Upgrade Tor Browser to 11.5.2 (zerotracepen/zerotracepen!908)
Closes issues:
- Upgrade to Tor Browser based on 91.13 (zerotracepen/zerotracepen#19073)
Commits:
- automatic redirect to HTTPS, here we meet again
- Upgrade Tor Browser to UNVERIFIED 11.5.2-build1
- Upgrade Linux packages to 5.10.0-17, currently at version 5.10.136
(zerotracepen/zerotracepen!900)
Closes issues:
- Handle CVE-2022-2585 (POSIX CPU timer UAF) (zerotracepen/zerotracepen#19081)
Commits:
- Upgrade Linux packages to 5.10.0-17, currnetly at version 5.10.136
- Disable HTTPS-only mode in Unsafe Browser (zerotracepen/zerotracepen!906)
Closes issues:
- Disable HTTPS-only mode in Unsafe Browser (zerotracepen/zerotracepen#19095)
Commits:
- disable HTTPS-only mode for unsafe browser
- Upgrade tor to 0.4.7.10 (zerotracepen/zerotracepen!903)
Closes issues:
- Upgrade to tor 0.4.7.10 (zerotracepen/zerotracepen#19083)
Commits:
- Don't mention irrelevant implementation detail
- Avoid initially pushed branch failing its pipeline
- Drop obsolete step
- Upgrade tor to 0.4.7.10
- Resolve "Some time sync related automated tests fail when run on a system whose
system clock is not in UTC" (zerotracepen/zerotracepen!902)
Closes issues:
- Some time sync related automated tests fail when run on a system whose system
clock is not in UTC (zerotracepen/zerotracepen#19070)
Commits:
- uses UTC time even on non-UTC systems
- Misc kernel hardening (zerotracepen/zerotracepen!899)
Closes issues:
- Kernel hardening: restricts loading TTY line disciplines (zerotracepen/zerotracepen#18302)
- Enable page allocator freelist randomization (zerotracepen/zerotracepen#18886)
- Consider dropping slub_debug=P and page_poison=1 options and let init_on_free
wipe slab and page allocations (zerotracepen/zerotracepen#18858)
Commits:
- Kernel hardening: restricts loading TTY line disciplines
- Kernel: enable page allocator freelist randomization
- Remove obsolete kernel command line options
- Actually stop NetworkManager before applying an upgrade (zerotracepen/zerotracepen!896)
Commits:
- Remove obsolete comment
- Use systemctl(1) instead of service(8)
- Actually stop NetworkManager before applying an upgrade
- Test suite: fix Unsafe Browser localization tests (zerotracepen/zerotracepen!867)
Commits:
- testing unsafebrowser is more deterministic
- add spanish start page image for unsafe browser
- add portuguese start page image for unsafe browser
- debug unsafe browser errors