David Fifield authored Apr 04, 2018 and boklm committed Apr 04, 2018

This makes it consistent with the setup of gcc and macosx-toolchain.

This reverts commit b8bae588, reversing
changes made to 42720c51.

It turns out this binutils update is causing non-reproducible outomces.
We need to investigate those further in #16472.

David Fifield authored Mar 20, 2018 and Georg Koppen committed Mar 22, 2018

Commit 42720c51 fixed a memory/file
descriptor leak in snowflake-client. Further work on ticket #21312
uncovered crashes in the snowflake WebRTC server and proxy (comments 29
and following). While we didn't observe the same kind of crashes in
snowflake-client, this revision applies the same synchronization around
WebRTC channel destruction as in the server and proxy.

Firefox version bump to pick up Pwn2Own fix

Changelog update and versions bump

Remove support for precise and utopic.

This new https-everywhere version requires python 3.6, so we are now
building it in a buster container instead of wheezy.

0.0.7 has long been out and OnionShare needs its meek_lite feature
for macOS. Let's update to this latest stable obfs4 version then.

Thanks to arma for catching this.

Thanks to arma for catching this.

Changelog update and versions bump

Richard Pospesel authored Jan 18, 2018 and Georg Koppen committed Feb 21, 2018

After much debugging and investigation, it seems that the required
information needed to drive the first-party domain cannot be accessed in
the XmlHttpRequest creation path.  The JS context the part of pdf.js making
the range requests runs with does not have a reference to parent window and
associated LoadInfo information (which includes the requesting first-party
domain).

To fix the issue, we can easily disable support for range-based requests
via the pdfjs.disableRange property.  However, the side-effect here is
that pages can not be read as they load; the entire pdf must be
downloaded before it can be read and interacted with.

This patch updates each platforms extension-overrides.js to change this
pref.

We need to whitelist `[System+Principal]` for functioning settings
frames of WebExtensions on the about:addons page. On higher security
slider levels this is broken otherwise.

To quote Giorgio Maone (see: #25000 comment:14):

"The Tor Browser enforces permissions cascading, and in the Add-ons
Options window the top frame is about:addons, whose principal's origin
is [System+Principal]. Since this origin is omitted from Tor Browser's
version of NoScript mandatory whitelist, the top site by default is
considered forbidden, cascading down script blocking to the
WebExtension's subframe."

Kathleen Brade authored Feb 15, 2018 and boklm committed Feb 16, 2018

Tor Launcher's Moat client implementation uses Mozilla's Subprocess.jsm
module to start the meek client, and that module requires a complete
file path including the .exe suffix. For consistency, we now include
the .exe suffix everywhere.

Add a tbb_version.json file containing informations about the installed
bundle.