torbrowser-launcher/CHANGELOG.md

# Tor Browser Launcher Changelog

## 0.2.8

* Update URL to check for latest version, which changed in Tor Browser 7
* Automatically refresh GPG keyring, to prevent signature verification false positives
* Improve GnuPG code by using GPGME if available
* Updated AppArmor profiles
* Added Czech, Hungarian localization

## 0.2.7

* Updated Tor Browser signing key because they added a new subkey and verification was failing
* Updated AppArmor profiles
* Improved localization, and added Russian

## 0.2.6

* Fixed bug related to fallback to English feature that caused Settings to crash

## 0.2.5

* Fix issue where Tor Browser Launcher failed to launch if currently installed version of Tor Browser was too old
* If Tor Browser download isn't available in your language, fallback to English
* Avoid re-downloading tarball if it's already present
* Verify GnuPG importing keys using status-fd rather than exit codes
* Various AppArmor improvements
* Removed unused dependency

## 0.2.4

* Fix signature verification bypass attack, reported by Jann Horn (CVE-2016-3180)

## 0.2.3

* Removed certificate pinning to https://www.torproject.org to avoid issues with upcoming certificate change, and hard-coded minimum Tor Browser version in the release
* Fix issue with detecting language
* Make Tor SOCKS5 proxy configurable, for users not running on 9050
* Improved AppArmor profiles
* Added translations
* Switched from xpm icons to png icons
* Changed "Exit" button to "Cancel" button
* New package description

## 0.2.2

* Tor Browser Launcher no longer attempts to auto-update, now that Tor Browser has this feature
* System Tor is now an optional dependency
* Fix issue where downloads fail because of unicode URLs
* Removed window management code that stopped working many releases ago, and removed wmctrl dependency
* Removed test code that caused signature verification to happen at the wrong time

## 0.2.1

* Stop using RecommendedTBBVersions and start using more reliable "release" channel XML
* Converted settings file from pickle format to JSON
* Download tarball signatures to verify, rather than SHA256SUMS and signature
* Implemented IPolicyForHTTPS to prevent twisted-related crashes in Debian
* Some AppArmor fixes

## 0.2.0

* Fix critical bug with new location of start-tor-browser
* Silenced some AppArmor denied events from logs
* Print less console output
* Remove support for accepting links
* Added better support for updating over Tor in Fedora

## 0.1.9

* Added option to disable accepting links, to workaround Firefox/Tor Browser issue

## 0.1.8

* Added new Tor Browser signing key
* Fixed removing alpha/beta code due to change in RecommendedTBBVersions syntax
* Fixed opening links in TBB if you originally opened TBB without clicking a link


## 0.1.7

* You can now pass URLs into TBL, and set it as your default browser
* Hides TBL window before launching TBB
* Default mirror switched to https://dist.torproject.org/
* Added AppData file to look better in software centers
* Exclude AppArmor profiles in Ubuntu, where they're broken

## 0.1.6

* Updated licensing confusion to just be MIT in all locations
* Fixed bug related to TBB 4.0's new folder structure
* Updated .desktop files to comply with standards

## 0.1.5

* Split source code into several files
* Several AppArmor updates
* Prepare for upcoming RecommendedTBBVersion format change
* More verbose UI when updating
* No longer detaches start-tor-browser as separate process
* Temporarily disable AppArmor profiles in Ubuntu

## 0.1.4

* RecommendedTBBVersion URL change
* Many AppArmor improvements
* Allow installation into a virtualenv

## 0.1.3

* Force installing stable release if available in RecommendedTBBVersions
* Removed Mike Perry's signing key and added Erinn Clark's signing key
* Fixed AppArmor profiles (thanks to troubadoour)

## 0.1.2

* Updated Dutch translation
* Fixed bug with loading mirrors list
* Huge refactor of AppArmor profiles
* Added OnionShare support to AppArmor profiles
* Suppresses output from detached TBB process
* Uses freedesktop xdg-user-dirs instead of ~/.torbrowser
* Removed all signing keys except Mike Perry's
* Made tor and python-txsocksx dependencies to update over Tor by default

## 0.1.1

* Added TBL_SHARE support, to more easily develop without installing systemwide
* Modem sound and python-pygame dependency is now optional
* Support for updating TBB over Tor using a system Tor
* Removed support for stable/alpha preference, forces stable now
* Added French translations

## 0.1.0

* Added Polish translations
* Version 0.1.0 marks first version in Debian!
* Changed GPG release signing key
  from 5C17616361BD9F92422AC08BB4D25A1E99999697
  to 0B1491929806596254700155FD720AD9EBA34B1C

## 0.0.9

* Fixed AppArmor rules that were broken in Ubuntu
* Added support for basic RPM packaging
* Removed un-used dependencies
* Fixed URLs to deal with TBB release filename changes

## 0.0.8

* Removed older code that's no longer used
* Updated list of Tor mirrors
* Replaced certificate for www.torproject.org post-heartbleed
* Fixed URLs to deal with TBB release filename changes

## 0.0.7

* Added AppArmor profiles for torbrowser-launcher and TBB
* Removed included libs in favor of adding new Debian package dependencies

## 0.0.6

* Fixed URLs to deal with changes in TBB releases for 3.x

## 0.0.5

* Updated paths because TBB 3.x changed directory structure
* mirrors.txt now has local version in /usr/local
* Updated TBB signature URL
* Made optional modem sound when launching Tor, because it's sooo slow :)
* Extra check to make sure the latest version is installed
added a changelog and version bump to 0.0.7 2014-01-03 00:08:47 +00:00			`# Tor Browser Launcher Changelog`

Version bump to 0.2.8, and updated changelog 2017-06-21 22:40:20 +00:00			`## 0.2.8`

			`* Update URL to check for latest version, which changed in Tor Browser 7`
			`* Automatically refresh GPG keyring, to prevent signature verification false positives`
			`* Improve GnuPG code by using GPGME if available`
			`* Updated AppArmor profiles`
			`* Added Czech, Hungarian localization`

Updated changelog for 0.2.7 2017-01-27 04:38:43 +00:00			`## 0.2.7`

			`* Updated Tor Browser signing key because they added a new subkey and verification was failing`
			`* Updated AppArmor profiles`
			`* Improved localization, and added Russian`

Version bump and updated changelog 2016-07-22 23:32:39 +00:00			`## 0.2.6`

			`* Fixed bug related to fallback to English feature that caused Settings to crash`

Updated changelog and version bump 2016-07-08 23:53:49 +00:00			`## 0.2.5`

			`* Fix issue where Tor Browser Launcher failed to launch if currently installed version of Tor Browser was too old`
			`* If Tor Browser download isn't available in your language, fallback to English`
			`* Avoid re-downloading tarball if it's already present`
			`* Verify GnuPG importing keys using status-fd rather than exit codes`
			`* Various AppArmor improvements`
			`* Removed unused dependency`

Updated CHANGELOG and version bump to 0.2.4 2016-03-13 21:57:27 +00:00			`## 0.2.4`

Added CVE-2016-3180 to changelog for signature verification bypass attack 2016-03-16 20:51:09 +00:00			`* Fix signature verification bypass attack, reported by Jann Horn (CVE-2016-3180)`
Updated CHANGELOG and version bump to 0.2.4 2016-03-13 21:57:27 +00:00
Updated CHANGELOG and version bump to 0.2.3 2016-03-04 16:20:43 +00:00			`## 0.2.3`

			`* Removed certificate pinning to https://www.torproject.org to avoid issues with upcoming certificate change, and hard-coded minimum Tor Browser version in the release`
			`* Fix issue with detecting language`
			`* Make Tor SOCKS5 proxy configurable, for users not running on 9050`
			`* Improved AppArmor profiles`
			`* Added translations`
			`* Switched from xpm icons to png icons`
			`* Changed "Exit" button to "Cancel" button`
			`* New package description`

Version bump to 0.2.2 and updated changelog 2015-11-09 06:07:46 +00:00			`## 0.2.2`

Fixed typo in changelog 2015-11-09 06:19:02 +00:00			`* Tor Browser Launcher no longer attempts to auto-update, now that Tor Browser has this feature`
Version bump to 0.2.2 and updated changelog 2015-11-09 06:07:46 +00:00			`* System Tor is now an optional dependency`
			`* Fix issue where downloads fail because of unicode URLs`
			`* Removed window management code that stopped working many releases ago, and removed wmctrl dependency`
			`* Removed test code that caused signature verification to happen at the wrong time`

Version bump to 0.2.1, and updated changelog 2015-11-06 06:15:35 +00:00			`## 0.2.1`

			`* Stop using RecommendedTBBVersions and start using more reliable "release" channel XML`
			`* Converted settings file from pickle format to JSON`
			`* Download tarball signatures to verify, rather than SHA256SUMS and signature`
			`* Implemented IPolicyForHTTPS to prevent twisted-related crashes in Debian`
			`* Some AppArmor fixes`

version bump to 0.2.0 and updated changelog 2015-05-11 22:27:49 +00:00			`## 0.2.0`

			`* Fix critical bug with new location of start-tor-browser`
			`* Silenced some AppArmor denied events from logs`
			`* Print less console output`
			`* Remove support for accepting links`
updated changelog 2015-05-11 23:20:45 +00:00			`* Added better support for updating over Tor in Fedora`
version bump to 0.2.0 and updated changelog 2015-05-11 22:27:49 +00:00
version bump to 0.1.9 and updated changelog 2015-01-22 18:36:55 +00:00			`## 0.1.9`

			`* Added option to disable accepting links, to workaround Firefox/Tor Browser issue`

version bump to 0.1.8 and updated changelog 2015-01-19 21:33:24 +00:00			`## 0.1.8`

			`* Added new Tor Browser signing key`
			`* Fixed removing alpha/beta code due to change in RecommendedTBBVersions syntax`
			`* Fixed opening links in TBB if you originally opened TBB without clicking a link`


version bump to 0.1.7 and updated changelog 2014-11-26 01:30:38 +00:00			`## 0.1.7`

			`* You can now pass URLs into TBL, and set it as your default browser`
			`* Hides TBL window before launching TBB`
			`* Default mirror switched to https://dist.torproject.org/`
			`* Added AppData file to look better in software centers`
			`* Exclude AppArmor profiles in Ubuntu, where they're broken`

version bump and updated changelog 2014-10-16 17:30:31 +00:00			`## 0.1.6`

			`* Updated licensing confusion to just be MIT in all locations`
			`* Fixed bug related to TBB 4.0's new folder structure`
			`* Updated .desktop files to comply with standards`

version bump to 0.1.5 and updated changelog 2014-10-01 01:00:21 +00:00			`## 0.1.5`

			`* Split source code into several files`
			`* Several AppArmor updates`
			`* Prepare for upcoming RecommendedTBBVersion format change`
			`* More verbose UI when updating`
			`* No longer detaches start-tor-browser as separate process`
			`* Temporarily disable AppArmor profiles in Ubuntu`

version bump to 0.1.4 and updated changelog 2014-09-02 06:04:55 +00:00			`## 0.1.4`

			`* RecommendedTBBVersion URL change`
			`* Many AppArmor improvements`
			`* Allow installation into a virtualenv`

updated changelog and version bump to 0.1.3 2014-08-10 22:58:06 +00:00			`## 0.1.3`

			`* Force installing stable release if available in RecommendedTBBVersions`
			`* Removed Mike Perry's signing key and added Erinn Clark's signing key`
			`* Fixed AppArmor profiles (thanks to troubadoour)`

updated changelog and version bump to 0.1.2 2014-08-01 21:17:49 +00:00			`## 0.1.2`

			`* Updated Dutch translation`
			`* Fixed bug with loading mirrors list`
			`* Huge refactor of AppArmor profiles`
			`* Added OnionShare support to AppArmor profiles`
			`* Suppresses output from detached TBB process`
			`* Uses freedesktop xdg-user-dirs instead of ~/.torbrowser`
			`* Removed all signing keys except Mike Perry's`
			`* Made tor and python-txsocksx dependencies to update over Tor by default`

version bump to 0.1.1 and updated changelog 2014-07-10 23:26:22 +00:00			`## 0.1.1`

			`* Added TBL_SHARE support, to more easily develop without installing systemwide`
			`* Modem sound and python-pygame dependency is now optional`
			`* Support for updating TBB over Tor using a system Tor`
			`* Removed support for stable/alpha preference, forces stable now`
			`* Added French translations`

version bump to 0.1.0, updated changelog 2014-06-11 23:39:18 +00:00			`## 0.1.0`

			`* Added Polish translations`
			`* Version 0.1.0 marks first version in Debian!`
			`* Changed GPG release signing key`
			`from 5C17616361BD9F92422AC08BB4D25A1E99999697`
			`to 0B1491929806596254700155FD720AD9EBA34B1C`

version bump to 0.0.9, updated changelog 2014-05-07 20:41:51 +00:00			`## 0.0.9`

			`* Fixed AppArmor rules that were broken in Ubuntu`
			`* Added support for basic RPM packaging`
			`* Removed un-used dependencies`
			`* Fixed URLs to deal with TBB release filename changes`

version bump to 0.0.8 2014-05-01 22:34:22 +00:00			`## 0.0.8`

			`* Removed older code that's no longer used`
			`* Updated list of Tor mirrors`
			`* Replaced certificate for www.torproject.org post-heartbleed`
			`* Fixed URLs to deal with TBB release filename changes`

added a changelog and version bump to 0.0.7 2014-01-03 00:08:47 +00:00			`## 0.0.7`

			`* Added AppArmor profiles for torbrowser-launcher and TBB`
Removed included libs in favor of adding new Debian package dependencies 2014-03-06 19:24:53 +00:00			`* Removed included libs in favor of adding new Debian package dependencies`
added a changelog and version bump to 0.0.7 2014-01-03 00:08:47 +00:00
			`## 0.0.6`

			`* Fixed URLs to deal with changes in TBB releases for 3.x`

			`## 0.0.5`

			`* Updated paths because TBB 3.x changed directory structure`
			`* mirrors.txt now has local version in /usr/local`
			`* Updated TBB signature URL`
			`* Made optional modem sound when launching Tor, because it's sooo slow :)`
			`* Extra check to make sure the latest version is installed`