[tor-commits] [Git][tpo/applications/tor-browser][base-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.

Subject: [tor-commits] [Git][tpo/applications/tor-browser][base-browser-115.16.0esr-13.5-1] fixup! Firefox preference overrides.

From: "ma1 \(@ma1\) via tor-commits" <tor-commits@xxxxxxxxxxxxxxxxxxxx>

Date: Mon, 07 Oct 2024 11:20:56 +0000

Auto-submitted: auto-generated

Cc: "ma1 \(@ma1\)" <git@xxxxxxxxxxxxxxxxxxxxx>

Delivered-to: archiver@xxxxxxxx

Delivery-date: Mon, 07 Oct 2024 07:21:13 -0400

Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1728300070; bh=bm+QRmWMgiKN4QlV1e5gArBrBcDpn1B3EU4Q1vs9ScM=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=o+NnQkxg+5/utCPiRaYbTUN9vKZ94FAIYxT7ppO6nzhoObXVkKhNo0KveyIDPawzL Cfo7vav90t0DW+t2pEcYoNAFuoZmG2LbjIK+HH3R2sqmKNzE6hF3vH9bcakA/P8l0i vfqx5y5WzplyK+2xxiuB017vE4A6sNu8fhYFHB3reticXM1tu95Cs74X28vJfD6VgK sRinM54dYpriNiDVTQrePjIjqYVmew2G8491TSxOr1NC0m382jPoGZLlQ9EFzeKRqK IiqkpWWhaw+b63MQR37kJzy2EWE/+9eKvxIwStPnOwamUWTCcahbjOjSVUTI35ss6W JcJ6ytKDvQwDQ==

List-archive: <http://lists.torproject.org/pipermail/tor-commits/>

List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>

List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>

List-post: <mailto:tor-commits@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>

Reply-to: noreply@xxxxxxxxxxxxxx

Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

Title: GitLab

ma1 pushed to branch base-browser-115.16.0esr-13.5-1 at The Tor Project / Applications / Tor Browser

Commits:

0bff17d4

by hackademix at 2024-10-07T13:20:50+02:00

fixup! Firefox preference overrides.

MB361: Disable only cyphersuites using SH1 for signing (ECDSA).

1 changed file:

browser/app/profile/001-base-profile.js

Changes:

browser/app/profile/001-base-profile.js

@@ -121,16 +121,13 @@ pref("network.http.referer.hideOnionSource", true);
  // [4] https://www.ssllabs.com/ssl-pulse/
  pref("security.ssl.require_safe_negotiation", true);
 -// Bug 40183: Disable TLS ciphersuites using SHA-1
 -// https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/40183
 +// mullvad-browser#361: Disable TLS cyphersuites using SHA1 for signing (ECDSA)
 +// see https://bugzilla.mozilla.org/show_bug.cgi?id=1600437
 +pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false);
 +pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false);
 +// lock those disabled by https://bugzilla.mozilla.org/show_bug.cgi?id=1036765
  pref("security.ssl3.dhe_rsa_aes_128_sha", false, locked);
  pref("security.ssl3.dhe_rsa_aes_256_sha", false, locked);
 -pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked);
 -pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked);
 -pref("security.ssl3.ecdhe_rsa_aes_128_sha", false, locked);
 -pref("security.ssl3.ecdhe_rsa_aes_256_sha", false, locked);
 -pref("security.ssl3.rsa_aes_128_sha", false, locked);
 -pref("security.ssl3.rsa_aes_256_sha", false, locked);
  // Wrapping a static pref to lock it and prevent changing.
  // See tor-browser#40565.

_______________________________________________ tor-commits mailing list tor-commits@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits