[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.

Subject: [tor-commits] [Git][tpo/applications/tor-browser][tor-browser-128.3.0esr-14.0-1] fixup! Firefox preference overrides.

From: "ma1 \(@ma1\) via tor-commits" <tor-commits@xxxxxxxxxxxxxxxxxxxx>

Date: Mon, 07 Oct 2024 11:16:27 +0000

Auto-submitted: auto-generated

Cc: "ma1 \(@ma1\)" <git@xxxxxxxxxxxxxxxxxxxxx>

Delivered-to: archiver@xxxxxxxx

Delivery-date: Mon, 07 Oct 2024 07:16:45 -0400

Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1728299800; bh=ccGFQ4c8KTpJBjx0+bY6AdY60urHVTJII1XTjq8QYtU=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=TFZWgIc6xdWj4b4t4j+T4/9S9MCqandkgbdOSzWojZqRG1orUV6H9eWr3k626Raep LkUyuMgaip5c5guHJd6gxH74Qw0PCI/hxhAIawHZCvohBrI4pVR5uhUk+6Nyvf/fGT kjZcd/7G37ZFuvzyj096qNhZJprS0HGUEquvgEgkHxIeOiOysw84ySqJwDZpx87MbN 9LaoKLb6VKcoQHuyQwj/Dh8dClmsprXEvDbfoYg7d0BZLg4N8/uj/XJB/6dB1uFC+7 TwKKPokfZZbJdT7i+i45j8LrvY2VFoTeMxJlmkpvtOoIJJvDq84hcDaX+YLgsIJZM2 ARZIT89cJG1Ow==

List-archive: <http://lists.torproject.org/pipermail/tor-commits/>

List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>

List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>

List-post: <mailto:tor-commits@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>

Reply-to: noreply@xxxxxxxxxxxxxx

Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

Title: GitLab

ma1 pushed to branch tor-browser-128.3.0esr-14.0-1 at The Tor Project / Applications / Tor Browser

Commits:

bbf13ec2

by hackademix at 2024-10-07T12:54:36+02:00

fixup! Firefox preference overrides.

MB361: Disable only cyphersuites using SH1 for signing (ECDSA).

1 changed file:

browser/app/profile/001-base-profile.js

Changes:

browser/app/profile/001-base-profile.js

@@ -139,16 +139,13 @@ pref("network.http.referer.hideOnionSource", true);
  // [4] https://www.ssllabs.com/ssl-pulse/
  pref("security.ssl.require_safe_negotiation", true);
 -// Bug 40183: Disable TLS ciphersuites using SHA-1
 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183
 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA)
 +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437
 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
 +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
 +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765
  pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked);
  pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked);
 -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked);
 -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked);
 -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked);
 -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked);
 -pref("security.ssl3.rsa_aes_128_sha", false, locked);
 -pref("security.ssl3.rsa_aes_256_sha", false, locked);
  // Wrapping a static pref to lock it and prevent changing.
  // See tor-browser#40565.

_______________________________________________ tor-commits mailing list tor-commits@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits