-
Notifications
You must be signed in to change notification settings - Fork 0
/
changelog
6880 lines (6242 loc) · 334 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
tails (3.3) unstable; urgency=medium
* Major changes
- Upgrade the base system to the Debian Stretch 9.2 point-release
which gives us tons of bugfixes (Closes: #14714).
- Install Linux 4.13.0-1 (Closes: #14789).
* Security fixes
- Upgrade Thunderbird to 52.4.0 (Closes: #14963).
- Upgrade Tor Browser to 7.0.10 (Closes: #14940).
- Upgrade gdk-pixbuf to 2.36.5-2+deb9u1.0tails1 (Closes: #14729).
* Minor improvements
- Upgrade to Tor 0.3.1.8-2~d90.stretch+1, a new stable Tor series.
- tails-documentation: rewrite in Python + use WebKit for display
instead of the Tor Browser. Since Tor Browser 7.0.8 rendering of
local pages (like our docs) fail (#14962) so this is probably a
temporary workaround of that.
- Replace the Unsafe Browser's warning pages with static,
pure-HTML versions. This is truly a *temporary* workaround for
#14962.
- Update deb.tails.boum.org APT repo key (Closes: #14927)
- Refresh Tor Browser AppArmor profile patch to apply on top of
torbrowser-launcher 0.2.8-4's (Closes: #14923).
- Drop obsolete manual enabling of AppArmor on the kernel
command-line: it's now enabled by default, so the (Tails -
Debian) delta gets smaller. :)
* Bugfixes
- Install Tails Installer 5.0.2. Fixes:
* Most notably, fix an issue preventing Tails Installer from
installing to drives containing a non-Tails partition that
(obviously) has affected a lot of users. (Closes: #14755).
* Fix an issue that made the resulting installations unbootable
if Tails Installer was using a too recent udisks2, e.g. the
one currently in Debian Sid (Closes: #14809).
* Code clean-ups (Closes: #14721, #14722, #14723).
- Fix UEFI boot for USB sticks installed with Universal USB
Installer (Closes: #8992).
- Force Tor Browser and Thunderbird to enable accessibility
support even if no a11y feature is enabled in GNOME yet (Closes:
#14752, #9260).
- Mark our custom Desktop launchers as trusted (Closes: #14793,
Refs: 14584).
- Add a systemd --user target for bits of GNOME
EarlyInitialization managed by systemd, and make the keyboard
layout configuration as part of it. This fixes an issue where
the layout chosen in the Greeter sometimes wasn't applied in the
GNOME session (Closes: #12543).
* Build system
- auto/{build,clean,config}: run with `set -eu`.
- Add script to sanity check the website. Currently it ensures all
blog posts and security advisories have valid Ikiwiki 'meta
date' directives, since we depend on it for reproducibility.
Also make passing this sanity check a pre-condition for building
the website (Closes: #12726, #14767).
- Abort the ISO build when DKMS modules were not built.
- Take into account where DKMS modules get installed nowadays.
- auto/build: normalize file timestamps in wiki/src before
building. The copy of the website included in the ISO image has
"Posted" timestamps that apparently match when we cloned the Git
repository, which affects reproducibility. (Closes: #14933).
- Fix reproducibility of builds of topic branches that lag behind
their base branch with the mergebasebranch build option enabled.
Two otherwise identical merge commits done at different times
get different IDs, and we happen to embed in the ISO the ID of
the commit we're building from. (Closes: #14946)
* Test suite
- Bump timeout for "I can save the current page as", otherwise the
"The Tor Browser directory is usable" scenario fails randomly
when the system is under load.
- New scenario: installing Tails to an eligible drive with an
existing filesystem. This is a regression test for #14755.
- New scenario: re-installing over an existing Tails installation.
-- Tails developers <[email protected]> Tue, 14 Nov 2017 04:53:27 +0100
tails (3.2) unstable; urgency=medium
* Major changes
- Upgrade Linux packages to the Debian kernel 4.12.0-2, based on
mainline Linux 4.12.12 (Closes: #11831, #12732, #14673).
* Security fixes
- Upgrade Tor Browser to 7.0.6-build3 (Closes: #14696).
- Upgrade to Thunderbird 52.3.0 (Closes: #12639).
- Deny access to Pidgin's D-Bus service (Closes: #14612). That D-Bus
interface is dangerous because it allows _any_ application running
as `amnesia' that has access to the session bus to extract
basically any information from Pidgin and to reconfigure it:
https://developer.pidgin.im/wiki/DbusHowto
- Block loading of Bluetooth kernel modules (Closes: #14655) and
block Bluetooth devices with rfkill (Closes: #14655).
- Add localhost.localdomain to the hosts file to prevent loopback
leaks to Tor circuits (Closes: #13574). Thanks to tailshark for
the patch!
* Minor improvements
- Upgrade to Tails Installer 5.0.1 (Closes: #8859, #8860, #12707). This
version gets rid of the splash screen, detects when Tails is already
installed on the target device (and then proposes to upgrade),
and generally improves the UX. It also increases the Tails partition
size and refuses to install to devices smaller than 8 GB.
- Deprecate Thunderbird's preferences/0000tails.js (Closes: #12680).
- Install the BookletImposer PDF imposition toolkit (Closes: #12686).
- Tor Browser:
* Fallback to ~/Tor Browser for uploads (Closes: #8917).
* Silence some common operations that always are denied and
otherwise would spam the journal (Closes: #14606)
- Shell library: remove now unused functions (Closes: #12685).
- Add pppoe to the installed packages (Closes #13463). Thanks to geb
for the patch!
- Replace syslinux:i386 with syslinux:amd64 in the ISO9660
filesystem (Closes: #13513).
- htpdate: fix date header regexp (Closes: #10495). It seems that
some servers (sometimes) do not send their headers with first
letter uppercased, hence a lot of failures to find the date in it.
- Install aufs-dkms from Debian unstable (Closes: #12732).
- Install vim-tiny instead of vim-nox (Closes: #12687). On Stretch,
vim-nox started pulling ruby and rake in the ISO. I think vim-tiny
would be good enough, and would save a few MiB in the ISO. Those
who use vim more intensively and want another flavour of vim are
likely to need persistence anyway, and can thus install a more
featureful vim with the additional software packages feature.
- Remove gksu and its and gconf's dependencies (Closes: #12738). We
use pkexec instead of gksudo. gksu is unmaintained, buggy
(e.g. #12000), and it is the only reason we ship GConf, which we
want to remove. The other removals are:
* libgnomevfs2-extra, which was previously used for SSH/FTP support in
Nautilus, but isn't needed for that any more.
* libgnome2-bin which provides gnome-open, which isn't required by
any application in Tails (as far as we know).
* Configurations and scripts that become obsolete because of these
removals.
- Refresh torbrowser-AppArmor-profile.patch to apply cleanly on top
of torbrowser-launcher 0.2.8-1 (Closes: #14602).
- Switch from Florence to GNOME's on-screen keyboard (Closes: #8281)
and incidentally improve accessibility in GTK+ 2.0 and Qt
applications. This drops Florence and the corresponding GNOME
Shell extension.
- Make ./HACKING.mdwn a symlink again (Closes: #13600).
- Implement refresh-translations --force .
- Rework how we handle the individual POT files of our applications.
Comparing the new temporary POT files we generate with the
temporary POT files we generated last time (if ever, and if we
did, for which branch?) is not relevant; these POT files are only
used for merging into a new tails.pot and *that* one is relevant
to diff against the old tails.pot.
- Update the Tails signing key. (Closes: #11747)
- Reproducibility:
* Ensure reproducible permissions for /etc/hostname (Closes:
#13623).
* Patch desktop-file-utils to make its mimeinfo.cache reproducible
(Closes: #13439).
* Patch glib2.0 to make its giomodule.cache reproducible (Closes:
#13441).
* Patch gdk-pixbuf to make its loaders.cache reproducible (Closes:
#13442).
* Patch gtk2.0 and gtk3.0 to make their immodules.cache
reproducible (Closes: #13440).
* Remove GCconf: it is a source of non-determinism in the
filesystem (element order in /var/lib/gconf/defaults/%gconf-tree-*.xml)
which made Tails unreproducible.
* Ignore comment updates in POT files, which was a source of
non-determinism and therefore prevented Tails from being
reproducible (Closes: #12641).
- Kernel hardening:
* Increase mmap randomization to the maximum supported value
(Closes: #11840). This improves ASLR effectiveness, and makes
address-space fragmentation a bit worse.
* Stop explicitly enabling kaslr: it's enabled by default in
Debian, and this kernel parameter is not supported anymore.
* Disable kexec, to make our attack surface a bit smaller.
* Bugfixes
- Start Nautilus silently in the background when run as root
(Closes: #12034). Otherwise, after closing Nautilus one gets the
prompt back only after 5-15 seconds, which confuses users and makes
our doc more complicated than it should.
- Ensure pinentry-gtk2 run by Seahorse has the correct $DISPLAY set
(Closes: #12733).
* Build system
- build-manifest-extra-packages.yml: remove squashfs-tools version
we don't use anymore (Closes: #12684). Apparently our
apt-get/debootstrap wrapper tricks are enough to detect the
version of squashfs-tools we actually install and use.
- Merge base branch earlier, i.e. in auto/config instead of
auto/build (Closes: #14459). Previously, a given build from a topic
branch would mix inconsistent versions of things.
- Fail builds started before SOURCE_DATE_EPOCH (Closes:
#12352). Such builds would not be reproducible, and this is an
assumption (a reasonable one!) that we do all over the place, so
let's fail early. While we're at it, let's fail if
SOURCE_DATE_EPOCH is not set as well. Actually we would fail any
way if that was the case when reaching our
99-zzzzzz_reproducible-builds-post-processing build hook, but
let's fail early.
* Test suite
- Test the GNOME Root Terminal.
- Take into account that Tails Installer 5.0.1 refuses to install
Tails to devices smaller than 8 GiB. It'll still allow *upgrading*
such sticks though.
- Use 7200 MiB virtual USB drives when we really mean 8 GiB. In the
real world, USB sticks labeled "8 GB" can be much smaller, so
Tails Installer will accept anything that's at least 7200 MiB.
This commit makes us exercise something closer to what happens in
the real world, and incidentally it'll save storage space on our
isotesters and improve test suite performance a bit. :)
- Have unclutter poll every 0.1s instead of continuously. On current
sid, virt-viewer eats a full CPU and doesn't do its job when
"unclutter -idle 0" is running.
- Adapt tests for Tails Installer 5.0.1.
- Workaround Pidgin's DBus interface being blocked since we actually
depend on it for some tests.
- Test that Pidgin's DBus interface is blocked.
- Save more data on test suite failures (Refs: #13541):
* When Tor fails to bootstrap, save Tor logs and chutney nodes
data.
* When Htpdate fails to synchronize the clock, save its logs.
* Always save the systemd journal on failure.
- When testing emergency shutdown, wait longer for Tails to tell
us it has finished wiping the memory. The goal here is to help
us understand whether (Refs: #13462) is a bug in the emergency
shutdown feature or in our test suite.
- Restart nautilus-desktop if Desktop icons are not visible
(Closes: #13461).
- Test suite: fix assert_raise() when using ruby-test-unit >=
3.2.5 (Closes: #14654). ruby-test-unit 3.2.5 added native Java
exception support for JRuby. The fact we defined the :Java
constant was enough to trigger that JRuby-specific code, which
failed.
- Test suite: take into account that click-to-play is not required
anymore for WebM videos in Tor Browser (Closes: #14586).
-- Tails developers <[email protected]> Mon, 25 Sep 2017 22:23:01 +0200
tails (3.1) unstable; urgency=medium
* Security fixes
- Upgrade Tor Browser to 7.0.4-build1 (Closes: #13577).
- Upgrade Linux to 4.9.30-2+deb9u3.
- Upgrade libtiff to 4.0.8-2+deb9u1.
- Upgrade bind9 to 1:9.10.3.dfsg.P4-12.3+deb9u2.
- Upgrate evince to 3.22.1-3+deb9u1.
- Upgrade imagemagick 8:6.9.7.4+dfsg-11+deb9u1.
- Ensure Thunderbird cleans its temporary directory. (Closes: #13340).
* Minor improvements
- Patch gconf to produce reproducible XML output (refs: #12738). This is
the temporary solution for #12738 in Tails 3.1 which will be reverted
(and fixed permanently by removing gconf) in Tails 3.2.
- Apply Debian bts patch to cracklib to produce reproducible dictionnaries
(Closes: #12909).
- Upgrade to Debian 9.1 (Closes: #13178).
* Bugfixes
- Replace faulty URL in htpdate neutral pool (Closes: #13472).
- Keep installing a version of Enigmail compatible with Thunderbird 45.x
(Closes: #13530).
- Fix the time syncing and Tor notifications translations (Closes: #13437).
* Build system
- Upgrade the Vagrant basebox for building ISO images to Stretch
(Closes: #11738).
- Fix on-disk build by bumping Vagrant build VM memory to 768M
(Closes: #13480).
- Fix rescue build option by exporting TAILS_BUILD_FAILURE_RESCUE
(Closes: #13476).
* Test suite
- mark gnome screenshot scenario as fragile (refs: #13458)
- mark UEFI scenario as fragile (refs: #13459).
-- Tails developers <[email protected]> Sat, 05 Aug 2017 15:25:51 +0200
tails (3.0.1) unstable; urgency=medium
* Security fixes
- Upgrade tor to 0.3.0.9-1~d90.stretch+1 (Closes: #13253).
- Upgrade Linux to 4.9.30-2+deb9u2.
- Upgrade libc to 2.24-11+deb9u1.
- Upgrade libexpat1 to 2.2.0-2+deb9u1.
- Upgrade libgcrypt20 to 1.7.6-2+deb9u1.
- Upgrade libgnutls30 to 3.5.8-5+deb9u1.
- Enable Debian security APT sources (Closes: #12309).
* Minor improvements
- Use a higher resolution image in Tails persistence setup
(Closes: #12510).
* Bugfixes
- Forcibly set $SSH_AUTH_SOCK before starting GNOME
Shell. Apparently, due to a race condition, GNOME keyring
sometimes fails to tell the session manager about the correct
SSH_AUTH_SOCK, and thus GNOME Terminal hasn't this variable set
and any ssh process started in there won't use the (perfectly
working) SSH agent (Closes: #12481).
- Fix issue that made Tails Installer rejects working USB drives,
pretending they're not "removable" (Closes: #12696).
- Make behavior of the power button and lid close actions in the Greeter
consistent with the regular GNOME session (Closes: #13000).
* Build system
- Track the latest debian-security archive for the corresponding
APT sources, and not for the unrelated jessie-updates (Closes:
#12829).
- Print APT sources used in the build VM, to help debugging issues
such as #12829.
-- Tails developers <[email protected]> Tue, 04 Jul 2017 15:59:18 +0200
tails (3.0) unstable; urgency=medium
* Major changes
- Upgrade Tor Browser to 7.0.1 (Closes: #12635, #12657).
- Upgrade to a new snapshot of the Debian and Torproject
APT repositories: respectively 2017060904 and 2017060903
(Closes: #12609).
* Minor improvements
- Tor Browser: enable Electrolysis (e10s), i.e. render content in a separate
child process, which will allow to improve performance and security
further along the road. This required us to drop our branding add-on
and re-implement its functionality in our Tor Browser wrapper
(Closes: #12569).
- Clean obsolete cached packages when using the Additional Software Packages
feature (Closes: #12400).
- Improve KeePassX database migration handling (Closes: #12375).
- Upgrade OnionShare to 0.9.2, from Debian sid as it has been removed
from Stretch (Closes: #12610).
- Upgrade Tor to 0.3.0.8 (Closes: #12656).
- Drop obsolete bilibop patch, that was applied in 0.5.2.1.
- Include disk space usage information in the WhisperBack bug reports.
- Reorder technical details in WhisperBack bug reports in way that makes
more sense when reading them.
- Convert lc.py to Python 3.
- Simplify some Python code thanks to subprocess.check_ouput.
- Set the initial keyboard focus on the "Start Tails" button
in Tails Greeter (Closes: #12509).
- Convert Tails Greeter's Debian packaging to current best practices.
* Bugfixes
- Fix persistent Thunderbird configuration migration when there is
a mimeTypes.rdf, that doesn't contain any associations to "icedove"
or "/usr/bin/iceweasel" (Closes: #12580).
- Fix persistent browser bookmarks, by generating them from an sqlite dump
(Closes: #12568).
- Use the "intel" X.Org driver for Intel Atom/Celeron/Pentium Processor
x5-E8000/J3xxx/N3xxx Integrated Graphics Controller.
- `exec' from our Thunderbird wrapper so it doesn't remain running.
- Tails Installer: don't allow installing on non-removable drives
(Closes: #10731).
- Fetch the torbrowser-launcher sources from Debian sid:
it's been removed from Debian testing.
Refresh torbrowser-AppArmor-profile.patch accordingly.
- Unsafe Browser: remove the search bar, that's currently buggy
and its presence only encourages unsupported usage (Closes: #12573).
- Unsafe Browser: disable searching in the address bar. It can result
in leaking hostnames and credentials to the default search
engine operator (Closes: #12540).
- Make our omni.ja modifications reproducible (Closes: #12620).
- Generate the fontconfig cache in a reproducible manner (Closes: #12567).
- Don't include torrents/rss.html in the ISO. It's not generated
in a deterministic manner and is worthless in the ISO (Closes: #12619).
- Improve the language → default keyboard layout mapping
in Tails Greeter (Closes: #12547).
- Don't close Tails Greeter's main window when Alt-F4 is pressed
(Closes: #12462).
* Test suite
- Run emergency_shutdown.feature after usb_*.feature, to reduce disk
space requirements (Closes: #12565).
- Deal with server messages in Pidgin.
- Improve Pidgin connectivity check robustness.
- Flag the Synaptic test as fragile (i.e. #12586).
- Optimization: only test once that Tails, booted on DVD, eventually
shuts down after wiping memory.
- Move tests about the shutdown applet to a dedicated feature,
as they have nothing to do with Tails' "emergency" shutdown feature.
- Adapt the network connectivity check to Stretch, and improve it to check
both link and IP connectivity (Closes: #12602).
- Apply a fix from upstream Git to mutter, to fix some of its interactions
with dogtail (Closes: #11718).
- Mark "Scenario: Watching a WebM video" as fragile (i.e. #10442).
* Build system
- Set create_box -e, to make the vagrant box generation a bit more robust.
(Closes: #12578).
- Install kernel from backports and Tails build deps before performing
APT upgrade, to avoid useless bandwidth usage (Closes: #12529).
- Update submodules after merging the base branch (Closes: #12556).
- Rakefile: fix date comparison in basebox:clean_old (Closes: #12575).
- Rakefile: have basebox:clean_old delete baseboxes more than 4 months old
(refs: #12576).
- Also check for fuzzy patches' .orig files at the end of our build hooks,
so we detect any fuzzy patches applied by hooks (Closes: #12617).
- Remove .orig files for patches we allow to be fuzzy.
- Don't pre-build the wiki when mergebasebranch is enabled.
When pre-building the wiki, we modify the PO files which results in a
conflict from the base branch merge in case it modifies the same
files, which breaks the build (Closes: #12611).
- Rakefile: add a task that removes all tails-builder-* libvirt volumes
(Closes: #12599).
-- Tails developers <[email protected]> Sat, 10 Jun 2017 14:39:10 +0000
tails (3.0~rc1) unstable; urgency=medium
* Major changes
- Install Thunderbird 1:45.8.0-3+tails2 and handle the Icedove → Thunderbird
migration, including wrt. persistent data (Closes: #11712, #12242).
This package also has the patch from
https://bugzilla.mozilla.org/show_bug.cgi?id=1281959 applied,
to ease future integration of the Thunderbird AppArmor profile.
Also, drop the Claws → Icedove migration path.
- Upgrade to a new snapshot of the Debian and Torproject
APT repositories: 2017051803 (Closes: #12554).
- Upgrade Linux packages to the Debian kernel 4.9.0-3, based on
mainline Linux 4.9.25.
- Replace the kexec-based memory erasure feature with the Linux kernel's
memory poisoning (Closes: #12354, #12428). The kexec-based implementation
was not reliable enough and provided a poor UX. Instead, we now return
to the initramfs on shutdown and unmount all filesystems there, so their
content and corresponding caches are erased.
- Upgrade Tor Browser to 7.0a4 based on Firefox 52.1.1esr (Closes:
#12115, #12464):
* Unfortunately e10s (multi-process Firefox) is disabled (#12569).
* Unfortunately persistent bookmarks created for the first time
in Tails 3.0~rc1 is broken (#12568).
* Adds exceptions for the extensions Tails installs on top of
the vanilla Tor Browser (Closes: #11419).
- Upgrade tor to 0.3.0.7-1 (Closes: #12485) and log both to the
usual file and the journal (Closes: #12412).
- Merge the code that makes Tails almost build reproducibly (Refs:
#5630); we still have issues with the fontconfig cache (Refs:
#12567).
* Minor improvements
- Add a HACKING document for new code contributors (Closes:
#12164).
- Rename tor-controlport-filter to onion-grater (Closes: #12394)
and import patches killing the delta against Whonix version
(Closes: #12173).
- Improve onion-grater; thanks to Joy SN <[email protected]>
for the original patches (Closes: #12173):
· add --listen-interface
· make stdout/stderr unbuffered to ensure Python exceptions are logged
· use yaml.safe_load()
- Improve KeePassX database migration handling (refs: #12375).
- Electrum: set coin selection strategy to 'Privacy' (Closes: #12177).
- Allow Onion Circuits to access /proc/pid/status.
- Make gdm-shell-tails.desktop more similar to the one shipped
in gnome-shell 3.22.3-3 (refs: #12364).
- Greeter: have the help window point to updated documentation,
use WebKit2 instead of the deprecated WebKit, and hide the sidebar
and banner.
- Use exec to start KeePassX, i.e. avoid leaving the wrapper running.
* Bugfixes
- Install xserver-xorg-legacy, to fix support for various graphics
adapters that still don't work with rootless X.Org (Closes: #12542).
- Use the "intel" X.Org driver for Intel Q35 and Intel Atom
D4xx/D5xx/N4xx/N5xx graphics controllers (refs: #12219).
- Give UEFI bootloaders upper-case filenames (Closes: #12511).
Some UEFI firmware, such as the one in the ThinkPad X220, only recognize
them if they have an upper-case name.
- KeePassX: enable "Automatically save after each change" again,
like we did in Tails 2.x (fixes a regression introduced
in 3.0~beta3).
- Install packages needed by the "Test speakers" functionality
(Closes: #12549).
- Fix automatic upgrades when one is already applied (Closed:
#12501).
- When generating the network device blacklist, also blacklist
network drivers from the staging directory (Closes: #12362).
- htpdate pool: replace www.sarava.org with leap.se. The former
has been down for a while and it's not clear when it's going to
be stable again. The latter should be reliable.
* Test suite
- Check that dirmngr used the configured keyserver (Closes: #12371).
- Sanity check that Chutney starts all nodes in the network.
- Disable the Sandbox option for all nodes, until Tor#21943
is fixed (Closes: #12512).
- Wait for the desktop icons to be displayed in the "Tails desktop is ready"
step. Let's not try interacting with the desktop earlier.
- Add tests for memory erasure on "normal" shutdown (refs: #12428).
- Add tests for memory erasure on "emergency" shutdown, and run some
with network enabled (refs: #12354).
- Have eject_cdrom run eject(1) like it used to do in the past.
Otherwise the machine is immediately halted and we cannot test
whether memory has been erased.
- Pass mount_USB_drive structured data instead of free-form text.
- Test that MAC spoofing and "Disable network" works for
hotplugged networking devices (Refs: #12362).
* Build system
- Generate the Vagrant base box locally as part of the build process,
instead of downloading it: one less binary blob as input in the build
process (refs: #12409).
- Use Vagrant for builds on Jenkins too (Closes: #11972).
- Tell build script to be more verbose.
- Respect the 'ARTIFACTS' environment variable if set.
- Add a second disk to handle the apt-cacher-ng cache, and store
the corresponding logs in there (Closes: #11979).
- Use APT snapshots in Vagrant build VMs, create/use a basebox that matches
the branch/tag/commit being tested, and provision a new VM for each build
(Closes: #11980, #11981).
- Ship all build dependencies in the Vagrant basebox, to save some
time when building ISOs.
- Make basebox generation compatible with both GnuPG 1.x and 2.x.
- Set LC_ALL=C, mostly to suppress some warnings.
- Support forcing VM cleanup before/after build.
- Add tasks for cleaning up old or all base boxes (refs: #12409).
- Add build option useful for debugging build failures.
- Remove obsolete build options.
- Make auto/scripts/utils.sh more reusable, use it in Rakefile,
auto/build and setup-tails-builder.
- Add an option controlling whether to merge the base branch.
- Add "rake test" target and import logics from puppet-tails'
wrap_test_suite script.
- Build Tails as a release simply when HEAD is tagged, i.e. we do not
require building from a detached head any more.
- Sanity check compression choice when building a release.
- Use the host's resolv.conf when building the Vagrant base box.
Since systemd-networkd is used to manage resolv.conf inside the base box,
and it hasn't been initialized yet (we are not booting it, just chrooting
into it) DNS is broken otherwise.
- Release process: "release" a new base box when freezing.
- Chown/scp artifacts with a single command to limit overhead and warnings
noise caused by repeated SSH calls.
- Add a build options to use a custom CPU model, and custom
machine type, for reproducibility testing (refs: #12345).
- Add support for installing Tor Browser nightly builds.
-- Tails developers <[email protected]> Sat, 20 May 2017 16:48:45 +0200
tails (3.0~beta4) unstable; urgency=medium
* Major changes
- All changes brought by Tails 2.12.
- Upgrade to a new snapshot of the Debian and Torproject
APT repositories (2017041704).
* Security improvements
- Enable the buddy page allocator free poisoning (Closes: #12089).
- Enable slub/slab allocator free poisoning (Closes: #12090).
- Create IUKs (automatic upgrades) in a reproducible manner
(Closes: #11974).
* Minor improvements
- Firewall: forbid the _apt user to talk to DNS ports. APT works very well
without DNS access since we only have Onion APT sources, so let's silence
the logs.
- Replace Pidgin's "systray" icon with the guifications plugin
(Closes: #11741). We're trying to remove as much as we can from
the set of icons managed by TopIcons extension flavours, in the hope
it's enough to cancel the problems we've seen with them (#10576, #11737).
- Disable apt-daily.timer, that can only cause problems in our context
(Closes: #12390).
- Do not let pppd-dns manage /etc/resolv.conf (Closes: #12401).
- Ensure rootless X.Org can access /dev/fb0 when started by GDM.
- Include the amdgpu module in the initramfs (refs: #12218).
- Tails Greeter: don't mention 'firewall' anymore (#12382).
- Tails Greeter: avoid the popover menu for Formats being cut,
in most cases (Closes: #12249).
- Tails Greeter: disable the screensaver (Closes: #12370).
- Tails Greeter: fix behavior when pressing Enter in the language selection
menu (Closes: #12359).
* Bugfixes
- Install speech-dispatcher-espeak-ng to fix the Orca screen reader
(Closes: #12389).
- Install xserver-xorg-video-intel and use it on a few graphics adapters
that are not supported correctly by the modesetting driver (refs: #12219).
More PCI IDs will be added as new affected hardware is reported.
* Test suite
- Run on a Q35 2.8 machine (Closes: #11605).
- Deprecate xtightvncviewer in favor of tigervnc-viewer.
- Test the Unsafe Browser in 3 random supported languages, not all.
This should be enough to identify most future regressions in this area,
and will be much faster than testing them all.
- Pidgin tests: switch to an image that doesn't depend on the
topic of [email protected].
- Fix a problematic use of try_for.
- Fix VM.select_virtual_desktop() and VM.do_focus().
- Random Gherkin improvements.
- Fix a focus issue for GNOME Terminal vs. Tails Installer.
- Adjust to kernel memory poisoning being enabled, which breaks the way
we used to test memory erasure (refs: #12354):
· Drop "no memory erasure" and "memory erasure" tests, that can't work
anymore.
· Test erasure of memory freed by a killed userspace process.
· Test that memory poisoning applies to unmounted tmpfs.
· Test that memory poisoning applies to read and write cache
for unmounted vfat and LUKS-encrypted ext4.
· Run erase_memory a bit later, it requires less disk space nowadays.
-- Tails developers <[email protected]> Tue, 18 Apr 2017 13:01:25 +0000
tails (2.12) unstable; urgency=medium
* Major changes
- Completely remove I2P. :( We have decided to remove I2P (see
#11276) due to our failure of finding someone interested in
maintaining it in Tails (Closes: #12263).
- Upgrade the Linux kernel to 4.9.13-1~bpo8+1 (Closes: #12122).
* Security fixes
- Upgrade Tor Browser to 6.5.2 based on Firefox 45.9. (Closes:
#12444)
- Mount a dedicated filesystem on /var/tmp, to mitigate the
hardlinks permissions open by the user-tmp abstraction. See
https://labs.riseup.net/code/issues/9949#note-23 for details
(Closes: #12125).
- Protect against CVE-2017-2636 by disabling the n-hdlc kernel
module (Closes: #12315).
- Ensure /etc/resolv.conf is owned by root:root in the SquashFS.
lb_chroot_resolv will "cp -a" it from the source tree, so it
inherits its ownership from the whoever cloned the Git
repository. This has two problems. First, this results in unsafe
permissions on this file (e.g. a Vagrant build results in the
'amnesia' user having write access to it).
- Upgrade libjasper1 to 1.900.1-debian1-2.4+deb8u3
- Upgrade gstreamer and its plugins to 1.4.4-2+deb8u1.
- Upgrade eject to 2.1.5+deb1+cvs20081104-13.1+deb8u1.
- Upgrade imagemagick to 8:6.8.9.9-5+deb8u8.
- Upgrade pidgin to 2.11.0-0+deb8u2.
- Upgrade samba to 2:4.2.14+dfsg-0+deb8u5.
* Minor improvements
- Don't add the live user to the "audio" group. This should not be
needed on a modern Linux desktop system anymore (Closes:
#12209).
- Install virtualbox-* 5.1.14-dfsg-3~bpo8+1 from our custom APT
repository (Closes: #12307).
- Install virtualbox-guest-* from sid. The version currently in
jessie-backports is not compatible with Linux 4.9, and there's
basically no chance that it gets updated (the maintainer asked
for them to be *removed* from jessie-backports) (Closes:
#12298).
- Pull ttdnsd from our custom APT repository. It's gone from the
TorProject one. We removed ttdnsd on feature/stretch already, so
we'll need to pull it from our custom APT repository only for
the next 3 months.
- Clean up libdvd-pkg build files, again. This cleanup operation
was mistakenly removed in commit c4e8744 (Closes: #11273).
- Install gnome-sound-recorder (Closes #10950). Thanks to Austin
English <[email protected]> for the patch!
- Stop restarting tor if bootstrapping stalls. It seems tor might
have fixed the issues we used (see: #10238, #9516) to experience
with the bootstrap process stalling and requiring a restart to
kickstart it (Closes: #12411).
- tor.sh: communicate via the UNIX socket instead of TCP port.
This makes the library usable when run inside systemd units that
have `PrivateNetwork=yes` set.
- Get tor's bootstrap progress via GETINFO instead of log
grep:ing.
- Upgrade tor to 0.2.9.10-1~d80.jessie+1
* Bugfixes
- mirror-pool-dispatcher: bump maximum expected mirrors.json size
to 32 KiB. This fixes an error where Tails Upgrader would
complain with "cannot choose a download server" (Closes:
#11735).
* Build system
- Retry curl and APT operations up to 20 times to make the ISO
build more robust wrt. unreliable Internet connectivity. Thanks
to Arnaud <[email protected]> for the patch!
- Install ikiwiki from jessie-backports, instead of our patched
one. Our changes were merged in 3.20161219, and jessie-backports
now has 3.20170111~bpo8+1 (Closes: #12051).
- Fix FTBFS when installing a .deb via config/chroot_local-packages
by being more flexible when matching local packages in the apt
list file (Closes: #12374). Thanks to Arnaud <[email protected]>
for the patch!
- auto/build: support Stretch's GnuPG v2 keyring filename.
* Test suite
- Try possible fix for #11508. IPv6Packet:s' source is accessed by
`.ipv6_saddr`, not `ip_saddr` (that's for IPv4Packet). So, let's
just try and see which one of the two each packet has, because
one of them must be there! Also, given that UDPPacket can be
either IPv4 or IPv6 it seems safest to try to parse each packet
as IPv6Packet first -- that way we keep looking at transport
layer protocols for IPv4 only, and treat everything IPv6 as the
same, which makes sense, since we should block all IPv6, so
everything should be treated the same at all times.
- Changes due to #12411:
* Raise special exception for Tor bootstrap failures.
* Remove obsolete debug logging now that we don't log anything
interesting for `restart-tor` any more.
-- Tails developers <[email protected]> Tue, 18 Apr 2017 17:41:46 +0200
tails (3.0~beta3) unstable; urgency=medium
* Major new features and changes
- Make the "Formats" settings in Tails Greeter take effect (Closes: #12079,
new feature that was broken since it was introduced in 3.0~alpha1).
- Upgrade to a new snapshot of the Debian and Torproject
APT repositories (2017031702).
* Removed features
- Stop including I2P: we decided (#11276) to remove I2P, due to our failure
at finding someone to maintain it in Tails (Closes: #12263).
* Security fixes
- Upgrade MAT to 0.6.1-4: fixes silent failure of the Nautilus
contextual menu extension.
- Ensure /etc/resolv.conf is owned by root:root in the SquashFS
(Closes: #12343).
- Protect against CVE-2017-2636 by disabling the n-hdlc kernel module
(Closes: #12315).
* Minor improvements
- Reintroduce the X11 guest utilities for VirtualBox (regression
introduced in 3.0~beta2).
- Upgrade X.Org server and the modesetting driver (hopefully helps
fixing #12219).
- Automate the migration from KeePassX databases generated on Tails 2.x
to the format required by KeePassX 2.0.x (Closes: #10956, #12369).
- Add keyboard shortcuts in Tails Greeter (Closes: #12186, #12063).
- Install dbus-user-session (regression introduced in 3.0~beta2).
- Manage temporary directories in a declarative way (tmpfiles.d).
- Replace references to the /var/run compatibility symlink
with the canonical /run.
- Update our Torbirdy patchset to the latest one sent upstream.
- Install mesa-utils, so that Qt 5 can detect whether software based
rendering is needed.
- Have Tails Greeter honor the "debug" kernel command-line option,
for easier debugging (Closes: #12373).
- Refactor Tails Greeter to reduce code duplication (Closes: #12247).
* Bugfixes
- Fix sizing of zenity dialogs (Closes: #12313, regression introduced
in 3.0~alpha1).
- Fix confusing, spurious error messages in command-line applications
wrapped with torsocks:
· Ship a /etc/mailname file with content "localhost".
Otherwise something (Git? libc6?) tries to resolve the "amnesia" host
name, which fails, and a confusing error message is displayed
(Closes: #12205, regression introduced in 3.0~alpha1).
· Have torsocks allow UDP connections to the loopback interface,
with AllowOutboundLocalhost 2 (Closes: #11736).
* Test suite
- Improve debugging info logging for PacketFu parsing issues,
and implement a plausible fix (refs: #11508).
- Try to make "double-click on desktop launcher" more reliable.
- Fix selection of ISO in Tails Installer.
- Re-enable the GnuPG tests that require a keyserver, pointing them
to an Onion service we run on Chutney, that redirects all TCP traffic
to a real, clearnet keyserver (Closes: #12211).
- Implement a workaround for checking the configured keyserver in GnuPG,
until a better fix is implemented (refs: #12371).
- Fix the "Report an Error launcher" scenario in German.
* Build system
- Retry curl and APT operations up to 20 times to make the ISO build
more robust wrt. unreliable Internet connectivity.
Thanks to Arnaud <[email protected]> for the patch!
- Install ikiwiki from jessie-backports, instead of our patched one
(Closes: #12051).
- Clean up libdvd-pkg build files, again (Closes: #11273).
- Rakefile: fix TAILS_OFFLINE_BUILD exported variable name.
- Adjust apt-mirror to support branches based on feature/stretch
that don't use frozen APT snapshots.
-- Tails developers <[email protected]> Sun, 19 Mar 2017 15:10:28 +0100
tails (3.0~beta2) unstable; urgency=medium
* All changes brought by Tails 2.11, except:
- the test suite changes, that are not all compatible with this branch;
- the "Tails 3.0 will require a 64-bit processor" notification:
this advance warning is not useful on a release series
that's 64-bit only.
* Major new features and changes
- Upgrade to a new snapshot of the Debian APT repositories (2017030802),
and of the Torproject ones (2017030801).
- Upgrade Linux to 4.9.0-2 (version 4.9.13-1).
* Minor improvements
- Improve GNOME Shell Window List styling. (Closes: #12233)
* Bugfixes
- Make it possible to start graphical applications in the Root Terminal.
(part of #12000)
* Test suite
- Improve robustness when dealing with notifications. (Closes: #11464)
- Bump timeout when waiting for 'Tor is ready' notification.
- Fix the incremental upgrade test.
- Drop a few obsolete test cases, update a number of images.
- Adapt firewall leak test to new DHCP source IP address.
- Adjust Seahorse and Enigmail tests to the keyserver that is now used.
-- Tails developers <[email protected]> Wed, 08 Mar 2017 16:29:44 +0000
tails (2.11) unstable; urgency=medium
* Security fixes
- Upgrade Tor Browser to 6.5.1 based on Firefox 45.8. (Closes:
#12283)
- Fix CVE-2017-6074 (local root privilege escalation) by disabling
the 'dccp' module. (Closes: #12280)
- Disable kernel modules for some uncommon network protocol. These
are the ones recommended by CIS. (Part of: #6457)
- Disable modules we blacklist for security reasons. Blacklisted
(via `blacklist MODULENAME`) modules are only blocked from being
loaded during the boot process, but are still loadable with an
explicit `modprobe MODULENAME`, and (worse!) via kernel module
auto-loading.
- Upgrade linux-image-4.8.0-0.bpo.2-686-unsigned to 4.8.15-2~bpo8+2.
- Upgrade bind9 to 1:9.9.5.dfsg-9+deb8u10.
- Upgrade imagemagick to 8:6.8.9.9-5+deb8u7.
- Upgrade libevent-2.0-5 to 2.0.21-stable-2+deb8u1.
- Upgrade libgd3 to 2.1.0-5+deb8u9.
- Upgrade libjasper1 to 1.900.1-debian1-2.4+deb8u2.
- Upgrade liblcms2-2 to 2.6-3+deb8u1.
- Upgrade libxpm4 to 1:3.5.12-0+deb8u1.
- Upgrade login to 1:4.2-3+deb8u3.
- Upgrade ntfs-3g to 1:2014.2.15AR.2-1+deb8u3.
- Upgrade openjdk-7-jre to 7u121-2.6.8-2~deb8u1.
- Upgrade openssl to 1.0.1t-1+deb8u6.
- Upgrade tcpdump to 4.9.0-1~deb8u1.
- Upgrade vim to 2:7.4.488-7+deb8u2.
- Upgrade libreoffice to 1:4.3.3-2+deb8u6.
* Minor improvements
- import-translations: also import PO files for French from
Transifex. The translation team for French switched to Transifex
even for our custom programs:
https://mailman.boum.org/pipermail/tails-l10n/2016-November/004312.html
- Notify the user, if running on a 32-bit processor, that it won't
be supported in Tails 3.0 anymore. (Closes: #12193)
- Notify I2P users that I2P will be removed in Tails
2.12. (Closes: #12271)
* Bugfixes
- Disable -proposed-updates at boot time. If a Debian point
release happens right after a freeze but we have decided to
enable it before the freeze to get (at least most of) it, then
we get in the situation where -proposed-updates is enabled in
the final release, which we don't want. We only want it enabled
at build time. (Closes: #12169)
- Ferm: Use the variable when referring to the Live user. The
firewall will fail to start during early boot otherwise since
the "amnesia" user hasn't been created yet. (Closes: #12208)
- Tor Browser: Don't show offline warning when opening local
documentation. (Closes: #12269)
- tails-virt-notify-user: use the tails-documentation helper to
improve UX when one is not connected to Tor yet, and display
localized doc when available.
- Fix rare issue causing automatic upgrades to not apply properly
(Closes: #8449, and hopefully #11839 as well):
* Allow the tails-install-iuk user to run "/usr/bin/nocache
/bin/cp *" as root.
* Install tails-iuk 2.8, which will use nocache for various file
operations, and sync writes to the installation medium.
- Install Linux 4.8.15 to prevent GNOME from freezing with Intel
GM965/GL960 Integrated Graphics. (Closes: #12217, but fixes tons
of other small bugs)
* Build system
- Add 'offline' option, making it possible to build Tails offline
(if all needed resources are present in your cache). (Closes:
#12272)
* Test suite
- Encapsulate exec_helper's class to not "pollute" the global
namespace with all our helpers. This is an example of how we can
work towards #9030.
- Extend remote shell with *safe* file operations. Now we can
read/write/append *any* characters without worrying that it will
do crazy things by being passed through the shell, as was the
case before. This commit also:
* adds some better reporting of errors happening on the server
side by communicating back the exception thrown.
* removes the `user` parameter from the VM.file_* methods. They
were not used, any way, and simply do not feel like they
fit. I think the only reason we had it initially was because
it was implemented via the command interface, where a user
concept makes a lot of sense.
- debug_log() Dogtail script content on failure.
- Add a very precise timestamp to each debug_log().
- Make robust_notification_wait() ensure the applet is closed. In
robust_notification_wait() when we close the notification
applet, other windows may change position, creating a racy
situation for any immediately following action aimed at one such
window. (Closes: #10381)
- Fix I2P's Pidgin test. The initial conversation (that determines
the title of the conversation window) is now made by a different
IRC service than before.
- Use lossless compression for the VNC viewer with --view.
Otherwise the VNC viewer is not a good place to extract test
suite images from, at least with xtigervncviewer.
- Add optional pause() notification feature to the test suite. It
will run a user-configurable arbitrary shell command when
pause() is called, e.g. on failure when --interactive-debugging
is used. This is pretty useful when multitasking with long test
suite runs, so you immediately are notified when a test fails
(or when you reached a temporary pause() breakpoint). (Closes:
#12175)
- Add the possibility to run Python code in a persistent session
in the remote shell and use this for Dogtail to significantly
improve its performance by saving state and reusing it between
commands. This changes the semantics of the creation of Dogtail
objects. Previously they just created the code that then would
be run once an actionable method was called (.wait, .click etc),
but now it works like in Python, that Dogtail will try to find
the graphical element upon object creation. (Closes: #12059)
- Test that we don't ship any -proposed-updates APT sources.
(Closes: #12169)
- Make force_new_tor_circuit() respect NEWNYM rate limiting.
- Add retry magic for lost click when opening Tails' documentation
from the desktop launcher. (Closes: #12131)
-- Tails developers <[email protected]> Mon, 06 Mar 2017 17:14:52 +0100
tails (3.0~beta1) experimental; urgency=medium
* All changes brought by Tails 2.7.1, 2.9.1 and 2.10.
* Major new features and changes
- Redesigned Tails Greeter.
- Upgrade to a new snapshot (2017013002) of the Debian and Torproject
APT repositories.
- Upgrade Linux to 4.9.0-1.
* Security fixes
- Reject packets sent on the LAN to the NetBIOS name service
(Closes: #11944).
- Seahorse: use the Tor OnionBalance hidden service pool,
which provides transport encryption and authentication of the keyserver.
* Minor improvements
- Include adwaita-qt* and enable it by default, so that Qt applications
integrate nicely into a GNOME environment (Closes: #11790).
- Add support for the TREZOR hardware wallet in Electrum (Closes: #10964).
- AppArmor: allow all programs to read /etc/tor/torsocks.conf via
abstractions/base, to ease maintenance.
- Don't (try to) bind the Power button to the shutdown action
(Closes: #12004).
- Enable natural scrolling (Closes: #11969).
- Update uBlock Origin patterns + settings file.
- live-persist: remove Squeeze → Wheezy migration code.
- Update pre-existing persistent GnuPG configuration on login
(Closes: #12201).
- Upgrader: use the alpha channel when the next version will be an
alpha, beta, or RC. This will allow users of 3.0~betaN to upgrade to
the next beta or RC, without having to type any command-line
(Closes: #12206).
* Bugfixes
- Fix "upgrade from ISO" when run from a 32-bit system,
such as Tails 2.x (Closes: #11873).
- Fix ability to read videos over HTTPS with Totem (Closes: #11963).
- Re-introduce default directories in $HOME, which fixes
Spice file transfers (Closes: #11968).
- Re-enable tap-to-click (Closes: #11993).
- Lower systemd's DefaultTimeoutStopSec, to get rid of a long delay
before memory wiping starts. This also prevents shutdown from ever
being blocked by any buggy service that takes a while to stop
(Closes: #12061).
- Drop Jessie APT sources.
- Re-add VirtualBox DKMS modules.
- Fix GnuPG communication with keyservers, by using the Tor OnionBalance
hidden service pool (Closes: #12202).
- Fix Enigmail communication with keyservers, by teaching Torbirdy
not to break it (Closes: #11948):
· Patch Torbirdy to allow not breaking keyserver communication when
using GnuPG v2.1+, and to use a better default keyserver.
· Torbirdy: enable the new behaviour made possible by the aforementioned
patch (extensions.enigmail.already_torified).
· Torbirdy: drop our custom keyserver configuration, since the
aforementioned patch makes it the default.
* Removed features
- Don't install gnome-system-log anymore (Closes: #12133).
It's deprecated in GNOME, and mostly useless anyway as it's not
Journal-aware. It's replacement (gnome-logs) is not usable
enough in the context of Tails, and most users who can read logs
should manage to do it with journalctl, so don't install it either.
- Drop multiarch handling: Tails 3.0 will be amd64-only (Closes: #11961).
* Build system
- Disable eatmydata usage and caching: in current Stretch, debootstrap fails
if we use eatmydata + the operation mode picked by live-build when caching
is enabled (Closes: #12052).
- Bump disk space (and memory for in-RAM builds) requirements.