nm 29.1.0 rc1

2 files changed, 86 insertions, 43 deletions

diff --git a/newmoon/debian/changelog b/newmoon/debian/changelog
index 24b5b2c..6dfdd11 100644
--- a/newmoon/debian/changelog
+++ b/newmoon/debian/changelog
@@ -1,3 +1,46 @@
+newmoon (29.1.0-1+devuan) obs; urgency=medium
+
+  * New features:
+    - Language packs for the following newly-supported languages:
+      Arabic (ar), Chinese Traditional (zh-TW), Croatian (hr), Danish (da),
+      Finnish (fi), Galician (gl), Indonesian (id), Icelandic (is), Japanese
+      (ja), Romanian (ro), Serbian (cyrillic) (sr), Slovenian (sl), Thai (th)
+    - Implemented String.prototype.replaceAll().
+    - Implemented JSON superset proposal.
+    - Implemented well-formed JSON stringify.
+    - Implemented numeric separators in JavaScript.
+  * Changes/fixes:
+    - Updated timezone data to 2021a.
+    - Updated the wording and inclusion of more select license blocks
+      in about:license.
+    - Updated some site-specific user-agent overrides for web
+      compatibility.
+    - Updated the lz4 library for performance and security updates.
+    - Improved performance of JSON stringify.
+    - Further improved support for building on FreeBSD.
+    - Fixed a regression where changes to useragent compatibility
+      required a restart to take effect.
+    - Fixed a regression where AES-GCM in WebCrypto ("subtle" crypto
+      API) wasn't working.
+    - This could make certain login procedures fail to work.
+    - Fixed a full browser deadlock when page scripting would flood
+      browsing history with rapid location state changes.
+    - Disabled AV1 codec use by default again since our implementation
+      has significant streaming issues (particularly audio) that needs
+      further work.
+    - Added required interaction with file/folder open dialog boxes on
+      html file input elements on some operating systems to avoid malicious
+      content tricking users into uploading sensitive files unintentionally
+      (related to CVE-2021-23956).
+    - Added a font sanity check to avoid triggering a potential
+      vulnerability on unpatched Windows operating systems (related to
+      CVE-2021-24093).
+    - Security issues addressed: CVE-2021-23974, CVE-2021-23973 and
+      several memory safety hazards that don't have CVE numbers.
+    - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 2
+      DiD, 19 not applicable.
+
+ -- B. Stack <bgstack15@gmail.com>  Tue, 02 Mar 2021 21:53:23 -0500
 newmoon (29.0.1-1+devuan) obs; urgency=medium
 
   * Changes/fixes:
@@ -64,56 +107,56 @@ newmoon (29.0.0-1+devuan) obs; urgency=medium
 newmoon (28.17.0-1+devuan) obs; urgency=low
 
   * This is a development, bugfix and security update.
-    - Changed the way dates and times are formatted in the UI to 
+    - Changed the way dates and times are formatted in the UI to
       properly adhere to the user's regional settings in the O.S.
     - Re-enabled the DOM Filesystem API for web compatibility.
-    - Moved the global user-agent override to the networking component. 
+    - Moved the global user-agent override to the networking component.
       See implementation notes.
-    - Worked around crashes and run-time issues with module scripts. 
+    - Worked around crashes and run-time issues with module scripts.
       See implementation notes.
-    - Fixed a website layout issue with table-styled elements 
+    - Fixed a website layout issue with table-styled elements
       potentially overlapping when placed inside a flexbox.
     - Fixed some code logic issues with websockets.
-    - Fixed a regression when waking the computer from standby causing 
+    - Fixed a regression when waking the computer from standby causing
       high CPU usage in some uncommon situations.
-    - Updated the list of prohibited ports the browser can use. See 
+    - Updated the list of prohibited ports the browser can use. See
       implementation notes.
     - Updated root certificates.
-    - Windows: Changed the way downloaded files without an extension 
+    - Windows: Changed the way downloaded files without an extension
       are handled. See implementation notes.
     - Mac-beta: Improved version detection of MacOS including Big Sur.
     - Security issues addressed: CVE-2020-26978 and CVE-2020-35112.
-    - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 
+    - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
       deferred to the next release, 16 not applicable.
-    - The global user-agent override was moved to the networking 
-      component where it is actually implemented. The new preference name is 
-      network.http.useragent.global_override. Please note that using a 
-      blanket override is normally (very) counterproductive and does not, in 
-      fact, help much with privacy. It would also override the compatibility 
-      modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will 
-      now warn you if the user-agent is globally overridden (in preferences) 
-      and allow you to easily reset that override and re-enable the various 
+    - The global user-agent override was moved to the networking
+      component where it is actually implemented. The new preference name is
+      network.http.useragent.global_override. Please note that using a
+      blanket override is normally (very) counterproductive and does not, in
+      fact, help much with privacy. It would also override the compatibility
+      modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
+      now warn you if the user-agent is globally overridden (in preferences)
+      and allow you to easily reset that override and re-enable the various
       compatibility modes.
-    - Module scripting caused some persistent and very hard to track 
-      browser crashes that we've narrowed down to a specific optimization in 
-      the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This 
-      optimization is now disabled by default but if you need that little 
-      extra performance (usually only noticed in very optimized code or some 
-      benchmarks) then you can re-enable it, trading in stability, by setting 
+    - Module scripting caused some persistent and very hard to track
+      browser crashes that we've narrowed down to a specific optimization in
+      the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
+      optimization is now disabled by default but if you need that little
+      extra performance (usually only noticed in very optimized code or some
+      benchmarks) then you can re-enable it, trading in stability, by setting
       the new preference javascript.options.ion.inlining to true.
-    - Prohibited ports: Pale Moon maintains a blacklist of ports the 
-      browser may normally not connect to on servers, to mitigate abusive web 
-      scripting employing your browser as an attack bot on servers (e.g. by 
-      connecting to mail servers or what not), NAT slipstreaming, and similar 
-      security issues. To more thoroughly prevent known abusable ports on 
-      servers, this list was extended with a number of additional default 
+    - Prohibited ports: Pale Moon maintains a blacklist of ports the
+      browser may normally not connect to on servers, to mitigate abusive web
+      scripting employing your browser as an attack bot on servers (e.g. by
+      connecting to mail servers or what not), NAT slipstreaming, and similar
+      security issues. To more thoroughly prevent known abusable ports on
+      servers, this list was extended with a number of additional default
       ports for various non-http protocols.
-    - Downloaded files without a file extension: When a file without an 
-      extension is downloaded, we will now open the download folder where you 
-      may choose to take any specific action manually, instead of trying to 
+    - Downloaded files without a file extension: When a file without an
+      extension is downloaded, we will now open the download folder where you
+      may choose to take any specific action manually, instead of trying to
       execute it as a program or through an associated program.
 
- -- Ben Stack <bgstack15@gmail.com>  Fri, 18 Dec 2020 13:52:12 -0500
+ -- B. Stack <bgstack15@gmail.com>  Fri, 18 Dec 2020 13:52:12 -0500
 
 newmoon (28.16.0-1+devuan) obs; urgency=low
 
@@ -152,7 +195,7 @@ newmoon (28.16.0-1+devuan) obs; urgency=low
     - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4
       defense-in-depth, 3 rejected, 20 not applicable.
 
- -- Ben Stack <bgstack15@gmail.com>  Wed, 25 Nov 2020 09:13:05 -0500
+ -- B. Stack <bgstack15@gmail.com>  Wed, 25 Nov 2020 09:13:05 -0500
 
 newmoon (28.15.0-1+devuan) obs; urgency=low
 
@@ -168,37 +211,37 @@ newmoon (28.15.0-1+devuan) obs; urgency=low
   * disable eme to match palemoon.
   * so now newmoon's only changes are config location and branding.
 
- -- Ben Stack <bgstack15@gmail.com>  Tue, 27 Oct 2020 20:05:31 -0400
+ -- B. Stack <bgstack15@gmail.com>  Tue, 27 Oct 2020 20:05:31 -0400
 
 newmoon (28.14.2-3+devuan) obs; urgency=low
 
   * disable all use-system options to see if stability returns
 
- -- Ben Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 14:58:17 -0400
+ -- B. Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 14:58:17 -0400
 
 newmoon (28.14.2-2+devuan) obs; urgency=low
 
   * revert to gtk2 to see if stability returns
 
- -- Ben Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 22:40:55 -0400
+ -- B. Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 22:40:55 -0400
 
 newmoon (28.14.2-1+devuan) obs; urgency=low
 
   * Update version
 
- -- Ben Stack <bgstack15@gmail.com>  Mon, 05 Oct 2020 09:07:33 -0400
+ -- B. Stack <bgstack15@gmail.com>  Mon, 05 Oct 2020 09:07:33 -0400
 
 newmoon (28.13.0-5+devuan) obs; urgency=medium
 
   * Import bluemoon icons from Gord N. Squash
 
- -- Ben Stack <bgstack15@gmail.com>  Wed, 16 Sep 2020 19:16:08 -0400
+ -- B. Stack <bgstack15@gmail.com>  Wed, 16 Sep 2020 19:16:08 -0400
 
 newmoon (28.13.0-4+devuan) obs; urgency=low
 
   * Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release
 
- -- Ben Stack <bgstack15@gmail.com>  Wed, 09 Sep 2020 14:43:04 -0400
+ -- B. Stack <bgstack15@gmail.com>  Wed, 09 Sep 2020 14:43:04 -0400
 
 newmoon (28.13.0-3+devuan) obs; urgency=medium
 
@@ -253,7 +296,7 @@ newmoon (28.13.0-3+devuan) obs; urgency=medium
       users to enable this function for websites that use its utility but do
       not use WebComponents.
 
- -- Ben Stack <bgstack15@gmail.com>  Fri, 04 Sep 2020 19:50:02 -0400
+ -- B. Stack <bgstack15@gmail.com>  Fri, 04 Sep 2020 19:50:02 -0400
 
 newmoon (28.12.0-2+devuan) obs; urgency=low
 
@@ -264,10 +307,10 @@ newmoon (28.12.0-2+devuan) obs; urgency=low
     - enable webrtc
     - enable system libraries for everything possible
 
- -- Ben Stack <bgstack15@gmail.com>  Thu, 27 Aug 2020 16:55:11 -0400
+ -- B. Stack <bgstack15@gmail.com>  Thu, 27 Aug 2020 16:55:11 -0400
 
 newmoon (28.12.0-1+devuan) UNRELEASED; urgency=low
 
   * First release of newmoon.
 
- -- Ben Stack <bgstack15@gmail.com>  Wed, 05 Aug 2020 14:43:18 -0400
+ -- B. Stack <bgstack15@gmail.com>  Wed, 05 Aug 2020 14:43:18 -0400
diff --git a/newmoon/debian/newmoon+devuan.dsc b/newmoon/debian/newmoon+devuan.dsc
index ff2b2fc..f8dc554 100644
--- a/newmoon/debian/newmoon+devuan.dsc
+++ b/newmoon/debian/newmoon+devuan.dsc
@@ -2,7 +2,7 @@ Format: 3.0 (quilt)
 Source: newmoon
 Binary: newmoon
 Architecture: any
-Version: 29.0.1-1+devuan
+Version: 29.1.0-1+devuan
 Maintainer: B Stack <bgstack15@gmail.com>
 Homepage: http://www.palemoon.org/
 Standards-Version: 4.1.4