN.
  - Set output policy to drop (defense-in-depth).

  * Hardware support
  - Install Atheros and Broadcom wireless firmwares.
  - Install libsane-hpaio and sane-utils, respectively needed for
    multi-function peripherals and some SCSI scanners.

  * live-boot 2.0.15-1+tails1.35f1a14
  - Cherry-pick our fromiso= bugfixes from upstream 3.x branch.

  * Miscellaneous
  - Many tiny user interface improvements.
  - More robust HTP time synchronization wrt. network failures.
    Also, display the logs when the clock synchronization fails.
  - Disable GNOME automatic media mounting and opening to protect against
    a class of attacks that was recently put under the spotlights.
    Also, this feature was breaking the "no trace is left on local
    storage devices unless explicitly asked" part of Tails specification.
  - Make configuration more similar to the Tor Browser Bundle's one.
  - GnuPG: default to stronger digest algorithms.
  - Many more or less proper hacks to get the built image size under 700MB.
  - Compress the initramfs using LZMA for faster boot.

  * Build system
  - Run lb build inside eatmydata fsync-less environment to greatly improve
    build time.

 -- Tails developers <amnesia@boum.org>  Fri, 11 Mar 2011 15:52:19 +0100

tails (0.6.2) unstable; urgency=high

  * Tor: upgrade to 0.2.1.29 (fixes CVE-2011-0427).
  * Software
  - Upgrade Linux kernel, dpkg, libc6, NSS, OpenSSL, libxml2 (fixes various
    security issues).
  - Upgrade Claws Mail to 3.7.6 (new backport).
  - Install Liferea, tcpdump and tcpflow.
  * Seahorse: use hkp:// transport as it does not support hkps://.
  * FireGPG: use hkps:// to connect to the configured keyserver.
  * Build system: take note of the Debian Live tools versions being used
    to make next point-release process faster.
  * APT: don't ship package indices.

 -- T(A)ILS developers <amnesia@boum.org>  Wed, 19 Jan 2011 16:59:43 +0100

tails (0.6.1) unstable; urgency=low

  * Tor: upgrade to 0.1.28 (fixes CVE-2010-1676)
  * Software: upgrade NSS, Xulrunner, glibc (fixes various security issues)
  * FireGPG: use the same keyserver as the one configured in gpg.conf.
  * Seahorse: use same keyserver as in gpg.conf.
  * HTP: display the logs when the clock synchronization fails.
  * Update HTP configuration: www.google.com now redirects to
    encrypted.google.com.
  * Use the light version of the "Are you using Tor?" webpage.
  * Update AdBlock patterns.

 -- T(A)ILS developers <amnesia@boum.org>  Fri, 24 Dec 2010 13:28:29 +0100

tails (0.6) unstable; urgency=low

  * Releasing 0.6.

  * New OpenPGP signing-only key. Details are on the website:
    https://amnesia.boum.org/GnuPG_key/

  * Iceweasel
  - Fixed torbutton has migrated to testing, remove custom package.

  * HTP
  - Query ssl.scroogle.org instead of lists.debian.org.
  - Don't run when the interface that has gone up is the loopback one.

  * Nautilus scripts
  - Add shortcut to securely erase free space in a partition.
  - The nautilus-wipe shortcut user interface is now translatable.

  * Misc
  - Really fix virtualization warning display.
  - More accurate APT pinning.
  - Disable Debian sid APT source again since a fixed live-config has
    migrated to Squeeze since then.

  * live-boot: upgrade to 2.0.8-1+tails1.13926a
  - Sometimes fixes the smem at shutdown bug.
  - Now possible to create a second partition on the USB stick T(A)ILS is
    running from.

  * Hardware support
  - Support RT2860 wireless chipsets by installing firmware-ralink from
    Debian Backports.
  - Install firmware-linux-nonfree from backports.
  - Fix b43 wireless chipsets by having b43-fwcutter extract firmwares at
    build time.

  * Build system
  - Install live-build and live-helper from Squeeze.
  - Update SquashFS sort file.

 -- T(A)ILS developers <amnesia@boum.org>  Wed, 20 Oct 2010 19:53:17 +0200

tails (0.6~rc3) UNRELEASED; urgency=low

  ** SNAPSHOT build @a3ebb6c775d83d1a1448bc917a9f0995df93e44d **

  * Iceweasel
  - Autostart Iceweasel with the GNOME session. This workarounds the
    "Iceweasel first page is not loaded" bug.
  
  * HTP
  - Upgrade htpdate script (taken from Git 7797fe9).

  * Misc
  - Disable ssh-agent auto-starting with X session: gnome-keyring is
    more user-friendly.
  - Fix virtualization warning display.
  - Boot profile hook: write desktop file to /etc/skel.

  * Build system
  - Convert build system to live-build 2.0.1.
  - APT: fetch live-build and live-helper from Debian Live snapshots.
  - Remove dependency on live-build functions in chroot_local-hooks.
    This makes the build environment more robust and less dependent on
    live-build internals.
  - Remove hand-made rcS.d/S41tails-wifi: a hook now does this.
  - Measure time used by the lh build command.
  - Fix boot profile hook.
  - Boot profiling: wait a bit more: the current list does not include
    /usr/sbin/tor.

 -- T(A)ILS developers <amnesia@boum.org>  Sat, 02 Oct 2010 23:06:46 +0200

tails (0.6~rc2) UNRELEASED; urgency=low

  ** SNAPSHOT build @c0ca0760ff577a1e797cdddf0e95c5d62a986ec8 **

  * Iceweasel
  - Refreshed AdBlock patterns (20100926).
  - Set network.dns.disableIPv6 to true (untested yet)
  - Torbutton: install patched 1.2.5-1+tails1 to fix the User-Agent bug,
    disable extensions.torbutton.spoof_english again.

  * Software
  - WhisperBack: upgrade to 1.3~beta3 (main change:  let the user provide
    optional email address and OpenPGP key).
  - Remove mc.
  - Update haveged backport to 0.9-3~amnesia+lenny1.
  - Update live-boot custom packages (2.0.6-1+tails1.6797e8): fixes bugs
    in persistency and smem-on-shutdown.
  - Update custom htpdate script. Taken from commit d778a6094cb3 in our
    custom Git repository:  fixes setting of date/time.

  * Build system
  - Bugfix: failed builds are now (hopefully) detected.
  - Fix permissions on files in /etc/apt/ that are preserved in the image.
  - Install version 2.0~a21-1 of live-build and live-helper in the image.
    We are too late in the release process to upgrade to current Squeeze
    version (2.0~a29-1).

  * Misc
  - Pidgin/OTR: disable the automatic OTR initiation and OTR requirement.

 -- T(A)ILS developers <amnesia@boum.org>  Wed, 29 Sep 2010 19:23:17 +0200

tails (0.6~1.gbpef2878) UNRELEASED; urgency=low

  ** SNAPSHOT build @ef28782a0bf58004397b5fd303f938cc7d11ddaa **

  * Hardware support
  - Use a 2.6.32 kernel: linux-image-2.6.32-bpo.5-686 (2.6.32-23~bpo50+1)
    from backports.org. This should support far more hardware and
    especially a lot of wireless adapters.
  - Add firmware for RTL8192 wireless adapters.
  - Enable power management on all wireless interfaces on boot.

  * Software
  - Install inkscape.
  - Install poedit.
  - Install gfshare and ssss: two complementary implementations
    of Shamir's Secret Sharing.
  - Install tor-geoipdb.
  - Remove dialog, mc and xterm.

  * Iceweasel
  - Set extensions.torbutton.spoof_english to its default true value
    in order to workaround a security issue:
    https://amnesia.boum.org/security/Iceweasel_exposes_a_rare_User-Agent/

  * Monkeysphere
  - Install the Iceweasel extension.
  - Use a hkps:// keyserver.

  * GnuPG
  - Install gnupg from backports.org so that hkps:// is supported.
  - Use a hkps:// keyserver.
  - Proxy traffic via polipo.
  - Prefer up-to-date digests and ciphers.

  * Vidalia: rebased our custom package against 0.2.10.

  * Build system
  - Built images are now named like this:
    tails-i386-lenny-0.5-20100925.iso
  - Use live-helper support for isohybrid options instead of doing the
    conversion ourselves. The default binary image type we build is now
    iso-hybrid.
  - Remove .deb built by m-a after they have been installed.
  - Setup custom GConf settings at build time rather than at boot time.
  - Move $HOME files to /etc/skel and let adduser deal with permissions.
  - Convert to live-boot / live-config / live-build 2.x branches.
  - Replaced our custom live-initramfs with a custom live-boot package;
    included version is 2.0.5-1+tails2.6797e8 from our Git repository:
    git clone git://git.immerda.ch/tails_live-boot.git
  - Install live-config* from the live-snapshots Lenny repository.
    Rationale: live-config binary packages differ depending on the target
    distribution, so that using Squeeze's live-config does not produce
    fully-working Lenny images.
  - Rename custom scripts, packages lists and syslinux menu entries from
    the amnesia-* namespace to the tails-* one.

  * HTP
  - Use (authenticated) HTP instead of NTP.
  - The htpdate script that is used comes from commit 43f5f83c0 in our
    custom repository:  git://git.immerda.ch/tails_htp.git
  - Start Tor and Vidalia only once HTP is done.

  * Misc
  - Fix IPv6 firewall restore file. It was previously not used at all.
  - Use ftp.us.debian.org instead of the buggy GeoIP-powered
    cdn.debian.net.
  - Gedit: don't autocreate backup copies.
  - Build images with syslinux>=4.01 that has better isohybrid support.
  - amnesia-security-check: got rid of the dependency on File::Slurp.
  - Take into account the migration of backports.org to backports.debian.org.
  - Make GnuPG key import errors fatal on boot.
  - Warn the user when T(A)ILS is running inside a virtual machine.
  - DNS cache: forget automapped .onion:s on Tor restart.

  * Documentation: imported Incognito's walkthrough, converted to
    Markdown, started the needed adaptation work.

 -- T(A)ILS developers <amnesia@boum.org>  Sun, 26 Sep 2010 11:06:50 +0200

tails (0.5) unstable; urgency=low

  * The project has merged efforts with Incognito.
    It is now to be called "The (Amnesic) Incognito Live System".
    In short: T(A)ILS.

  * Community
  - Created the amnesia-news mailing-list.
  - Added a forum to the website.
  - Created a chatroom on IRC: #tails on irc.oftc.net

  * Fixed bugs
  - Workaround nasty NetworkManager vs. Tor bug that often
    prevented the system to connect to the Tor network: restart Tor and Vidalia
    when a network interface goes up.
  - onBoard now autodetects the keyboard layout... at least once some
    keys have been pressed.
  - New windows don't open in background anymore, thanks to
    a patched Metacity.
  - Memory wiping at shutdown is now lightning fast, and does not prevent
    the computer to halt anymore.
  - GNOME panel icons are right-aligned again.
  - Fixed permissions on APT config files.
  - Repaired mouse integration when running inside VirtualBox.

  * Iceweasel
  - Torbutton: redirect to Scroogle when presented a Google captcha.
  - Revamped bookmarks
      . moved T(A)ILS own website to the personal toolbar
      . moved webmail links (that are expected to be more than 3 soon)
        to a dedicated folder.
  - Don't show AdBlock Plus icon in the toolbar.
  - Adblock Plus: updated patterns, configured to only update subscriptions
    once a year. Which means never, hopefully, as users do update their
    Live system on a regular basis, don't they?

  * Vidalia: rebased our custom package against 0.2.8.
  
  * Claws Mail
  - Install Claws Mail from backports.org to use the X.509 CA
    certificates provided by Debian.
  - Enable PGP modules with basic configuration:
      . Automatically check signatures.
      . Use gpg-agent to manage passwords.
      . Display warning on start-up if GnuPG doesn't work.
  - Set the IO timeout to 120s (i.e. the double of the default 60s).
  
  * Pidgin
  - Automatically connect to irc.oftc.net with a randomized nickname,
    so as not to advertize the use of T(A)ILS; this nickname is made of:
     . a random firstname picked from the 2000 most registered by the U.S.
       social security administration in the 70s;
     . two random digits.
    Good old irc.indymedia.org is still configured - with same nickname -
    but is not enabled by default anymore.
  - Disabled MSN support, that is far too often affected by security flaws.

  * Build $HOME programmatically
  - Migrated all GConf settings, including the GNOME panel configuration,
    to XML files that are loaded at boot time.
  - Configure iceweasel profile skeleton in /etc/iceweasel.
    A brand new profile is setup from this skeleton once iceweasel is
    started after boot.
      . build sqlite files at build time from plain SQL.
      . FireGPG: hard-code current firegpg version at build time to prevent
        the extension to think it was just updated.
      . stop shipping binary NSS files. These were here only to
        install CaCert's certificate, that is actually shipped by Debian's
        patched libnss.
  
  * Build system
  - Updated Debian Live snapshots APT repository URL.
  - Purge all devel packages at the end of the chroot configuration.
  - Make sure the hook that fixes permissions runs last.
  - Remove unwanted Iceweasel search plugins at build time.
  
  * Misc
  - Added a progress bar for boot time file readahead.
  - Readahead more (~37MB) stuff in foreground at boot time.
  - Make the APT pinning persist in the Live image.
  - localepurge: keep locales for all supported languages,
    don't bother when installing new packages.
  - Removed syslinux help menu: these help pages are either buggy or
    not understandable by non-geeks.
  - Fixed Windows autorun.
  - Disable a few live-initramfs scripts to improve boot time.
  - Firewall: forbid any IPv6 communication with the outside.
  - Virtualization support: install open-vm-tools.
  - WhisperBack: updated to 1.2.1, add a random bug ID to the sent
    mail subject.
  - Prompt for CD removal on shutdown, not for USB device.

  * live-initramfs: new package built from our Git (e2890a04ff) repository.
  - Merged upstream changes up to 1.177.2-1.
  - New noprompt=usb feature.
  - Fix buggy memory wiping and shutdown.
  - Really reboot when asked, rather than shutting down the system.

  * onBoard
  - Upgraded to a new custom, patched package (0.93.0-0ubuntu4~amnesia1).
  - Added an entry in the Applications menu.
  
  * Software
  - Install vim-nox with basic configuration
  - Install pwgen
  - Install monkeysphere and msva-perl
  - Replaced randomsound with haveged as an additional source of entropy.

  * Hardware support
  - Build ralink rt2570 wifi modules.
  - Build rt2860 wifi modules from Squeeze. This supports the RT2860
    wireless adapter, found particularly in the ASUS EeePC model 901
    and above.
  - Build broadcom-sta-source wifi modules.
  - Bugfix: cpufreq modules were not properly added to /etc/modules.
  - Use 800x600 mode on boot rather than 1024x768 for compatibility
    with smaller displays.

 -- amnesia <amnesia@boum.org>  Fri, 30 Apr 2010 16:14:13 +0200

amnesia (0.4.2) unstable; urgency=low

  New release, mainly aimed at fixing live-initramfs security issue
  (Debian bug #568750), with an additional set of small enhancements as
  a bonus.

  * live-initramfs: new custom package built from our own live-initramfs
    Git repository (commit 8b96e5a6cf8abc)
  - based on new 1.173.1-1 upstream release
  - fixed live-media=removable behaviour so that filesystem images found
    on non-removable storage are really never used (Debian bug #568750)

  * Vidalia: bring back our UI customizations (0.2.7-1~lenny+amnesia1)

  * APT: consistently use the GeoIP-powered cdn.debian.net

  * Software: make room so that {alpha, future} Squeeze images fit on
    700MB CD-ROM
  - only install OpenOffice.org's calc, draw, impress, math and writer
    components
  - removed OpenOffice.org's English hyphenation and thesaurus
  - removed hunspell, wonder why it was ever added

  * Boot
  - explicitly disable persistence, better safe than sorry
  - removed compulsory 15s timeout, live-initramfs knows how to wait for
    the Live media to be ready

  * Build system: don't cache rootfs anymore

 -- amnesia <amnesia@boum.org>  Sun, 07 Feb 2010 18:28:16 +0100

amnesia (0.4.1) unstable; urgency=low

  * Brown paper bag bugfix release: have amnesia-security-check use
    entries publication time, rather than update time... else tagging
    a security issue as fixed, after releasing a new version, make this
    issue be announced to every user of this new, fixed version.

 -- amnesia <amnesia@boum.org>  Sat, 06 Feb 2010 03:58:41 +0100

amnesia (0.4) unstable; urgency=low

  * We now only build and ship "Hybrid" ISO images, which can be either
    burnt on CD-ROM or dd'd to a USB stick or hard disk.

  * l10n: we now build and ship multilingual images; initially supported
    (or rather wanna-be-supported) languages are: ar, zh, de, en, fr, it,
    pt, es
  - install Iceweasel's and OpenOffice.org's l10n packages for every
    supported language
  - stop installing localized help for OpenOffice.org, we can't afford it
    for enough languages
  - when possible, Iceweasel's homepage and default search engine are localized
  - added Iceweasel's "any language" Scroogle SSL search engine
  - when the documentation icon is clicked, display the local wiki in
    currently used language, if available
  - the Nautilus wipe script is now translatable
  - added gnome-keyboard-applet to the Gnome panel

  * software
  - replaced Icedove with claws mail, in a bit rough way; see
    https://amnesia.boum.org/todo/replace_icedove_with_claws/ for best
    practices and configuration advices
  - virtual keyboard: install onBoard instead of kvkbd
  - Tor controller: install Vidalia instead of TorK
  - install only chosen parts of Gnome, rather than gnome-desktop-environment
  - do not install xdialog, which is unused and not in Squeeze
  - stop installing grub as it breaks Squeeze builds (see Debian bug #467620)
  - install live-helper from snapshots repository into the Live image

  * Iceweasel
  - do not install the NoScript extension anymore: it is not strictly
    necessary but bloodily annoying

  * Provide WhisperBack 1.2 for anonymous, GnuPG-encrypted bug reporting.
  - added dependency on python-gnutls
  - install the SMTP hidden relay's certificate

  * amnesia-security-check: new program that tells users that the amnesia
    version they are running is affected by security flaws, and which ones
    they are; this program is run at Gnome session startup, after sleeping
    2 minutes to let Tor a chance to initialize.
    Technical details:
  - Perl
  - uses the Desktop Notifications framework
  - fetches the security atom feed from the wiki
  - verifies the server certificate against its known CA
  - tries fetching the localized feed; if it fails, fetch the default
    (English) feed

  * live-initramfs: new custom package built from our own live-initramfs
    Git repository (commit 40e957c4b89099e06421)
  - at shutdown time, ask the user to unplug the CD / USB stick, then run
    smem, wait for it to finish, then attempt to immediately halt

  * build system
  - bumped dependency on live-helper to >= 2.0a6 and adapted our config
  - generate hybrid ISO images by default, when installed syslinux is
    recent enough
  - stop trying to support building several images in a row, it is still
    broken and less needed now that we ship hybrid ISO images
  - scripts/config: specify distribution when initializing defaults
  - updated Debian Live APT repository's signing key

  * PowerPC
  - disable virtualbox packages installing and module building on !i386
    && !amd64, as PowerPC is not a supported guest architecture
  - built and imported tor_0.2.1.20-1~~lenny+1_powerpc.deb

  * Squeeze
  - rough beginnings of a scratch Squeeze branch, currently unsupported
  - install gobby-infinote

  * misc
  - updated GnuPG key with up-to-date signatures
  - more improvements on boot time from CD
  - enhanced the wipe in Nautilus UI (now asks for confirmation and
    reports success or failure)
  - removed the "restart Tor" launcher from the Gnome panel

 -- amnesia <amnesia@boum.org>  Fri, 05 Feb 2010 22:28:04 +0100

amnesia (0.3) unstable; urgency=low

  * software: removed openvpn, added
  - Audacity
  - cups
  - Git
  - Gobby
  - GParted
  - lvm2 (with disabled initscript as it slows-down too much the boot in certain
    circumstances)
  - NetworkManager 0.7 (from backports.org) to support non-DHCP networking
  - ntfsprogs
  - randomsound to enhance the kernel's random pool
  * Tor
  - install the latest stable release from deb.torproject.org
  - ifupdown script now uses SIGHUP signal rather than a whole tor
    restart, so that in the middle of it vidalia won't start it's own
    tor
  - configure Gnome proxy to use Tor
  * iceweasel
  - adblockplus: upgraded to 1.0.2
  - adblockplus: subscribe to US and DE EasyList extensions, updated patterns
  - firegpg is now installed from Debian Squeeze rather than manually; current
    version is then 0.7.10
  - firegpg: use better keyserver ... namely pool.sks-keyservers.net
  - added bookmark to Amnesia's own website
  - use a custom "amnesiabranding" extension to localize the default search
    engine and homepage depending on the current locale
  - updated noscript whitelist
  - disable overriden homepage redirect on iceweasel upgrade
  * pidgin
  - nicer default configuration with verified irc.indymedia.org's SSL cert
  - do not parse incoming messages for formatting
  - hide formatting toolbar
  * hardware compatibility
  - b43-fwcutter
  - beginning of support for the ppc architecture
  - load acpi-cpufreq, cpufreq_ondemand and cpufreq_powersave kernel
    modules
  * live-initramfs: custom, updated package based on upstream's 1.157.4-1, built
    from commit b0a4265f9f30bad945da of amnesia's custom live-initramfs Git
    repository
  - securely erases RAM on shutdown using smem
  - fixes the noprompt bug when running from USB
  - disables local swap partitions usage, wrongly enabled by upstream
  * fully support for running as a guest system in VirtualBox
  - install guest utils and X11 drivers
  - build virtualbox-ose kernel modules at image build time
  * documentation
  - new (translatable) wiki, using ikiwiki, with integrated bugs and todo
    tracking system a static version of the wiki is included in generated
    images and linked from the Desktop
  * build system
  - adapt for live-helper 2.0, and depend on it
  - get amnesia version from debian/changelog
  - include the full version in ISO volume name
  - save .list, .packages and .buildlog
  - scripts/clean: cleanup any created dir in binary_local-includes
  - updated Debian Live snapshot packages repository URL and signing key
  - remove duplicated apt/preferences file, the live-helper bug has been
    fixed
  * l10n: beginning of support for --language=en
  * misc
  - improved boot time on CD by ordering files in the squashfs in the order they
    are used during boot
  - added a amnesia-version script to built images, that outputs the current
    image's version
  - added a amnesia-debug script that prepares a tarball with information that
    could be useful for developpers
  - updated Amnesia GnuPG key to a new 4096R one
  - set time with NTP when a network interface is brought up
  - import amnesia's GnuPG pubkey into the live session user's keyring
  - do not ask DHCP for a specific hostname
  - install localepurge, only keep en, fr, de and es locales, which reduces the
    generated images' size by 100MB
  - added a hook to replace /sbin/swapon with a script that only runs
    /bin/true
  - moved networking hooks responsibility from ifupdown to NetworkManager

 -- amnesia <amnesia@boum.org>  Thu, 26 Nov 2009 11:17:08 +0100

amnesia (0.2) unstable; urgency=low

  * imported /home/amnesia, then:
  - more user-friendly shell, umask 077
  - updated panel, added launcher to restart Tor
  - mv $HOME/bin/* /usr/local/bin/
  - removed metacity sessions
  - removed gstreamer's registry, better keep this dynamically updated
  - rm .qt/qt_plugins_3.3rc, better keep this dynamically updated
  - removed .gnome/gnome-vfs/.trash_entry_cache
  - removed kconf_update log
  - removed and excluded Epiphany configuration (not installed)
  - cleanup .kde
  * iceweasel
  - enable caching in RAM
  - explicitly disable ssl v2, and enable ssl v3 + tls
  - removed prefs for the non-installed webdeveloper
  - removed the SSL Blacklist extension (not so useful, licensing issues)
  - deep profile directory cleanup
  - extensions cleanup: prefer Debian-packaged ones, cleanly reinstalled
    AddBlock Plus and CS Lite to allow upgrading them
  - updated pluginreg.dat and localstore.rdf
  - moved some settings to user.js
  - made cookie/JavaScript whitelists more consistent
  - force httpS on whitelisted sites
  - NoScript: marked google and gmail as untrusted
  - some user interface tweaks, mainly for NoScript
  - FireGPG: disable the buggy auto-detection feature, the link to firegpg's
    homepage in generated pgp messages and the GMail interface (which won't
    work without JavaScript anyway)
  - updated blocklist.xml
  - removed and excluded a bunch of files in the profile directory
  * icedove: clean the profile directory up just like we did for iceweasel
  * software: install msmtp and mutt
  * home-refresh
  - use rsync rather than tar
  * documentation
  - various fixes
  - reviewed pidgin-otr security (see TODO)
  * build system
  - stop calling home-refresh in lh_build
  - include home-refresh in generated images
  - gitignore update
  - fix permissions on local includes at build time
  - updated scripts/{build,clean} wrt. new $HOME handling
  - scripts/{build,config}: stop guessing BASEDIR, we must be run from
    the root of the source directory anyway
  - stop storing /etc/amnesia/version in Git, delete it at clean time
  * release
  - converted Changelog to the Debian format and location, updated
    build scripts accordingly
  - added a README symlink at the root of the source directory
  - basic debian/ directory (not working for building packages yet,
    but at least we can now use git-dch)
  - added debian/gbp.conf with our custom options for git-dch
  - config/amnesia: introduce new $AMNESIA_DEV_* variables to be used
    by developpers' scripts
  - added ./release script: a wrapper around git-dch, git-commit and git-tag

 -- amnesia <amnesia@boum.org>  Tue, 23 Jun 2009 14:42:03 +0200

amnesia (0.1) UNRELEASED; urgency=low

  * Forked Privatix 9.03.15, by Markus Mandalka:
  http://mandalka.name/privatix/index.html.en
  Everything has since been rewritten or so heavily changed that nothing
  remains from the original code... apart of a bunch of Gnome settings.
  * hardware support:
  - install a bunch of non-free wifi firmwares
  - install xsane and add the live user to the scanner group
  - install aircrack-ng
  - install xserver-xorg-video-geode on i386 (eCafe support)
  - install xserver-xorg-video-all
  - install firmware-linux from backports.org
  - install system-config-printer
  - added instructions in README.eCAFE to support the Hercules eCAFE EC-800
    netbook
  * APT:
  - configure pinning to support installing chosen packages from
    squeeze; the APT source for testing is hardcoded in chroot_sources/,
    since there is no way to use $LH_CHROOT_MIRROR in chroot_local-hooks
  - give backports.org priority 200, so that we track upgrades of packages
    installed from there
  * release: include the Changelog and TODO in the generated images,
  in the   /usr/share/doc/amnesia/ directory
  * software: install gnomebaker when building Gnome-based live OS, to
  easily clone myself when running from CD
  * build system
  - build i386 images when the build host is amd64
  - added a version file: /etc/amnesia/version
  - use snapshot live-* packages inside the images
  - setup timezone depending on the chosen build locale
  - rely on standard live-initramfs adduser to do our user setup
    (including sudo vs. Gnome/KDE, etc.)
  - stop "supporting" KDE
  - allow building several images at once
  - migrated most of lh_config invocations to scripts/config
  - append "noprompt" so that halting/rebooting work with splashy
  - moved our own variables to config/amnesia, using the namespace
    $AMNESIA_*
  * iceweasel
  - default search engine is now Scroogle SSL, configured to search pages
    in French language; the English one is also installed
  - never ask to save passwords or forms content
  - configured the torbutton extension to use polipo
  - installed the CACert root certificate
  - installed the SSL Blacklist extension and the blacklist data
  - installed the FireGPG extension
  - installed the CS Lite extension
  - installed the NoScript extension
  - NoScript, CS Lite: replaced the default whitelists with a list of
    trusted, non-commercial Internet Service Providers
  - configure extensions (add to prefs.js):
    user_pref("extensions.torbutton.startup", true);
    user_pref("extensions.torbutton.startup_state", 1);
    user_pref("extensions.torbutton.tor_enabled", true);
    user_pref("noscript.notify.hide", true);
    user_pref("capability.policy.maonoscript.sites", "about:
      about:blank about:certerror about:config about:credits
      about:neterror about:plugins about:privatebrowsing
      about:sessionrestore chrome: resource:");
    user_pref("extensions.firegpg.no_updates", true);
  - install the NoScript plugin from Debian squeeze
  - delete urlclassifier3.sqlite on $HOME refresh: as we disabled
    "safebrowsing", this huge file is of no use
  - torbutton: install newer version from Squeeze
  * linux: removed non-686 kernel flavours when building i386 images
  * compatibility: append "live-media=removable live-media-timeout=15", to
    prevent blindly booting another debian-live installed on the hard disk
  * software: added
  - gnome-app-install
  - iwconfig
  - cryptkeeper: Gnome system tray applet to encrypt files with EncFS
  - kvkbd: virtual keyboard (installed from backports.org)
  - sshfs (and added live user to the fuse group)
  - less, secure-delete, wipe, seahorse, sshfs, ntfs-3g
  - scribus
  * Tor
  - enable the transparent proxy, the DNS resolver, and the control port
  - save authentication cookie to /tmp/control_auth_cookie, so that the
    live user can use Tork and co.
  - autostart Tork with Gnome
  - Tork: installed, disabled most notifications and startup tips
  - added a restart tor hook to if-up.d (used by Network Manager as well),
    so that Tor does work immediately even if the network cable was
    plugged late in/after the boot process
  * $HOME
  - added a nautilus-script to wipe files and directories
  - bash with working completion for the live user
  * polipo: install and configure this HTTP proxy to forward requests
  through Tor
  * DNS: install and configure pdnsd to forward any DNS request through
  the Tor resolver
  * firewall: force every outgoing TCP connection through the Tor
  transparent proxy, discard any outgoing UDP connection
  * misc
  - set syslinux timeout to 4 seconds
  - use splashy for more user-friendly boot/halt sequences

 -- amnesia <amnesia@boum.org>  Sat, 20 Jun 2009 21:09:15 +0200