[Pkg-anonymity-tools] Bug#775921: unblock: torbrowser-launcher/0.1.8-1 (pre-approval)
Holger Levsen
holger at layer-acht.org
Wed Jan 21 15:16:23 UTC 2015
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: unblock
x-debbugs-cc: pkg-anonymity-tools at lists.alioth.debian.org
Hi,
this is a pre-approval unblock request to upload a new upstream verion of
torbrowser-launcher to fix a serious and an important bug in jessie. The new
upstream release contains one other meaningful change which is the last
hunk in the diff below (that's to "fix opening links in TBB if one originally
opened TBB without clicking a link, aka just started it.)
debian/changelog:
* New upstream version:
* featuring new signing key. (Closes: #775871)
* handle new TBB alpha and beta versioning. (Closes: #775891)
The upstream changelog:
## 0.1.8
* Added new Tor Browser signing key
* Fixed removing alpha/beta code due to change in RecommendedTBBVersions syntax
* Fixed opening links in TBB if you originally opened TBB without clicking a link
debdiff torbrowser-launcher_0.1.7-1.dsc torbrowser-launcher_0.1.8-1.dsc | filterdiff -x "*.asc"
sid matrix:~/Projects/torbrowser-launcher$ debdiff torbrowser-launcher_0.1.7-1.dsc torbrowser-launcher_0.1.8-1.dsc | filterdiff -x "*.asc"
dpkg-source: Warnung: unsigniertes Quellpaket wird extrahiert (/home/holgi/Projects/torbrowser-launcher/torbrowser-launcher_0.1.8-1.dsc)
diff -Nru torbrowser-launcher-0.1.7/CHANGELOG.md torbrowser-launcher-0.1.8/CHANGELOG.md
--- torbrowser-launcher-0.1.7/CHANGELOG.md 2014-12-02 18:05:10.000000000 +0000
+++ torbrowser-launcher-0.1.8/CHANGELOG.md 2015-01-21 14:55:03.000000000 +0000
@@ -1,5 +1,12 @@
# Tor Browser Launcher Changelog
+## 0.1.8
+
+* Added new Tor Browser signing key
+* Fixed removing alpha/beta code due to change in RecommendedTBBVersions syntax
+* Fixed opening links in TBB if you originally opened TBB without clicking a link
+
+
## 0.1.7
* You can now pass URLs into TBL, and set it as your default browser
diff -Nru torbrowser-launcher-0.1.7/debian/changelog torbrowser-launcher-0.1.8/debian/changelog
--- torbrowser-launcher-0.1.7/debian/changelog 2014-12-03 22:46:14.000000000 +0000
+++ torbrowser-launcher-0.1.8/debian/changelog 2015-01-21 15:01:13.000000000 +0000
@@ -1,3 +1,11 @@
+torbrowser-launcher (0.1.8-1) unstable; urgency=medium
+
+ * New upstream version:
+ * featuring new signing key. (Closes: #775871)
+ * handle new TBB alpha and beta versioning. (Closes: #775891)
+
+ -- Ulrike Uhlig <u at 451f.org> Tue, 20 Jan 2015 23:30:27 +0100
+
torbrowser-launcher (0.1.7-1) unstable; urgency=medium
[ Ulrike Uhlig ]
diff -Nru torbrowser-launcher-0.1.7/MANIFEST.in torbrowser-launcher-0.1.8/MANIFEST.in
--- torbrowser-launcher-0.1.7/MANIFEST.in 2014-10-26 14:44:19.000000000 +0000
+++ torbrowser-launcher-0.1.8/MANIFEST.in 1970-01-01 00:00:00.000000000 +0000
@@ -1,6 +0,0 @@
-include locale/*
-include img/*
-include keys/*
-include torbrowser.desktop
-include verify.sh
-include mirrors.txt
diff -Nru torbrowser-launcher-0.1.7/share/torbrowser-launcher/tor-browser-developers.asc torbrowser-launcher-0.1.8/share/torbrowser-launcher/tor-browser-developers.asc
diff -Nru torbrowser-launcher-0.1.7/share/torbrowser-launcher/version torbrowser-launcher-0.1.8/share/torbrowser-launcher/version
--- torbrowser-launcher-0.1.7/share/torbrowser-launcher/version 2014-12-02 18:05:10.000000000 +0000
+++ torbrowser-launcher-0.1.8/share/torbrowser-launcher/version 2015-01-21 14:55:03.000000000 +0000
@@ -1 +1 @@
-0.1.7
+0.1.8
diff -Nru torbrowser-launcher-0.1.7/torbrowser_launcher/common.py torbrowser-launcher-0.1.8/torbrowser_launcher/common.py
--- torbrowser-launcher-0.1.7/torbrowser_launcher/common.py 2014-12-02 18:05:10.000000000 +0000
+++ torbrowser-launcher-0.1.8/torbrowser_launcher/common.py 2015-01-21 14:55:03.000000000 +0000
@@ -134,7 +134,7 @@
'tbl_bin': sys.argv[0],
'icon_file': os.path.join(os.path.dirname(SHARE), 'pixmaps/torbrowser80.xpm'),
'torproject_pem': os.path.join(SHARE, 'torproject.pem'),
- 'erinn_key': os.path.join(SHARE, 'erinn.asc'),
+ 'signing_keys': [os.path.join(SHARE, 'erinn.asc'), os.path.join(SHARE, 'tor-browser-developers.asc')],
'mirrors_txt': [os.path.join(SHARE, 'mirrors.txt'),
tbb_config+'/mirrors.txt'],
'modem_sound': os.path.join(SHARE, 'modem.ogg'),
@@ -175,16 +175,14 @@
# import gpg keys
def import_keys(self):
print _('Importing keys')
- subprocess.Popen(['/usr/bin/gpg', '--homedir', self.paths['gnupg_homedir'], '--import', self.paths['erinn_key']]).wait()
+ for key in self.paths['signing_keys']:
+ subprocess.Popen(['/usr/bin/gpg', '--homedir', self.paths['gnupg_homedir'], '--import', key]).wait()
# load mirrors
def load_mirrors(self):
self.mirrors = []
for srcfile in self.paths['mirrors_txt']:
- if os.path.exists(srcfile):
- print "Successfully loaded mirrors from %s" % srcfile
- elif not os.path.exists(srcfile):
- print "Warning: can't load mirrors from %s" % srcfile
+ if not os.path.exists(srcfile):
continue
for mirror in open(srcfile, 'r').readlines():
if mirror.strip() not in self.mirrors:
diff -Nru torbrowser-launcher-0.1.7/torbrowser_launcher/launcher.py torbrowser-launcher-0.1.8/torbrowser_launcher/launcher.py
--- torbrowser-launcher-0.1.7/torbrowser_launcher/launcher.py 2014-12-02 18:05:10.000000000 +0000
+++ torbrowser-launcher-0.1.8/torbrowser_launcher/launcher.py 2015-01-21 14:55:03.000000000 +0000
@@ -26,7 +26,7 @@
OTHER DEALINGS IN THE SOFTWARE.
"""
-import os, subprocess, time, json, tarfile, hashlib, lzma, threading
+import os, subprocess, time, json, tarfile, hashlib, lzma, threading, re
from twisted.internet import reactor
from twisted.web.client import Agent, RedirectAgent, ResponseDone, ResponseFailed
from twisted.web.http_headers import Headers
@@ -513,7 +513,7 @@
stable = []
# remove alphas/betas
for version in versions:
- if '-alpha-' not in version and '-beta-' not in version:
+ if not re.search(r'a\d-Linux', version) and not re.search(r'b\d-Linux', version):
stable.append(version)
if len(stable):
latest = stable.pop()
@@ -634,10 +634,7 @@
gtk.main_iteration_do(True)
# run Tor Browser
- if len(self.url_list) == 0:
- subprocess.call([self.common.paths['tbb']['start']])
- else:
- subprocess.call([self.common.paths['tbb']['start'], '-allow-remote'] + self.url_list)
+ subprocess.call([self.common.paths['tbb']['start'], '-allow-remote'] + self.url_list)
if run_next_task:
self.run_task()
The alternative would obviously to just cherry-pick all other commits except
de13483 and upload that... but I think this last hunk is safe and meaningful,
so I would prefer to go with 0.1.8-1.
cheers,
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.alioth.debian.org/mailman/private/pkg-anonymity-tools/attachments/20150121/263990a0/attachment.sig>
More information about the Pkg-anonymity-tools
mailing list