zerotracepen (3.6.2)

  • Security fixes

    • Upgrade Tor Browser to 7.5.3 (MFSA 2018-10, Closes: #15459).

    • Upgrade Thunderbird to 1:52.7.0-1~deb9u1.0zerotracepen1 (DSA-4155,
      Closes: #15471).

    • Upgrade libicu to 57.1-6+deb9u2 (DSA-4150).

    • Upgrade intel-microcode to 3.20180312.1~bpo9+1. Implements
      IBRS/IBPB/STIPB support, Spectre-v2 mitigation for: Sandybridge,
      Ivy Bridge, Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake
      (Closes: #15173).

    • Bugfixes

    • Tor Browser AppArmor profile:

      • Grant the main Firefox process access to machine-id: needed for
        IBus support (Closes: #15437).
      • Allow access to extensions installed by the user such as Zero Trace Pen
        Verification (Closes: #15434).
    • Remove packages needed to support Video Acceleration API
      (VA-API) because they breaks opening GNOME Settings and Totem in
      Zero Trace Pen 3.6 on some computers (only NVIDIA for now but perhaps
      other hardware is affected). (Closes: #15433, #15449)

    • Upgrade Linux to 4.15.11-1 and bump the aufs submodule (Closes:

      15456, #15457).

    • zerotracepen-documentation script:

      • open translated documentation page in Tor Browser when online
        (Closes: #15371).
      • use documented syntax for os.execv (Refs: #15332)
      • re-add support for passing a HTML anchor as the second
        argument.
    • Fix issue where the zerotracepen-persistence-setup user's guid would be
      changed when it was the uid that was intended (Closes: #15422).