summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorB Stack <bgstack15@gmail.com>2021-03-02 21:59:57 -0500
committerB Stack <bgstack15@gmail.com>2021-03-02 21:59:57 -0500
commit5bf076fa8606ecf6cc3cd1669a6b8056e2fd08cb (patch)
treec5e0673ffddf522edf2e5312847e4ca18bb04415
parentMerge branch 'notepadpp-bump' into 'master' (diff)
downloadstackrpms-5bf076fa8606ecf6cc3cd1669a6b8056e2fd08cb.tar.gz
stackrpms-5bf076fa8606ecf6cc3cd1669a6b8056e2fd08cb.tar.bz2
stackrpms-5bf076fa8606ecf6cc3cd1669a6b8056e2fd08cb.zip
nm 29.1.0 rc1
-rw-r--r--newmoon/debian/changelog127
-rw-r--r--newmoon/debian/newmoon+devuan.dsc2
-rw-r--r--palemoon/debian/changelog116
-rw-r--r--palemoon/debian/palemoon+devuan.dsc2
-rw-r--r--palemoon/palemoon.spec81
5 files changed, 209 insertions, 119 deletions
diff --git a/newmoon/debian/changelog b/newmoon/debian/changelog
index 24b5b2c..6dfdd11 100644
--- a/newmoon/debian/changelog
+++ b/newmoon/debian/changelog
@@ -1,3 +1,46 @@
+newmoon (29.1.0-1+devuan) obs; urgency=medium
+
+ * New features:
+ - Language packs for the following newly-supported languages:
+ Arabic (ar), Chinese Traditional (zh-TW), Croatian (hr), Danish (da),
+ Finnish (fi), Galician (gl), Indonesian (id), Icelandic (is), Japanese
+ (ja), Romanian (ro), Serbian (cyrillic) (sr), Slovenian (sl), Thai (th)
+ - Implemented String.prototype.replaceAll().
+ - Implemented JSON superset proposal.
+ - Implemented well-formed JSON stringify.
+ - Implemented numeric separators in JavaScript.
+ * Changes/fixes:
+ - Updated timezone data to 2021a.
+ - Updated the wording and inclusion of more select license blocks
+ in about:license.
+ - Updated some site-specific user-agent overrides for web
+ compatibility.
+ - Updated the lz4 library for performance and security updates.
+ - Improved performance of JSON stringify.
+ - Further improved support for building on FreeBSD.
+ - Fixed a regression where changes to useragent compatibility
+ required a restart to take effect.
+ - Fixed a regression where AES-GCM in WebCrypto ("subtle" crypto
+ API) wasn't working.
+ - This could make certain login procedures fail to work.
+ - Fixed a full browser deadlock when page scripting would flood
+ browsing history with rapid location state changes.
+ - Disabled AV1 codec use by default again since our implementation
+ has significant streaming issues (particularly audio) that needs
+ further work.
+ - Added required interaction with file/folder open dialog boxes on
+ html file input elements on some operating systems to avoid malicious
+ content tricking users into uploading sensitive files unintentionally
+ (related to CVE-2021-23956).
+ - Added a font sanity check to avoid triggering a potential
+ vulnerability on unpatched Windows operating systems (related to
+ CVE-2021-24093).
+ - Security issues addressed: CVE-2021-23974, CVE-2021-23973 and
+ several memory safety hazards that don't have CVE numbers.
+ - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 2
+ DiD, 19 not applicable.
+
+ -- B. Stack <bgstack15@gmail.com> Tue, 02 Mar 2021 21:53:23 -0500
newmoon (29.0.1-1+devuan) obs; urgency=medium
* Changes/fixes:
@@ -64,56 +107,56 @@ newmoon (29.0.0-1+devuan) obs; urgency=medium
newmoon (28.17.0-1+devuan) obs; urgency=low
* This is a development, bugfix and security update.
- - Changed the way dates and times are formatted in the UI to
+ - Changed the way dates and times are formatted in the UI to
properly adhere to the user's regional settings in the O.S.
- Re-enabled the DOM Filesystem API for web compatibility.
- - Moved the global user-agent override to the networking component.
+ - Moved the global user-agent override to the networking component.
See implementation notes.
- - Worked around crashes and run-time issues with module scripts.
+ - Worked around crashes and run-time issues with module scripts.
See implementation notes.
- - Fixed a website layout issue with table-styled elements
+ - Fixed a website layout issue with table-styled elements
potentially overlapping when placed inside a flexbox.
- Fixed some code logic issues with websockets.
- - Fixed a regression when waking the computer from standby causing
+ - Fixed a regression when waking the computer from standby causing
high CPU usage in some uncommon situations.
- - Updated the list of prohibited ports the browser can use. See
+ - Updated the list of prohibited ports the browser can use. See
implementation notes.
- Updated root certificates.
- - Windows: Changed the way downloaded files without an extension
+ - Windows: Changed the way downloaded files without an extension
are handled. See implementation notes.
- Mac-beta: Improved version detection of MacOS including Big Sur.
- Security issues addressed: CVE-2020-26978 and CVE-2020-35112.
- - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
+ - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
deferred to the next release, 16 not applicable.
- - The global user-agent override was moved to the networking
- component where it is actually implemented. The new preference name is
- network.http.useragent.global_override. Please note that using a
- blanket override is normally (very) counterproductive and does not, in
- fact, help much with privacy. It would also override the compatibility
- modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
- now warn you if the user-agent is globally overridden (in preferences)
- and allow you to easily reset that override and re-enable the various
+ - The global user-agent override was moved to the networking
+ component where it is actually implemented. The new preference name is
+ network.http.useragent.global_override. Please note that using a
+ blanket override is normally (very) counterproductive and does not, in
+ fact, help much with privacy. It would also override the compatibility
+ modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
+ now warn you if the user-agent is globally overridden (in preferences)
+ and allow you to easily reset that override and re-enable the various
compatibility modes.
- - Module scripting caused some persistent and very hard to track
- browser crashes that we've narrowed down to a specific optimization in
- the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
- optimization is now disabled by default but if you need that little
- extra performance (usually only noticed in very optimized code or some
- benchmarks) then you can re-enable it, trading in stability, by setting
+ - Module scripting caused some persistent and very hard to track
+ browser crashes that we've narrowed down to a specific optimization in
+ the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
+ optimization is now disabled by default but if you need that little
+ extra performance (usually only noticed in very optimized code or some
+ benchmarks) then you can re-enable it, trading in stability, by setting
the new preference javascript.options.ion.inlining to true.
- - Prohibited ports: Pale Moon maintains a blacklist of ports the
- browser may normally not connect to on servers, to mitigate abusive web
- scripting employing your browser as an attack bot on servers (e.g. by
- connecting to mail servers or what not), NAT slipstreaming, and similar
- security issues. To more thoroughly prevent known abusable ports on
- servers, this list was extended with a number of additional default
+ - Prohibited ports: Pale Moon maintains a blacklist of ports the
+ browser may normally not connect to on servers, to mitigate abusive web
+ scripting employing your browser as an attack bot on servers (e.g. by
+ connecting to mail servers or what not), NAT slipstreaming, and similar
+ security issues. To more thoroughly prevent known abusable ports on
+ servers, this list was extended with a number of additional default
ports for various non-http protocols.
- - Downloaded files without a file extension: When a file without an
- extension is downloaded, we will now open the download folder where you
- may choose to take any specific action manually, instead of trying to
+ - Downloaded files without a file extension: When a file without an
+ extension is downloaded, we will now open the download folder where you
+ may choose to take any specific action manually, instead of trying to
execute it as a program or through an associated program.
- -- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
+ -- B. Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
newmoon (28.16.0-1+devuan) obs; urgency=low
@@ -152,7 +195,7 @@ newmoon (28.16.0-1+devuan) obs; urgency=low
- Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4
defense-in-depth, 3 rejected, 20 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500
newmoon (28.15.0-1+devuan) obs; urgency=low
@@ -168,37 +211,37 @@ newmoon (28.15.0-1+devuan) obs; urgency=low
* disable eme to match palemoon.
* so now newmoon's only changes are config location and branding.
- -- Ben Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400
newmoon (28.14.2-3+devuan) obs; urgency=low
* disable all use-system options to see if stability returns
- -- Ben Stack <bgstack15@gmail.com> Fri, 23 Oct 2020 14:58:17 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 23 Oct 2020 14:58:17 -0400
newmoon (28.14.2-2+devuan) obs; urgency=low
* revert to gtk2 to see if stability returns
- -- Ben Stack <bgstack15@gmail.com> Fri, 23 Oct 2020 22:40:55 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 23 Oct 2020 22:40:55 -0400
newmoon (28.14.2-1+devuan) obs; urgency=low
* Update version
- -- Ben Stack <bgstack15@gmail.com> Mon, 05 Oct 2020 09:07:33 -0400
+ -- B. Stack <bgstack15@gmail.com> Mon, 05 Oct 2020 09:07:33 -0400
newmoon (28.13.0-5+devuan) obs; urgency=medium
* Import bluemoon icons from Gord N. Squash
- -- Ben Stack <bgstack15@gmail.com> Wed, 16 Sep 2020 19:16:08 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 16 Sep 2020 19:16:08 -0400
newmoon (28.13.0-4+devuan) obs; urgency=low
* Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release
- -- Ben Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400
newmoon (28.13.0-3+devuan) obs; urgency=medium
@@ -253,7 +296,7 @@ newmoon (28.13.0-3+devuan) obs; urgency=medium
users to enable this function for websites that use its utility but do
not use WebComponents.
- -- Ben Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400
newmoon (28.12.0-2+devuan) obs; urgency=low
@@ -264,10 +307,10 @@ newmoon (28.12.0-2+devuan) obs; urgency=low
- enable webrtc
- enable system libraries for everything possible
- -- Ben Stack <bgstack15@gmail.com> Thu, 27 Aug 2020 16:55:11 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 27 Aug 2020 16:55:11 -0400
newmoon (28.12.0-1+devuan) UNRELEASED; urgency=low
* First release of newmoon.
- -- Ben Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400
diff --git a/newmoon/debian/newmoon+devuan.dsc b/newmoon/debian/newmoon+devuan.dsc
index ff2b2fc..f8dc554 100644
--- a/newmoon/debian/newmoon+devuan.dsc
+++ b/newmoon/debian/newmoon+devuan.dsc
@@ -2,7 +2,7 @@ Format: 3.0 (quilt)
Source: newmoon
Binary: newmoon
Architecture: any
-Version: 29.0.1-1+devuan
+Version: 29.1.0-1+devuan
Maintainer: B Stack <bgstack15@gmail.com>
Homepage: http://www.palemoon.org/
Standards-Version: 4.1.4
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog
index 86923f6..479f469 100644
--- a/palemoon/debian/changelog
+++ b/palemoon/debian/changelog
@@ -1,3 +1,47 @@
+palemoon (29.1.0-1+devuan) obs; urgency=medium
+
+ * New features:
+ - Language packs for the following newly-supported languages:
+ Arabic (ar), Chinese Traditional (zh-TW), Croatian (hr), Danish (da),
+ Finnish (fi), Galician (gl), Indonesian (id), Icelandic (is), Japanese
+ (ja), Romanian (ro), Serbian (cyrillic) (sr), Slovenian (sl), Thai (th)
+ - Implemented String.prototype.replaceAll().
+ - Implemented JSON superset proposal.
+ - Implemented well-formed JSON stringify.
+ - Implemented numeric separators in JavaScript.
+ * Changes/fixes:
+ - Updated timezone data to 2021a.
+ - Updated the wording and inclusion of more select license blocks
+ in about:license.
+ - Updated some site-specific user-agent overrides for web
+ compatibility.
+ - Updated the lz4 library for performance and security updates.
+ - Improved performance of JSON stringify.
+ - Further improved support for building on FreeBSD.
+ - Fixed a regression where changes to useragent compatibility
+ required a restart to take effect.
+ - Fixed a regression where AES-GCM in WebCrypto ("subtle" crypto
+ API) wasn't working.
+ - This could make certain login procedures fail to work.
+ - Fixed a full browser deadlock when page scripting would flood
+ browsing history with rapid location state changes.
+ - Disabled AV1 codec use by default again since our implementation
+ has significant streaming issues (particularly audio) that needs
+ further work.
+ - Added required interaction with file/folder open dialog boxes on
+ html file input elements on some operating systems to avoid malicious
+ content tricking users into uploading sensitive files unintentionally
+ (related to CVE-2021-23956).
+ - Added a font sanity check to avoid triggering a potential
+ vulnerability on unpatched Windows operating systems (related to
+ CVE-2021-24093).
+ - Security issues addressed: CVE-2021-23974, CVE-2021-23973 and
+ several memory safety hazards that don't have CVE numbers.
+ - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 2
+ DiD, 19 not applicable.
+
+ -- B. Stack <bgstack15@gmail.com> Tue, 02 Mar 2021 21:53:23 -0500
+
palemoon (29.0.1-1+devuan) obs; urgency=medium
* Changes/fixes:
@@ -113,7 +157,7 @@ palemoon (28.17.0-1+devuan) obs; urgency=low
may choose to take any specific action manually, instead of trying to
execute it as a program or through an associated program.
- -- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
+ -- B. Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
palemoon (28.16.0-1+devuan) obs; urgency=low
@@ -152,7 +196,7 @@ palemoon (28.16.0-1+devuan) obs; urgency=low
- Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4
defense-in-depth, 3 rejected, 20 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500
palemoon (28.15.0-1+devuan) obs; urgency=low
@@ -165,20 +209,20 @@ palemoon (28.15.0-1+devuan) obs; urgency=low
- Security issues fixed: CVE-2020-15680 (VG-VD-20-115) and several memory safety hazards.
- Unified XUL Platform Mozilla Security Patch Summary: 1 fixed, 2 defense-in-depth, 12 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400
palemoon (28.14.2-1+devuan) obs; urgency=low
* Fixed some additional crashes caused by the ResizeObserver API. This should take care of all crashes that have been attributed to this new code.
* Fixed erroneous parsing of CSS percentages as number values.
- -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:40 -0400
+ -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:40 -0400
palemoon (28.14.1-1+devuan) UNRELEASED; urgency=low
* This update addresses an intermittent crash in the newly-implemented ResizeObserver API (introduced in 28.14.0) occurring on a number of high-profile and often-used websites.
- -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:30 -0400
+ -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:30 -0400
palemoon (28.14.0-1+devuan) UNRELEASED; urgency=low
@@ -204,13 +248,13 @@ palemoon (28.14.0-1+devuan) UNRELEASED; urgency=low
* Security issues fixed: CVE-2020-15676 and CVE-2020-15677
* Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 defense-in-depth, 7 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:20 -0400
+ -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:20 -0400
palemoon (28.13.0-4+devuan) obs; urgency=low
* Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release
- -- Ben Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400
palemoon (28.13.0-3+devuan) obs; urgency=medium
@@ -265,7 +309,7 @@ palemoon (28.13.0-3+devuan) obs; urgency=medium
users to enable this function for websites that use its utility but do
not use WebComponents.
- -- Ben Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400
palemoon (28.12.0-1+devuan) obs; urgency=medium
@@ -319,7 +363,7 @@ palemoon (28.12.0-1+devuan) obs; urgency=medium
concerns (i.e. the main program .exe could also be replaced/infected in
that case).
- -- Ben Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400
palemoon (28.11.0-1+devuan) obs; urgency=medium
@@ -374,7 +418,7 @@ palemoon (28.11.0-1+devuan) obs; urgency=medium
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 4
defense-in-depth, 10 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400
palemoon (28.10.0-1+devuan) obs; urgency=medium
@@ -406,7 +450,7 @@ palemoon (28.10.0-1+devuan) obs; urgency=medium
- Unified XUL Platform Mozilla Security Patch Summary: 1 fixed, 1
- defense-in-depth, 8 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Fri, 05 Jun 2020 09:15:04 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 05 Jun 2020 09:15:04 -0400
palemoon (28.9.3-1+devuan) obs; urgency=medium
@@ -418,13 +462,13 @@ palemoon (28.9.3-1+devuan) obs; urgency=medium
- Improved memory safety in the XUL window destructor. DiD
- Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 Defense-in-depth, 16 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Fri, 08 May 2020 10:39:55 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 08 May 2020 10:39:55 -0400
palemoon (28.9.2-2+devuan) obs; urgency=medium
* testing OBS build optimization and removing animation from about dialog
- -- Ben Stack <bgstack15@gmail.com> Tue, 06 May 2020 15:08:46 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 06 May 2020 15:08:46 -0400
palemoon (28.9.2-1+devuan) obs; urgency=medium
@@ -435,7 +479,7 @@ palemoon (28.9.2-1+devuan) obs; urgency=medium
- To enable this, set `browser.urlbar.decodeURLsOnCopy` to true in about:config
- Fixed several application crashes (thanks, Fysac!)
- -- Ben Stack <bgstack15@gmail.com> Thu, 30 Apr 2020 10:11:14 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 30 Apr 2020 10:11:14 -0400
palemoon (28.9.1-1+devuan) obs; urgency=medium
@@ -450,7 +494,7 @@ palemoon (28.9.1-1+devuan) obs; urgency=medium
- Fixed an issue with handling functions with rest parameters. DiD
- Unified XUL Platform Mozilla Security Patch Summary: 2 Defense-in-depth, 14 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Fri, 10 Apr 2020 13:58:30 -0400
+ -- B. Stack <bgstack15@gmail.com> Fri, 10 Apr 2020 13:58:30 -0400
palemoon (28.9.0.2-1+devuan) obs; urgency=medium
@@ -459,13 +503,13 @@ palemoon (28.9.0.2-1+devuan) obs; urgency=medium
- Fixed an issue with cache behavior where some users would have trouble having their windows and tabs restored in "soft refresh" mode (see v28.9.0 release notes).
- To solve this, we reverted to the previous (pull from cache) mode for now while we investigate the cause.
- -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 07:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 07:50:02 -0400
palemoon (28.9.0.1-1+devuan) UNRELEASED; urgency=medium
* From releasenotes.shtml: This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users.
- -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 06:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 06:50:02 -0400
palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium
@@ -520,7 +564,7 @@ palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium
- Updated our sctp library code with several upstream fixes.
- Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 05:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 05:50:02 -0400
palemoon (28.8.4-1+devuan) obs; urgency=low
@@ -528,7 +572,7 @@ palemoon (28.8.4-1+devuan) obs; urgency=low
- Implemented optional catch binding (ES2019).
- Fixed a hazardous crash related to module scripting (CVE-2020-9545).
- -- Ben Stack <bgstack15@gmail.com> Mon, 02 Mar 2020 16:37:14 -0500
+ -- B. Stack <bgstack15@gmail.com> Mon, 02 Mar 2020 16:37:14 -0500
palemoon (28.8.3-1+devuan) obs; urgency=medium
@@ -541,14 +585,14 @@ palemoon (28.8.3-1+devuan) obs; urgency=medium
- Fixed an issue in the html parser after using HTML5 template tags, allowing JavaScript parsing and execution when it should not be allowed, risking XSS vulnerabilities on sites relying on correct operation of the browser. (CVE-2020-6798)
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 2 DiD, 10 not applicable.
- -- Ben Stack <bgstack15@gmail.com> Wed, 18 Feb 2020 11:06:28 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 18 Feb 2020 11:06:28 -0500
palemoon (28.8.2.1-1+devuan) obs; urgency=medium
* From releasenotes.shtml: This is a small bugfix and compatibility update.
- This is a minor release in response to YouTube deprecating their old web UI. This change will enable the new YouTube UI by default.
- -- Ben Stack <bgstack15@gmail.com> Wed, 05 Feb 2020 08:08:06 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 05 Feb 2020 08:08:06 -0500
palemoon (28.8.2-1+devuan) obs; urgency=medium
@@ -557,7 +601,7 @@ palemoon (28.8.2-1+devuan) obs; urgency=medium
- Fixed an issue where FTP servers would hang the browser if they were not sending answers according to the protocol specification.
- Added a workaround for GitHub trying to enforce more Google-isms (which we don't support at this time) to browsers that identify as "Firefox-alike".
- -- Ben Stack <bgstack15@gmail.com> Tue, 28 Jan 2020 16:50:56 -0500
+ -- B. Stack <bgstack15@gmail.com> Tue, 28 Jan 2020 16:50:56 -0500
palemoon (28.8.1-1+devuan) obs; urgency=medium
@@ -570,7 +614,7 @@ palemoon (28.8.1-1+devuan) obs; urgency=medium
- Fixed an issue with the JavaScript JIT compiler that could lead to exploitable crashes. (CVE-2019-17026) actively exploited
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 7 DiD, 12 not applicable.
- -- B Stack <bgstack15@gmail.com> Mon, 13 Jan 2020 10:24:21 -0500
+ -- B. Stack <bgstack15@gmail.com> Mon, 13 Jan 2020 10:24:21 -0500
palemoon (28.8.0-1+devuan) obs; urgency=medium
@@ -624,7 +668,7 @@ palemoon (28.8.0-1+devuan) obs; urgency=medium
- Updated NSS to 3.41.4 to address CVE-2019-11756 and CVE-2019-11745.
- Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 8 DiD, 16 not applicable.
- -- B Stack <bgstack15@gmail.com> Wed, 11 Dec 2019 08:06:45 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 11 Dec 2019 08:06:45 -0500
palemoon (28.7.2-1+devuan) obs; urgency=medium
@@ -644,7 +688,7 @@ palemoon (28.7.2-1+devuan) obs; urgency=medium
- Sec bug fixes: CVE-2019-15903, CVE-2019-11757, CVE-2019-11763 and several potentially exploitable crashes and memory safety hazards that don't have a CVE number.
- Unified XUL Platform Mozilla Security Patch Summary: 6 fixed, 6 DiD, 1 rejected, 24 not applicable.
- -- B Stack <bgstack15@gmail.com> Tue, 29 Oct 2019 16:44:47 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 29 Oct 2019 16:44:47 -0400
palemoon (28.7.1-1+devuan) obs; urgency=medium
@@ -656,7 +700,7 @@ palemoon (28.7.1-1+devuan) obs; urgency=medium
- Fixed security issues: CVE-2019-11744, CVE-2019-11752, CVE-2019-11737, CVE-2019-11746, CVE-2019-11750, CVE-2019-11747 and CVE-2019-11738.
- Unified XUL Platform Mozilla Security Patch Summary: 7 fixed, 1 DiD, 1 already covered, 22 not applicable.
- -- B Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400
palemoon (28.7.0-1+devuan) obs; urgency=medium
@@ -704,13 +748,13 @@ palemoon (28.7.0-1+devuan) obs; urgency=medium
- Removed the Financial Times' polyfill user-agent override since they
updated their detection to work with Pale Moon.
- -- B Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400
+ -- B. Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400
palemoon (28.6.1-3+devuan) obs; urgency=medium
* Specify gcc-8 on debian buster which is the upstream for beowulf/ceres.
- -- B Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400
palemoon (28.6.1-2+devuan) obs; urgency=medium
@@ -737,7 +781,7 @@ palemoon (28.6.1-1+devuan) manual; urgency=low
- Added a port safety check for Alternative Services.
- Implemented fixes for applicable security issues: CVE-2019-11719, CVE-2019-11711, CVE-2019-11715, CVE-2019-11717, CVE-2019-11714 (DiD), CVE-2019-11729 (DiD), CVE-2019-11727 (DiD), CVE-2019-11730 (DiD), CVE-2019-11713 (DiD) and several networking and memory-safety hazards that do not have CVE numbers.
- -- B Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400
+ -- B. Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400
palemoon (28.6.0.1-1+devuan) manual; urgency=low
@@ -748,7 +792,7 @@ palemoon (28.6.0.1-1+devuan) manual; urgency=low
- Updated the WhatsApp Web site-specific user-agent override to respond to Google refusing access based on the old string.
- Updated the branding for the portable launcher.
- -- B Stack <bgstack15@gmail.com> Fri, 5 Jul 2019 16:29:51 -0500
+ -- B. Stack <bgstack15@gmail.com> Fri, 5 Jul 2019 16:29:51 -0500
palemoon (28.6.0-1+devuan) manual; urgency=low
@@ -797,7 +841,7 @@ palemoon (28.6.0-1+devuan) manual; urgency=low
- Fixed a build issue with Gnu-CC on PPC64.
- Fixed browser.link.open_newwindow functionality.
- -- B Stack <bgstack15@gmail.com> Tue, 2 Jul 2019 11:31:51 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 2 Jul 2019 11:31:51 -0400
palemoon (28.5.2-1+devuan) manual; urgency=low
@@ -819,7 +863,7 @@ palemoon (28.5.2-1+devuan) manual; urgency=low
- Applicable security issues fixed: CVE-2019-7317, CVE-2019-11701, CVE-2019-11698, CVE-2019-9817 (DiD), CVE-2019-11700, CVE-2019-11696, CVE-2019-11693, and several potentially exploitable crashes and memory safety hazards that do not have a CVE number assigned to them.
- Fixed issues with image/texture allocation incorrectly being marked as insecure.
- -- B Stack <bgstack15@gmail.com> Tue, 4 Jun 2019 22:22:10 -0400
+ -- B. Stack <bgstack15@gmail.com> Tue, 4 Jun 2019 22:22:10 -0400
palemoon (28.5.0-1+devuan) manual; urgency=low
@@ -873,7 +917,7 @@ palemoon (28.5.0-1+devuan) manual; urgency=low
- Fixed several memory safety hazards and crashes.
- Windows binaries are now code-signed again (including the setup program for the installer).
- -- B Stack <bgstack15@gmail.com> Tue, 30 Apr 2019 08:36:47 -0500
+ -- B. Stack <bgstack15@gmail.com> Tue, 30 Apr 2019 08:36:47 -0500
palemoon (28.4.1-1devuan) manual; urgency=low
@@ -889,7 +933,7 @@ palemoon (28.4.1-1devuan) manual; urgency=low
- Fixed several memory safety hazards and crashes.
- Binaries are now code-signed again (including the setup program for the installer).
- -- B Stack <bgstack15@gmail.com> Fri, 29 Mar 2019 14:42:19 -0500
+ -- B. Stack <bgstack15@gmail.com> Fri, 29 Mar 2019 14:42:19 -0500
palemoon (28.4.0-1devuan) manual; urgency=low
@@ -917,13 +961,13 @@ palemoon (28.4.0-1devuan) manual; urgency=low
- Fixed several potentially-exploitable memory safety hazards and crashes. (DiD)
- Fixed a possible data race when performing compacting GC.
- -- B Stack <bgstack15@gmail.com> Wed, 20 Feb 2019 16:42:43 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 20 Feb 2019 16:42:43 -0500
palemoon (28.3.1-1devuan) manual; urgency=medium
* Initial build for devuan
- -- B Stack <bgstack15@gmail.com> Wed, 23 Jan 2019 13:11:18 -0500
+ -- B. Stack <bgstack15@gmail.com> Wed, 23 Jan 2019 13:11:18 -0500
palemoon (28.3.0+repack-1) obs; urgency=medium
diff --git a/palemoon/debian/palemoon+devuan.dsc b/palemoon/debian/palemoon+devuan.dsc
index f10c3aa..c434bdc 100644
--- a/palemoon/debian/palemoon+devuan.dsc
+++ b/palemoon/debian/palemoon+devuan.dsc
@@ -2,7 +2,7 @@ Format: 3.0 (quilt)
Source: palemoon
Binary: palemoon
Architecture: any
-Version: 29.0.1-1+devuan
+Version: 29.1.0-1+devuan
Maintainer: B Stack <bgstack15@gmail.com>
Homepage: http://www.palemoon.org/
Standards-Version: 4.1.4
diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec
index 7767562..7d88d5d 100644
--- a/palemoon/palemoon.spec
+++ b/palemoon/palemoon.spec
@@ -5,7 +5,7 @@
%global stackrpms_custom 1
# derive from inside the source tree or from https://repo.palemoon.org/MoonchildProductions/Pale-Moon/releases
# git submodule | awk -v "name=platform" '$2 == name {gsub("-","",$1); print $1}'
-%global submodule_platform_tag RELBASE_20210205
+%global submodule_platform_tag RELBASE_20210302
# additional repos to get python27 and devtoolset-7
# for el6 and el7: Software Collection;, for x86_64 only
@@ -42,7 +42,7 @@ Name: palemoon-stackrpms
Name: palemoon
%endif
Summary: Pale Moon web browser
-Version: 29.0.1
+Version: 29.1.0
Release: 1
Group: Networking/Web
@@ -285,127 +285,130 @@ update-mime-database -n ${_datadir}/mime 1>/dev/null 2>&1 & :
%doc AUTHORS LICENSE
%changelog
+* Tue Mar 02 2021 B. Stack <bgstack15@gmail.com> - 29.1.0-1
+- update version
+
* Mon Feb 15 2021 B. Stack <bgstack15@gmail.com> - 29.0.1-1
- update version
* Tue Feb 02 2021 B. Stack <bgstack15@gmail.com> - 29.0.0-1
- update version
-* Fri Dec 18 2020 B Stack <bgstack15@gmail.com> - 28.17.0-1
+* Fri Dec 18 2020 B. Stack <bgstack15@gmail.com> - 28.17.0-1
- update version
-* Wed Nov 25 2020 B Stack <bgstack15@gmail.com> - 28.16.0-1
+* Wed Nov 25 2020 B. Stack <bgstack15@gmail.com> - 28.16.0-1
- update version
-* Tue Oct 27 2020 B Stack <bgstack15@gmail.com> - 28.15.0-1
+* Tue Oct 27 2020 B. Stack <bgstack15@gmail.com> - 28.15.0-1
- update version
- change sources to upstream new location, repos.palemoon.org
-* Sat Oct 03 2020 B Stack <bgstack15@gmail.com> - 28.14.2-1
+* Sat Oct 03 2020 B. Stack <bgstack15@gmail.com> - 28.14.2-1
- update version
-* Fri Sep 25 2020 B Stack <bgstack15@gmail.com> - 28.13.0-2
+* Fri Sep 25 2020 B. Stack <bgstack15@gmail.com> - 28.13.0-2
- use valid RELBASE. Upstream probably unpublished RELBASE_20200831
-* Fri Sep 04 2020 B Stack <bgstack15@gmail.com> - 28.13.0-1
+* Fri Sep 04 2020 B. Stack <bgstack15@gmail.com> - 28.13.0-1
- update version
-* Wed Aug 05 2020 B Stack <bgstack15@gmail.com> - 28.12.0-1
+* Wed Aug 05 2020 B. Stack <bgstack15@gmail.com> - 28.12.0-1
- update version
-* Tue Jul 14 2020 B Stack <bgstack15@gmail.com> - 28.11.0-1
+* Tue Jul 14 2020 B. Stack <bgstack15@gmail.com> - 28.11.0-1
- update version
-* Fri Jun 05 2020 B Stack <bgstack15@gmail.com> - 28.10.0-1
+* Fri Jun 05 2020 B. Stack <bgstack15@gmail.com> - 28.10.0-1
- update version
-* Tue May 26 2020 B Stack <bgstack15@gmail.com> - 28.9.3-2
+* Tue May 26 2020 B. Stack <bgstack15@gmail.com> - 28.9.3-2
- add the aboutdialog customization
-* Fri May 08 2020 B Stack <bgstack15@gmail.com> - 28.9.3-1
+* Fri May 08 2020 B. Stack <bgstack15@gmail.com> - 28.9.3-1
- update version
-* Tue May 05 2020 B Stack <bgstack15@gmail.com> - 28.9.2-2
+* Tue May 05 2020 B. Stack <bgstack15@gmail.com> - 28.9.2-2
- Add customization to about dialog
-* Thu Apr 30 2020 B Stack <bgstack15@gmail.com> - 28.9.2-1
+* Thu Apr 30 2020 B. Stack <bgstack15@gmail.com> - 28.9.2-1
- update version
-* Fri Apr 10 2020 B Stack <bgstack15@gmail.com> - 28.9.1-1
+* Fri Apr 10 2020 B. Stack <bgstack15@gmail.com> - 28.9.1-1
- update version
-* Thu Mar 26 2020 B Stack <bgstack15@gmail.com> - 28.9.0.2-1
+* Thu Mar 26 2020 B. Stack <bgstack15@gmail.com> - 28.9.0.2-1
- update version
- add git submodule support
-* Mon Mar 02 2020 B Stack <bgstack15@gmail.com> - 28.8.4-1
+* Mon Mar 02 2020 B. Stack <bgstack15@gmail.com> - 28.8.4-1
- update version
-* Tue Feb 18 2020 B Stack <bgstack15@gmail.com> - 28.8.3-1
+* Tue Feb 18 2020 B. Stack <bgstack15@gmail.com> - 28.8.3-1
- update version
-* Wed Feb 05 2020 B Stack <bgstack15@gmail.com> - 28.8.2.1-1
+* Wed Feb 05 2020 B. Stack <bgstack15@gmail.com> - 28.8.2.1-1
- update version
- drop the vanilla release
-* Tue Jan 28 2020 B Stack <bgstack15@gmail.com> - 28.8.2-1
+* Tue Jan 28 2020 B. Stack <bgstack15@gmail.com> - 28.8.2-1
- update version
-* Mon Jan 13 2020 B Stack <bgstack15@gmail.com> - 28.8.1-1
+* Mon Jan 13 2020 B. Stack <bgstack15@gmail.com> - 28.8.1-1
- update version
- place binary in /usr/bin instead of /usr/local/bin
-* Wed Dec 11 2019 B Stack <bgstack15@gmail.com> - 28.8.0-1
+* Wed Dec 11 2019 B. Stack <bgstack15@gmail.com> - 28.8.0-1
- update version
- fc30 now also explicitly requires python2-devel. Fc31 already did.
-* Wed Oct 30 2019 B Stack <bgstack15@gmail.com> - 28.7.2-1
+* Wed Oct 30 2019 B. Stack <bgstack15@gmail.com> - 28.7.2-1
- update version
- remove custom patch for mz1533969 because it was upstreamed
- buildrequires use ssl lib name instead of package name to use either package
-* Thu Sep 12 2019 B Stack <bgstack15@gmail.com> - 28.7.1-1
+* Thu Sep 12 2019 B. Stack <bgstack15@gmail.com> - 28.7.1-1
- update version
-* Wed Sep 04 2019 B Stack <bgstack15@gmail.com> - 28.7.0-1
+* Wed Sep 04 2019 B. Stack <bgstack15@gmail.com> - 28.7.0-1
- update version
-* Thu Jul 25 2019 B Stack <bgstack15@gmail.com> - 28.6.1-1
+* Thu Jul 25 2019 B. Stack <bgstack15@gmail.com> - 28.6.1-1
- update version
-* Mon Jul 8 2019 B Stack <bgstack15@gmail.com> - 28.6.0.1-2
+* Mon Jul 8 2019 B. Stack <bgstack15@gmail.com> - 28.6.0.1-2
- remove custom patches for stock build
-* Fri Jul 5 2019 B Stack <bgstack15@gmail.com> - 28.6.0.1-1
+* Fri Jul 5 2019 B. Stack <bgstack15@gmail.com> - 28.6.0.1-1
- update version
-* Tue Jul 2 2019 B Stack <bgstack15@gmail.com> - 28.6.0-1
+* Tue Jul 2 2019 B. Stack <bgstack15@gmail.com> - 28.6.0-1
- update version
- improve scriptlets for streamlining
-* Tue Jun 4 2019 B Stack <bgstack15@gmail.com> - 28.5.2-1
+* Tue Jun 4 2019 B. Stack <bgstack15@gmail.com> - 28.5.2-1
- update version
-* Tue Apr 30 2019 B Stack <bgstack15@gmail.com> - 28.5.0-1
+* Tue Apr 30 2019 B. Stack <bgstack15@gmail.com> - 28.5.0-1
- update version
-* Tue Feb 19 2019 B Stack <bgstack15@gmail.com> 28.4.0-1
+* Tue Feb 19 2019 B. Stack <bgstack15@gmail.com> 28.4.0-1
- update version
-* Wed Jan 23 2019 B Stack <bgstack15@gmail.com> 28.3.1-1
+* Wed Jan 23 2019 B. Stack <bgstack15@gmail.com> 28.3.1-1
- update version
-* Tue Jan 15 2019 B Stack <bgstack15@gmail.com> 28.3.0-1
+* Tue Jan 15 2019 B. Stack <bgstack15@gmail.com> 28.3.0-1
- update version
-* Mon Dec 10 2018 B Stack <bgstack15@gmail.com> 28.2.2-1
+* Mon Dec 10 2018 B. Stack <bgstack15@gmail.com> 28.2.2-1
- update version
-* Thu Sep 20 2018 B Stack <bgstack15@gmail.com> 28.1.0-1
+* Thu Sep 20 2018 B. Stack <bgstack15@gmail.com> 28.1.0-1
- update version
-* Thu Sep 13 2018 B Stack <bgstack15@gmail.com> 28.0.1-1
+* Thu Sep 13 2018 B. Stack <bgstack15@gmail.com> 28.0.1-1
- update version
-* Wed Sep 05 2018 B Stack <bgstack15@gmail.com> 28.0.0-1
+* Wed Sep 05 2018 B. Stack <bgstack15@gmail.com> 28.0.0-1
- rpm spec updated
bgstack15