zerotracepen (1.3.1)

  • Security fixes

    • Upgrade Tor Browser to 4.0.5, based on Firefox 31.5.3 ESR. This addresses:
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
      · https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/

    • Upgrade Linux to 3.16.7-ckt7-1.

    • Upgrade libxfont to 1:1.4.5-5.

    • Upgrade OpenSSL to 1.0.1e-2+deb7u15.

    • Upgrade tcpdump to 4.3.0-1+deb7u2.

    • Upgrade bsdtar to 3.0.4-3+wheezy1.

    • Upgrade CUPS to 1.5.3-5+deb7u5.

    • Upgrade file and libmagic to 5.11-2+deb7u8.

    • Upgrade GnuPG to 1.4.12-7+deb7u7.

    • Upgrade libarchive to 3.0.4-3+wheezy1.

    • Upgrade libav to 6:0.8.17-1.

    • Upgrade FreeType 2 to 2.4.9-1.1+deb7u1.

    • Upgrade libgcrypt11 1.5.0-5+deb7u3.

    • Upgrade libgnutls26 to 2.12.20-8+deb7u3.

    • Upgrade libgtk2-perl to 2:1.244-1+deb7u1.

    • Upgrade ICU to 4.8.1.1-12+deb7u2.

    • Upgrade NSS to 2:3.14.5-1+deb7u4.

    • Upgrade libssh2 to 1.4.2-1.1+deb7u1.

    • Bugfixes

    • Upgrade Tor to 0.2.5.11-1~d70.wheezy+1+zerotracepen1. Changes include:
      · Directory authority changes.
      · Fix assertion errors that may trigger under high DNS load.
      · No longer break on HUP with seccomp2 enabled.
      · and more - please consult the upstream changelog.

    • Upgrade Tor Launcher to 0.2.7.2, and update the test suite accordingly
      (Closes: #8964, #6985). Changes include:
      · Ask about bridges before proxy in wizard.
      · Hide logo if TOR_HIDE_BROWSER_LOGO set.
      · Remove firewall prompt from wizard.
      · Feedback when “Copy Tor Log” is clicked.
      · Improve behavior if tor exits.
      · Add option to hide TBB's logo
      · Change "Tor Browser Bundle" to "Tor Browser"
      · Update translations from Transifex.

    • Fix the Tor Launcher killer. (Closes: #9067)

    • Allow Seahorse to communicate with keyservers when run from Zero Trace Pen
      OpenPGP Applet. (Closes: #6394)

    • SSH client: don't proxy connections to 172.17. to 172.31..
      (Closes: #6558)

    • Repair config/chroot_local-packages feature, that was broken in Zero Trace Pen 1.3
      by 19-install-tor-browser-AppArmor-profile. (Closes: #8910)

    • language_statistics.sh: count original words instead of translated words.
      Otherwise we get >100% translation if translated strings are longer than
      original strings. (Closes: #9016)

    • Minor improvements

    • Only ship the new Zero Trace Pen signing key, and have Zero Trace Pen Upgrader stop trusting
      the old one. Update the documentation and test suite accordingly.
      (Closes: #8735, #8736, #8882, #8769, #8951)

    • Polish and harden a bit the WhisperBack configuration (Closes: #8991):
      · Only allow the `amnesia' user to run zerotracepen-debugging info as root
      with no arguments.
      · Fix spelling and grammar mistakes, improve phrasing a bit.
      · Quote variables consistently.

    • Test suite

    • New tests:
      · Chatting over XMPP in Pidgin, both peer-to-peer and in a multi-user
      chatroom. (Closes: #8002)
      · Chatting with OTR enabled over XMPP in Pidgin. (Closes: #8001)
      · Check that Pidgin only responds to the expected CTCP requests.
      (Closes: #8966)
      · Fetching keys using Seahorse started via the OpenPGP Applet.
      · Sync'ing keys using Seahorse.

    • Bugfixes:
      · Fix a race condition between the remote shell's and Zero Trace Pen Greeter's
      startup, by making sure the remote shell is ready before we start
      GDM. (Closes: #8941)
      · Kill virt-viewer properly. (Closes: #9070)
      · Make sure the display is stopped on destroy_and_undefine().
      Where we had it earlier, it could be skipped if anything else in the
      block threw an exception.
      · Fix wrong use of "$@". (Closes: #9071)
      · Enable the pipefail option in run_test_suite.
      · Improve the GNOME screenshot test's robustness. (Closes: #8952)

    • Refactoring:
      · turn the focus_pidgin_window() helper into a more generic
      VM.focus_xorg_window() one.
      · Reorganize the Display class.
      · Use clearer method to check process status in the Display class.

    • New developer-oriented features:
      · Add a --log-to-file option to run_test_suite. (Closes: #8894)
      · Add helpers for generating random strings.
      · Make it possible to hook arbitrary calls on scenario end. This is useful
      for dynamically adding cleanup functions, instead of having
      to explicitly deal with them in some After hook.