Hi, I just released v0.1.4 which adds workarounds for two security/privacy-related Qt issues and backports some other bugs.
Windows builds will be delayed a bit (aka. my Windows VM wants to install updates), but everything else is uploaded. Privacy-related Qt bug ---------------------- !! TL;DR: Please update and delete your !! ~/.cache/qutebrowser/WebpageIcons.db if you used private browsing !! mode for stuff you don't want on your hard disk. Back in January, a pull request was opened[1], which apparently fixed an issue with URLs getting written to the favicon in private browsing mode for the reporter. I was unable to reproduce the exact behaviour the reporter was seeing and the proposed fix was incomplete, which is why I decided to look at it again later. I was reminded of that bug when it got big in the media[2] the exact same bug is present in Safari. As this sounded awfully similiar, I decided to investigate. I'm deeply sorry for not taking action earlier and dismissing this too fast - I misjudged the scope of this issue, and this definitely isn't how I want to handle privacy-relevant bugs. After coordinating with Qt's security contact I ported the upstream fix[3] to QtWebKit[4] where it's currently integrating in their CI. I also opened a bug[5] Debian BTS so this hopefully gets backported to older releases in Debian as well. I extended and applied the workaround[6] from the pull request (thanks to sbinix!), and decided to release v0.1.4 because of this. If you're using the git version, please update to the latest master where the workaround is applied as well. If you visited pages in private browsing mode which you'd rather not see recorded on your disk, I recommend deleting ~/.cache/qutebrowser/WebpageIcons.db (e.g. using shred[7]) so you can be sure there are no traces left behind. The second noteworthy fix is disabling of SSL ciphers commonly regarded as insecure (< 128bit). This change was made upstream with Qt 5.3, so this workaround only affets people using Qt 5.2, e.g. on Ubuntu Trusty. Let me reiterate over this: Those issues weren't my fault - but that doesn't mean they're not my department (tm). As always, for any questions you can reach me at m...@the-compiler.org, GPG ID 916E B0C8 FD55 A072 (a link to the key is also in the signature). [1] https://github.com/The-Compiler/qutebrowser/pull/461 [2] http://appleinsider.com/articles/15/03/13/years-old-safari-private-browsing-bug-saves-url-of-every-page-visited-remains-unfixed [3] http://trac.webkit.org/changeset/181565 [4] https://codereview.qt-project.org/#/c/108936/ [5] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780748 [6] https://github.com/The-Compiler/qutebrowser/commit/330e03d382a57660eb8c49ef2c318c07f08a6392 [7] http://linux.die.net/man/1/shred v0.1.4 and v0.2 --------------- v0.1.4 is a bugfix-only release, with the bugfixes since v0.1.3 cherry-picked so they get out faster to people using non-git packages. If you want the latest features, stay on git. There are still some rough edges I want to look at before releasing v0.2: https://github.com/The-Compiler/qutebrowser/issues?q=is%3Aopen+is%3Aissue+milestone%3Av0.2 But still, I hope to release v0.2 in the next few days to weeks. Changes since v0.1.3 -------------------- * Stop the icon database from being created when private-browsing is set to true (d9f3566, 891bb86) * Disable insecure SSL ciphers (< 128bit) for Qt 5.2. (6fe8160) * Improvements to CPU usage when idle. (a4a6099, 44dd4da) * Ensure there's no size for font-family settings. (f69470d) * Refactor websettings and save/restore defaults. (71dbdb3) * Remove default search engines. (6c0e470) * Handle URLs with double-colon at the beginning as search strings (669760e, 2322ee4) * Adjust prompt size hint based on content. (e8b689a) * Ignore RuntimeError in mouserelease_insertmode. (20c3e8d) * Hide Qt warning when aborting download reply. (05f5083, 4ec6183) * Hide "Error while shutting down tabs" message. (baa3dfd, 1251c28) * Clear open target in acceptNavigationRequest. (8f10a97) * Fix handling of signals with deleted tabs. (202b267, 2b34fbc) * Various small improvements to logging. (d0a0e39, bfcce19, d24360d) * Various improvements for hinting. (415c291, d929590, efb0828, 471e62f, f3b55d6) * Remove debug console completing completely. (8291090) * Restore sys.std* in utils.fake_io on exceptions. (a6f77d5) * Allow font names with integers in them. (4bad99e) * Fix QIODevice warnings when closing tabs. (0d1f4c0) * Improve parsing of faulthandler logs. (51276c6, 7dbdc1b) * Set the QSettings path to a config-subdirectory. (e02897e) * Add workaround for adblock-message without window. (ab011cd) * Fix searching for terms starting with a slash. (a8371d3) * Ignore tab key presses if they'd switch focus. (d618892) The Windows builds also will come with Qt 5.4.1 instead of Qt 5.4.0, see my previous mail[8] for the relevant fixes contained there. [8] https://lists.schokokeks.org/pipermail/qutebrowser/2015-March/000054.html Florian -- http://www.the-compiler.org | m...@the-compiler.org (Mail/XMPP) GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc I love long mails! | http://email.is-not-s.ms/
pgp_XlYh2iLuD.pgp
Description: PGP signature