[Pkg-privacy-commits] [torbrowser-launcher] annotated tag debian/0.2.5-1 created (now 993fccb)

Ulrike Uhlig u-guest at moszumanska.debian.org
Sun Jul 10 21:18:45 UTC 2016 

This is an automated email from the git hooks/post-receive script.

u-guest pushed a change to annotated tag debian/0.2.5-1
in repository torbrowser-launcher.

        at  993fccb   (tag)
   tagging  6b8b0656f9c640fdb3c1bddb38c20348a4bbcbc3 (commit)
  replaces  debian/0.2.4-1
 tagged by  Ulrike Uhlig
        on  Sun Jul 10 23:16:04 2016 +0200

- Log -----------------------------------------------------------------
Signed git tag for 0.2.5-1
-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJXgrsmAAoJELFLsMONhhzxeEkP/RhiEq/8O4ylM8op/S0Zl62d
HDpT90atYyiSWFKLe3jzjXDzY2rmmZgDKpCxfduoX0aD2VKfwpHLCTrM5JsooDRu
YAzjWpULWXoPx/6NjkWWVt0XZyA8SFSY+gJLJ/Xf8gvAeGWhT6YAreZv35ywDEkk
5Ps0Ie2Z2gvNHnnasgg7tNr9rQJe6KFhRQ3pd1CyVyphWIZ3cLz1qwaAiyTHedHL
fDTWiRazgCcC3q4cAwpJQH6TE1/hMMmQ+i/7RwjpFbpNXXxiISgo2CtVN1qukq5B
81dLvYMHhK3YCJyIpcZ01kCsIGxJb7fNHUh6Q5AxzHBwNa9+nKvYCwH036c0havs
CyqGVRA0kuuogaoW0fQAM/ARkN70ecPer53qLm4exMCgpl5a6tdKKea6ejZTdr9u
5QzM6MKc1RFpAeLT0eYKHwNOUlQKClgVGildSO3oPwP4WL1suX2BhZQXV8sZcYCw
mwHm/dnfE5ES9ICuTMmq8Wtz3vmFu1k5XLjBSM9xGHiXbNkBYhXMuk/EXJa6oUja
Jdvcv5w22h1tiqdZh03nSWLUloXlcVp3JnGeC3RVxoApUGJm9rmZeU0Hj8gMe0BG
Na5anW/r/5fignMKdxw71oBjxGNHATFQEi6iCTbpuja8XHjXyOeiMRIkNgV0wOxU
bCSJ9uxEJpIGlVCbaQPS
=bHvp
-----END PGP SIGNATURE-----

Dhole (1):
      Remove unused dependency of IPolicyForHTTPS

Holger Levsen (8):
      * Drop patch which has been applied upstream:
      Bump standards version to 3.9.8, no changes needed.
      Merge tag 'v0.2.4' into debian/sid
      Merge remote-tracking branch 'micahlee/master' into debian/sid
      Remove obsolete conffile /etc/apparmor.d/torbrowser.start-tor-browser thanks to Paul Wise. (Closes: #805706)
      debian/rules: don't try to installed removed file apparmor profile torbrowser.start-tor-browser.
      remove useless copyright stub
      merge 0.2.4-2: Remove Jacob from uploaders. Believe victims.

Isis Lovecruft (1):
      Check that GnuPG key import was successful.

Jon Griffiths (1):
      Avoid re-downloading the tbb tarball if it is already present

Micah Lee (19):
      Prevent signature verification attack by passing both data file as well as sig file into gpg (fixes #229)
      Prevent attempts at directory traversal attacks, even though they do not look exploitable
      Updated CHANGELOG and version bump to 0.2.4
      Merge pull request #228 from intrigeri/debian-bug-817267
      Added CVE-2016-3180 to changelog for signature verification bypass attack
      Merge pull request #233 from intrigeri/bugfix/apparmor-vs-upgrade
      Merge pull request #234 from intrigeri/bugfix/apparmor-with-bundled-tor
      Merge pull request #231 from Dhole/master
      Merge branch 'master' of https://github.com/jgriffiths/torbrowser-launcher into jgriffiths-master
      Merge branch 'jgriffiths-master'
      Merge branch 'nbraud-nitpicks'
      If installed version is older than min_version, download fresh copy
      Update the default mirror
      Add 'Force downloading English version of Tor Browser' setting
      If a download results in a 404 and the language is not en-US, try downloading the en-US Tor Browser instead
      Merge branch 'fix/137' of https://github.com/isislovecruft/torbrowser-launcher into isislovecruft-fix/137
      Read gpg output a line at a time, looking for status-fd output
      Remove some verbose output
      Updated changelog and version bump

Nicolas Braud-Santoni (3):
      apparmor: Tighten the /proc rules
      Bump min_version to 6.0.2
      apparmor: Don't let Tor access /proc/meminfo

Ulrike Uhlig (5):
      Add AppArmor patches as Debian patches
      We don't seem to use pristine-tar anymore
      Merge tag 'v0.2.5' into debian/sid
      Revert "Add AppArmor patches as Debian patches"
      Update debian/changelog.

intrigeri (4):
      AppArmor: try to fix Tor Browser upgrade, again.
      AppArmor: update rules to allow self-upgrade, again.
      AppArmor: allow Tor to load the bundled libraries.
      AppArmor: allow Firefox to start Tor without libc's Secure Execution.

-----------------------------------------------------------------------

No new revisions were added by this update.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/torbrowser-launcher.git

More information about the Pkg-privacy-commits mailing list