Stable Release

From Whonix
(Redirected from Whonix Stable Release)
Jump to navigation Jump to search

About this Stable Release Page
Support Status stable
Difficulty easy
Contributor torjunkie
Support Support
Releasenots.png

Whonix ™ 16 Changelog[edit]

Whonix ™ 16 was released on September 11 and 12, 2021 for KVM and VirtualBox. [1] [2] Qubes-Whonix ™ 16 was released on 28 September, 2021. [3] As per the Support Schedule, Whonix ™ 15 was deprecated on 14 November, 2021 -- all users should upgrade as soon as possible. [4]

Significantly, Whonix ™ 16 is based on the Debian bullseye (Debian 11) distribution which was officially released on August 14, 2021 instead of Debian buster (Debian 10). The bullseye release has nearly 60,000 packages and around 72 per cent of them were updated. [5]

This means users have access to many new software packages in concert with existing packages. In addition, this release will serve as a development foundation for many exciting upcoming security enhancements such as Hardened Malloc Kicksecure ™ (HMK), Linux Kernel Runtime Guard (LKRG) and other items on the Whonix ™ Security Roadmap.

Major Changes[edit]

  • Ported the Debian base from Debian 10 buster to Debian 11 bullseye. [6]
  • Updated Monero GUI wallet (XMR) to version 0.17.2.3.
  • Updated Electrum Bitcoin (BTC) wallet to version 4.0.9 (Debian stable version).
  • Deprecated the binaries-freedom package; Electrum is now installed from packages.debian.org stable repository. [7]
  • Switched the tor package back from deb.torproject.org to packages.debian.org stable version. [8]
  • Enabled Debian Fast Track repository by default. [9]
  • Updated paths from /usr/lib to /usr/libexec where appropriate as per lintian Debian File System Hierarchy Standard (FHS).
  • VirtualBox version: this release utilizes VirtualBox guest additions version 6.1.26-dfsg-3 from fasttrack.debian.net. [10]

Known Issues[edit]

  • The desktop background image is currently the same for both Whonix-Gateway ™ and Whonix-Workstation ™. This will be corrected in a future release.

Notable Changes[edit]

anon-apt-sources-list:

  • Added and enabled fasttrack.debian.net by default. [11] [12]
  • Enabled backports repository by default. [13]

anon-gw-anonymizer-config:

  • Corrected the setting to ControlPort 9052. [14]
  • ControlPort 9052 is required for onion-grater updates. [15] [16]

anon-meta-packages:

  • Changed the binaries-freedom dummy dependency to electrum. [17]
  • whonix-shared-packages-recommended-cli: added kicksecure-recommended-cli. [18]
  • Removed flashproxy-client and fteproxy from Whonix-Gateway ™ because it is deprecated in Debian bullseye. [19]
  • Removed obfsproxy (deprecated obfsproxy version 3) but kept obfs4proxy. [20]

anon-ws-disable-stacked-tor:

  • Provides: obfsproxy, obfs4proxy. [21]

apparmor-profile-dist changed settings:

  • security-misc /run/faillock/** rwc, [22]
  • pam security-misc bullseye [23]
  • /etc/security/ r, [24]
  • /etc/security/faillock.conf r, [25]

apparmor-profile-everything:

  • Removed the following file because it was renamed due to usrmerge: rm_conffile /etc/apparmor.d/sbin.networking-aae. [26]
  • usrmerge - renamed etc/apparmor.d/sbin.networking-aae to etc/apparmor.d/usr.sbin.networking-aae. [27]
  • usrmerge - renamed sbin/networking-aae to usr/sbin/networking-aae. [28]

genmkfile:

  • genmkfile deb-install: now install using apt install instead of dpkg -i for dependency resolution (sdwdate vs time-deamon). [29]
  • Updated make_dependencies_filter_helper. [30]
  • Excluded the /debian folder from upstream tarball to avoid lintian warning no-debian-changes. [31]
  • Now force the inclusion of the original source if the Debian package revision number is higher than 1. Also implemented a LKRG package compatibility fix. [32]
  • Added and improved support for debian/changelog file without epoch. [33] [34]
  • Ensured LKRG v0.9.1 compatibility. [35]
  • Cleaned up the temporary file debian/$package.dkms.debhelper. [36]

helper-scripts:

  • etc/apparmor.d/abstractions/tor-circuit-established-check: deny /etc/ssl/openssl.cnf r, is not needed. [37] [38]
  • Implemented /usr/libexec/helper-scripts/first-boot-skel force to ease Default Home Folder Configuration Files Reset. [39]
  • Moved usr/lib/helper-scripts/ to usr/libexec/helper-scripts and moved usr/lib/curl-scripts to usr/libexec/helper-scripts as per lintian FHS. [40]

kicksecure-base-files:

  • Set /etc/kicksecure_version to 16. [41]

kicksecure-meta-packages:

  • Added Chromium to dummy-dependency so it can be removed. [42]
  • binaries-freedom was replaced with electrum. [43]
  • Moved obfs4proxy from kicksecure-dependencies-cli to kicksecure-recommended-cli. [44] [45]
  • kicksecure-cli Depends: kicksecure-recommended-cli. [46]
  • Introduce kicksecure-recommended-cli and install fasttrack-archive-keyring by default. [47] [48]
  • bullseye: ugprade libexo-1-0 to libexo-2-0. [49]
  • Merged branch "HulaHoop0-master-patch-35409" into "master" and added obfs4proxy and firefox-esr. [50] [51]
  • Added obfs4proxy and firefox-esr. [52]

onion-grater:

  • Upgraded to a newer onion-grater version by Tails. [53]

open-link-confirmation:

  • Upgraded to a new upstream version. [54]

qubes-whonix:

  • Migrated from yum to dnf. [55]
  • Honor skip-torified-updates-proxy-check qvm-service and reintroduced the ability (from Qubes-Whonix ™ < v15.4) to skip the torified-updates-proxy-check script by enabling a qvm-service. [56] [57]

rads:

  • Ensure a display manager is not started if it was disabled (for example using sudo systemctl disable lightdm). [58]

repository-dist:

  • Added further legacy tests. [59]
  • Required change: /etc/apt/trusted.gpg.d/derivative.gpg to /etc/apt/trusted.gpg.d/derivative.asc. [60]
  • Now use an ASCII armored gpg key; this simplifies code since APT folder /etc/apt/trusted.gpg.d supports ASCII armored gpg keys from Debian bullseye. [61]
  • Migrated from gnupg2 (dummy transitional package) to gnupg. [62]

sdwdate setting changes:

  • deny /usr/sbin/ldconfig rix, [63]
  • Conflicts: time-daemon [64]
  • Replaces: time-daemon [65]
  • Reverted “bullseye”: this reverts commit 67222afa9b01c8bba1f814d5c57b1c7632355d6d. [66]
  • Provides: time-daemon to avoid systemd pulling Depends: systemd-timesyncd. [67]
  • config-test [68]

security-misc:

  • Added hardened malloc compatibility for haveged workaround /lib/systemd/system/haveged.service.d/30_security-misc.conf SystemCallFilter=getrandom. [69] [70]
  • Ported from pam_tally2 to pam_faillock since pam_tally2 was deprecated upstream. [71] [72]
  • Enabled apt --error-on=any by default. This makes apt exit non-zero for transient failures, see: /etc/apt/apt.conf.d/40error-on-any. [73] [74]
  • Replaced the no longer required /usr/lib/security-misc/apt-get-wrapper with apt --error-on=any. [75]
  • Ported LKRG compatibility settings automation for VirtualBox hosts from systemd to dpkg trigger. [76]
  • Improved the LKRG VirtualBox host configuration, see: VirtualBox host software compatibility. [77]
  • Added LKRG compatibility settings automation for VirtualBox hosts, see: VirtualBox host software compatibility. [78]

systemcheck improved settings:

  • Implemented necessary AppArmor changes for bullseye. [79]
  • Added @{PROC}/sys/kernel/osrelease r, for the systemcheck canary. [80]
  • Replaced the no longer required /usr/lib/security-misc/apt-get-wrapper with apt --error-on=any. [81]

tb-starter:

  • Improved the function of tb_prefs_js_file_patches. [82]
  • Updated the path to the local browser homepage. [83] [84]
  • Deleted /usr/share/tb-profile-i2p/profile.i2p/bookmarks.html because it is unused. [85]
  • Migrated usr/share/homepage to usr/share/doc/homepage. [86]

tb-updater updated versions:

  • alpha tbb_hardcoded_version=“11.0a4” [87]
  • tbb_hardcoded_version=“10.5.5” [88]

usability-misc:

  • Replaced the no longer required /usr/lib/security-misc/apt-get-wrapper with apt --error-on=any. [89]

uwt:

  • Migrated usr/lib/uwt_settings_show to usr/bin/uwt_settings_show. [90]

vm-config-dist:

  • VirtualBox guest additions installer: switched to interest-await trigger. [91] [92]
  • Removed a folder existence conditional to prevent a catch-22 situation. [93]

whonix-base-files:

  • Updated /etc/whonix_version to 16. [94]
  • Renamed usr/lib/whonix/whonix.sh to usr/libexec/whonix-base-files/whonix.sh. [95]

whonix-developer-meta-files:

  • Renamed migrate_to_buster_proposed_updates_repository to migrate_to_proposed_updates_repository.
  • Renamed migrate_to_buster_repository to migrate_to_stable_repository.
  • Renamed migrate_to_buster_testers_repository to migrate_to_testers_repository. [96]
  • Modified the warrant canary text as per this change. [97] [98]

whonix-firewall setting changes:

  • TODO: /{,usr/}bin/qubesdb-cmd rUx, [99]
  • owner /run/updatesproxycheck/** rw, [100]
  • TODO: /{,usr/}bin/qubesdb-read rUx [101]
  • After=systemd-modules-load.service is required for LKRG, otherwise iptables modules cannot be auto loaded. [102]
  • /var/log/journal/{,**} r, [103]

whonix-initializer:

whonix-legacy:

  • Updated the version. [105] [106] [107]
  • Multiple improvements to release-upgrade. [108] [109] [110] [111] [112] [113] [114] [115] [116]
  • release-upgrade: fixed and ensure onion sources are respected. [117]
  • Added a workaround for Qubes-specific perl: warning: Setting locale failed issue. [118] [119]
  • Legacy fixes. [120] [121]
  • Implemented forward port release-upgrade improvements. [122]
  • Renamed usr/libexec/release-upgrade to usr/sbin/release-upgrade. [123]
  • release-upgrade script: replaced the apt functionality test package python-qt4 with nano since the former installs too many packages (dependencies) and the latter is installed by default. [124] [125]
  • Ported the release upgrade script to bullseye. [126]

whonix-welcome-page:

  • Migrated usr/share/homepage to usr/share/doc/homepage. [127]

Whonix build script:

  • Removed virtualbox-guest-dkms; it is deprecated in Debian (integrated into the kernel). [128]
  • Implemented fasttrack changes. [129] [130] [131]
  • Migrated .gpg to .asc. [132]
  • Reverted “build sources, Debian fasttrack: disable temporarily”; this reverts commit 288323a86e2dc037b03e004c62ab3f8ce2b1f616. [133]
  • Avoided a build dependency on ftpsync (for rsync test script). [134]
  • VirtualBox builds: switched back to guest additions packages - virtualbox-guest-utils, virtualbox-guest-dkms and virtualbox-guest-x11. (Previously virtualbox-guest-additions-iso.) [135]
  • VirtualBox builds: temporarily download the virtualbox package from Debian sid until it becomes available from either Debian fasttrack or virtualbox.org. [136] [137]
  • VirtualBox builds: accept both sources of VirtualBox packages - either package virtualbox (by Debian), or package virtualbox-6.1 (by virtualbox.org). [138]
  • Build sources, Debian fasttrack: disabled temporarily until https://salsa.debian.org/fasttrack-team/support/-/issues/24 is fixed. [139] [140]
  • help-steps/repo_download_chroot_script: fixed for Debian bullseye - updated the order of parameters passed to APT. [141]
  • Disabled download_virtualbox_packages_virtualbox_guest_additions_iso_from_debian_sid moving to Debian fasttrack version. [142]
  • Disabled download_virtualbox_packages_virtualbox_org moving to Debian fasttrack version. [143]
  • Default whonix_build_auto_retry=“0” auto retry function error handler trap lacks variables such as variable APTGETOPT. [144] [145]
  • Added backports and fasttrack to build sources by default to support downloading VirtualBox from Debian fasttrack. [146]
  • Added build dependencies for maintainers. [147]
  • Removed python from cowbuilder image. It is no longer necessary because the apt-get-update wrapper is no longer required. [148] [149]
  • Reverted to the Tor version from packages.debian.org (instead of the earlier deb.torproject.org), see: Tor integration in Whonix ™ Development Notes. [150] [151]
  • Removed mmdebstrap copy from the source code; it is no longer required as the Debian bullseye package is sufficient. [152]
  • python3.9 is no longer required in grml_packages because apt --error-on=any obsoleted any need for a python-based apt wrapper. [153]
  • Replaced the unnecessary /usr/lib/security-misc/apt-get-wrapper with apt --error-on=any. [154] [155]

Whonix ™ 16 Updates[edit]

As Whonix ™ is a rolling distribution, users will benefit from regular small security and usability improvements, features and bug fixes as they enter the Whonix ™ stable repository. Those will be announced here.

Info The majority of the enhancements below also also apply to Qubes-Whonix ™. Exceptions include:

Many of these will be possible once the use of in-VM kernels is simplified and promoted in Qubes OS. [157] [158]

Whonix ™ 16.0.2.7[edit]

Notable Changes[edit]

anon-gw-base-files:

anon-meta-packages:

  • Integrated kicksecure-dependencies-system. [161] [162]

anon-ws-base-files:

binaries-freedom:

  • Added the Debian install file (generated using genmkfile debinstfile). [165]
  • binaries-freedom is an empty package at present. [166] [167]

debug-misc:

  • dracut. [168]
  • Removed ‘rhgb’ from GRUB_CMDLINE_LINUX_DEFAULT. [169]
  • add_dracutmodules+=" debug " [170]

grub-live:

  • dracut. [171] [172]
  • Fixed and removed dracut kernel_cmdline="rootovl" since that is already conditionally set in the grub boot menu (otherwise the system will always boot into live mode). [173]
  • Removed dracut hostonly="yes" since that is already the Debian default. [174]
  • Added dracut support based on friedrich12 / dracut-grub-live. [175] [176]

helper-scripts:

  • Improved diagnostic messages. [177]

kicksecure-meta-packages:

  • Installed flatpak by default and added it to kicksecure-recommended-cli. [178] [179] [180]
  • Installed extrepo by default and added it to kicksecure-recommended-cli. [181] [182]
  • Switched from lightdm to gdm3 because lightdm autologin is non-functional. [183]
  • kicksecure-dependencies-system Depends: linux-initramfs-tool, dracut and initramfs-tools. [184] [185]
  • Introduced and integrated kicksecure-dependencies-system. [186] [187] [188]
  • Removed initramfs-tools from non-qubes-vm-enhancements-cli for dracut support. [189]
  • Introduced kicksecure-qubes-cli and kicksecure-qubes-gui. [190]

monero-gui:

qubes-whonix:

  • Dropped initramfs-tools from qubes-whonix-shared-packages-recommended; this is left to Qubes for dracut support. [195] [196]

sdwdate:

  • Fixed a dependency issue. [197]

security-misc improvements:

  • Do not set kernel parameter quiet loglevel=0 for recovery boot option for easier debugging. [198]
  • Moved grub quiet to a separate configuration file /etc/default/grub.d/41_quiet.cfg. [199]
  • dracut reproducible=yes. [200]
  • Depends: libpam-modules-bin. [201]
  • Fixed faillock implementation - dovecot / ssh are exempted. [202]
  • Fixed and added sshd to pam_service_exclusion_list to avoid faillock. [203]

systemcheck:

  • Now run check_sudo earlier. [204]

usability-misc:

  • Removed /etc/lightdm/lightdm.conf.d/autologin.conf (comments only) since it might interfere with autologin. [205]

vm-config-dist:

  • config-package-dev displaces /etc/gdm3/daemon.conf. [206]
  • Added and enabled gdm autologin. [207] [208] [209]
  • Added the original /etc/gdm3/daemon.conf. [210]
  • Fixed autologin. [211] [212]
  • Disabled dracut module resume in VMs since it might break the boot process if built inside chroot. [213]
  • vbox-guest-installer: recommend, migrate from VirtualBox guest addition ISO to VirtualBox guest addition packages. [214] [215]

whonix-legacy:

whonix-xfce-desktop-config:

  • Fixed the bullseye background image (actually still broken). [219] [220]

Whonix ™ 16.0.3.1[edit]

Notable Changes[edit]

anon-gw-base-files:

  • Fixed the background image. [221]

anon-ws-base-files:

corridor:

grub-live:

hardened-kernel:

  • Added --remote-name. [228]

helper-scripts:

  • Added `/usr/libexec/helper-scripts/desktop-background-skel-test`. [229]
  • terminal-wrapper: xfce4-terminal --hold supported since Debian bullseye. [230]

kicksecure-meta-packages:

  • Fixed and installed policykit-1-gnome by default. [231] [232]

repository-dist:

  • Legacy. [233]
  • Legacy: upgraded existing `/etc/apt/sources.list.d/derivative.list` to use `[signed-by=/usr/share/keyrings/derivative.asc]`. [234]
  • Changed `Depends: python3` to `Depends: python3:any` [235]
  • Removed the no loner required `Depends: gnupg`. [236]
  • Implemented `Depends: helper-scripts`. [237]
  • Cleanup and removed legacy transitional package whonix-repository. [238]
  • Renamed: `usr/share/keyrings/derivative-distribution-signing-key.asc` to `usr/share/keyrings/derivative.asc` and renamed `usr/share/keyrings/derivative-distribution-signify-key.pub` to `usr/share/keyrings/derivative.pub`. [239]
  • Deleted legacy `/etc/apt/trusted.gpg.d/derivative.asc` because now using `signed-by` and `/usr/share/keyrings/derivative.asc` [240]
  • Ported to APT sources.list `signed-by`. [241]
  • Renamed:
    • `usr/share/repository-dist/derivative-distribution-signing-key.asc` to `usr/share/keyrings/derivative-distribution-signing-key.asc` (gpg)
    • `usr/share/repository-dist/derivative-distribution-signify-key.pub` to `usr/share/keyrings/derivative-distribution-signify-key.pub (signify) [242]
  • Use APT sources.list `signed-by`. [243] [244]

sdwdate:

security-misc:

  • Fixed: unduplicate kernel command line. [246]
  • Removed Debian buster support in `/etc/default/grub.d`. [247]

systemcheck:

tb-updater:

  • alpha tbb_hardcoded_version="11.0a6". [250]
  • tbb_hardcoded_version="10.5.6" [251]

usability-misc:

whonix-xfce-desktop-config:

Whonix ™ 16.0.3.7[edit]

Notable Changes[edit]

anon-apt-sources-list:

  • Depends: fasttrack-archive-keyring. [257]

anon-gw-anonymizer-config:

  • Moved anon-consensus-delete to helper-scripts (as anon-consensus-del). [258]

anon-gw-base-files:

  • KVM desktop background. [259]

anon-meta-packages:

  • Moved kicksecure-recommended-cli from whonix-shared-packages-recommended-cli to kicksecure-recommended-cli. [260]
  • Removed packages pwgen, codecrypt, gpg, gpg-agent, dirmngr, magic-wormhole, diceware, and makepasswd from whonix-workstation-packages-recommended-cli since these will be moved to kicksecure-meta-packages. [261]
  • No longer install python3-msgpack by default; it is no longer needed and was removed from whonix-workstation-packages-recommended-cli. [262]
  • Remove legacy packages. [263] [264]

anon-shared-build-apt-sources-tpo:

  • Ensure compatibility with APT signed-by; port to `apt-key-install` by package helper-scripts. [265]
  • `/etc/apt/sources.list.d/torproject.list`: use APT `signed-by`. [266] [267] [268]

anon-ws-base-files:

  • KVM desktop background. [269]

apparmor-profile-everything:

  • `sdwdate-aae.service`: Backported changes from sdwdate. [270]

grub-live:

  • Fixed dependencies. [271]

helper-scripts:

  • Disabled anondate AppArmor profiles because they are not ready. [272]
  • `onion-time-pre-script`: Do not use `anondate-set` on Whonix-Workstation ™ because sdwdate can establish onion connections irrespective of Whonix-Workstation ™ system clock (so long as Whonix-Gateway ™ Tor is functional). [273]
  • `/usr/libexec/helper-scripts/terminal-wrapper`: Added support for adding window title for `xfce4-terminal` emulator through the `terminal_emulator_window_title` environment variable. [274]
  • anondate-get: If Tor consensus time is later than the system clock, but minimum time is later than the Tor consensus time, show the minimum time instead of no result. [275]
  • onion-time-pre-script: Added a user check to prevent broken file permissions. [276]
  • anondate-set: Disabled Tor restart code since it is not needed. [277]
  • Added `usr/sbin/anon-consensus-del-files`. [278]
  • Split into `anon-consensus-del` and `anon-consensus-del-files`. [279]
  • Created a more descriptive file name: `/run/sdwdate/request_tor_restart` → `/run/sdwdate/request_anondate-set`. [280]
  • anondate: Unduplicated output in journal [281] and lowered verbosity to avoid spamming logs. [282]
  • onion-time-pre-script: Added a counter for how many times a script was run; output. [283]
  • Added `/usr/libexec/helper-scripts/origins-parser`. [284]
  • anondate-set: Ensure the system clock is not set backwards. [285]
  • Updated `minimum_unixtime`. [286]
  • aa-logprof corrections. [287]
  • anondate-get: The minimum time is shown instead if it is later than Tor certificate lifetime. [288]
  • Fixed certificate lifetime parsing by anondate. [289]
  • Fixed parsing Tor consensus time if Tor has not fetched a Tor consensus yet. [290]
  • Added anondate output to journal (and therefore sdwdate-log-viewer). [291]
  • Rebased AppArmor profiles on aa-logprof. [292]
  • Redesigned recovery from a slow clock. [293]
  • Imported anon-consensus-del from anon-gw-anonymizer-config. [294]

kicksecure-meta-packages:

  • Removed fasttrack-archive-keyring from kicksecure-recommended-cli (added to anon-apt-sources-list). [295]
  • Added pwgen, codecrypt, gpg, gpg-agent, dirmngr, magic-wormhole, diceware, makepasswd to kicksecure-recommended-cli. [296]
  • Added firefox-esr. [297] [298]
  • Continued removal of Chromium. [299] [300] [301]
  • Legacy fixes. [302]

msgcollector:

  • Improved `/usr/lib/systemd/user/usertest.service`. [303]
  • `/usr/libexec/msgcollector/one-time-popup`: Create a folder if not existing (mkdir -p). [304]

rads:

  • Removed unnecessary `--no-restart-after-upgrade` ("Undo a previous --restart-after-upgrade (or the default of compat 10). If no other options are given, this will cause the service to be stopped in the prerm script and started again in the postinst script."). [305]
  • Removed `--no-restart-on-upgrade` ("Note that the --no-restart-on-upgrade alias is deprecated and will be removed in compat 14. This is to avoid confusion with the --no-restart-after-upgrade option."). [306]
  • Added a hint on how to switch virtual console, see: Virtual Consoles. [307]
  • Added a workaround for issue "no login prompt / getty started on tty1 anymore in Whonix 16 (Debian bullseye based)". Gnome's gdm display manager's systemd unit replaces tty1 even in case gdm is not started. [308] [309]

sdwdate:

  • Improved tests. [310]
  • Run `/usr/libexec/sdwdate/sdwdate-start-anondate-set-file-watcher` under user/group `sdwdate`. [311]
  • Renamed: `lib/systemd/system/sdwdate-restart-tor-request-file-watcher.service` → `lib/systemd/system/sdwdate-start-anondate-set-file-watcher.service`. [312]
  • Renamed: `usr/libexec/sdwdate/sdwdate-restart-tor-request-file-watcher` → `usr/libexec/sdwdate/sdwdate-start-anondate-set-file-watcher`. [313]
  • Implemented a more descriptive file name: `/usr/libexec/sdwdate/sdwdate-restart-tor-request-file-watcher` → `/usr/libexec/sdwdate/sdwdate-start-anondate-set-file-watcher`. [314]
  • Implemented a more descriptive file name: `/run/sdwdate/request_tor_restart` → `/run/sdwdate/request_anondate-set`. [315]
  • Added `/usr/libexec/sdwdate/sdwdate-test`. [316]
  • Moved sclockadj compilation from a postinst to systemd unit to allow simplification of dependency resolution during release upgrade. [317]
  • Ported to pathlib fix TypeError: 'missing_ok' is an invalid keyword argument for remove(). [318] [319] [320]
  • Added seccomp utimensat Sep 23 15:37:39 host audit[33040]: SECCOMP auid=4294967295 uid=111 gid=121 ses=4294967295 subj==/usr/bin/sdwdate (enforce) pid=33040 comm="touch" exe="/usr/bin/touch" sig=31 arch=c000003e syscall=280 compat=0 ip=0x70ca67e4bafa code=0x80000000. [321]
  • Added sdwdate-log-viewer. [322]
  • Rewrite profile using aa-logprof. [323]
  • Redesigned recovery from a slow clock. [324]
  • Ensure Tor consensus is deleted before restarting Tor in `/usr/libexec/sdwdate/sdwdate-restart-tor-request-file-watcher` to increase robustness of recovering from skewed time. [325] [326]
  • Fixed and excluded sdwdate-pre (addgroup) from SystemCallFilter. [327] [328]
  • `usr/libexec/sdwdate/sdwdate-addgroup` → `usr/libexec/sdwdate/sdwdate-pre`. [329]
  • Fixed sdwdate addgroup if failed during build process. [330]

sdwdate-gui:

  • sdwdate-gui log viewer: set the window title. [331]
  • Fixed harmless but nuisance warnings in Qubes R4.1 [332] by preventing `sdwdate-gui-shutdown-notify.service` from running inside the Template. [333] [334] [335]

swap-file-creator:

  • `dh_installsystemd --no-stop-on-upgrade`: Use --no-stop-on-upgrade to not stop (and therefore not restart) the swap-file-creator systemd unit after package upgrade since there is no reason to re-create the swap file during upgrade of this package. --no-start is unused because a swap file should be created after installation of this package. dh_installsystemd manpage: --no-stop-on-upgrade "Do not stop service on upgrade. This has the side-effect of not restarting the service as a part of the upgrade." [336]
  • Lowered the verbosity of output during boot to avoid a "swap file created" message overwriting the console login prompt. [337] [338]

systemcheck:

  • Moved the location of the deprecation popup. [339]
  • Ensure the deprecation notice is shown during a package upgrade. [340]
  • Added a deprecation notice popup. [341]
  • `usr/libexec/systemcheck/canary-download.py` → `usr/libexec/systemcheck/canary-download`. [342]
  • `etc/apparmor.d/usr.lib.systemcheck.canary` → `etc/apparmor.d/usr.libexec.systemcheck.canary`. [343]

tb-updater:

  • Update: tbb_hardcoded_version="11.0.1". [344]
  • Took out the passage about removed backup functionality. [345] [346]
  • Update: alpha tbb_hardcoded_version="11.0a10". [347]
  • Update: tbb_hardcoded_version="11.0". [348]
  • Update: alpha tbb_hardcoded_version="11.0a9". [349]
  • Update: tbb_hardcoded_version="10.5.10". [350]
  • Further updates: tbb_hardcoded_version. [351]

timesanitycheck:

  • Updated `/usr/share/timesanitycheck/minimum_unixtime`. [352]
  • Fixed a typo, renamed `/usr/share/timesanitycheck/date-minium-file-create` → `/usr/share/timesanitycheck/date-minimum-file-create`. [353]
  • Updated `/usr/share/timesanitycheck/minimum_unixtime`. [354]

uwt:

  • Added a uwt wrapper for `dnf-3` (for Qubes-Whonix ™ 16 dom0 UpdateVM support). [355] [356] [357]

whonix-firewall:

  • Added an opt-in configuration for outgoing IP filtering through `outgoing_allow_ip_list`. [358]

whonix-legacy:

  • Improved release-upgrade. [359] [360] [361] [362]
  • release-upgrade: Ensure the meta package is downloaded and installed. [363]
  • release-upgrade: Abort if no installed meta package has been detected. [364]
  • release-upgrade: Added meta package detection. [365]

whonix-libvirt:

  • RAM reduced to 1.5GB [366] [367] [368] [369]
  • Decreased RAM to 256MB, updated descriptionp, and updated the description for activating desktop. [370] [371]

whonix-xfce-desktop-config:

  • KVM desktop background. [372]

Whonix build script:

Whonix ™ 16.0.4.2[edit]

Notable Changes[edit]

anon-apps-config:

anon-connection-wizard:

  • add tag ap_conn_done_pt [381]
  • add tag conn_done_pt [382]
  • update default bridges [383]

anon-gw-anonymizer-config:

anon-icon-pack:

  • renamed: usr/share/icons/anon-icon-pack/arm.ico -> usr/share/icons/anon-icon-pack/nyx.ico [388]

anon-meta-packages:

  • install kicksecure-default-applications-cli per default on the workstation due to recent kicksecure-meta-packages refactoring [389]
  • install kicksecure-recommended-cli by default on gateway and workstation due to refactoring of kicksecure-meta-packages [390]
  • remove setup-dist from whonix-shared-packages-dependencies-cli because now part of kicksecure-dependencies-cli [391]
  • improve multiple architecture support / split dummy-dependency package into multiple packages [392]

anon-shared-build-apt-sources-tpo:

anon-ws-disable-stacked-tor:

apparmor-profile-everything:

  • ConditionPathExists=!/run/qubes-service/no-sdwdate [396]

apparmor-profile-hexchat:

bootclockrandomization:

  • ConditionPathExists=!/run/qubes-service/no-bootclockrandomization ConditionPathExists=!/run/qubes-service/no-bcr [398]
  • Make delay_plus_or_minus overridable via env var [399] (Thanks to deeplow!)

helper-scripts:

  • `/usr/libexec/helper-scripts/terminal-wrapper`: add support for `gnome-terminal` [400]
  • hardened-malloc-type-test: Hardened Malloc version 10 compatibility [401]
  • anon-consensus-del: also restart vanguards [402]
  • `/usr/libexec/helper-scripts/curl_exit_codes`: add newer curl exit codes [403]

kicksecure-meta-packages:

  • install kicksecure-default-applications-cli by default in Kicksecure [404]
  • split into kicksecure-recommended-cli and kicksecure-default-applications-cli [405]
  • add setup-wizard-dist to kicksecure-desktop-applications-recommended [406]
  • add setup-dist to kicksecure-dependencies-cli [407]
  • add systemcheck to kicksecure-recommended-cli [408]
  • move a lot packages from kicksecure-dependencies-cli to kicksecure-dependencies-cli since this is more apprpriate. haveged, jitterentropy-rngd, man-db, bzip2, net-tools, dnsutils, iputils-ping, file, lsof, pciutils, strace, sysfsutils, procps, e2fsprogs, less, most, apparmor-utils, bash-completion, nano, udisks2, libblockdev-crypto2, sensible-utils, secure-delete, openvpn, curl, wget, usability-misc, open-link-confirmation, hardened-malloc | dummy-dependency [409]
  • no longer install zsh by default [410]
  • add equivs to kicksecure-recommended-cli [411]
  • legacy [412]
  • legacy [413]
  • hardened-malloc-kicksecure-enable -> hardened-malloc-light-enable [414]
  • improve multiple architecture support / split dummy-dependency package into multiple packages [415]
  • dummy-dependency: remove lkrg, binaries-freedom, orca-screen-reader-support for simplicity because these packages are not a dependency yet [416]

live-config-dist:

monero-gui:

msgcollector:

  • `/usr/libexec/msgcollector/error_handler`: fix exit code capturing [420]

onion-grater:

open-link-confirmation:

  • add infinite recursive loop protection [426]

qubes-whonix:

  • `/usr/share/tinyproxy/default.html.anondist`: also customize html body in case tinyproxy does not show html head [427]
  • qvm-sync-clock.anondist code simplification [428]
  • initial version of qvm-sync-clock.anondist [429]

sdwdate:

  • do not start `qubes-sync-time` (conflicts with `sdwdate`), if file `/etc/sdwdate.d/qubes-sync-time-disabled-by-sdwdate.marker` exists. That file exists in a default sdwdate installation. [430]
  • fix sdwdate-log-viewer to include seccomp failures https://forums.whonix.org/t/sdwdate-loop-conclusion-tor-already-reports-circuit-established-seccomp-issue/13260/13 [431]
  • update 20_arch_syscall_whitelist.conf unlinkat needs to be whitelisted otherwise sdwdate fails with error: SECCOMP auid=4294967295 uid=102 gid=108 ses=4294967295 subj==/usr/bin/sdwdate (enforce) pid=3328 comm="sdwdate" exe="/usr/bin/python3.9" sig=31 arch=c00000b7 syscall=35 compat=0 ip=0xf37077846c74 code=0x80000000 [432] (Thanks to Emanuele Rossi!)
  • ConditionPathExists=!/run/qubes-service/no-sdwdate [433]
  • add qubes-sync-time.service and qubes-sync-time.timer to sdwdate-log-viewer [434]
  • add `bootclockrandomization.service` to sdwdate-log-viewer [435]
  • Qubes suspend post: disable qubes.GetRandomizedTime since no longer required. sdwdate / anondate can nowadays fix the time without it. [436]
  • Qubes suspend pre/post: disable restart of Tor since that is no longer required. And even if it was required, this would be handled by sdwdate / anondate. [437]
  • `date --utc` https://forums.whonix.org/t/whonix-ws-16-fails-to-update-due-to-timing-issue/12739/17 [438]

sdwdate-gui:

  • notify-shutdown: skip notify shutdown if sdwdate is not running [439]
  • do no autostart if file /run/qubes-service/no-sdwdate exists [440]
  • ConditionPathExists=!/run/qubes-service/no-sdwdate [441]
  • restart action: use `sdwdate-clock-jump` instead of restarting sdwdate manually [442]
  • port to QREXEC_REMOTE_DOMAIN part of https://phabricator.whonix.org/T930 [443]
  • fix "Denied: whonix.NewStatus" dom0 permission when shutting down Whonix-Gateway [Qubes OS 4.1] Thanks to @unknown for the bug report! https://forums.whonix.org/t/qubes-os-4-1-denied-whonix-newstatus-dom0-permission/12954 [444]
  • `sdwdate-gui-shutdown-notify.service`: `Before=shutdown.target umount.target final.target` [445]
  • avoid start/restart of sdwdate-gui notify shutdown service during package install/upgrade dh_installsystemd --no-start --no-stop-on-upgrade [446]

security-misc:

setup-wizard-dist:

systemcheck:

tb-starter:

  • update links to documentation [453]

tb-updater:

tor-control-panel:

whonix-developer-meta-files:

whonix-firewall:

Whonix build script:

Documentation Updates[edit]

New wiki chapters:

Wiki improvements/enhancements:

Footnotes[edit]

  1. Whonix 16.0.2.7 KVM (Debian 11 bullseye based) - Major Stable Release.
  2. Whonix 16 has been Released! (Debian 11 bullseye based) - for VirtualBox - Major Release.
  3. Qubes-Whonix 16 has been Released! (Debian 11 bullseye based) - Major Release.
  4. Whonix 15 End of Security Support and Deprecation Notice - All users should move to Whonix 16!
  5. This release contains over 11,294 new packages for a total count of 59,551 packages, along with a significant reduction of over 9,519 packages which were marked as "obsolete" and removed. 42,821 packages were updated and 5,434 packages remained unchanged.

  6. Debian bullseye port.
  7. Policy for Inclusion of Compiled Software
  8. Tor integration in Whonix ™ Development Notes
  9. Debian Fast Track is a repository that allows making “backports” of packages available to users of the stable distribution, if those packages cannot be maintained in testing and backported in the usual way.

  10. Challenges Installing VirtualBox
  11. https://gitlab.com/whonix/anon-apt-sources-list/-/commit/14e7fc11fdcb036ce99e4651e348369152341d15
  12. https://gitlab.com/whonix/anon-apt-sources-list/-/commit/beb7359ef219a99ebe2aedbfcdeff649706adbb3
  13. https://gitlab.com/whonix/anon-apt-sources-list/-/commit/05f19b546e5f0ff11c57e313e1baeae2c369c7ca
  14. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/b35428a33f790b60fda382658eb85f2062f2622e
  15. See: No Control Socket when DisableNetwork and User options are set.
  16. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/8648d8ad040d965f8018b542b033e3c6bcf8e498
  17. https://gitlab.com/whonix/anon-meta-packages/-/commit/b62db95a20df69f8e75fcc4e9dece8f5c9017525
  18. https://gitlab.com/whonix/anon-meta-packages/-/commit/8096d3d57d85298c56e7f05a4d06f555e257148f
  19. https://gitlab.com/whonix/anon-meta-packages/-/commit/7488c0bdea6a1c2a415d514ba1dc4d4b60fa2709
  20. https://gitlab.com/whonix/anon-meta-packages/-/commit/6054e957db7b86249905e1108e30211236434b05
  21. https://gitlab.com/whonix/anon-ws-disable-stacked-tor/-/commit/6ee5b5b03d09dae202f2f55ff603c96dca2bf386
  22. https://gitlab.com/whonix/apparmor-profile-dist/-/commit/41e3bb610efbff440299694bf00117240ed8b12e
  23. https://gitlab.com/whonix/apparmor-profile-dist/-/commit/51c82b715fe47fecf9fb0c76317ba3558f5af455
  24. https://gitlab.com/whonix/apparmor-profile-dist/-/commit/b6f37eccd785cc3dfdc3e6295948be0233ddd418
  25. https://gitlab.com/whonix/apparmor-profile-dist/-/commit/4554d97de8cbc126b11fc8504739bd138a8f1922
  26. https://gitlab.com/whonix/apparmor-profile-everything/-/commit/51d75f497ac629d7d82f8c96623edd985b52bf85
  27. https://gitlab.com/whonix/apparmor-profile-everything/-/commit/895ddd1c06289dab673906cbdf19d61ea1bdf794
  28. https://gitlab.com/whonix/apparmor-profile-everything/-/commit/6d70eefe95d3399faed96352a339810393e4833a
  29. https://gitlab.com/whonix/genmkfile/-/commit/87258fc755b5744b4ae4233484ce320f73e388f8
  30. https://gitlab.com/whonix/genmkfile/-/commit/ae57c0c32ec1f7e6b57fd0ca9e766e5d7c564a2c
  31. https://gitlab.com/whonix/genmkfile/-/commit/45a3bec7a01b34c6fa6ae0db1a5bdf3bfdb04eca
  32. https://gitlab.com/whonix/genmkfile/-/commit/2a0d7eb4a9e606a909258281f514aa82b99b6212
  33. https://gitlab.com/whonix/genmkfile/-/commit/76a79fb21defa258f51933db9ab1f314852ee6c8
  34. https://gitlab.com/whonix/genmkfile/-/commit/2c68f84894608617337fb2fb0c9f37cd17325514
  35. https://gitlab.com/whonix/genmkfile/-/commit/43bedd4677b12f62bed54c6d3aa8781fc673a6d9
  36. https://gitlab.com/whonix/genmkfile/-/commit/56611936b5cdef54edd02285eeee0f9786476879
  37. It is functional without it.
  38. https://gitlab.com/whonix/helper-scripts/-/commit/4ff5276723b765ec3da4e1c465bc3d16aa5a8c20
  39. https://gitlab.com/whonix/helper-scripts/-/commit/e021874a31e4a4ed9f2c46ff1925c5dfa79691de
  40. https://gitlab.com/whonix/helper-scripts/-/commit/8a95a1cb7f1e01762ec607abbe5702c0ee766010
  41. https://gitlab.com/whonix/kicksecure-base-files/-/commit/c002d6b6029644c3bbf9c1311ab512a70d1397a7
  42. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/8f1eae9599746177b1e42458ec44ae5c6890c618
  43. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/d0151d51e90b0e59b933a25d908c1c5f5f22ac2f
  44. See: Meta Packages Development Discussion.
  45. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/3bfcf3cf9c48fc370b36789b5ae5ad89a7b53ffc
  46. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/3e08328b9439ab46560c366b45da765e1ac1a409
  47. See: Install Debian fasttrack-archive-keyring by default?.
  48. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/a0d9bd549e99d7c84dcda226bffb9ffcafb4d02e
  49. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/1269ce8533dd521f670bded1deb33459768ce4de
  50. See merge request whonix/kicksecure-meta-packages!1.
  51. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/5bad8176bb3634e4a64d51edb3e58c7d07f94e8a
  52. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/7ba985581cfd02092186bc8cbe584ac4c0f086f9
  53. https://gitlab.com/whonix/onion-grater/-/commit/5655e2f3bf4cffc5f6c2336a542d0c9ea5ca952b
  54. https://gitlab.com/whonix/open-link-confirmation/-/commit/fae6451754a39a83b6f46f56bdb6e7d6086162b4
  55. https://gitlab.com/whonix/qubes-whonix/-/commit/ef6b132f45a00601415f2d48a94a2357eef46ae1
  56. This allows a Whonix ™ template to be updated via a non-Whonix qubes.UpdatesProxy VM if necessary.
  57. https://gitlab.com/whonix/qubes-whonix/-/commit/07367f83fbbea9c9a1811c88e0fd12b0d0e615d4
  58. https://gitlab.com/whonix/rads/-/commit/74fbd3b6a460de94bbdfedd1d863dba9bee3d855
  59. https://gitlab.com/whonix/repository-dist/-/commit/d01e9cc3724ee6e65760dddac40651ba8a5be5f3
  60. https://gitlab.com/whonix/repository-dist/-/commit/4b7228db4a038d36315880cf6878dd713a0bcb37
  61. https://gitlab.com/whonix/repository-dist/-/commit/3a1764721f24c3d2cb681a9f49da2f11e51c9f12
  62. https://gitlab.com/whonix/repository-dist/-/commit/08de96e54385678bc3db5b47c26721dfa14711bf
  63. https://gitlab.com/whonix/sdwdate/-/commit/23a24206567bd27134b68e459ae9b1c4b75f68de
  64. https://gitlab.com/whonix/sdwdate/-/commit/046a1c00b9aa4b578f16e88e0cc355776dd15c08
  65. https://gitlab.com/whonix/sdwdate/-/commit/11361d7fbfdf4a5e5762d407fef25e9bd1593d07
  66. https://gitlab.com/whonix/sdwdate/-/commit/9fee551dca38a7cc5cf940224f3a08cdae6c1956
  67. https://gitlab.com/whonix/sdwdate/-/commit/0c38702517df5b3344f14635f4b9700217e697f4
  68. https://gitlab.com/whonix/sdwdate/-/commit/4eb6536d3e7cdd33fc00565f87c2fbe0e9947010
  69. Otherwise haveged will exit with a core dump.
  70. https://gitlab.com/whonix/security-misc/-/commit/7d73b3ffa0bf13ba78debfb7f099758b0d0fbef3
  71. https://gitlab.com/whonix/security-misc/-/commit/582492d6d8c5f756be4d809898707cb196c5c765
  72. https://gitlab.com/whonix/security-misc/-/commit/2bf0e7471cbd3b813ce385d994e43e48636f7a0b
  73. See: Debian bullseye apt --error-on=any.
  74. https://gitlab.com/whonix/security-misc/-/commit/0492f28aa10dc93063ff3b46107fa705c5ee0d7e
  75. https://gitlab.com/whonix/security-misc/-/commit/240ec7672a4d513e7e6cca280aca3d67c265d1cc
  76. https://gitlab.com/whonix/security-misc/-/commit/5a65c35479f267b026c03e195658ef9d98ee519c
  77. https://gitlab.com/whonix/security-misc/-/commit/7e128636b3a4ea7fe5dfa12018685ab7b5dda706
  78. https://gitlab.com/whonix/security-misc/-/commit/257cef24baa038b21ef511e9d95c4229a5e16f68
  79. https://gitlab.com/whonix/systemcheck/-/commit/83244c59499cd9e593bc4ee1849ec887e0d781fe
  80. https://gitlab.com/whonix/systemcheck/-/commit/0acf98f71b91bff962a8c6c30ade1d52015baee5
  81. https://gitlab.com/whonix/systemcheck/-/commit/aaaa46d9c7f7bf2ea96c0c6b7534ca1333079da0
  82. https://gitlab.com/whonix/tb-starter/-/commit/f6c7fa071c96100c96ba5622f9a8d7c8ea8a495d
  83. Patched prefs.js in user home folder. This was necessary because it changed during the Whonix ™ 15 to 16 upgrade from /usr/share/homepage/whonix-welcome-page/whonix.html to /usr/share/doc/homepage/whonix-welcome-page/whonix.html.
  84. https://gitlab.com/whonix/tb-starter/-/commit/a656c7e67d3adb80e989a089821433d38007e4d4
  85. https://gitlab.com/whonix/tb-starter/-/commit/549d20a92b90379b18221e0ae1b96f9405e81da4
  86. https://gitlab.com/whonix/tb-starter/-/commit/e9c41b7a645a526aec8764c82259d3c2234eb49f
  87. https://gitlab.com/whonix/tb-updater/-/commit/a070941c05a9879f4a6e0b009bf2237f28b10268
  88. https://gitlab.com/whonix/tb-updater/-/commit/fe840f6446087b2ed5b09e144e517c2875e21aa0
  89. https://gitlab.com/whonix/usability-misc/-/commit/7291238c1752bc88be73b1f1d031169034db340b
  90. https://gitlab.com/whonix/uwt/-/commit/8fad01d11eddc1f44cd15cef50903bc96156dfe3
  91. interest-await is used instead of interest-noawait because when virtualbox-guest-additions-iso was simultaneously upgraded with vm-config-dist, the trigger was not executed.
  92. https://gitlab.com/whonix/vm-config-dist/-/commit/9a3d7b64a65a32839cf3edc0ef469c9a5e17f586
  93. https://gitlab.com/whonix/vm-config-dist/-/commit/2ed18a9d67b519ce6b85ab1de03fd3b91af491ca
  94. https://gitlab.com/whonix/whonix-base-files/-/commit/4ebfe6691120f45aed43b9b28c88252ab0184955
  95. https://gitlab.com/whonix/whonix-base-files/-/commit/69c6312a8ec8976fbfb61b5336e6c595512d9e5d
  96. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/126c8592c92fa4b78b71867b471f63508ed51325
  97. See: Whonix Warrant Canary.
  98. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/a6289a8b5e0b3db83b9c00f1df5818f6a2c7d2b6
  99. https://gitlab.com/whonix/whonix-firewall/-/commit/69e89b344c3cffaa9553b83b77858d60f040fba8
  100. https://gitlab.com/whonix/whonix-firewall/-/commit/3f49f174091e5e84a801c81fc36082c7ad135e5a
  101. https://gitlab.com/whonix/whonix-firewall/-/commit/c9356e1e34b50fbc2de0a3d73e0f0c50cd486f92
  102. https://gitlab.com/whonix/whonix-firewall/-/commit/98a0b91a53d115cd042bb3c7663a4470be02aece
  103. https://gitlab.com/whonix/whonix-firewall/-/commit/fa732e9634a44fa5a5952eebef953d735be64106
  104. https://gitlab.com/whonix/whonix-initializer/-/commit/37cb445a84c2f3918bccb14ba3dc102723ad15fd
  105. https://gitlab.com/whonix/whonix-legacy/-/commit/3c8753f51a9ffb4a4f2c7c74ddc13b9ee597c66a
  106. https://gitlab.com/whonix/whonix-legacy/-/commit/2a8bef6ea2c33c2a4ff14630ae99ce1ee31ad89b
  107. https://gitlab.com/whonix/whonix-legacy/-/commit/131f50b2da9f81c76f53ab4ec97f733611d0f005
  108. https://gitlab.com/whonix/whonix-legacy/-/commit/eb9a4bff0b846f9516d9b7719d73705641db2c27
  109. https://gitlab.com/whonix/whonix-legacy/-/commit/ee1a9b03c02df748b0b3df9c30eaa5db5d88b188
  110. https://gitlab.com/whonix/whonix-legacy/-/commit/2389f276d6d5e12a4f3ced5f0c99b52ba085687c
  111. https://gitlab.com/whonix/whonix-legacy/-/commit/80c8c6f0f98531f27ad0155902a007db8738bc7b
  112. https://gitlab.com/whonix/whonix-legacy/-/commit/9bc51f4e35fb6728977437f8d0228ef6e16d69b7
  113. https://gitlab.com/whonix/whonix-legacy/-/commit/2aef1e530169e7790e5f5447a0bcd6e501cedd45
  114. https://gitlab.com/whonix/whonix-legacy/-/commit/63f9469ad0db93bee2ecc8c72def7bfc30edb149
  115. https://gitlab.com/whonix/whonix-legacy/-/commit/c59f6b48a7a7e866b8b2a430fc46fe20da3a6bc0
  116. https://gitlab.com/whonix/whonix-legacy/-/commit/17e041cdea34f0c5421fb23b5222e34c14e636d3
  117. https://gitlab.com/whonix/whonix-legacy/-/commit/456a0e638b04cc9dab474ecb58ff77bee29c8857
  118. locales-all package not installed by default in all Debian templates.
  119. https://gitlab.com/whonix/whonix-legacy/-/commit/10a72921677881eb85283ff4ad46b03f5b49a8b6
  120. https://gitlab.com/whonix/whonix-legacy/-/commit/59c56c41e2a23be96d451a79fc744f2cc0f0536e
  121. https://gitlab.com/whonix/whonix-legacy/-/commit/1319af851b969d63fa77471e3da162d9ca5c41d8
  122. https://gitlab.com/whonix/whonix-legacy/-/commit/9628a8136c971370a1c1efaf2317b2d72770de4a
  123. https://gitlab.com/whonix/whonix-legacy/-/commit/eb3fc5d912798b98d240aa1788d966bc8d151433
  124. This also leads to a much faster test.
  125. https://gitlab.com/whonix/whonix-legacy/-/commit/bbad2596cffa06c6156d2ca784c8271fe89fa4e9
  126. https://gitlab.com/whonix/whonix-legacy/-/commit/f3add80f849c7080fceeaf86da2104aea0b2dd4c
  127. https://gitlab.com/whonix/whonix-welcome-page/-/commit/e260ebb241936d17d5699d90e6cf568e7eeecde7
  128. https://gitlab.com/whonix/Whonix/-/commit/d6f4b0beeb7da7c857a0944d5341f738a1825ca0
  129. https://gitlab.com/whonix/Whonix/-/commit/993dc55adef8fd6227dcf028a31f78df7af4af38
  130. https://gitlab.com/whonix/Whonix/-/commit/4117aa571c4c54268098949377fec890be300edf
  131. https://gitlab.com/whonix/Whonix/-/commit/1097167d5d947b2591319ba7c727380bfdbb9852
  132. https://gitlab.com/whonix/Whonix/-/commit/61a4fa8feb1ca8bb66f8692f98fe0ed0b0f6a347
  133. https://gitlab.com/whonix/Whonix/-/commit/ea0ea5ed5b66bb99c4b1851954d4c116b690a3c4
  134. https://gitlab.com/whonix/Whonix/-/commit/db2b3b0439da69198e6fe15da14cd539f89a48bb
  135. https://gitlab.com/whonix/Whonix/-/commit/22c9e145a9fdb53358e56fd37fa34ebe3db5fb6c
  136. Challenges Installing VirtualBox.
  137. https://gitlab.com/whonix/Whonix/-/commit/79f73c563c0c12afbf19b479e2c6426ac9ebc005
  138. https://gitlab.com/whonix/Whonix/-/commit/2e9b99f5991dd5a62083a91bde597ccd4100f108
  139. https://gitlab.com/whonix/Whonix/-/commit/288323a86e2dc037b03e004c62ab3f8ce2b1f616
  140. Note: the https://fasttrack.debian.net/debian offline issue has now been resolved.
  141. https://gitlab.com/whonix/Whonix/-/commit/4c4b6899446b65ff98b0c714806e22879cd22ea6
  142. https://gitlab.com/whonix/Whonix/-/commit/37a58d3ccef9e055fa77375f08f609c37f34a4dc
  143. https://gitlab.com/whonix/Whonix/-/commit/d18114145217bd0fa97c5b90a162fa4115a44675
  144. This would miss security-related APT configuration options: apt --error-on=any / -o APT::Update::Error-Mode=any.
  145. https://gitlab.com/whonix/Whonix/-/commit/a00bd523073aaceb1f5cd674b54e734fb93c7518
  146. https://gitlab.com/whonix/Whonix/-/commit/067b8c2f6dafbbcb6ea00eaf2f25c90b88508764
  147. https://gitlab.com/whonix/Whonix/-/commit/6a0f72a701799879b23de92a2855aba7f756bb22
  148. https://gitlab.com/whonix/Whonix/-/commit/21451c66870549e441e50f2bdd8008ba33f8d4a5
  149. https://gitlab.com/whonix/Whonix/-/commit/ff75fd30f698c61a3276a811c8fcd5a5be7a1298
  150. Tor integration in Whonix.
  151. https://gitlab.com/whonix/Whonix/-/commit/e6b372d18f582b35900899d2aa076e4d1b5073a2
  152. https://gitlab.com/whonix/Whonix/-/commit/37d3c0062d8fbb4413d3113cc67f2ea4020e9cba
  153. https://gitlab.com/whonix/Whonix/-/commit/a8aaeddad3feb15ba894c4c0c75288b20642a3e1
  154. https://gitlab.com/whonix/Whonix/-/commit/2ba4bcec1cd56c58cec7cb18b82d801abc58a0ae
  155. https://gitlab.com/whonix/Whonix/-/commit/9cdc94271739b373ff19eeb7506193c6a9b47250
  156. https://github.com/Whonix/apparmor-profile-everything
  157. https://github.com/QubesOS/qubes-issues/issues/5212
  158. https://forums.whonix.org/t/qubes-whonix-security-disadvantages-help-wanted/8581
  159. Whonix XFCE Wallpaper / Background Image.
  160. https://gitlab.com/whonix/anon-gw-base-files/-/commit/ef3ac0fdda5d56ecfb9c946cb0224b7aa627a25e
  161. replacing initramfs-tools with dracut.
  162. https://gitlab.com/whonix/anon-meta-packages/-/commit/bd10983f849960f6176be2886b7287a2a9a48959
  163. Whonix XFCE Wallpaper / Background Image.
  164. https://gitlab.com/whonix/anon-ws-base-files/-/commit/4990b0578dbecddac34682104d844f4a7a8d3589
  165. https://gitlab.com/whonix/binaries-freedom/-/commit/3cca621377fe9191e45ac40eecacbc45a702658f
  166. Policy for Inclusion of Compiled Software.
  167. https://gitlab.com/whonix/binaries-freedom/-/commit/86223e3cbb5c6aab67616201a2936266d677c6bf
  168. https://gitlab.com/whonix/debug-misc/-/commit/eb232484bc4d248d866456c0eb236c17a137cc4c
  169. https://gitlab.com/whonix/debug-misc/-/commit/017c41ed068e5b675f741bc34c3d1f1733a5c8af
  170. https://gitlab.com/whonix/debug-misc/-/commit/915882889918bf7969fa7b9f7bb6f7dfcb5bb554
  171. https://gitlab.com/whonix/grub-live/-/commit/7a1b20db9185b4cbbe04937f7993783f2261195b
  172. https://gitlab.com/whonix/grub-live/-/commit/df99255112d9eae360cce8534b9cfa92795125c6
  173. https://gitlab.com/whonix/grub-live/-/commit/cb94f18bd47a56d0427e9ae822f966f32fd55f2e
  174. https://gitlab.com/whonix/grub-live/-/commit/3bded2153eb311ee6f8571bf67483d3514d97ed0
  175. replacing initramfs-tools with dracut.
  176. https://gitlab.com/whonix/grub-live/-/commit/1989d6e12ac4e5eec03ed3b492c4c84fd6695fd9
  177. https://gitlab.com/whonix/helper-scripts/-/commit/8a4939227c4ff0016451a3be8a8de8f7c7360b56
  178. FlatPak as a Software Source / flathub as a source of software.
  179. See: flatpak.
  180. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/be19b89acba35c5b6e9350b3f4aa5d8c13288ba3
  181. extrepo - safely adding repos.
  182. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/7f4f2930d720836cd4051a4ba6e38959037f2d95
  183. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/e11275ee58b15bbb9ec5d745046b4b369b681c99
  184. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/b1616daee3c2c228de8db866ea168be088e4ea5c
  185. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/7c1ed0864ec1916497df39f1660d5fb97ba01e80
  186. replacing initramfs-tools with dracut.
  187. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/a586c06595c836122c6f357d07f28541b16f988d
  188. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/6b42c87bef0ee62fd57f4435cb69997243b3f6d8
  189. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/3b67c5c18981c7a3072ece594f94f98e9537cb1f
  190. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/eac116b98463f9b50812fe4c43b5420181b62b3e
  191. https://web.archive.org/web/20210902155943/https://github.com/monero-project/monero-gui/releases/tag/v0.17.2.3
  192. https://web.archive.org/web/20210902155938/https://downloads.getmonero.org/gui/monero-gui-linux-x64-v0.17.2.3.tar.bz2
  193. https://web.archive.org/web/20210902160006/https://www.getmonero.org/downloads/hashes.txt
  194. https://gitlab.com/whonix/monero-gui/-/commit/a34bac079c2a31b533117070cf38c7a4957f36c3
  195. replacing initramfs-tools with dracut.
  196. https://gitlab.com/whonix/qubes-whonix/-/commit/683c5ee6247dd562fa52789c5475621f43a95377
  197. https://gitlab.com/whonix/sdwdate/-/commit/95f62a51727ab153c83a1a5650786b2ffd778038
  198. https://gitlab.com/whonix/security-misc/-/commit/ac0c492663b9d90f99e5969193b35b53d4175d1d
  199. https://gitlab.com/whonix/security-misc/-/commit/49902b8c56512c3ee8b3d16b0ca513e44349c66d
  200. https://gitlab.com/whonix/security-misc/-/commit/a4e18a2ae8c19a664bb1be5bc4ec43f10a876969
  201. https://gitlab.com/whonix/security-misc/-/commit/e2810f348b413bb307449a911c12a46924686a9f
  202. https://gitlab.com/whonix/security-misc/-/commit/be8c10496f26d33378deb2427e56892771456ee5
  203. https://gitlab.com/whonix/security-misc/-/commit/8b104f544a9e4e8da1691659fefa4999a4f6f085
  204. https://gitlab.com/whonix/systemcheck/-/commit/09129d482c339a21c1b5c55447d50906a0b64fd9
  205. https://gitlab.com/whonix/usability-misc/-/commit/b6461000a276594155ab88d994b4b4268451030e
  206. https://gitlab.com/whonix/vm-config-dist/-/commit/c071e8b630fe63963fbf5554986c0fecdcb6bd74
  207. https://gitlab.com/whonix/vm-config-dist/-/commit/1417726fc0a08bae8fe94c3dca3555aeef82677b
  208. https://gitlab.com/whonix/vm-config-dist/-/commit/fc802381584056fbaef1e7388c720c2c3c3dcb19
  209. https://gitlab.com/whonix/vm-config-dist/-/commit/bf00f606b3188c5a023f446cb31f910349708b4e
  210. https://gitlab.com/whonix/vm-config-dist/-/commit/ee1f0c3a4b8f7c18c4228385506e18e9a0cfe0ee
  211. https://gitlab.com/whonix/vm-config-dist/-/commit/b0c1af96519f82a9dcd2baf4f414c5efbc5d87f2
  212. https://gitlab.com/whonix/vm-config-dist/-/commit/a41b9d9bd270dec8a3cb76ddade164d0de914696
  213. https://gitlab.com/whonix/vm-config-dist/-/commit/ee07d87be47c3c48f4369b5816876d5d826999a4
  214. Migration to Guest Additions Packages.
  215. https://gitlab.com/whonix/vm-config-dist/-/commit/b23e33b69dde7a62d8b63884900095aeacc19024
  216. https://gitlab.com/whonix/whonix-legacy/-/commit/b9d166ff16d3f8d61a0554784df9976cd88c6e72
  217. https://gitlab.com/whonix/whonix-legacy/-/commit/8a17fef51a03c62205172494704dad11c361c31d
  218. https://gitlab.com/whonix/whonix-legacy/-/commit/8d8fb6be0628a19e32c76fcd3edd732d7ba3bd5f
  219. Whonix XFCE Wallpaper / Background Image.
  220. https://gitlab.com/whonix/whonix-xfce-desktop-config/-/commit/9d386ab84f420cf28a2661787500366af1088da1
  221. https://gitlab.com/whonix/anon-gw-base-files/-/commit/2ca7a856386a14f6dd69e7547e4977d652867841
  222. https://gitlab.com/whonix/anon-ws-base-files/-/commit/05e6e06250df24e72cb9aa14f5ab294f10dc17c1
  223. https://gitlab.com/whonix/anon-ws-base-files/-/commit/706a7eff48adab1306cd127e85062286c77392ca
  224. https://gitlab.com/whonix/corridor/-/commit/cd7d2d4ba8ed55ff7b4f9508621c37d4afd3ce1d
  225. Bullseye: live-boot needs GRUB_DISABLE_LINUX_UUID="true" parameter in /etc/grub.d/11_linux_live.
  226. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994138
  227. https://gitlab.com/whonix/grub-live/-/commit/42e806430a90829c8f06df873a1aa82a0c05a4ca
  228. https://gitlab.com/whonix/hardened-kernel/-/commit/dd4d64c70d36d854f6b3f8faff281677000bd1cb
  229. https://gitlab.com/whonix/helper-scripts/-/commit/6472efd1ce1769338881020e5aac03a221ccb6e1
  230. https://gitlab.com/whonix/helper-scripts/-/commit/0199146c78a421c0429654636299a6e2fd795672
  231. zuluCrypt appears blank.
  232. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/aa3b4ff0c6f977da88ebad2c94fdbd6b38ea0160
  233. https://gitlab.com/whonix/repository-dist/-/commit/d3b7a4284aefd17d9173c65a95f0d6cb037e07e9
  234. https://gitlab.com/whonix/repository-dist/-/commit/eb569b6225a67d78bee385c9d30981cdf7aeb91a
  235. https://gitlab.com/whonix/repository-dist/-/commit/73ccff0d64314490703eda5c376e04129fd6170e
  236. https://gitlab.com/whonix/repository-dist/-/commit/3781fc5bd5e8396675b304e309427cc02e752a57
  237. https://gitlab.com/whonix/repository-dist/-/commit/de2c03eb1e97ef4cc51979bbf0a51ac9d35879cf
  238. https://gitlab.com/whonix/repository-dist/-/commit/d25317d734052fee49bef8cd3d2e11161872e26f
  239. https://gitlab.com/whonix/repository-dist/-/commit/4afbd86c840c81fb64fdd27f5676accf854cad20
  240. https://gitlab.com/whonix/repository-dist/-/commit/c7836751a6cc25cab5888815011df5a1d493e75c
  241. https://gitlab.com/whonix/repository-dist/-/commit/e3e2db96441401015c4fa61f423b43a240390b97
  242. https://gitlab.com/whonix/repository-dist/-/commit/d3f117937ecfd89d0a5159dd35e5813bd99d9aca
  243. APT repository signing keys per APT sources.list - signed-by.
  244. https://gitlab.com/whonix/repository-dist/-/commit/f113c374a5e36f25c98441d166d34863fdd9268a
  245. https://gitlab.com/whonix/sdwdate/-/commit/a68789aa1fa4d753b724fe99c03fbb29b4fb859b
  246. https://gitlab.com/whonix/security-misc/-/commit/d62bbaab82a33a485a82d42d8db5674d200a1c3d
  247. https://gitlab.com/whonix/security-misc/-/commit/bd31b4085c853d8b182e3a13534827a695f5493a
  248. APT repository signing keys per APT sources.list - signed-by.
  249. https://gitlab.com/whonix/systemcheck/-/commit/5ac0a09063e7a90d2e340f25b7e6bc854f376b1e
  250. https://gitlab.com/whonix/tb-updater/-/commit/778637418b37389e9d42769f6d200398e5544cda
  251. https://gitlab.com/whonix/tb-updater/-/commit/6011e9e5dc2833892eadce7c0be2a6b65431cf04
  252. https://gitlab.com/whonix/usability-misc/-/commit/ae50fc3e75b16b4f54004cd9d0c2a74d38cb5c06
  253. APT repository signing keys per APT sources.list - signed-by.
  254. https://gitlab.com/whonix/usability-misc/-/commit/02486c1af3053828001f55fe3ed02b46be1aefcd
  255. https://gitlab.com/whonix/whonix-xfce-desktop-config/-/commit/2c986f88f3e85fec6412acd2fcfb9f254e92c479
  256. https://gitlab.com/whonix/whonix-xfce-desktop-config/-/commit/829286e9e0291fefc87f4031ce1b3276cfb1045b
  257. https://gitlab.com/whonix/anon-apt-sources-list/-/commit/9f7f8a607b5410672fb3d35d5613de5f83cdc6de
  258. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/a4977845b00c43253bbcd7972bf91ddf88497f0f
  259. https://gitlab.com/whonix/anon-gw-base-files/-/commit/654f88a52a649c92b52e2304f886be7260d4ff77
  260. https://gitlab.com/whonix/anon-meta-packages/-/commit/eca63bd00415f7f2365aff736bd5a76d9fb0968b
  261. https://gitlab.com/whonix/anon-meta-packages/-/commit/ad8163d84b826f18bf3cfe50c98dabe8c9b41d59
  262. https://gitlab.com/whonix/anon-meta-packages/-/commit/fd008df8d2a0f9bcebdaef7c9281837c2827f628
  263. https://gitlab.com/whonix/anon-meta-packages/-/commit/e9ea226efe8ad88735383bdb5b43e701604f3604
  264. https://gitlab.com/whonix/anon-meta-packages/-/commit/3f029f172961d28458e3ed7cdffa61285d06dd3c
  265. https://gitlab.com/whonix/anon-shared-build-apt-sources-tpo/-/commit/15e0d448a25d91f1f258c44c70452efb0f74c2e8
  266. https://forums.whonix.org/t/apt-repository-signing-keys-per-apt-sources-list-signed-by/12302
  267. https://support.torproject.org/apt/
  268. https://gitlab.com/whonix/anon-shared-build-apt-sources-tpo/-/commit/882a14d0627b2fc0afa06bd7fed56070d78b4ed5
  269. https://gitlab.com/whonix/anon-ws-base-files/-/commit/e859c9baa21176f39c9c5310c03d59710893678a
  270. https://gitlab.com/whonix/apparmor-profile-everything/-/commit/3b2c68137002add0126462bc8bc03f1d26f8922a
  271. https://gitlab.com/whonix/grub-live/-/commit/c8e7c06774a25cb4da426641701c6622ebb52642
  272. https://gitlab.com/whonix/helper-scripts/-/commit/d7d9e5323bf68925090b1965d4955185b77387d7
  273. https://gitlab.com/whonix/helper-scripts/-/commit/79ed8b3ceb1cd1e96a5e84c9006da756f0e69180
  274. https://gitlab.com/whonix/helper-scripts/-/commit/c65c560cee7ba194b374a0f75370bd215d60a69d
  275. https://gitlab.com/whonix/helper-scripts/-/commit/73e232e41e8b24a7cfa9db22ee23ad365a18bb05
  276. https://gitlab.com/whonix/helper-scripts/-/commit/1b5397fd6b3a3826ab6dfaa2121a8f98aee276c2
  277. https://gitlab.com/whonix/helper-scripts/-/commit/9e8627cf147cdabe36d65bc69a24eb987ce95374
  278. https://gitlab.com/whonix/helper-scripts/-/commit/4c4c2ba5d5ae76ab0400ee1f0dc9736f967ec087
  279. https://gitlab.com/whonix/helper-scripts/-/commit/4b0497157282b44598e1c5b6d1eefa6372b5c531
  280. https://gitlab.com/whonix/helper-scripts/-/commit/3de950184dc5c7d08230dd865f226ce9e124310b
  281. https://gitlab.com/whonix/helper-scripts/-/commit/18e02945bd021996a0a4d90c04a6dd0cae5e79c0
  282. https://gitlab.com/whonix/helper-scripts/-/commit/21f03ed1009107e10b36695881ca86b43013ed8f
  283. https://gitlab.com/whonix/helper-scripts/-/commit/84c4121938d8d8d1d73bc43fd0c842777b8508f0
  284. https://gitlab.com/whonix/helper-scripts/-/commit/0493bc3de3a561b66e309fa9e936cd2e6433f583
  285. https://gitlab.com/whonix/helper-scripts/-/commit/543978493b230fb77616a7ce59551c8595603e2a
  286. https://gitlab.com/whonix/helper-scripts/-/commit/f583d7d0041ab4cec4031346591f2206e130ba62
  287. https://gitlab.com/whonix/helper-scripts/-/commit/634368a2e49f554cdfaa1c4a00d7a4d73daad404
  288. https://gitlab.com/whonix/helper-scripts/-/commit/3659666a92054b628c2b8c762a56cdfc5a184452
  289. https://gitlab.com/whonix/helper-scripts/-/commit/b752d08ac8797211953bc5361e3411e5db4133bc
  290. https://gitlab.com/whonix/helper-scripts/-/commit/d6b085322005f92f1aeb8ae9cb951921c7f77ab4
  291. https://gitlab.com/whonix/helper-scripts/-/commit/3449194476ab5e31035fe011c259aa4074fa508e
  292. https://gitlab.com/whonix/helper-scripts/-/commit/ba05cd447fab73c1f95bb47008ab3721fc39a512
  293. https://gitlab.com/whonix/helper-scripts/-/commit/4746cbd02d32b4e513accaed677c0bee28b531f6
  294. https://gitlab.com/whonix/helper-scripts/-/commit/48a0adb850051907efcb41e1643453ac08d966ce
  295. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/fb962e2c0062c086a0034f5ef3ac2a31416a278b
  296. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/13f4ca0314080f2d2591462252bb929a9a20bfd1
  297. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/a973ec1758afce15af75be1a63972edb140a61e2
  298. Appreciation is expressed to @HulaHoop.
  299. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/7a41d45da8d3692484c97d27947183234ff4a79d
  300. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/d458baa0ec28b46ed88ba72273b5748eed54d6c0
  301. Appreciation is expressed to @HulaHoop.
  302. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/92fa630d2b242b350beed87fc0465fa9adf6f6ce
  303. https://gitlab.com/whonix/msgcollector/-/commit/807d3ed9154a226ff9bb737c69fbf05a59f52efb
  304. https://gitlab.com/whonix/msgcollector/-/commit/2febd8e861b1fafb4c6a55fba8dc09473805263e
  305. https://gitlab.com/whonix/rads/-/commit/c79945c2103b5c049f6411747b6aa472a65d726d
  306. https://gitlab.com/whonix/rads/-/commit/372540203b789c1b6eb615f5ad942d76a52c0796
  307. https://gitlab.com/whonix/rads/-/commit/9bebad7d1e8dd8cb0cdc5244f19203be3045c667
  308. This workaround essentially runs `chvt 2` in case rads does not start a display manager such as gdm (in case there is not enough RAM). This has restored the behavior of a user being greeted with an agetty login prompt. See: no login prompt / getty started on tty1 anymore in Whonix 16 (Debian bullseye based).
  309. https://gitlab.com/whonix/rads/-/commit/0fdcee7f930e6f7af5e838b3a273b9b76accd904
  310. https://gitlab.com/whonix/sdwdate/-/commit/ed4f91095545414539d8a9e14e8f4e81afa9883a
  311. https://gitlab.com/whonix/sdwdate/-/commit/33f2667c404103f3d39fd139c2cedf55b1731a97
  312. https://gitlab.com/whonix/sdwdate/-/commit/df3c81a547181e2ff6774a2d963c2d8eeb85475b
  313. https://gitlab.com/whonix/sdwdate/-/commit/6ac8dea8aa72b88cc89e78176c0fdc260180093d
  314. https://gitlab.com/whonix/sdwdate/-/commit/7c14d799afd992c3ec98122f1cf9da75fd75588c
  315. https://gitlab.com/whonix/sdwdate/-/commit/ff0dba14988e482eeab00e74367f302835fadfae
  316. https://gitlab.com/whonix/sdwdate/-/commit/73e3b075d70ca08a8bd75a4e80933fa20d22af93
  317. https://gitlab.com/whonix/sdwdate/-/commit/3986d420d44f147a3ca489c075ab564f1410fe10
  318. https://github.com/Whonix/updates-status/issues/105
  319. https://gitlab.com/whonix/sdwdate/-/commit/bfdea776ba638541c4d2b168a32588c3721a71a3
  320. Appreciation is expressed to @marmarek for the bug report.
  321. https://gitlab.com/whonix/sdwdate/-/commit/525716fb646d7654d065fbc16ae4af802ec552df
  322. https://gitlab.com/whonix/sdwdate/-/commit/ecf9e8a38b248ff4815caafb0d8c9548c1a7aadb
  323. https://gitlab.com/whonix/sdwdate/-/commit/540df96abf3dbc338ff48c38b2896a11615fc293
  324. https://gitlab.com/whonix/sdwdate/-/commit/87cab6af3ed8b9f18c74e47f3f93afaab833ffe8
  325. See: TimeSync: Whonix ™ Time Synchronization Mechanism.
  326. https://gitlab.com/whonix/sdwdate/-/commit/650ee383881a3223310b576ffe0c480bd4535d3f
  327. See: Whonix on Mac M1 (ARM).
  328. https://gitlab.com/whonix/sdwdate/-/commit/efb78881f58d5c4198deac881a1123281b4d741c
  329. https://gitlab.com/whonix/sdwdate/-/commit/7d93312c1a7bdb288a36227410d1df5898586bc9
  330. https://gitlab.com/whonix/sdwdate/-/commit/0f509ebc045ae88314f0abfe6faac1ddd48a8440
  331. https://gitlab.com/whonix/sdwdate-gui/-/commit/933883ec710eb0a5a43a276e0c6789b7744d42a3
  332. "Denied: whonix.NewStatus Denied whonix.NewStatus+whonix-gw-16_shutdown from whonix-gw-16 to sys-whonix" "Denied: whonix.NewStatus Denied whonix.NewStatus+whonix-ws-16_shutdown from whonix-ws-16 to sys-whonix"
  333. Appreciation is expressed to @zellchristensen for the bug report and @marmarek for the bug diagnosis.
  334. https://github.com/QubesOS/qubes-issues/issues/6983
  335. https://gitlab.com/whonix/sdwdate-gui/-/commit/5d844f993af7bc69c30140d35de8b8cf72331780
  336. https://gitlab.com/whonix/swap-file-creator/-/commit/f03cd0c0c18a384a3440e9dbe1adebdeafa6d496
  337. The alternative, configuring the login prompt to wait for swap-file-creator to be done instead would lead to a slower boot process.
  338. https://gitlab.com/whonix/swap-file-creator/-/commit/b2b9dae3c16cacc6f786a74ac0fe723cd7794735
  339. https://gitlab.com/whonix/systemcheck/-/commit/078eb326852c504640fc12c0dcff0fca35ee74ed
  340. https://gitlab.com/whonix/systemcheck/-/commit/e3a5ee7d47f761b7c920e80ac0e15fd25cd24536
  341. https://gitlab.com/whonix/systemcheck/-/commit/5f0c7deab97101c0217af07e4cf62cf2c45c8b06
  342. https://gitlab.com/whonix/systemcheck/-/commit/001fa395bf22f62a12296b719600b06fbf56c944
  343. https://gitlab.com/whonix/systemcheck/-/commit/8e8b0854a37f19626e2f017457a67d4e8ce506e0
  344. https://gitlab.com/whonix/tb-updater/-/commit/79c0779916d9707a4a75e0bdf39749395f979d74
  345. https://gitlab.com/whonix/tb-updater/-/commit/d9a5d7d11d4caf198f21a2f32b9aaa733a4ad17d
  346. Appreciation is expressed to Frank.
  347. https://gitlab.com/whonix/tb-updater/-/commit/862bc8c882af3ce06435d7197787420376d8fd51
  348. https://gitlab.com/whonix/tb-updater/-/commit/73c5d33fbfb63552cbbc8e501f197bd51efa8573
  349. https://gitlab.com/whonix/tb-updater/-/commit/9f0ab50d81b662ff54f915d58b800c8151976958
  350. https://gitlab.com/whonix/tb-updater/-/commit/3ae332a8726a45359b1a323593816f93b61fb00b
  351. https://gitlab.com/whonix/tb-updater/-/commit/5bbbbcb4e2bd3792c8fbeb81e68360d75fcdbb4a
  352. https://gitlab.com/whonix/timesanitycheck/-/commit/a2ae8d50a0ff51fae27b65971f3751b7d071c082
  353. https://gitlab.com/whonix/timesanitycheck/-/commit/84e27705b4b547f885ac7aa1af18fff12ecbb0dd
  354. https://gitlab.com/whonix/timesanitycheck/-/commit/256b6feabfc8aba4eecf3d0388ed508d98a29301
  355. https://github.com/QubesOS/qubes-issues/issues/6913
  356. https://github.com/QubesOS/qubes-issues/issues/6891#issuecomment-920220943
  357. https://gitlab.com/whonix/uwt/-/commit/bd48b023a99b575ea7cd3ea598ea98f43fb8eded
  358. https://gitlab.com/whonix/whonix-firewall/-/commit/0dcdd8d318f895aee862d618778edbdb27647443
  359. https://gitlab.com/whonix/whonix-legacy/-/commit/2cc3e23b7c9318560e82041d8510b464e18604cf
  360. https://gitlab.com/whonix/whonix-legacy/-/commit/9df84beded4c52493789c0b5966e4e8de755d305
  361. https://gitlab.com/whonix/whonix-legacy/-/commit/da7a850ea0bb8ba7f49edab080ee5a82b859f407
  362. https://gitlab.com/whonix/whonix-legacy/-/commit/50a25523032ab8938e234f0888f9777a620b639f
  363. https://gitlab.com/whonix/whonix-legacy/-/commit/3aa25297c40c5fe4890d2cfad7b1c8d34a8433e3
  364. https://gitlab.com/whonix/whonix-legacy/-/commit/d8cda99a5a376981ff8dfc3dda2534f982fa86e3
  365. https://gitlab.com/whonix/whonix-legacy/-/commit/2d998d2884388ccad6e1110905522fc14352b892
  366. Appreciation is expressed to @HulaHoop.
  367. https://gitlab.com/whonix/whonix-libvirt/-/commit/c2962f7e9fdafa5486b0998110c18976d0410780
  368. https://gitlab.com/whonix/whonix-libvirt/-/commit/68249c4f7af9aae47444d51ee0d5b6e6d7480ed8
  369. https://gitlab.com/whonix/whonix-libvirt/-/commit/a38adbfe7c087919959e0c0331a7a0d1fd36a551
  370. https://gitlab.com/whonix/whonix-libvirt/-/commit/039cf62f31784193158711321964375b8cf0bff8
  371. Appreciation is expressed to @HulaHoop.
  372. https://gitlab.com/whonix/whonix-xfce-desktop-config/-/commit/94d1c6a8048755235e924420ca9cf19da3758e6a
  373. See: Tor integration in Whonix ™ Development Notes.
  374. Tor integration in Whonix.
  375. https://gitlab.com/whonix/Whonix/-/commit/8360f544bcd4bba4cb60f3fde9011f43d5d89803
  376. https://gitlab.com/whonix/Whonix/-/commit/6850283e88d52dd96a5f82412f99d0818117d905
  377. https://gitlab.com/whonix/Whonix/-/commit/5542f3491045ac2ef9db42f8ffcc112baef4cd7b
  378. https://gitlab.com/whonix/Whonix/-/commit/bec122d15dc891a9b7ecad9fba702f3979783b65
  379. Appreciation is expressed to @HulaHoop.
  380. https://gitlab.com/whonix/anon-apps-config/-/commit/7892543371ccc224c8fca50a76e71e08704f8afe
  381. https://gitlab.com/whonix/anon-connection-wizard/-/commit/c6685af1a9fc4bbd1c912e7ff3277538baaff893
  382. https://gitlab.com/whonix/anon-connection-wizard/-/commit/850604b878fd1208bdb1c6b08324efac717a5285
  383. https://gitlab.com/whonix/anon-connection-wizard/-/commit/54fb98886fcbfbce235633773287cb838d382cb5
  384. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/39f623f968bb1e143e3c402f008e7c0f7b71a817
  385. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/2ee2f10eb0115f6b49d6c10df33b35ef9c1db12d
  386. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/0ac977c2ba3b636ed8402e2bf76b3214276bec3a
  387. https://gitlab.com/whonix/anon-gw-anonymizer-config/-/commit/822fe4e4f79dc9f0a3b24ce8a78d6908edbc5985
  388. https://gitlab.com/whonix/anon-icon-pack/-/commit/6592b37cfed4db2b6e8a2cb856a6f4550ccbbfa7
  389. https://gitlab.com/whonix/anon-meta-packages/-/commit/ae6cb1ce8027606782e4202377c2926fc227276a
  390. https://gitlab.com/whonix/anon-meta-packages/-/commit/9c160f1492fd634e0e4baf0a9c498a68476ba571
  391. https://gitlab.com/whonix/anon-meta-packages/-/commit/bb5ae8c8580e522406ebd4c255b0c9cf1df237be
  392. https://gitlab.com/whonix/anon-meta-packages/-/commit/b52179af6e0db1dfc6e65802b836addb14f13974
  393. https://gitlab.com/whonix/anon-shared-build-apt-sources-tpo/-/commit/6c529f3d83b8fd34c88b7940d38b4e0efb12c283
  394. https://gitlab.com/whonix/anon-ws-disable-stacked-tor/-/commit/e6c05d99006849caf4326d58d4cca4cb0e001c1b
  395. https://gitlab.com/whonix/anon-ws-disable-stacked-tor/-/commit/7a1e0b59d39bc705c1e39be69a2c3dedb04c0f04
  396. https://gitlab.com/whonix/apparmor-profile-everything/-/commit/da5e8a834380e520877ec51f2bcfe78e3e688cf3
  397. https://gitlab.com/whonix/apparmor-profile-hexchat/-/commit/d2a9d37b0e387144ed8e73a16c4a0c4037d1f984
  398. https://gitlab.com/whonix/bootclockrandomization/-/commit/f02a3553c61a901d6ce98d1d5629be4c2a032cdf
  399. https://gitlab.com/whonix/bootclockrandomization/-/commit/1837346b080132d3f7ca8dac81d13d489cfa2662
  400. https://gitlab.com/whonix/helper-scripts/-/commit/d3390d4c0889794204791329555615756ed4aa40
  401. https://gitlab.com/whonix/helper-scripts/-/commit/893974f9ee9ac69a9e55c37692818fd7d63b48b7
  402. https://gitlab.com/whonix/helper-scripts/-/commit/a70612f9ca94a2b84697dc27792fdd0f7f74ad40
  403. https://gitlab.com/whonix/helper-scripts/-/commit/54e2888ccf378ae60127b26774407460041cb8e5
  404. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/ea7851dedf6b7a7f5df9b6b3a71d35726793e116
  405. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/f1790451a9ccb3883a3fef70963cdf7266a8a271
  406. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/dbb182f8b4de5f13f3f82efc103f06a5236832f0
  407. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/4dd31bd6d25e43a8cf4d675b8f030d13fd7d1057
  408. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/0062df31d04a136b013bccabfac9c4f28e2e699d
  409. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/2e4eec07603c539807a5429f26ef81fbe7769c0a
  410. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/19eaae178b143662f0309a2505705d943cf97cd6
  411. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/80704660561357a7f377dbc562968386b2173613
  412. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/cb20b19da6400f83b59bd5f5b601c9bbf20e86d4
  413. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/0c14c945ed13d36ff78ccc0a30b544b40ac63da9
  414. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/d7e51eebebe6faeb1a580cc7cde83412da9e68f3
  415. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/bdfcbc1d60fd39368715e39b3a5ca6b6d84a2726
  416. https://gitlab.com/whonix/kicksecure-meta-packages/-/commit/3f1cea7767ccc6e01b6a9e5a0d6893571b3d70ba
  417. https://gitlab.com/whonix/live-config-dist/-/commit/f9aa298ec0b8cf38e52ead61daa5093bb1b4f445
  418. https://gitlab.com/whonix/monero-gui/-/commit/0d9356e5f8815fd9cade046e1a357e853814884b
  419. https://gitlab.com/whonix/monero-gui/-/commit/198b2df3c2c23767f7f9b6f1dbc4078bcd67ed0b
  420. https://gitlab.com/whonix/msgcollector/-/commit/77a6c4d465dc998470e290a5ada5356ad70cc748
  421. https://gitlab.com/whonix/onion-grater/-/commit/4b13181ac4743c9a969164b81bf840eb85325fb7
  422. https://gitlab.com/whonix/onion-grater/-/commit/e36db8f769230959ea07ce44ede333aef00a39e5
  423. https://gitlab.com/whonix/onion-grater/-/commit/63eb2f20b302dbdb902629d166c444bb4826d4df
  424. https://gitlab.com/whonix/onion-grater/-/commit/132ac995c750d6fd19e095bf1f2fc76f41985ee6
  425. https://gitlab.com/whonix/onion-grater/-/commit/2d67dfddb301ed0589f368b47051cdd74e745c61
  426. https://gitlab.com/whonix/open-link-confirmation/-/commit/38e03d1737b185934fc0a6f4c3558b1666c2a978
  427. https://gitlab.com/whonix/qubes-whonix/-/commit/47fb073dae35b9e6b23b6c5a227a85ed7f129ee3
  428. https://gitlab.com/whonix/qubes-whonix/-/commit/1359ef3e47715c04d4a4d071b3ca0679a4020b01
  429. https://gitlab.com/whonix/qubes-whonix/-/commit/f2190c69cb5859b0f0b6242fc20a84811ef83fb3
  430. https://gitlab.com/whonix/sdwdate/-/commit/96151eb6a7c061f7ce56bb1c76a327cbc90046a3
  431. https://gitlab.com/whonix/sdwdate/-/commit/8bb53ef360939fe4529f3c39e5811ee44ea96c75
  432. https://gitlab.com/whonix/sdwdate/-/commit/6b5f10195133d88fdc89d2fe737651fbf2e07063
  433. https://gitlab.com/whonix/sdwdate/-/commit/e6032989d3053e92758aefc83e3413c593de354c
  434. https://gitlab.com/whonix/sdwdate/-/commit/8911f33e4d48877ad415379c7e252318c255a9d9
  435. https://gitlab.com/whonix/sdwdate/-/commit/caca7f412c4b19b5c7db2e3394a870e4d5124fa7
  436. https://gitlab.com/whonix/sdwdate/-/commit/6215a9ea996e9db970059c3b4ad58d17016b7483
  437. https://gitlab.com/whonix/sdwdate/-/commit/7a43153a2fe80eb492b1abf14f1f20bb66da02f5
  438. https://gitlab.com/whonix/sdwdate/-/commit/0d43f1a2a6f8796d6d46e34a81788a0a7293f089
  439. https://gitlab.com/whonix/sdwdate-gui/-/commit/374bc31c8bd97de6e2f4f578e120daf70527e9eb
  440. https://gitlab.com/whonix/sdwdate-gui/-/commit/c694998f22e36ff142213ff177e789acec3f2dce
  441. https://gitlab.com/whonix/sdwdate-gui/-/commit/7d9b5044a35d19e44454e0fbdf34efa055b30ef5
  442. https://gitlab.com/whonix/sdwdate-gui/-/commit/a60a996ce2228830607aa7afdde8aec9d512daa0
  443. https://gitlab.com/whonix/sdwdate-gui/-/commit/21d35022ab47dde44eacbef75c5d6c2260125521
  444. https://gitlab.com/whonix/sdwdate-gui/-/commit/e371e234a15cbaf89181798a204192d2a92df089
  445. https://gitlab.com/whonix/sdwdate-gui/-/commit/d4f963b6e5aa434dfc38229faaf2a7eef932dde4
  446. https://gitlab.com/whonix/sdwdate-gui/-/commit/5141ec63cd230ec825e7f15ff5d74e81605b174f
  447. https://gitlab.com/whonix/security-misc/-/commit/4f6f588fb53d2756d867ac7e29fb42f4f8fdb335
  448. https://gitlab.com/whonix/setup-wizard-dist/-/commit/30a03972b164f91faa20e11d50fb4ec2d5ffea0d
  449. https://gitlab.com/whonix/systemcheck/-/commit/3f2d5f8b4082e148c9d293c1f22bf7f50697655b
  450. https://gitlab.com/whonix/systemcheck/-/commit/9ba59c89e4f651463cb23007a7f921be419145c1
  451. https://gitlab.com/whonix/systemcheck/-/commit/4051ffb6afc07dddee329117e93e3656d971d6d3
  452. https://gitlab.com/whonix/systemcheck/-/commit/f200d0fd05a097734f346e89a50fc1a4dab39574
  453. https://gitlab.com/whonix/tb-starter/-/commit/756060c7ee158d3d156c1d9129b90c57f4bbd664
  454. https://gitlab.com/whonix/tb-updater/-/commit/4cdf6dbbf79c19ecfc8f8a9ff0cc4f48f494b14e
  455. https://gitlab.com/whonix/tb-updater/-/commit/e4f73a11bd0e01ccbee63eccd2c04b01c6234110
  456. https://gitlab.com/whonix/tb-updater/-/commit/b6d5ef20fcca243e32f7c0c51f63dbc74c04915a
  457. https://gitlab.com/whonix/tb-updater/-/commit/c3a7e8205a2474f6d12afe8810b51a3c6691dd84
  458. https://gitlab.com/whonix/tb-updater/-/commit/13b84940fe14cce61a3c9046e320d49461ae695e
  459. https://gitlab.com/whonix/tb-updater/-/commit/09c73931fef1bfa39f59a5395baef2757ac66688
  460. https://gitlab.com/whonix/tb-updater/-/commit/f79cb405e16aebbb70f63032089ae7fbac6df9f1
  461. https://gitlab.com/whonix/tb-updater/-/commit/279125241b1f27c167792a56d14830deb1a39836
  462. https://gitlab.com/whonix/tb-updater/-/commit/161a93905fed20c969603eef8359f233da94735a
  463. https://gitlab.com/whonix/tb-updater/-/commit/ab1700b724bfb50002ac5d3a793765b96ebc3ca8
  464. https://gitlab.com/whonix/tb-updater/-/commit/57e9817fd41d70462dbc04908db7bebbafa5140c
  465. https://gitlab.com/whonix/tor-control-panel/-/commit/4e4f87b865c61dcc98a8611e3306dbd39ccdc6dd
  466. https://gitlab.com/whonix/tor-control-panel/-/commit/05a733f9952054708786b158201f2d431f6cb3b1
  467. https://gitlab.com/whonix/tor-control-panel/-/commit/dabfac891b3defb46900db8821805cee02b0025e
  468. https://gitlab.com/whonix/tor-control-panel/-/commit/15fd57ac7aa82196a64361e9891690ed49ac68b8
  469. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/be5c0f984e3745f3a7361bd345c25d5bdf967ddb
  470. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/c47672486c5a7b86b067206787ffe9e9ca5d5e8d
  471. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/812dd00037a4d02bb8ed10d425a1b0f0eb35da2a
  472. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/d7d07a729ef28467bcdb348bcd4514067433d293
  473. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/8da9fac06e1f3799bf267bbc63a997802b013631
  474. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/99e2726a2e36bfdda5572fb03a5647a54747b32a
  475. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/f36b3550f849f6cef3fd372276973c82c98107ce
  476. https://gitlab.com/whonix/whonix-developer-meta-files/-/commit/9af0fd941b3ec7a7befcdbdf12442197a90e1e5d
  477. https://gitlab.com/whonix/whonix-firewall/-/commit/cda126ad2bdde60c42a3fc3349845ad3afc5ebf4
  478. https://gitlab.com/whonix/Whonix/-/commit/38827606b04cd08e7439e27e3c79216ab36879bf
  479. https://gitlab.com/whonix/Whonix/-/commit/e90bc12bfbbb1754cf4b3863c772b38e9e116acb
  480. https://gitlab.com/whonix/Whonix/-/commit/0f682f9dd382897fc55f87f35b8b0462e336aa89
  481. https://gitlab.com/whonix/Whonix/-/commit/ed5a8a6fce5f6d3963c6dcc2966138354a6858fe