qutebrowser v0.1.4 released!

Florian Bruhin me at the-compiler.org
Thu Mar 19 07:52:47 CET 2015


Hi,

I just released v0.1.4 which adds workarounds for two
security/privacy-related Qt issues and backports some other bugs.

Windows builds will be delayed a bit (aka. my Windows VM wants to
install updates), but everything else is uploaded.

Privacy-related Qt bug
----------------------

!! TL;DR: Please update and delete your
!! ~/.cache/qutebrowser/WebpageIcons.db if you used private browsing
!! mode for stuff you don't want on your hard disk.

Back in January, a pull request was opened[1], which apparently fixed
an issue with URLs getting written to the favicon in private browsing
mode for the reporter.

I was unable to reproduce the exact behaviour the reporter was seeing
and the proposed fix was incomplete, which is why I decided to look at
it again later.

I was reminded of that bug when it got big in the media[2] the exact
same bug is present in Safari. As this sounded awfully similiar, I
decided to investigate. I'm deeply sorry for not taking action earlier
and dismissing this too fast - I misjudged the scope of this issue,
and this definitely isn't how I want to handle privacy-relevant bugs.

After coordinating with Qt's security contact I ported the upstream
fix[3] to QtWebKit[4] where it's currently integrating in their CI.

I also opened a bug[5] Debian BTS so this hopefully gets backported to
older releases in Debian as well. I extended and applied the
workaround[6] from the pull request (thanks to sbinix!), and decided
to release v0.1.4 because of this.

If you're using the git version, please update to the latest master
where the workaround is applied as well.

If you visited pages in private browsing mode which you'd rather not
see recorded on your disk, I recommend deleting
~/.cache/qutebrowser/WebpageIcons.db (e.g. using shred[7]) so you can
be sure there are no traces left behind.

The second noteworthy fix is disabling of SSL ciphers commonly
regarded as insecure (< 128bit). This change was made upstream with
Qt 5.3, so this workaround only affets people using Qt 5.2, e.g. on
Ubuntu Trusty.

Let me reiterate over this: Those issues weren't my fault - but that
doesn't mean they're not my department (tm).

As always, for any questions you can reach me at me at the-compiler.org,
GPG ID 916E B0C8 FD55 A072 (a link to the key is also in the
signature).

[1] https://github.com/The-Compiler/qutebrowser/pull/461
[2] http://appleinsider.com/articles/15/03/13/years-old-safari-private-browsing-bug-saves-url-of-every-page-visited-remains-unfixed
[3] http://trac.webkit.org/changeset/181565
[4] https://codereview.qt-project.org/#/c/108936/
[5] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780748
[6] https://github.com/The-Compiler/qutebrowser/commit/330e03d382a57660eb8c49ef2c318c07f08a6392
[7] http://linux.die.net/man/1/shred

v0.1.4 and v0.2
---------------

v0.1.4 is a bugfix-only release, with the bugfixes since v0.1.3
cherry-picked so they get out faster to people using non-git packages.

If you want the latest features, stay on git. There are still some
rough edges I want to look at before releasing v0.2:

https://github.com/The-Compiler/qutebrowser/issues?q=is%3Aopen+is%3Aissue+milestone%3Av0.2

But still, I hope to release v0.2 in the next few days to weeks.

Changes since v0.1.3
--------------------

* Stop the icon database from being created when private-browsing is set to true (d9f3566, 891bb86)
* Disable insecure SSL ciphers (< 128bit) for Qt 5.2. (6fe8160)
* Improvements to CPU usage when idle. (a4a6099, 44dd4da)
* Ensure there's no size for font-family settings. (f69470d)
* Refactor websettings and save/restore defaults. (71dbdb3)
* Remove default search engines. (6c0e470)
* Handle URLs with double-colon at the beginning as search strings (669760e, 2322ee4)
* Adjust prompt size hint based on content. (e8b689a)
* Ignore RuntimeError in mouserelease_insertmode. (20c3e8d)
* Hide Qt warning when aborting download reply. (05f5083, 4ec6183)
* Hide "Error while shutting down tabs" message. (baa3dfd, 1251c28)
* Clear open target in acceptNavigationRequest. (8f10a97)
* Fix handling of signals with deleted tabs. (202b267, 2b34fbc)
* Various small improvements to logging. (d0a0e39, bfcce19, d24360d)
* Various improvements for hinting. (415c291, d929590, efb0828, 471e62f, f3b55d6)
* Remove debug console completing completely. (8291090)
* Restore sys.std* in utils.fake_io on exceptions. (a6f77d5)
* Allow font names with integers in them. (4bad99e)
* Fix QIODevice warnings when closing tabs. (0d1f4c0)
* Improve parsing of faulthandler logs. (51276c6, 7dbdc1b)
* Set the QSettings path to a config-subdirectory. (e02897e)
* Add workaround for adblock-message without window. (ab011cd)
* Fix searching for terms starting with a slash. (a8371d3)
* Ignore tab key presses if they'd switch focus. (d618892)

The Windows builds also will come with Qt 5.4.1 instead of Qt 5.4.0,
see my previous mail[8] for the relevant fixes contained there.

[8] https://lists.schokokeks.org/pipermail/qutebrowser/2015-March/000054.html

Florian

-- 
http://www.the-compiler.org | me at the-compiler.org (Mail/XMPP)
   GPG: 916E B0C8 FD55 A072 | http://the-compiler.org/pubkey.asc
         I love long mails! | http://email.is-not-s.ms/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.schokokeks.org/pipermail/qutebrowser/attachments/20150319/b1933de3/attachment-0001.asc>


More information about the qutebrowser mailing list