Mullvad Browser 14.5a5 - March 21 2025 * All Platforms * Updated uBlock Origin to 1.63.0 * Bug 412: Link the release page in the about dialog and clean brand-related preferences [mullvad-browser] * Bug 41051: Replace Noto Sans Myanmar with Pyidaungsu [tor-browser] * Bug 41755: Show the link to about:support in the help menu [tor-browser] * Bug 42670: Letterboxing visible even if disable with tiled window managers [tor-browser] * Build System * All Platforms * Bug 41394: Fix upload-update_responses-to-staticiforme for mullvadbrowser [tor-browser-build] * Bug 41401: Replace Noto Sans Myanmar with Pyidaungsu [tor-browser-build] * Linux * Bug 41397: Building mullvad-browser no longer generates .deb or .rpm packages [tor-browser-build] Mullvad Browser 14.5a4 - March 12 2025 * All Platforms * Updated Firefox to 128.8.0esr * Bug 393: Rebase Mullvad Browser Alpha onto 128.8.0esr [mullvad-browser] * Bug 395: Set Mullvad Leta as default search engine [mullvad-browser] * Bug 404: Incorrect information in `about:rights` [mullvad-browser] * Bug 43205: newwin / letterboxing rounding with subpixels is off [tor-browser] * Bug 43551: Backport Mozilla Bug 1924070 - modify H.264 extradata to match sample conversion code.... [tor-browser] * Linux * Bug 394: Missing package when try to install Mullvad Browser in Debian Trixie [mullvad-browser] * Bug 30970: Different window borders in XFCE can lead to different, not rounded window sizes [tor-browser] * Build System * All Platforms * Bug 40799: Remove legacy locale iteration in build and signing scripts [tor-browser-build] * Bug 41040: Add configuration to rbm.conf to select channel and platforms [tor-browser-build] * Bug 41363: Change update-response generation script to create one commit per OS+arch tuple [tor-browser-build] * Bug 41374: Remove support for migrate_archs and migrate_langs in update_responses [tor-browser-build] * Bug 41380: Update kick-devmole script to use Mullvad's new GitHub action [tor-browser-build] * Bug 41381: Usability improvements for the browser commit tagging script [tor-browser-build] * Bug 41382: Replace gitlab templates ReleasePrep label references with Apps::Type::ReleasePreparation [tor-browser-build] * Bug 41383: Add clairehurst to list of accepted firefox/geckoview signers [tor-browser-build] * Bug 41389: Remove need to update set-config.tbb-version [tor-browser-build] * Bug 40082: With `fetch: if_needed`, rbm is doing a git fetch when it shouldn't, when using a fixed commit [rbm] Mullvad Browser 14.5a3 - February 10 2025 * All Platforms * Updated Firefox to 128.7.0esr * Updated uBlock Origin to 1.62.0 * Bug 312: Apply Alpha and Nightly branding to unstable release channels [mullvad-browser] * Bug 324: Figure out how to handle string differences between mullvad release and mullvad tip [mullvad-browser] * Bug 41065: navigator.storage "best effort" + "persistent" leak partitionSize/totalSpace entropy [tor-browser] * Bug 43308: Only allow "about:" pages to have access to contentaccessible branding assets [tor-browser] * Bug 43323: Expose a stable asset from chrome:// to identify Tor, Base, and Mullvad Browser [tor-browser] * Bug 43386: Extension requests expose Firefox's minor version and custom app name [tor-browser] * Bug 43451: Backport security fixes from Firefox 135 [tor-browser] * Windows * Bug 43402: set browser.startup.blankWindow false [tor-browser] * macOS * Bug 43468: ScreenCaptureKit framework should be a weak link [tor-browser] * Linux * Bug 41297: Add video codecs dependencies (recommends) on the Debian package [tor-browser-build] * Build System * All Platforms * Bug 41281: Better dev defaults for fetch variable [tor-browser-build] * Bug 41324: Improve build signing ergonomics [tor-browser-build] * Bug 41358: Update sign-tag script to handle rapid-release nightly branches [tor-browser-build] * Bug 40079: Make `fetch: if_needed` fetch existing branches [rbm] * macOS * Bug 41350: Increase timeout in rcodesign-notary-submit [tor-browser-build] Mullvad Browser 14.5a2 - January 14 2025 * All Platforms * Updated Firefox to 128.6.0esr * Updated NoScript to 12.1.1 * Bug 389: Rebase Mullvad Browser alpha onto 128.6.0esr [mullvad-browser] * Bug 43176: noscript-marker CSP warnings in the console [tor-browser] * Bug 43269: NoScript localization issue [tor-browser] * Bug 43282: Unable to click/tap/select anything adjacent the WebGL placeholders [tor-browser] * Bug 43296: NoScript-blocked video content placeholder is not centered [tor-browser] * Bug 43334: Developer Tools lacks data for Responsive Design Mode and Compatibility [tor-browser] * Bug 43338: Custom zoom + "Zoom text only" breaks pdfjs [tor-browser] * Bug 43340: Support linux-aarch64 dev builds [tor-browser] * Bug 43352: Failing connection attempts to multicast IPv6 ff00:::443 logged during NoScript updates [tor-browser] * Bug 43366: Do not use system accent color in inputs [tor-browser] * Bug 43384: Backport security fixes from Firefox 134 [tor-browser] * Linux * Bug 43236: High refresh rate detectable by websites when Wayland (MOZ_ENABLE_WAYLAND=1) is used [tor-browser] * Bug 43330: System fonts leak when emptying the allow list on Linux [tor-browser] * Bug 41311: AppArmor profile fails on Debian stable [tor-browser-build] * Build System * All Platforms * Bug 43373: Do not run all CI jobs for scheduled jobs. [tor-browser] * Bug 41340: Update kick_devmole_build script with Mullvad's new GitHub workflow endpoint [tor-browser-build] * Bug 41343: Add signing step to clean some files such as test artifacts [tor-browser-build] * Bug 40081: Support apt option for not installing recommended dependencies [rbm] * Windows + macOS * Bug 41349: Wrong copyright year makes build non-reproducible [tor-browser-build] * macOS * Bug 41325: Newer versions of 7z fail to extract our dmg files because of the /Applications symlink [tor-browser-build] * Bug 41327: Print more logs when make_full_update.sh failed to generate mar file in dmg2mar [tor-browser-build] * Linux * Bug 41329: Do not install python2.7-minimal in the linux-aarch64 firefox container [tor-browser-build] * Bug 41331: Make update_responses find linux-aarch64 mar files [tor-browser-build] * Bug 41335: linux-package project is not getting the channel target in testbuilds [tor-browser-build] Mullvad Browser 14.5a1 - November 25 2024 * All Platforms * Updated Firefox to 128.5.0esr * Updated NoScript to 11.5.2 * Updated Mullvad Browser Extension to 0.9.3 * Updated uBlock Origin to 1.61.2 * Bug 383: Rebase MB alpha onto 128.5.0esr [mullvad-browser] * Bug 32668: NoScript default whitelist re-appears on clicking NoScript Options / Reset [tor-browser] * Bug 42125: lock RFP part 2 [tor-browser] * Bug 42739: Fix localization in the profile error dialog [tor-browser] * Bug 43257: NoScript-blocked content placeholders causing slow downs [tor-browser] * Bug 43258: NoScript Lifecycle error on extension updates [tor-browser] * Bug 43313: Backport security fixes from Firefox 133 [tor-browser] * macOS * Bug 43165: Disable Microsoft SSO on macOS [MozBug 1768724] [tor-browser] * Linux * Bug 41799: Make lack of fonts.conf less of a footgun [tor-browser] * Bug 43140: Ship our FontConfig configuration with the browser [tor-browser] * Bug 41298: Remove `--detach` parameter from .desktop files [tor-browser-build] * Bug 41312: Remove comment in start-browser about --class and --name parameters [tor-browser-build] * Bug 41313: Show waiting cursor while app opens [tor-browser-build] * Build System * All Platforms * Bug 43295: Update MR templates [tor-browser] * Bug 40996: Do not version the .nobackup files [tor-browser-build] * Bug 41284: Update relprep.py script to not synchronise changelogs between channels [tor-browser-build] * Bug 41288: Use exec_noco option when using exec [tor-browser-build] * Bug 41300: Add bea, clairehurst, and jwilde to tb_builders [tor-browser-build] * Bug 41304: Add a browser commit tag+signing script [tor-browser-build] * Bug 41306: Container dependencies are sorted before resolving templates [tor-browser-build] * Bug 41307: Container dependencies are not filtered for duplicates [tor-browser-build] * Bug 41315: Fix the Mullvad Extension update in relprep.py [tor-browser-build] * Bug 41321: Update PieroV's expired keys [tor-browser-build] * Bug 40006: Add option to avoid doing a git checkout when using the exec template function [rbm] * Linux * Bug 41266: Build the Tor and Mullvad Browsers for aarch64 Linux [tor-browser-build] Mullvad Browser 14.0a9 - October 08 2024 * All Platforms * Bug 43197: Disable automatic exception for HTTPS-First [tor-browser] * Bug 43201: Security fixes from Firefox 131.0.2 [tor-browser] * Build System * Bug 41260: Don't set legacy version for Mullvad Browser [tor-browser-build] Mullvad Browser 13.5.7 - October 08 2024 * All Platforms * Updated uBlock Origin to 1.60.0 * Bug 361: SSL_ERROR_NO_CYPHER_OVERLAP on some Brazilian government websites [mullvad-browser] * Bug 43201: Security fixes from Firefox 131.0.2 [tor-browser] Mullvad Browser 14.0a8 - October 07 2024 * All Platforms * Updated uBlock Origin to 1.60.0 * Bug 349: Tidy up mullvad Fluent files [mullvad-browser] * Bug 30543: compat: make spoofed orientation reflect spoofed screen dimensions [1607032 + 1918202] [tor-browser] * Bug 42054: ESR128: investigate - thorin's list [tor-browser] * Bug 43164: Prevent search-bar from being auto-hidden when not used for awhile [tor-browser] * Bug 43169: compat: align userAgent in navigator + HTTP Header [tor-browser] * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] * Bug 43178: Audit fingerprinting overrides (MozBug 1834274) [tor-browser] * Build System * All Platforms * Bug 43157: Move tb-dev to base-browser [tor-browser] * Bug 41256: tools/signing/upload-update_responses-to-staticiforme should regenerate update-responses when it already exists [tor-browser-build] * Bug 41259: Skip versions which don't set incremental_from when generating incrementals [tor-browser-build] Mullvad Browser 13.5.6 - September 30 2024 * All Platforms * Updated Firefox to 115.16.0esr * Updated NoScript to 11.4.40 * Bug 356: Rebase Mullvad Browser Release onto Firefox 115.16.0esr [mullvad-browser] * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] * Bug 43173: Backport security fixes from Firefox 131 [tor-browser] * Linux * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] * Build System * macOS * Bug 41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh [tor-browser-build] Mullvad Browser 14.0a7 - September 27 2024 * All Platforms * Updated Firefox to 128.3.0esr * Updated NoScript to 11.4.40 * Bug 355: Rebase Mullvad Browser Alpha onto Firefox 128.3.0esr [mullvad-browser] * Bug 42070: Backport Bugzilla 1834307 and hide smooth-scroll UX [tor-browser] * Bug 42362: "New window" missing from File menu [tor-browser] * Bug 42742: Inconsistent use of "New private window" vs "New window" [tor-browser] * Bug 42832: Download spam prevention should not affect browser extensions [tor-browser] * Bug 43163: Disable offscreen canvas until verified it is not fingerprintable [tor-browser] * Bug 41248: Check and update bundled font versions [tor-browser-build] * Build System * All Platforms * Bug 41236: Remove binutils when not needed [tor-browser-build] Mullvad Browser 14.0a6 - September 19 2024 * All Platforms * Bug 344: set media.navigator.enabled = true [mullvad-browser] * Bug 42718: Remove the firefox-view button from UI, even when always-on private-browsing mode is disabled [tor-browser] * Bug 42740: Stop trying to hide "Restore previous session" [tor-browser] * Bug 42831: Remove the shopping components [tor-browser] * Bug 43072: moz-message-bar does not get announced on Orca screen-reader [tor-browser] * Bug 43083: Backport fix for Mozilla 1436462 [tor-browser] * Bug 43144: Ensure non-privacy browsing also sets the GPC header [tor-browser] * Linux * Bug 43141: Hardcode Arimo as a system-ui font [tor-browser] * Bug 41237: Add some aliases to our Linux font config for compatibility [tor-browser-build] Mullvad Browser 14.0a5 - September 12 2024 * All Platforms * Updated NoScript to 11.4.37 * Bug 328: Provide search engine icons [mullvad-browser] * Bug 42255: pdfjs.disabled used to be part of RFP until Bug 1838415; lock pref to false in stable [tor-browser] * Bug 42647: "Switching to a new device" regressed on 128 [tor-browser] * Bug 42653: The Neterror page has a checkbox to report iframe origin errors to TPO [tor-browser] * Bug 42777: Remove 'Website Privacy Preferences' and ensure sensible default prefs [tor-browser] * Bug 43046: Review Mozilla 1866927: Adds ability to enable email tracker blocking protection in private mode [tor-browser] * Bug 43054: check bounceTrackingProtection in PB mode does not persist to disk [tor-browser] * Bug 43109: Remove mention of Firefox Relay from settings [tor-browser] * Bug 43117: Hide 'Always underline links' option [tor-browser] * Linux * Bug 334: When set as default browser on Linux in standard mode, links don't open correctly [mullvad-browser] * Build System * macOS * Bug 41231: Use var/browser_release_date in tools/signing/gatekeeper-bundling.sh [tor-browser-build] Mullvad Browser 14.0a4 - September 06 2024 * All Platforms * Updated NoScript to 11.4.35 * Bug 329: Remove the Security Levels icon from the toolbar [mullvad-browser] * Bug 30862: 10ms time precision via EXSLT date-time function [tor-browser] * Bug 40147: Re-enable Picture-in-Picture mode [tor-browser] * Bug 41309: Re-enable screenshots component [tor-browser] * Bug 42601: Check Bug 1894779: Allow font-face urls to be resource:// urls and relax CORS for resource:// URLs [tor-browser] * Bug 42617: Restore the HTML form on DDG when using safest in 128 [tor-browser] * Bug 42630: Review LaterRun in 128 [tor-browser] * Bug 42640: Disable Firefox Flame button due to unknown interactions with New Identity [tor-browser] * Bug 42684: Disable network prefetch [tor-browser] * Bug 42685: compat: ESR128: enable textmetrics [tor-browser] * Bug 42686: Backport Mozilla 1885101 [tor-browser] * Bug 42730: Make RemoteSettings use only local dumps [tor-browser] * Bug 42735: Disable recent search suggestions [tor-browser] * Bug 42745: Remove some residuals from update scripts [tor-browser] * Bug 42764: Unconditionally disable find-bar transition animation [tor-browser] * Bug 42867: Disable contentRelevancy component [tor-browser] * Bug 43100: Backport security fixes from Firefox 130 [tor-browser] * Bug 43103: Verify whether an update is unsupported before choosing one [tor-browser] * macOS * Bug 42494: mac: add Arial Black and Arial Narrow to allowlist [tor-browser] * Linux * Bug 42773: Replace ~ with the original HOME [tor-browser] * Bug 43092: Disable Wayland by default in 14.0 [tor-browser] * Build System * All Platforms * Bug 41096: Set SOURCE_DATE_EPOCH in the default env variables [tor-browser-build] * Bug 41188: Upgrade binutils to 2.41 [tor-browser-build] Mullvad Browser 13.5.3 - September 03 2024 * All Platforms * Updated Firefox to 115.15.0esr * Updated NoScript to 11.4.35 * Bug 332: Rebase Mullvad Browser Stable onto 115.15.0esr [mullvad-browser] * Bug 40056: Ensure that the lazy loading attribute is ignored on script-disabled documents [tor-browser] * Bug 42686: Backport Mozilla 1885101 [tor-browser] * Bug 42829: Prevent CSS-based scriptless interaction tracking [tor-browser] * Bug 43100: Backport security fixes from Firefox 130 [tor-browser] * Linux * Bug 43064: Make copy/paste and drag/drop file filtering more specific [tor-browser] * Build System * All Platforms * Bug 41218: Use new Tor Browser gpg subkey for signing stable releases [tor-browser-build] * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build] Mullvad Browser 14.0a3 - August 26 2024 * All Platforms * Updated Firefox to 128.2.0esr * Bug 333: Rebase Mullvad Browser Alpha onto 128.2.0esr [mullvad-browser] * Bug 40056: Ensure that the lazy loading attribute is ignored on script-disabled documents [tor-browser] * Bug 41817: Add more color aliases that take dark mode into account [tor-browser] * Bug 42603: Remove safebrowsing URLs [tor-browser] * Bug 42611: Set clipboard.imageAsFile.enabled to false [tor-browser] * Bug 42646: Drop patch for tor-browser#40166 [tor-browser] * Bug 42665: Drop "Learn More" spacing [tor-browser] * Linux * Bug 43064: Make copy/paste and drag/drop file filtering more specific [tor-browser] * Build System * All Platforms * Bug 41013: Add a README to each project [tor-browser-build] * Bug 41222: link_old_mar_filenames still referenced in torbrowser-incrementals-{release,alpha}-unsigned [tor-browser-build] Mullvad Browser 14.0a2 - August 16 2024 * All Platforms * Updated Firefox to 128.1.0esr * Updated NoScript to 11.4.34 * Updated uBlock Origin to 1.59.0 * Bug 326: Rebase Mullvad Browser Alpha onto 128.1.0esr [mullvad-browser] * Bug 42596: Several console errors: Console.maxLogLevelPref used with a non-existing pref: [tor-browser] * Bug 42641: Move from panel-footer class to moz-button-group [tor-browser] * Bug 42644: toolbar rules in panelUI-shared.css are unneccessary [tor-browser] * Bug 42667: Add description-deemphasized class to our additions to about:preferences [tor-browser] * Bug 42679: Use a more robust approach to hide the "tracking protection" urlbar button [tor-browser] * Bug 42699: Drop level="top" attribute from panels [tor-browser] * Bug 42704: Drop the badged="true" attribute from security level button [tor-browser] * Bug 42705: Update our preferences to account for new line height [tor-browser] * Bug 42762: Review Mozilla 1498512: Enable by default setSinkId pref [tor-browser] * Bug 42788: Review Mozilla 1828606: Add Recently Closed tabs to its own page [tor-browser] * Bug 42789: Review Mozilla 1830157: Add new telemetry probe to determine how often an extension process had to be... [tor-browser] * Bug 42792: Review Mozilla 1837097: Implement "Show less frequently" behavior for Pocket suggestions [tor-browser] * Bug 42810: Review Mozilla 1840584: Support autofilling `first name` and `last name` field in a credit card form [tor-browser] * Bug 42814: Opt out from Firefox relay by default. [tor-browser] * Bug 42818: Review Mozilla 1841295: Update PocketSuggestions for the final suggestions schema [tor-browser] * Bug 42835: Filter data transfers containing files [tor-browser] * Bug 42846: Review Mozilla 1841995: Enable Credit Card Autofill in ES and IT in nightly [tor-browser] * Bug 42847: Review Mozilla 1841996: Enable Credit Card Autofill in AT, BE, and PL in nightly [tor-browser] * Bug 42848: Review Mozilla 1841998: Enable Credit Card Autofill for ES,IT,AT,BE and PL locales in release. r=dimi... [tor-browser] * Bug 42855: Review Mozilla 1843130: Pocket newtab use new recs api for locale list config if new api pref is set [tor-browser] * Bug 42862: Review Mozilla 1845428: Instrument Translations Panel With Telemetry [tor-browser] * Bug 42863: Review Mozilla 1847150: Add more TranslationsTelemetry event keys for panel open r=gregtatum, a=dsmith [tor-browser] * Bug 42864: Review Mozilla 1848845: Pocket newtab migrate existing markets to new API. r=gvn a=RyanVM [tor-browser] * Bug 42872: Disable translations until audited and solved the UX problems [tor-browser] * Bug 42886: Review Mozilla 1848048: Add a result menu to disable trending results. r=dao,fluent-reviewers,setting... [tor-browser] * Bug 42996: Review Mozilla 1517786: Implement and ship CanvasRenderingContext2D.getContextAttributes() [tor-browser] * Windows + macOS * Bug 42774: Review Mozilla 1848815: Add a user-facing setting to enable enterprise roots import, and enable it by default [tor-browser] * Bug 43021: Revert the OS deprecation notification introduced in #42347 [tor-browser] * Windows * Bug 43051: windows: remove UI for "open Tor Browser automatically when computer starts" [tor-browser] * Build System * All Platforms * Bug 42799: Do not run lint pipelines on new tag [tor-browser] * Bug 41204: NoScript isn't added automatically to Mullvad Browser changelogs [tor-browser-build] * Windows * Bug 41185: Drop Windows 7 support for 14.0 from build tools [tor-browser-build] * Bug 41201: Bump the Windows version checked by the installer [tor-browser-build] Mullvad Browser 13.5.2 - August 06 2024 * All Platforms * Updated Firefox to 115.14.0esr * Updated NoScript to 11.4.31 * Updated uBlock Origin to 1.59.0 * Bug 325: Rebase Mullvad Browser Stable onto 115.14.0esr [mullvad-browser] * Bug 42835: Filter data transfers containing files [tor-browser] * Bug 43005: Backport security fixes from Firefox 129 [tor-browser] * Build System * All Platforms * Bug 42470: Add merge request CI for linting [tor-browser] * Bug 40964: Create new Tor Browser gpg subkey [tor-browser-build] * Bug 41190: Add morgan.gpg to keyrings and list of valid keyrings in firefox+geckoview [tor-browser-build] * Bug 41191: Remove richard.gpg from keyrings and list of valid keyrings in firefox+geckoview [tor-browser-build] * Bug 41204: NoScript isn't added automatically to Mullvad Browser changelogs [tor-browser-build] Mullvad Browser 14.0a1 - July 24 2024 * All Platforms * Updated Firefox to 128.0esr * Bug 42441: Evaluate RR version-by-RR version rebases instead of ESR-to-ESR [tor-browser] * Bug 42683: Create script to generate issue triage csv's from bugzilla query and git scraping [tor-browser] * Bug 42687: Disable Privacy-Preserving Attribution [tor-browser] * Windows * Bug 320: Temporarily disable WebRTC and the default browser agent on Windows [mullvad-browser] * Linux * Bug 314: Mullvad Browser is not listed as a possible default browser application for Gnome on Ubuntu / Fedora [mullvad-browser] * Build System * All Platforms * Bug 42470: Add merge request CI for linting [tor-browser] * Bug 42722: clang-format and localization linters are not running [tor-browser] * Bug 40964: Create new Tor Browser gpg subkey [tor-browser-build] * Bug 41155: Update toolchains for ESR128 [tor-browser-build] * Bug 41156: Split the Rust configuration options [tor-browser-build] * Bug 41166: Use the GitHub repository for firefox-l10n [tor-browser-build] * Bug 41176: Update list of people with github commit access in MB issue templates [tor-browser-build] * Bug 41190: Add morgan.gpg to keyrings and list of valid keyrings in firefox+geckoview [tor-browser-build] * Bug 41191: Remove richard.gpg from keyrings and list of valid keyrings in firefox+geckoview [tor-browser-build] * Bug 40078: Update tools/tb-build-06-start-nightly-build after tor-browser-build#40829 [tor-browser-bundle-testsuite] * Windows * Bug 29318: Drop mingw-w64/gcc toolchain [tor-browser-build] * Bug 29320: Use mingw-w64/clang toolchain to build Rust [tor-browser-build] * Bug 41167: Stop generating an MB "portable" windows install and output a single build from 13.5 release [tor-browser-build] * Bug 41177: Include Windows installer without -portable- in download json files [tor-browser-build] * Linux * Bug 41173: Fix permission issue on files in the debian directory [tor-browser-build] * Windows + macOS * Bug 41197: Modify update-responses to prevent upgrades on unsupported Windows and macOS versions [tor-browser-build] Mullvad Browser 13.5.1 - July 09 2024 * All Platforms * Updated Firefox to 115.13.0esr * Bug 317: Rebase Mullvad Browser stable onto 115.13.0esr [mullvad-browser] * Bug 42693: Backports security fixes from Firefox 128 [tor-browser] * Linux * Bug 314: Mullvad Browser is not listed as a possible default browser application for Gnome on Ubuntu / Fedora [mullvad-browser] * Build System * All Platforms * Bug 41166: Use the GitHub repository for firefox-l10n [tor-browser-build] * Bug 41173: Fix permission issue on files in the debian directory [tor-browser-build] * Windows * Bug 41177: Include Windows installer without -portable- in download json files [tor-browser-build] Mullvad Browser 13.5 - June 17 2024 * All Platforms * Bug 222: Hide "List all tabs" when the tabs don't overflow [mullvad-browser] * Bug 234: Make User-Agent request header match RFP's navigator.userAgent [mullvad-browser] * Bug 241: Move network.proxy.failover_direct=false pref to base-browser [mullvad-browser] * Bug 256: Update nightly mar signing key [mullvad-browser] * Bug 262: Mouse-over long links causes the browser element to re-center relative to width of status tooltip [mullvad-browser] * Bug 284: Should we reflect the actual channel in about:debugging? [mullvad-browser] * Bug 289: The Letterboxing>Content Alignment heading doesn't follow the Firefox design document capitalization [mullvad-browser] * Bug 290: Add default bookmarks in the alpha channels for testing [mullvad-browser] * Bug 40919: Consider dropping protection against line-height introduced in #23104 [tor-browser] * Bug 41467: compat: beacon: re-enable the API but transform it to a no-op [tor-browser] * Bug 41916: Letterboxing preferences UI [tor-browser] * Bug 41917: Make the appearance of letterboxing look more intentional [tor-browser] * Bug 41918: Add option to reuse last window size when letterboxing is enabled [tor-browser] * Bug 41930: intl.accept_languages gets into a stuck modifed state [tor-browser] * Bug 42153: Drop dom.enable_resource_timing = false preference [tor-browser] * Bug 42172: browser.startup.homepage and TOR_DEFAULT_HOMEPAGE are ignored for the new window opened by New Identity [tor-browser] * Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only Show on New Tab" [tor-browser] * Bug 42211: Fluent migration: new identity [tor-browser] * Bug 42214: Fluent migration: security level [tor-browser] * Bug 42315: compat: why is eventCounts undefined? [tor-browser] * Bug 42387: Visual noise in 13.5a4 letterboxing [tor-browser] * Bug 42389: Betterboxing: gradient is never shown [tor-browser] * Bug 42390: Betterboxing: make the decorator border disappear when the corners are flat [tor-browser] * Bug 42397: Change RFP-spoofed Timezone from UTC to a real-world, less discriminable one [tor-browser] * Bug 42398: Include Alpha and Nightly in MOZ_APP_DISPLAYNAME (and possibly in other places) [tor-browser] * Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay [tor-browser] * Bug 42443: Shrink the window to match letterboxing size when the emtpy area is doble-clicked [tor-browser] * Bug 42490: Install svg from branding theme to browser/chrome/icons/default [tor-browser] * Bug 42500: When startup window is maximized per letterboxing.rememberSize on startup, the restore button shrinks it to its minimum size [tor-browser] * Bug 42519: Update the profile directory patch to check both for `system-install` and for `is-packaged-app` file [tor-browser] * Bug 42520: Correctly record new initial window size after auto-shrinking [tor-browser] * Bug 42529: Try not to spoof system-ui in contexts exempt from RFP [tor-browser] * Bug 42537: Move base-browser.ftl Fluent file from "browser" to "toolkit" [tor-browser] * Bug 42574: Exempt pdf.js from letterboxing [tor-browser] * Bug 42583: Modify moz-support-link [tor-browser] * Windows + macOS * Bug 41405: Win ≤8.1 and macOS ≤10.14 not supported in ESR 128 [tor-browser] * Bug 42347: Add a banner warning users about the upcoming EOL for Win ≤8.1 and macOS ≤10.14 [tor-browser] * Bug 42586: Add support link to OS deprecation message [tor-browser] * Windows * Bug 278: Create asset(s) for the Mullvad Browser installer [mullvad-browser] * Bug 305: Disable setting default browser on Windows [mullvad-browser] * Bug 41901: windows: FontSubstitutes can leak system locale [tor-browser] * Bug 41089: Add filetype association to the installer of Mullvad Browser [tor-browser-build] * macOS * Bug 40569: Create build-specific installer for macOS [tor-browser-build] * Linux * Bug 41136: Include *.deb in the list of files to gpg sign [tor-browser-build] * Bug 28: deb installation package for Linux [mullvad-browser] * Bug 29: rpm installation package for Linux [mullvad-browser] * Bug 295: Filepicker string chars are tofu for the .deb package in Ubuntu 22.04 / Debian 11 [mullvad-browser] * Bug 42438: Adapt the data import wizard to use the original $HOME on Linux [tor-browser] * Bug 41135: 13.5a7's start-tor-browser seems to break KeePassXC-Browser? [tor-browser-build] * Build System * All Platforms * Bug 282: Move `--disable-eme` to OS- and architecture-specific mozconfigs [mullvad-browser] * Bug 301: Deb package in the debian software installer is showing the License as "Proprietary" [mullvad-browser] * Bug 42337: Enable GeckoDriver for all desktop platforms [tor-browser] * Bug 42594: Update mach to work with python 3.12 [tor-browser] * Bug 40983: Bump the various branches to 13.5 on main [tor-browser-build] * Bug 41001: Create Release Prep MR generating script [tor-browser-build] * Bug 41031: Add command to unsign .mar files and compare with sha256sums-unsigned-build.txt [tor-browser-build] * Bug 41038: Add RPM dependencies to README [tor-browser-build] * Bug 41041: Sign mullvad-browser nightly updates [tor-browser-build] * Bug 41045: Dump more information about build times on Firefox [tor-browser-build] * Bug 41057: make fetch is not fetching mullvad repo [tor-browser-build] * Bug 41072: Set correct updater_url for Mullvad Browser nightly builds [tor-browser-build] * Bug 41081: Update detailsURL in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] * Bug 41088: Remove use of projects/browser/run_scripts [tor-browser-build] * Bug 41148: Update projects/browser/Bundle-Data/Docs/Licenses/NoScript.txt [tor-browser-build] * Bug 41153: Update README for Ubuntu 24.04 unprivileged user namespace changes [tor-browser-build] * Bug 41154: Update keyring/boklm.gpg for new subkeys [tor-browser-build] * Bug 41161: Explicitly fetch tags in the release preparation script [tor-browser-build] * Bug 40884: Script to automate uploading sha256s and signatures to location signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be [tor-browser-build] * Bug 40071: Add an option to create zip files using 7z [rbm] * Bug 40072: Move capture_exec to a separate module [rbm] * Bug 40073: We should remove ./ when using 7-zip for zip files [rbm] * Bug 40076: Correctly refresh file when computing input_files_id and a file is set as refresh_input [rbm] * Windows * Bug 200: Build system installer for Mullvad Browser on Windows [mullvad-browser] * Bug 40606: Use Clang to compile NSIS [tor-browser-build] * Bug 40900: Update NSIS to 3.09 [tor-browser-build] * Bug 41065: Do a cleanup of the NSIS script [tor-browser-build] * Bug 41076: Include the ShellLink plugin in NSIS [tor-browser-build] * Bug 41077: Draft the new installer for Mullvad Browser [tor-browser-build] * Bug 41084: $app_bundle is missing the final .app in projects/firefox/build [tor-browser-build] * Bug 41097: authenticode-timestamping.sh fails to run again because tmp-timestamp already exists [tor-browser-build] * Bug 41151: Explicitly initialize the plugin directory on the Windows installer [tor-browser-build] * Bug 41167: Stop generating an MB "portable" windows install [tor-browser-build] * macOS * Bug 40990: Remove old macos signing scripts [tor-browser-build] * Bug 41124: Since TB/MB 13.5a5 macos signed installers contain all .DS_Store [tor-browser-build] * Linux * Bug 42491: Add mozconfig-linux-aarch64 [tor-browser] * Bug 41046: Use the final path for Linux debug symbols [tor-browser-build] * Bug 41083: Make deb package for Mullvad Browser [tor-browser-build] * Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser [tor-browser-build] * Bug 41129: Make rpm package for Mullvad Browser [tor-browser-build] Mullvad Browser 13.0.16 - June 11th 2024 * All Platforms * Updated Firefox to 115.12.0esr * Updated uBlock Origin to 1.58.0 * Bug 310: Rebase Mullvad Browser Stable 13.0 onto 115.12.0esr [mullvad-browser] * Bug 42621: Backport security fixes from Firefox 127 [tor-browser] Mullvad Browser 13.5a9 - June 10 2024 * All Platforms * Updated Firefox to 115.12.0esr * Updated uBlock Origin to 1.58.0 * Bug 290: Add default bookmarks in the alpha channels for testing [mullvad-browser] * Bug 308: Rebase Mullvad Browser stable onto 115.12.0esr [mullvad-browser] * Bug 41467: compat: beacon: re-enable the API but transform it to a no-op [tor-browser] * Windows + macOS * Bug 42586: Add support link to OS deprecation message [tor-browser] * Linux * Bug 29: rpm installation package for Linux [mullvad-browser] * Build System * All Platforms * Bug 301: Deb package in the debian software installer is showing the License as "Proprietary" [mullvad-browser] * Bug 42594: Update mach to work with python 3.12 [tor-browser] * Bug 41153: Update README for Ubuntu 24.04 unprivileged user namespace changes [tor-browser-build] * Bug 41154: Update keyring/boklm.gpg for new subkeys [tor-browser-build] * Windows * Bug 41151: Explicitly initialize the plugin directory on the Windows installer [tor-browser-build] * Linux * Bug 41129: Make rpm package for Mullvad Browser [tor-browser-build] Mullvad Browser 13.5a8 - May 16 2024 * All Platforms * Updated Firefox to 115.11.0esr * Bug 222: Hide "List all tabs" when the tabs don't overflow [mullvad-browser] * Bug 241: Move network.proxy.failover_direct=false pref to base-browser [mullvad-browser] * Bug 284: Should we reflect the actual channel in about:debugging? [mullvad-browser] * Bug 290: Add default bookmarks in the alpha channels for testing [mullvad-browser] * Bug 297: Rebase Mullvad Browser alpha onto 115.11.0esr [mullvad-browser] * Bug 41930: intl.accept_languages gets into a stuck modifed state [tor-browser] * Bug 42391: IndexDB's private directory not removed on browser shutdown in global private browsing mode [tor-browser] * Bug 42405: Fix betterboxing + findbar horizontal bounce if the scrollbar is not an overlay [tor-browser] * Bug 42565: Backport Android and desktop security fixes from Firefox 126 [tor-browser] * Bug 42574: Exempt pdf.js from letterboxing [tor-browser] * Bug 42583: Modify moz-support-link [tor-browser] * Windows + macOS * Bug 41405: Win ≤8.1 and macOS ≤10.14 not supported in ESR 128 [tor-browser] * Bug 42347: Add a banner warning users about the upcoming EOL for Win ≤8.1 and macOS ≤10.14 [tor-browser] * Windows * Bug 278: Create asset(s) for the Mullvad Browser installer [mullvad-browser] * Linux * Bug 28: deb installation package for Linux [mullvad-browser] * Bug 295: Filepicker string chars are tofu for the .deb package in Ubuntu 22.04 / Debian 11 [mullvad-browser] * Bug 41135: 13.5a7's start-tor-browser seems to break KeePassXC-Browser? [tor-browser-build] * Bug 41136: Include *.deb in the list of files to gpg sign [tor-browser-build] * Build System * All Platforms * Bug 41001: Create Release Prep MR generating script [tor-browser-build] * Bug 41148: Update projects/browser/Bundle-Data/Docs/Licenses/NoScript.txt [tor-browser-build] * Bug 40076: Correctly refresh file when computing input_files_id and a file is set as refresh_input [rbm] * Windows * Bug 200: Build system installer for Mullvad Browser on Windows [mullvad-browser] Mullvad Browser 13.0.15 - May 15 2024 * All Platforms * Updated Firefox to 115.11.0esr * Bug 296: Rebase Mullvad Browser stable onto 115.10.0esr [mullvad-browser] * Bug 42391: IndexDB's private directory not removed on browser shutdown in global private browsing mode [tor-browser] * Bug 42532: Use the HomePage module for new identity checks [tor-browser] * Bug 42565: Backport Android and desktop security fixes from Firefox 126 [tor-browser] * Build System * All Platforms * Bug 41122: Add release date to rbm.conf [tor-browser-build] * macOS * Bug 42535: mac: app change to ja doesn't apply ja translations to most (all?) chrome [tor-browser] Mullvad Browser 13.5a7 - April 25 2024 * All Platforms * Updated Firefox to 115.10.0esr * Updated uBlock Origin to 1.57.2 * Bug 283: New identity complains about about:mullvad-browser [mullvad-browser] * Bug 289: The Letterboxing>Content Alignment heading doesn't follow the Firefox design document capitalization [mullvad-browser] * Bug 291: Rebase Mullvad Browser Alpha onto 115.10.0esr [mullvad-browser] * Bug 40919: Consider dropping protection against line-height introduced in #23104 [tor-browser] * Bug 42172: browser.startup.homepage and TOR_DEFAULT_HOMEPAGE are ignored for the new window opened by New Identity [tor-browser] * Bug 42192: Correctly round new windows when bookmarks toolbar is set to "Only Show on New Tab" [tor-browser] * Bug 42315: compat: why is eventCounts undefined? [tor-browser] * Bug 42490: Install svg from branding theme to browser/chrome/icons/default [tor-browser] * Bug 42500: When startup window is maximized per letterboxing.rememberSize on startup, the restore button shrinks it to its minimum size [tor-browser] * Bug 42520: Correctly record new initial window size after auto-shrinking [tor-browser] * Bug 42529: Try not to spoof system-ui in contexts exempt from RFP [tor-browser] * Bug 42532: Use the HomePage module for new identity checks [tor-browser] * Bug 42537: Move Fluent files from "browser" to "toolkit" [tor-browser] * Windows * Bug 41901: windows: FontSubstitutes can leak system locale [tor-browser] * Linux * Bug 41112: Fix indentation of projects/browser/RelativeLink/start-browser [tor-browser-build] * Build System * All Platforms * Bug 282: Move `--disable-eme` to OS- and architecture-specific mozconfigs [mullvad-browser] * Bug 42519: Update the profile directory patch to check both for `system-install` and for `is-packaged-app` file [tor-browser] * Bug 41122: Add release date to rbm.conf [tor-browser-build] * macOS * Bug 42535: mac: app change to ja doesn't apply ja translations to most (all?) chrome [tor-browser] * Bug 41124: Since TB/MB 13.5a5 macos signed installers contain all .DS_Store [tor-browser-build] * Linux * Bug 42491: Add mozconfig-linux-aarch64 [tor-browser] * Bug 41083: Make deb package for Mullvad Browser [tor-browser-build] Mullvad Browser 13.0.14 - April 16 2024 * All Platforms * Updated Firefox to 115.10.0esr * Updated uBlock Origin to 1.57.2 * Bug 271: After update, don't open the release page on Github. Instead link it in the startpage, like in Tor Browser [mullvad-browser] * Bug 283: New identity complains about about:mullvad-browser [mullvad-browser] * Bug 285: Rebase Mullvad Browser stable onto 115.10.0esr [mullvad-browser] * Bug 41676: Set privacy.resistFingerprinting.testing.setTZtoUTC as a defense-in-depth [tor-browser] * Bug 42236: Let users decide whether to load their home page on new identity. [tor-browser] * Bug 42335: Do not localize the order of locales for app lang [tor-browser] * Bug 42428: Timezone offset leak via document.lastModified [tor-browser] * Bug 42468: App languages not sorted correctly in stable [tor-browser] * Bug 42472: Timezone May leak from XSLT Date function [tor-browser] * Linux * Bug 41110: Avoid Fontconfig warning about "ambiguous path" [tor-browser-build] Mullvad Browser 13.5a6 - March 28 2024 * All Platforms * Updated Firefox to 115.9.0esr * Updated mullvad-browser-extension to 0.9.0 * Bug 234: Make User-Agent request header match RFP's navigator.userAgent [mullvad-browser] * Bug 271: After update, don't open the release page on Github. Instead link it in the startpage, like in Tor Browser [mullvad-browser] * Bug 274: Rebase Mullvad Browser alpha onto Firefox 115.9.0esr [mullvad-browser] * Bug 41676: Set privacy.resistFingerprinting.testing.setTZtoUTC as a defense-in-depth [tor-browser] * Bug 41916: Letterboxing preferences UI [tor-browser] * Bug 41918: Add option to reuse last window size when letterboxing is enabled [tor-browser] * Bug 42211: Fluent migration: new identity [tor-browser] * Bug 42214: Fluent migration: security level [tor-browser] * Bug 42236: Let users decide whether to load their home page on new identity. [tor-browser] * Bug 42428: Timezone offset leak via document.lastModified [tor-browser] * Bug 42443: Shrink the window to match letterboxing size when the emtpy area is doble-clicked [tor-browser] * Bug 42472: Timezone May leak from XSLT Date function [tor-browser] * Bug 42473: ESR 115.9.1 fixes [tor-browser] * Windows * Bug 80: Make 'Mullvad your default browser' does not work on Windows [mullvad-browser] * Bug 42377: Hidden fonts are automatically added to the allow list [tor-browser] * Bug 41089: Add filetype association to the installer of Mullvad Browser [tor-browser-build] * Linux * Bug 42438: Adapt the data import wizard to use the original $HOME on Linux [tor-browser] * Bug 41110: Avoid Fontconfig warning about "ambiguous path" [tor-browser-build] * Build System * All Platforms * Bug 41088: Remove use of projects/browser/run_scripts [tor-browser-build] * Bug 41102: src archive does not match likely due to mismatched xz-utils version [tor-browser-build] * Bug 40073: We should remove ./ when using 7-zip for zip files [rbm] * Windows * Bug 41097: authenticode-timestamping.sh fails to run again because tmp-timestamp already exists [tor-browser-build] Mullvad Browser 13.0.13 - March 22 2024 * Windows + macOS + Linux * Updated Firefox to 115.9.1esr * Bug 42473: ESR 115.9.1 fixes [tor-browser] * Bug 277: Rebase Mullvad Browser stable onto Firefox 115.9.1esr [mullvad-browser] Mullvad Browser 13.0.12 - March 19 2024 * All Platforms * Updated Firefox to 115.9.0esr * Updated mullvad-browser-extension to 0.9.0 * Updated uBlock Origin to 1.56.0 * Bug 270: Mullvad support email has changed from `support@mullvad.net` to `support@mullvadvpn.net` [mullvad-browser] * Bug 273: Rebase Mullvad Browser stable onto Firefox 115.9.0esr [mullvad-browser] * Bug 42376: The placeholder of datetime inputs keeps being localized when spoof English is on [tor-browser] * Bug 42378: spoof english + htmlform
can leak app language [tor-browser] * Windows * Bug 42377: Hidden fonts are automatically added to the allow list [tor-browser] * Build System * All Platforms * Bug 41085: kick_devmole_build script prints wrong URL for Mullvad's build hashes [tor-browser-build] * Bug 41097: authenticode-timestamping.sh fails to run again because tmp-timestamp already exists [tor-browser-build] * Bug 41102: src archive does not match likely due to mismatched xz-utils version [tor-browser-build] Mullvad Browser 13.5a5 - February 27 2024 * All Platforms * Updated Firefox to 115.8.0esr * Updated uBlock Origin to 1.56.0 * Updated mullvad-browser-extension to 0.8.5 * Bug 262: Mouse-over long links causes the browser element to re-center relative to width of status tooltip [mullvad-browser] * Bug 268: Rebase Mullvad Browser Alpha onto 115.8.0esr [mullvad-browser] * Bug 42376: The placeholder of datetime inputs keeps being localized when spoof English is on [tor-browser] * Bug 42378: spoof english + htmlform
can leak app language [tor-browser] * Bug 42387: Visual noise in 13.5a4 letterboxing [tor-browser] * Bug 42389: Betterboxing: gradient is never shown [tor-browser] * Bug 42390: Betterboxing: make the decorator border disappear when the corners are flat [tor-browser] * Bug 42397: Change RFP-spoofed Timezone from UTC to a real-world, less discriminable one [tor-browser] * Bug 42398: Include Alpha and Nightly in MOZ_APP_DISPLAYNAME (and possibly in other places) [tor-browser] * Bug 42423: Move temporary Lox Fluent strings to new file [tor-browser] * macOS * Bug 40569: Create build-specific installer for macOS [tor-browser-build] * Build System * All Platforms * Bug 41038: Add RPM dependencies to README [tor-browser-build] * Bug 41067: Use Capture::Tiny instead of IO::CaptureOutput [tor-browser-build] * Bug 41072: Set correct updater_url for Mullvad Browser nightly builds [tor-browser-build] * Bug 41081: Update detailsURL in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] * Bug 41085: kick_devmole_build script prints wrong URL for Mullvad's build hashes [tor-browser-build] * Bug 40068: Switch from IO::CaptureOutput to Capture::Tiny [rbm] * Bug 40069: Make stdout and stderr utf8 [rbm] * Bug 40071: Add an option to create zip files using 7z [rbm] * Bug 40072: Move capture_exec to a separate module [rbm] * Windows * Bug 41076: Include the ShellLink plugin in NSIS [tor-browser-build] * Bug 41077: Draft the new installer for Mullvad Browser [tor-browser-build] * macOS * Bug 41084: $app_bundle is missing the final .app in projects/firefox/build [tor-browser-build] Mullvad Browser 13.0.10 - February 20 2024 * All Platforms * Updated Firefox to 115.8.0esr * Updated mullvad-browser-extension to 0.8.5 * Bug 267: Rebase Mullvad Browser Stable onto Firefox 115.8.0esr [mullvad-browser] * Bug 42374: spoof english leaks via numberingSystem: numbers (non-latn) or decimal separator (latn) [tor-browser] * Build System * All Platforms * Bug 41037: Set time on signing machine before starting signing [tor-browser-build] * Bug 41067: Use Capture::Tiny instead of IO::CaptureOutput [tor-browser-build] * Bug 40068: Switch from IO::CaptureOutput to Capture::Tiny [rbm] * Bug 40069: Make stdout and stderr utf8 [rbm] Mullvad Browser 13.5a4 - January 29 2024 * All Platforms * Updated Firefox to 115.7.0esr * Updated uBlock Origin to 1.55.0 * Bug 261: Rebase Mullvad Browser Alpha onto Firefox 115.7.0esr [mullvad-browser] * Bug 41917: Make the appearance of letterboxing look more intentional [tor-browser] * Bug 42374: spoof english leaks via numberingSystem: numbers (non-latn) or decimal separator (latn) [tor-browser] * Build System * All Platforms * Bug 42337: Enable GeckoDriver for all desktop platforms [tor-browser] * Bug 41037: Set time on signing machine before starting signing [tor-browser-build] * Bug 41045: Dump more information about build times on Firefox [tor-browser-build] * Bug 41056: Make it possible to use templates in var/torbrowser_incremental_from [tor-browser-build] * Bug 41057: make fetch is not fetching mullvad repo [tor-browser-build] * Bug 41059: Update keyring/torbrowser.gpg with updated key [tor-browser-build] * Windows * Bug 40606: Use Clang to compile NSIS [tor-browser-build] * Bug 40900: Update NSIS to 3.09 [tor-browser-build] * Bug 41065: Do a cleanup of the NSIS script [tor-browser-build] * Linux * Bug 41046: Use the final path for Linux debug symbols [tor-browser-build] Mullvad Browser 13.0.9 - January 23 2024 * All Platforms * Updated Firefox to 115.7.0esr * Updated uBlock Origin to 1.55.0 * Bug 249: BrowserHost has null mRoot when applying initial window size in debug [mullvad-browser] * Bug 260: Rebase Mullvad Browser Stable onto Firefox 115.7.0esr [mullvad-browser] * Bug 42189: Assertion failure: the value of mPrivateBrowsingId in the loadContext and in the loadInfo are not the same! [tor-browser] * Bug 41044: Add tbb_version.json-like file for Mullvad Browser [tor-browser-build] * Linux * Bug 41050: Improve the disk leak sanitization on start-$browser [tor-browser-build] * Build System * All Platforms * Bug 41042: Add options to include updates in the changelog scripts [tor-browser-build] * Bug 41043: Create script to push build requests to Mullvad build servers [tor-browser-build] * Bug 41056: Make it possible to use templates in var/torbrowser_incremental_from [tor-browser-build] * Bug 41059: Update keyring/torbrowser.gpg with updated key [tor-browser-build] * Bug 40067: Use --no-verbose wget option when not running in a terminal [rbm] * Windows + macOS * Bug 41016: Switch from bullseye to bookworm for desktop platforms [tor-browser-build] * Windows * Bug 41015: Enable std::filesystem on libc++ on Windows [tor-browser-build] Mullvad Browser 13.5a3 - December 20 2023 * All Platforms * Updated Firefox to 115.6.0esr * Updated NoScript to 11.4.29 * Bug 249: BrowserHost has null mRoot when applying initial window size in debug [mullvad-browser] * Bug 256: Update nightly mar signing key [mullvad-browser] * Bug 258: Rebase Mullvad Browser alpha onto 115.6.0esr [mullvad-browser] * Bug 42042: view-source:http://ip-address does not work because of HTTPS Only [tor-browser] * Bug 42189: Assertion failure: the value of mPrivateBrowsingId in the loadContext and in the loadInfo are not the same! [tor-browser] * Bug 42335: Do not localize the order of locales for app lang [tor-browser] * Bug 41044: Add tbb_version.json-like file for Mullvad Browser [tor-browser-build] * Windows * Bug 42163: Make the 3rd party DLL blocklist obey portable mode [tor-browser] * Linux * Bug 41050: Improve disk leak sanitization on startup [tor-browser] * Build System * All Platforms * Bug 40995: Use cdn.stagemole.eu instead of cdn.devmole.eu in download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 41026: Do not use ~ when uploading the signed hashes [tor-browser-build] * Bug 41027: Remove tb-build-04 and tb-build-05 from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 41031: Add command to unsign .mar files and compare with sha256sums-unsigned-build.txt [tor-browser-build] * Bug 41039: Update tools/signing/upload-update_responses-to-staticiforme to keep download-*json files from previous release when new release does not include them [tor-browser-build] * Bug 41041: Sign mullvad-browser nightly updates [tor-browser-build] * Bug 41042: Add options to include updates in the changelog scripts [tor-browser-build] * Bug 41043: Create script to push build requests to Mullvad build servers [tor-browser-build] * Windows + macOS * Bug 41016: Switch from bullseye to bookworm for desktop platforms [tor-browser-build] * Windows * Bug 41015: Enable std::filesystem on libc++ on Windows [tor-browser-build] * Bug 41030: Add command to unsign .exe files and compare with sha256sums-unsigned-build.txt [tor-browser-build] * macOS * Bug 40990: Remove old macos signing scripts [tor-browser-build] Mullvad Browser 13.0.7 - December 19 2023 * All Platforms * Updated Firefox to 115.6.0esr * Updated NoScript to 11.4.29 * Bug 257: Rebase Mullvad Browser Stable to 115.6.0esr [mullvad-browser] * Bug 42042: view-source:http://ip-address does not work because of HTTPS Only [tor-browser] * Build System * All Platforms * Bug 40884: Script to automate uploading sha256s and signatures to location signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be [tor-browser-build] * Bug 41026: Do not use ~ when uploading the signed hashes [tor-browser-build] * Bug 41039: Update tools/signing/upload-update_responses-to-staticiforme to keep download-*json files from previous release when new release does not include them [tor-browser-build] * macOS * Bug 40990: Remove old macos signing scripts [tor-browser-build] Mullvad Browser 13.0.6 - December 04 2023 * All Platforms * Bug 42288: Allow language spoofing in status messages [tor-browser] * Updated uBlock Origin to 1.54.0 * Linux * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] * Bug 42306: Tor Browser crashes when extensions popups are opened with Wayland enabled [tor-browser] * Bug 41017: Disable Nvidia shader cache [tor-browser-build] * Build System * All Platforms * Bug 41027: Remove tb-build-04 and tb-build-05 from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 40936: Revert tor-browser-build#40933 [tor-browser-build] * Bug 40970: Missing symlink create-blog-post.torbrowser -> create-blog-post symlink [tor-browser-build] * Bug 40995: Use cdn.stagemole.eu instead of cdn.devmole.eu in download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 40063: RBM's chroot fails in Fedora [rbm] * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] * Windows + macOS + Linux * Bug 41031: Add command to unsign .mar files and compare with sha256sums-unsigned-build.txt [tor-browser-build] * Windows * Bug 41030: Add command to unsign .exe files and compare with sha256sums-unsigned-build.txt [tor-browser-build] Mullvad Browser 13.5a2 - November 27 2023 * All Platforms * Updated Firefox to 115.5.0esr * Updated uBlock Origin to 1.54.0 * Bug 250: Enable storage.sync to fix broken webextensions [mullvad-browser] * Bug 254: Rebase Mullvad Browser Alpha to 115.5.0esr [mullvad-browser] * Bug 42153: Drop dom.enable_resource_timing = false preference [tor-browser] * Bug 42194: Blank Net Error page on name resolution failure [tor-browser] * Bug 42276: Rebase Browsers Alpha to 115.5.0esr [tor-browser] * Bug 42288: Allow language spoofing in status messages [tor-browser] * Linux * Bug 17560: Downloaded URLs disk leak on Linux [tor-browser] * Bug 41017: Disable Nvidia shader cache [tor-browser-build] * Build System * All Platforms * Bug 40884: Script to automate uploading sha256s and signatures to location signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo expects them to be [tor-browser-build] * Bug 40970: Missing symlink create-blog-post.torbrowser -> create-blog-post symlink [tor-browser-build] * Bug 41006: Fix typo in finished-signing-clean-linux signer [tor-browser-build] * Bug 40063: RBM's chroot fails in Fedora [rbm] * Bug 40064: Using exec on project with no git_url/hg_url is causing warning [rbm] * macOS * Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step [tor-browser-build] * Bug 41007: gatekeeper-bundling.sh refers to old .tar.gz archive [tor-browser-build] * Bug 41014: Update libdmg-hfsplus to drop the OpenSSL patch [tor-browser-build] * Bug 41020: Opening MacOS dmg file is causing a warning, since 13.0 [tor-browser-build] Mullvad Browser 13.0.4 - November 16 2023 * All Platforms * Updated Firefox to 115.5.0esr * Updated uBlock Origin to 1.53.0 * Bug 250: Enable storage.sync to fix broken webextensions [mullvad-browser] * Bug 253: Rebase Mullvad Browser Stable to 115.5.0esr [mullvad-browser] * Bug 42194: Blank Net Error page on name resolution failure [tor-browser] * Windows + macOS * Bug 42154: Empty the clipboard on browser shutdown only if content comes from private browsing windows [tor-browser] * Build System * All Platforms * Bug 40934: Remove $bundle_locales from signing scripts now that we're on ALL for everything [tor-browser-build] * Bug 40982: Fix logging in tools/signing/do-all-signing [tor-browser-build] * Bug 40989: Add .nobackup files to reproducible and disposable directores [tor-browser-build] * Bug 41006: Fix typo in finished-signing-clean-linux signer [tor-browser-build] * macOS * Bug 29815: Sign our macOS bundles on Linux [tor-browser-build] * Bug 41005: Unpack macOS bundle to /var/tmp instead of /tmp in rcodesign-notary-submit step [tor-browser-build] * Bug 41007: gatekeeper-bundling.sh refers to old .tar.gz archive [tor-browser-build] * Bug 41014: Update libdmg-hfsplus to drop the OpenSSL patch [tor-browser-build] * Bug 41020: Opening MacOS dmg file is causing a warning, since 13.0 [tor-browser-build] Mullvad Browser 13.5a1 - November 01 2023 * All Platforms * Updated Firefox to 115.4.0esr * Updated NoScript to 11.4.28 * Bug 246: Add the last Mullvad Browser Extension (0.8.4) to 13.0 [mullvad-browser] * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] * Windows + macOS * Bug 42154: Empty the clipboard on browser shutdown only if content comes from private browsing windows [tor-browser] * Build System * All Platforms * Bug 40934: Remove $bundle_locales from signing scripts now that we're on ALL for everything [tor-browser-build] * Bug 40982: Fix logging in tools/signing/do-all-signing [tor-browser-build] * Bug 40983: Bump the various branches to 13.5 on main [tor-browser-build] * Bug 40989: Add .nobackup files to reproducible and disposable directores [tor-browser-build] * Windows * Bug 40984: The PDBs for .exe are not included [tor-browser-build] * macOS * Bug 29815: Sign our macOS bundles on Linux [tor-browser-build] Mullvad Browser 13.0.1 - October 24 2023 * All Platforms * Updated Firefox to 115.4.0esr * Bug 42182: Default Search Engine Does Not Persist Through Shift to New Identity [tor-browser] * Bug 42185: Rebase stable browsers on top of 115.4.0esr [tor-browser] * Bug 42191: Backport security fixes (Android & wontfix) from Firefox 119 to 115.4 - based Tor Browser [tor-browser] * Build System * Windows + Linux * Bug 40991: Fix creation of downloads-windows-x86_64.json and downloads-linux-x86_64.json [tor-browser-build] * Windows * Bug 40984: The PDBs for .exe are not included [tor-browser-build] Mullvad Browser 13.0 - October 12 2023 * All Platforms * Updated Firefox to 115.3.1esr * Bug 40050: FF103 Audit [tor-browser-spec] * Bug 40051: FF104 Audit [tor-browser-spec] * Bug 40052: FF105 Audit [tor-browser-spec] * Bug 40053: FF106 Audit [tor-browser-spec] * Bug 40054: FF107 Audit [tor-browser-spec] * Bug 40055: FF108 Audit [tor-browser-spec] * Bug 40056: FF109 Audit [tor-browser-spec] * Bug 40057: FF110 Audit [tor-browser-spec] * Bug 40058: FF111 Audit [tor-browser-spec] * Bug 40059: FF112 Audit [tor-browser-spec] * Bug 40060: FF113 Audit [tor-browser-spec] * Bug 40061: FF114 Audit [tor-browser-spec] * Bug 40062: FF115 Audit [tor-browser-spec] * Bug 66: Localize Mullvad Browser [mullvad-browser] * Bug 166: Enable built-in URL anti-tracking query parameters stripping [mullvad-browser] * Bug 175: Change the default start window size from 1000x1000 [mullvad-browser] * Bug 177: Change help links in `about:preferences` and menu [mullvad-browser] * Bug 183: Rebase Mullvad Browser to Firefox 115 [mullvad-browser] * Bug 195: Choose which locales to translate Mullvad Browser to [mullvad-browser] * Bug 196: Enumerate Mullvad Browser-specific strings for localization [mullvad-browser] * Bug 199: Mullvad Browser changes required to use Mullvad Browser-specific localization strings [mullvad-browser] * Bug 208: Improve letterboxing's dimensions [mullvad-browser] * Bug 211: Change "Mullvad Browser Home" to "New tab" [mullvad-browser] * Bug 213: Add search engines to the default list [mullvad-browser] * Bug 214: Enable cross-tab identity leak protection in "quiet" mode [mullvad-browser] * Bug 215: Update re-adds manually removed default toolbar buttons [mullvad-browser] * Bug 218: uBO and Mullvad Browser Extension hidden in unified extensions panel [mullvad-browser] * Bug 220: "Firefox Suggest" string appears when search matches a bookmark [mullvad-browser] * Bug 223: Trademarks in the about popup are not translated [mullvad-browser] * Bug 226: First window after update should go to the user-friendly release page on GitHub [mullvad-browser] * Bug 228: Remove popup asking for preferred language on websites [mullvad-browser] * Bug 231: Fix the Security Level "read more" link in popup/settings panel [mullvad-browser] * Bug 243: Make sure about:mullvadbrowser is treated as a new tab page [mullvad-browser] * Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser] * Bug 30556: Re-evaluate letterboxing dimension choices [tor-browser] * Bug 33282: Increase the max width of new windows [tor-browser] * Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser] * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] * Bug 41477: Review some extensions.* preferences [tor-browser] * Bug 41496: Review 000-tor-browser.js and 001-base-profile.js for 115 [tor-browser] * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] * Bug 41576: ESR115: ensure no remote calls for weather & addon suggestions [tor-browser] * Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser] * Bug 41642: Do not hide new PBM in the hamburger menu if auto PBM is not enabled [tor-browser] * Bug 41675: Remove javascript.options.large_arraybuffers [tor-browser] * Bug 41691: "Firefox Suggest" text appearing in UI [tor-browser] * Bug 41727: WebRTC privacy-hardening settings [tor-browser] * Bug 41739: Remove "Website appearance" [tor-browser] * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] * Bug 41752: Review changes done by Bug 41565 [tor-browser] * Bug 41765: TTP-02-006 WP1: Information leaks via custom homepage (Low) [tor-browser] * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] * Bug 41791: Copying page contents also puts the source URL on the clipboard [tor-browser] * Bug 41797: Lock RFP in release builds [tor-browser] * Bug 41833: Reload extensions on new identity [tor-browser] * Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser] * Bug 41874: Visual & A11 regressions in add-on badges [tor-browser] * Bug 41876: Remove Firefox View from title bar [tor-browser] * Bug 41877: NoScript seems to be blocking by default in the first 115-based testbuild [tor-browser] * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] * Bug 41903: The info icon on the language change prompt is not shown [tor-browser] * Bug 41936: Review Mozilla 1770158: Use double-conversion library instead of dtoa for string-to-double conversion [tor-browser] * Bug 41937: Review Mozilla 1780014: Add specific telemetry for conservative and first-try handshakes [tor-browser] * Bug 41938: Review Mozilla 1769994: On systems with IPv6 preferred DNS resolution clients will fail to connect when "localhost" is used as host for the WebSocket server [tor-browser] * Bug 41939: Review Mozilla 1728871: Support fetching data from Remote Setting [tor-browser] * Bug 41940: Review Mozilla 1739348: When a filetype is set to "always ask" and the user makes a save/open choice in the dialog, we should not also open the downloads panel [tor-browser] * Bug 41941: Review Mozilla 1775254: Improve Math.pow accuracy for large exponents [tor-browser] * Bug 41943: Lock javascript.options.spectre.disable_for_isolated_content to false [tor-browser] * Bug 41945: Review Mozilla 1783019: Add a cookie banner service to automatically handle website cookie banners [tor-browser] * Bug 41946: Review Mozilla 1782579: Add a locale parameter to the text recognition API [tor-browser] * Bug 41947: Review Mozilla 1779005: Broken since Firefox 102.0: no instant fallback to direct connection when proxy became unreachable while runtime [tor-browser] * Bug 41949: Review Mozilla 1782578: Implement a context menu modal for text recognition [tor-browser] * Bug 41950: Review Mozilla 1788668: Add the possibility to check that the clipboard contains some pdfjs stuff [tor-browser] * Bug 41951: Review Mozilla 1790681: Enable separatePrivateDefault by default [tor-browser] * Bug 41959: Review Mozilla 1795944: Remove descriptionheightworkaround [tor-browser] * Bug 41961: Review Mozilla 1798868: Hide cookie banner handling UI by default [tor-browser] * Bug 41969: Review Mozilla 1746983: Re-enable pingsender2 [tor-browser] * Bug 41970: Review Mozilla 17909270: WebRTC bypasses Network settings & proxy.onRequest [tor-browser] * Bug 41973: Custom wingpanels don't line up with their toolbar icons in 13.0 alpha [tor-browser] * Bug 41981: Review Mozilla 1800675: Add about:preferences entry for cookie banner handling [tor-browser] * Bug 41983: Review Mozilla 1770447: Create a reusable "support-link" widget [tor-browser] * Bug 41984: Rename languageNotification.ftl to base-browser.ftl [tor-browser] * Bug 42013: Review Mozilla 1834374: Do not call EmptyClipboard() in nsBaseClipboard destructor [tor-browser] * Bug 42014: Review Mozilla 1832791: Implement a Remote Settings for the Quarantined Domains pref [tor-browser] * Bug 42015: Review Mozilla 1830890: Keep a history window of WebRTC stats for about:webrtc [tor-browser] * Bug 42019: Empty browser's clipboard on browser shutdown [tor-browser] * Bug 42022: Prevent extension search engines from breaking the whole search system [tor-browser] * Bug 42026: Disable cookie banner service and UI. [tor-browser] * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] * Bug 42029: Defense-in-depth: disable non-proxied UDP WebRTC [tor-browser] * Bug 42037: Disable about:firefoxview [tor-browser] * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] * Bug 42050: Bring back Save As... dialog as default [tor-browser] * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] * Bug 42094: Disable `media.aboutwebrtc.hist.enabled` as security in-depth [tor-browser] * Bug 42138: Disable apz.overscroll.enabled pref [tor-browser] * Bug 42159: Responsive Design Mode not working correctly [tor-browser] * Bug 42166: New identity dialog missing accessible name [tor-browser] * Bug 42167: Make the preference auto-focus more reliable [tor-browser] * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] * Bug 40924: Customize MOZ_APP_REMOTINGNAME instead of passing --name and --class [tor-browser-build] * Bug 40937: First window after update should go to the user-friendly release page on GitHub [tor-browser-build] * Windows * Bug 40737: Revert backout of Mozilla's fix for bug 1724777 [tor-browser] * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] * Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser] * Bug 41942: Review Mozilla 1682520: Use the WER runtime exception module to catch early crashes [tor-browser] * Bug 41944: Review Mozilla 1774083: Add Surrogate COM Server to handle native Windows notifications when Firefox is closed. [tor-browser] * Bug 42008: Review Mozilla 1808146: Copying images from Pixiv and pasting them in certain programs is broken [tor-browser] * Bug 42010: Review Mozilla 1810641: Enable overscroll on Windows on all channels [tor-browser] * Bug 40930: Upate zlib to 1.3 after 13.0a3 [tor-browser-build] * macOS * Bug 41948: Review Mozilla 1782981: Hide the text recognition context menu if the macOS version doesn't support APIs [tor-browser] * Bug 41982: Review Mozilla 1762392: Add Cocoa platform support for paste files [tor-browser] * Bug 42057: Disable Platform text-recognition functionality [tor-browser] * Bug 42147: Add browser.helperApps.deleteTempFileOnExit to our profile [tor-browser] * Linux * Bug 225: Right Click -> New Tab on link does nothing [mullvad-browser] * Bug 41884: Linux: set browser.tabs.searchclipboardfor.middleclick to false [tor-browser] * Bug 40576: Fontconfig warning: remove 'blank' configuration [tor-browser-build] * Build System * All Platforms * Bug 180: Change the naming scheme of the installers at build time [mullvad-browser] * Bug 197: Develop Crowdin to Gitlab translations repo pipeline [mullvad-browser] * Bug 198: Enable localization for Mullvad Browser builds [mullvad-browser] * Bug 31588: Be smarter about vendoring for Rust projects [tor-browser-build] * Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build] * Bug 40149: Remove patching of nightly update URL [tor-browser-build] * Bug 40410: Get rid of python2 [tor-browser-build] * Bug 40487: Bump Python version [tor-browser-build] * Bug 40615: Consider adding a readme to the fonts directory [tor-browser-build] * Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build] * Bug 40829: Review and standardize naming scheme for browser installer/package artifacts [tor-browser-build] * Bug 40855: Update toolchains for Mozilla 115 [tor-browser-build] * Bug 40868: Bump Rust to 1.69.0 [tor-browser-build] * Bug 40880: The README doesn't include some dependencies needed for building incrementals [tor-browser-build] * Bug 40886: Update README with instructions for Arch linux [tor-browser-build] * Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build] * Bug 40907: Sometimes debug information are not deterministic with Clang 16.0.4 [tor-browser-build] * Bug 40916: Update updated_responses_config.yml to pull Mullvad incrementals from archive.torproject.org [tor-browser-build] * Bug 40922: Use base-browser.ftl instead of languageNotification.ftl [tor-browser-build] * Bug 40931: Fix incrementals after tor-browser-build#40829 [tor-browser-build] * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] * Bug 40942: Use the branch to build Base Browser [tor-browser-build] * Bug 40944: After #40931, updates_responses is using incremental.mar files as if they were non-incremental mar files [tor-browser-build] * Bug 40946: override_updater_url does not work for Mullvad Browser [tor-browser-build] * Bug 40947: Remove migrate_langs from tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] * Bug 40957: Expired subkey warning on Tor Browser GPG verification [tor-browser-build] * Bug 40972: Handle Mullvad Browser in the changelog script and group entries by project [tor-browser-build] * Windows * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] * Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build] * Bug 40940: Change position of the `install|portable` in the builds filenames [tor-browser-build] * macOS * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] * Linux * Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build] Mullvadd Browser 13.0a6 - September 29 2023 * All Platforms * Updated uBlock Origin to 1.52.2 * Updated Translations * Bug 42139: Backport security fixes from Firefox 115.3.1 to 115.3.0 [tor-browser] * Build System * All Platforms * Bug 40957: Expired subkey warning on Tor Browser GPG verification [tor-browser-build] Mullvad Browser 12.5.6 - September 29 2023 * All Platforms * Bug 42135: Backport security fixes from Firefox 115.3.1 to 102.15.1 [tor-browser] * Build System * All Platforms * Bug 40957: Update subkey expiration date for Tor Browser gpg key [tor-browser-build] Mullvad Browser 12.5.5 - September 25 2023 * All Platforms * Updated NoScript to 11.4.27 * Updated uBlock Origin to 1.52.2 * Bug 42123: Backport security fixes from Firefox 118 to ESR 102.15 / 115.3 - based Tor Browser [tor-browser] Mullvad Browser 13.0a5 - September 21 2023 * All Platforms * Updated Translations * Updated Firefox to 115.3.0esr * Bug 228: Remove popup asking for preferred language on websites [mullvad-browser] * Bug 238: Rebase Mullvad Browser to 115.3.0esr [mullvad-browser] * Bug 40893: Update (Noto) fonts for 13.0 [tor-browser-build] * Bug 41327: Disable UrlbarProviderInterventions [tor-browser] * Bug 41581: ESR115: figure out extension pinning / unified Extensions [tor-browser] * Bug 41903: The info icon on the language change prompt is not shown [tor-browser] * Bug 42026: Disable cookie banner service and UI. [tor-browser] * Bug 42037: Disable about:firefoxview [tor-browser] * Bug 42083: RemoteSecuritySettings.init throws error in console [tor-browser] * Bug 42094: Disable media.aboutwebrtc.hist.enabled as security in-depth [tor-browser] * Windows * Bug 41798: Stop building private_browsing.exe on Windows [tor-browser] * Build System * All Platforms * Bug 40956: Allow testing the updater also with release and alpha channel [tor-browser-build] * Windows * Bug 41995: Generated headers on Windows aren't reproducible [tor-browser] Mullvad Browser 13.0a4 - September 12 2023 * All Platforms * Updated Firefox to 115.2.1esr * Updated Translations * Updated NoScript to 11.4.27 * Bug 211: Change "Mullvad Browser Home" to "New tab" [mullvad-browser] * Bug 231: Fix the Security Level "read more" link in popup/settings panel [mullvad-browser] * Bug 236: Rebase alpha onto 115.2.1 [mullvad-browser] * Bug 40149: Remove patching of nightly update URL [tor-browser-build] * Bug 40937: First window after update should go to the user-friendly release page on GitHub [tor-browser-build] * Bug 41528: Hard-coded English "based on Mozilla Firefox" appears in version in "About" dialog [tor-browser] * Bug 41675: ESR115: decide on large array buffers [tor-browser] * Bug 41739: Remove "Website appearance" [tor-browser] * Bug 41740: ESR115: change devicePixelRatio spoof to 2 in alpha for testing [tor-browser] * Bug 41774: Hide the new "Switching to a new device" help menu item [tor-browser] * Bug 41797: Lock RFP in release builds [tor-browser] * Bug 41876: Remove firefox view from title bar [tor-browser] * Bug 41881: Developer tools/Network/New Request remembers requests [tor-browser] * Bug 42027: Create a Base Browser version of migrateUI [tor-browser] * Bug 42043: Disable gUM: media.devices.enumerate.legacy.enabled [tor-browser] * Bug 42046: Remove XUL layout hacks from base browser [tor-browser] * Bug 42050: Bring back Save As... dialog as default [tor-browser] * Bug 42061: Move the alpha update channel creation to a commit on its own [tor-browser] * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] * Windows * Bug 40930: Update zlib to 1.3 after 13.0a3 [tor-browser-build] * macOS * Bug 42057: Disable Platform text-recognition functionality [tor-browser] * Build System * All Platforms * Bug 40857: Mullvad Browser generated downloads.json references tbb-* build tag rather than mb-* [tor-browser-build] * Bug 40932: Remove appname_bundle_android, appname_bundle_macos, appname_bundle_linux, appname_bundle_win32, appname_bundle_win64 from projects/release/update_responses_config.yml [tor-browser-build] * Bug 40933: Fix generating incrementals between 12.5.x and 13.0 [tor-browser-build] * Bug 40935: Fix fallout from build target rename in signing scripts [tor-browser-build] * Bug 40942: Use the branch to build Base Browser [tor-browser-build] * Bug 40946: override_updater_url does not work for Mullvad Browser [tor-browser-build] * macOS * Bug 40943: Update libdmg-hfsplus to include our uplifted patch [tor-browser-build] Mullvad Browser 12.5.4 - September 12 2023 * All Platforms * Updated Firefox to 102.15.1esr * Updated Translations * Bug 235: Rebase release onto 102.15.1 ESR [mullvad-browser] * Bug 42084: Race condition with language preferences may make spoof_english ineffective [tor-browser] Mullvad Browser 12.5.3 - August 28 2023 * All Platforms * Updated Translations * Updated Firefox to 102.15.0esr * Bug 232: Rebase Mullvad Browser stable onto 102.15 [mullvad-browser] * Bug 42053: Backport security fixes from Firefox 117 to ESR 102.15 - based Tor Browser [tor-browser] * Bug 40937: First window after update should go to the user-friendly release page on GitHub [tor-browser-build] * Build System * All Platforms * Bug 40857: Mullvad Browser generated downloads.json references tbb-* build tag rather than mb-* [tor-browser-build] * Bug 40913: add boklm back to list of taggers in relevant projects [tor-browser-build] * Bug 40921: staticiforme-prepare-cdn-dist-upload uses hardcoded torbrowser path for .htacess file generation [tor-browser-build] Mullvad Browser 13.0a3 - August 21 2023 * All Platforms * Updated Translations * Updated Firefox to 115.2.0esr * Bug 220: "Firefox Suggest" string appears when search matches a bookmark [mullvad-browser] * Bug 223: Trademarks in the about popup are not translated [mullvad-browser] * Bug 230: Rebase MB 13.0 alpha onto 115.2.0esr [mullvad-browser] * Bug 40924: Customize MOZ_APP_REMOTINGNAME instead of passing --name and --class [tor-browser-build] * Bug 41833: Reload extensions on new identiy [tor-browser] * Bug 41943: Lock javascript.options.spectre.disable_for_isolated_content to false [tor-browser] * Bug 41984: Rename languageNotification.ftl to base-browser.ftl [tor-browser] * Bug 42019: Empty browser's clipboard on browser shutdown [tor-browser] * Bug 42022: Prevent extension search engines from breaking the whole search system [tor-browser] * Bug 42029: Defense-in-depth: disable non-proxied UDP WebRTC [tor-browser] * Linux * Bug 40576: Fontconfig warning: remove 'blank' configuration [tor-browser-build] * Build System * All Platforms * Bug 40829: Review and standardize naming scheme for browser installer/package artifacts [tor-browser-build] * Bug 40921: staticiforme-prepare-cdn-dist-upload uses hardcoded torbrowser path for .htacess file generation [tor-browser-build] * Bug 40922: Use base-browser.ftl instead of languageNotification.ftl [tor-browser-build] * Bug 40923: Switch Mullvad Browser translations to the new repository [tor-browser-build] Mullvad Browser 13.0a2 - August 08 2023 * All Platforms * Updated NoScript to 11.4.26 * Upated uBlock Origin to 1.51.0 * Updated Firefox to 115.1.0esr * Bug 195: Choose which locales to translate Mullvad Browser to [mullvad-browser] * Bug 216: Rebase Mullvad Browser onto 115.1.0esr [mullvad-browser] * Bug 30556: Re-evaluate letterboxing dimension choices [tor-browser] * Bug 33282: Increase the max width of new windows [tor-browser] * Bug 40916: Update updated_responses_config.yml to pull Mullvad incrementals from archive.torproject.org [tor-browser-build] * Build System * All Platforms * Bug 198: Enable localization for Mullvad Browser builds [mullvad-browser] * Bug 199: Mullvad Browser changes required to use Mullvad Browser-specific localization strings [mullvad-browser] * Bug 40615: Consider adding a readme to the fonts directory [tor-browser-build] * Bug 40880: The README doesn't include some dependencies needed for building incrementals [tor-browser-build] * Bug 40907: Mar-tools aren't deterministic on 13.0a1 [tor-browser-build] * Bug 40909: Add dan_b and ma1 to list of taggers in relevant projects [tor-browser-build] * Bug 40913: add boklm back to list of taggers in relevant projects [tor-browser-build] Mullvad Browser 12.5.2 - July 31 2023 * All Platforms * Updated NoScript to 11.4.26 * Upated uBlock Origin to 1.51.0 * Updated Firefox to 102.14.0esr * Bug 217: Rebase Mullvad Browser 12.5 stable on top of 102.14esr [mullvad-browser] * Build System * All Platforms * Bug 40889: Add mullvad sha256sums URL to tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 40894: Fix format of keyring/boklm.gpg [tor-browser-build] * Bug 40909: Add dan_b and ma1 to list of taggers in relevant projects [tor-browser-build] * Windows * Bug 31546: Create and expose PDB files for Tor Browser debugging on Windows [tor-browser-build] Mullvad Browser 13.0a1 - July 20 2023 * All Platforms * Updated NoScript to 11.4.25 * Updated uBlock Origin to 1.50.0 * Updated mullvad-browser-extension to 0.8.3 * Updated Firefox to 115.0.2esr * Bug 166: Enable built-in URL anti-tracking query parameters stripping [mullvad-browser] * Bug 183: Rebase Mullvad Browser to Firefox 115 [mullvad-browser] * Bug 213: Add search engines to the default list [mullvad-browser] * Bug 214: Enable cross-tab identity leak protection in "quiet" mode [mullvad-browser] * Bug 26277: When "Safest" setting is enabled searching using duckduckgo should always use the Non-Javascript site for searches [tor-browser] * Bug 33955: Selecting "Copy image" from menu leaks the source URL to the clipboard. This data is often dereferenced by other applications. [tor-browser] * Bug 41759: Rebase Base Browser to 115 nightly [tor-browser] * Bug 41834: Hide "Can't Be Removed - learn more" menu line for uninstallable add-ons [tor-browser] * Bug 41854: Download Spam Protection cannot be overridden to allow legitimate downloads [tor-browser] * Bug 41874: Visual & A11 regressions in add-on badges [tor-browser] * Windows * Bug 41806: Prevent Private Browsing start menu item to be added automatically [tor-browser] * Build System * All Platforms * Bug 40089: Clean up usage of get-moz-build-date script [tor-browser-build] * Bug 40410: Get rid of python2 [tor-browser-build] * Bug 40487: Bump Python version [tor-browser-build] * Bug 40802: Drop the patch for making WASI reproducible [tor-browser-build] * Bug 40836: Update do-all-signing script to also deploy mullvad-browser installer bins to dist.torproject.org [tor-browser-build] * Bug 40868: Bump Rust to 1.69.0 [tor-browser-build] * Bug 40881: do-all-signing is asking for nssdb7 password when signing mullvadbrowser [tor-browser-build] * Bug 40882: Fix static-update-component command in issue_templates [tor-browser-build] * Bug 40886: Update README with instructions for Arch linux [tor-browser-build] * Bug 40889: Add mullvad sha256sums URL to tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Bug 40894: Fix format of keyring/boklm.gpg [tor-browser-build] * Bug 40898: Add doc from tor-browser-spec/processes/ReleaseProcess to gitlab issue templates [tor-browser-build] * Windows * Bug 40832: Unify mingw-w64-clang 32+64 bits [tor-browser-build] * Linux * Bug 40102: Move from Debian Jessie to Debian Stretch for our Linux builds [tor-browser-build] Mullvad Browser 12.5.1 - July 5 2023 * All Platforms * Updated Firefox to 102.13.0esr * Bug 192: Rebase Mullvad Browser 12.5 stable on top of 102.13esr [mullvad-browser] * Bug 41854: Download Spam Protection cannot be overridden to allow legitimate downloads [tor-browser] Mullvad Browser 12.5 - June 21 2023 * All Platforms * Updated uBlock Origin to 1.50.0 * Updated mullvad-browser-extension to version 0.8.3 * Windows + macOS + Linux * Bug 41577: Disable profile migration [tor-browser] * Bug 41595: Disable pagethumbnails capturing [tor-browser] * Bug 41609: Move the disabling of Firefox Home (Activity Stream) to base-browser [tor-browser] * Bug 41668: Move part of the updater patches to base browser [tor-browser] * Bug 41686: Move the 'Bug 11641: Disable remoting by default' commit from base-browser to tor-browser [tor-browser] * Bug 41695: Port warning on maximized windows without letterboxing from torbutton [tor-browser] * Bug 41701: Reporting an extension does not work [tor-browser] * Bug 41711: Race condition when opening a new window in New Identity [tor-browser] * Bug 41736: Customize the default CustomizableUI toolbar using CustomizableUI.jsm [tor-browser] * Bug 41738: Replace the patch to disable live reload with its preference [tor-browser] * Bug 41775: Avoid re-defining some macros in nsUpdateDriver.cpp [tor-browser] * Windows + Linux * Bug 41654: UpdateInfo jumped into Data [tor-browser] * Linux * Bug 40860: Improve the transition from the old fontconfig file to the new one [tor-browser-build] * Bug 41163: Many bundled fonts are blocked in Ubuntu/Fedora because of RFP [tor-browser] * Bug 41732: implement linux font whitelist as defense-in-depth [tor-browser] * Build System * All Platforms * Bug 40837: Rebase mullvad-browser build changes onto main [tor-browser-build] * Bug 40870: Remove url without browser name from tools/signing/download-unsigned-sha256sums-gpg-signatures-from-people-tpo [tor-browser-build] * Windows + macOS + Linux * Bug 40826: Correctly set appname_marfile for basebrowser in tools/signing/nightly/update-responses-base-config.yml [tor-browser-build] * Bug 40866: Remove `Using ansible to set up a nightly build machine` from README [tor-browser-build] * macOS * Bug 40858: Create script to assist testers self sign Mac builds to allow running on Arm processors [tor-browser-build]