summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--palemoon/debian/changelog81
-rw-r--r--palemoon/debian/control6
-rw-r--r--palemoon/debian/palemoon_devuan.dsc4
-rw-r--r--palemoon/debian/patches/fix_arm_FTBFS.patch78
-rw-r--r--palemoon/debian/patches/series1
-rwxr-xr-xpalemoon/debian/rules1
-rw-r--r--palemoon/palemoon-mozconfig2
-rw-r--r--palemoon/palemoon.spec7
8 files changed, 157 insertions, 23 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog
index 192aad6..0d57595 100644
--- a/palemoon/debian/changelog
+++ b/palemoon/debian/changelog
@@ -1,3 +1,58 @@
+palemoon (28.11.0-1+devuan) obs; urgency=medium
+
+ * This is a development, bugfix and security update.
+ - Changed storage format for certificates and passwords to SQLite.
+ - Added a preference (browser.tabs.insertAllAfterCurrent) to enable
+ always adding new tabs after the current tab, whether related or not.
+ - Changed the way Firefox extensions are displayed in the add-on
+ manager (provide a clear warning).
+ - Denied other types of add-ons that aren't explicitly targeting
+ Pale Moon's ID.
+ - Improved the browser's DPI-awareness to be per-monitor instead of
+ system-wide, on supported Windows operating systems.
+ - Updated bookmark backups code with the other half of what should
+ have been done way back when, so they work fully as-intended.
+ - Added a preference
+ (browser.bookmarks.editDialog.showForNewBookmarks) to enable
+ immediately showing the edit dialog for new bookmarks.
+ - If set to true, clicking the star in the address bar will pop
+ open the edit dialog immediately for changing details/sorting.
+ - Fixed the useragent string in native mode, and updated UA code to
+ properly respond to live changes to some preferences.
+ - Tidied up front-end browser JavaScript.
+ - Changed the way sources are compiled (on-going de-unification).
+ - Improved compatibility with gcc v10
+ - Removed support for the obsolete and unmaintained NVidia 3DVision
+ stereoscopic interface.
+ - Fixed some build issues in non-standard configurations.
+ - Fixed wrong positions when calculating the position for
+ position:absolute child inside a table.
+ - Aligned file name extension of saved url files with other
+ applications (lower case)
+ - Fixed building with --disable-webspeech (to disable speech
+ synthesis)
+ - Added global menubar support for GTK.
+ - Implemented node.getRootNode
+ - Implemented AbortController (Abort API)
+ - Improved the uninstaller to use elevation when prudent and
+ actually remove program files.
+ - Fixed a rare issue with editable page content.
+ - Fixed a crash related to ES module scripts.
+ - Aligned ES module scripting better with the current spec and
+ removed eager instantiation.
+ - Fixed a potential issue with the JPEG encoder. (CVE-2020-12422)
+ DiD
+ - Fixed a potential issue with AppCache manifests. DiD
+ - Fixed a potential crash in JavaScript date parsing.
+ - Fixed a problem with RSA key generation that would make it
+ potentially vulnerable to side-channel attacks. (CVE-2020-12402)
+ - Fixed a potential crash due to multithread race condition. DiD
+ - Fixed a correctness issue in URL handling. (CVE-2020-12418) DiD
+ - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 4
+ defense-in-depth, 10 not applicable.
+
+ -- Ben Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400
+
palemoon (28.10.0-1+devuan) obs; urgency=medium
* This is a development, bugfix and security update.
@@ -755,7 +810,7 @@ palemoon (28.1.0~repack-1) obs; urgency=medium
- Fixed toolbar styling in toolkit themes.
- Fixed viewing the source of a selection.
- * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and
+ * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and
recent Ubuntus where gcc-8 is default.
-- Steven Pusser <stevep@mxlinux.org> Mon, 17 Sep 2018 19:05:20 -0700
@@ -834,8 +889,8 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium
- Prevented various location-based threats. DiD
- Fixed a potential vulnerability with plugins being redirected to different
origins (CVE-2018-12364).
- - Improved the security check for launching executable files
- (by association) on Windows from the browser. For users who have (most
+ - Improved the security check for launching executable files
+ (by association) on Windows from the browser. For users who have (most
likely accidentally) granted a system-wide waiver for opening these kinds
of files without being prompted, this permission has been reset.
- Fixed an issue with invalid qcms transforms (CVE-2018-12366).
@@ -852,13 +907,13 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium
palemoon (27.9.3~repack-1~mx17+1) mx; urgency=medium
* New upstream security update:
-
+
- Changes/fixes:
- - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to
- that report, the libopus maintainers state they don't believe remote
+ - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to
+ that report, the libopus maintainers state they don't believe remote
code execution was possible, so this was not a critical patch.
- Fixed an issue with task counting in JS GC.
- - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks
+ - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks
to Berk Cem Göksel for reporting).
-- Steven Pusser <stevep@mxlinux.org> Tue, 12 Jun 2018 11:12:06 -0700
@@ -871,18 +926,18 @@ palemoon (27.9.2~repack-1~mx17+1) mx; urgency=medium
- We changed the language strings for softblocked items so people will cry
less when we do our job.
- (CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10.
- - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly
- rendering some Unicode characters, allowing for the file name to be
- spoofed. This could be used to obscure the file extension of potentially
+ - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly
+ rendering some Unicode characters, allowing for the file name to be
+ spoofed. This could be used to obscure the file extension of potentially
executable files from user view in the panel.
- (CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a
buffer overflow and crash if it occurs.
- - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia
+ - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia
library resulting in possible out-of-bounds writes.
- (CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating
attributes during SVG animations with clip paths.
- - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
- conversion within JavaScript with extremely large amounts of data. This
+ - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
+ conversion within JavaScript with extremely large amounts of data. This
vulnerability requires the use of a malicious or vulnerable extension in
order to occur.
- Fixed several stability issues (crashes) and memory safety hazards.
diff --git a/palemoon/debian/control b/palemoon/debian/control
index e9fa32b..e532400 100644
--- a/palemoon/debian/control
+++ b/palemoon/debian/control
@@ -8,21 +8,17 @@ Build-Depends: debhelper (>= 12),
autoconf2.13,
libasound2-dev,
libdbus-glib-1-dev (>= 0.60),
- libfontconfig-dev,
libgconf2-dev (>= 1.2.1),
libgtk2.0-dev (>= 2.14),
libssl-dev,
libx11-xcb-dev,
libxt-dev,
- lsb-release,
mesa-common-dev,
pkg-config,
python (>= 2.7),
unzip,
yasm (>= 1.1),
zip,
- zlib1g-dev,
-# libfontconfig-dev only added for Debian OBS which is choking as of 2020-04 on libfontconfig-dev | libfontconfig1-dev for deps: libgtk-3-dev, libpango1.0-dev, libcairo2-dev, libxft-dev
Standards-Version: 3.9.6
Homepage: http://www.palemoon.org/
@@ -30,7 +26,7 @@ Package: palemoon
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends},
libavcodec54 | libavcodec-extra54 |libavcodec55 | libavcodec-extra55 | libavcodec56 | libavcodec-extra56 | libavcodec57 | libavcodec-extra57 | libavcodec58 | libavcodec-extra58 | libavcodec-ffmpeg56 | libavcodec-ffmpeg-extra56
-Provides: x-www-browser
+Provides: gnome-www-browser, www-browser, x-www-browser
Conflicts: palemoon-nonsse2
Replaces: palemoon-nonsse2
Description: Firefox-based, efficient and easy to use web browser
diff --git a/palemoon/debian/palemoon_devuan.dsc b/palemoon/debian/palemoon_devuan.dsc
index 3e314ec..e373faf 100644
--- a/palemoon/debian/palemoon_devuan.dsc
+++ b/palemoon/debian/palemoon_devuan.dsc
@@ -2,11 +2,11 @@ Format: 3.0 (quilt)
Source: palemoon
Binary: palemoon
Architecture: any
-Version: 28.10.0-1+devuan
+Version: 28.11.0-1+devuan
Maintainer: B Stack <bgstack15@gmail.com>
Homepage: http://www.palemoon.org/
Standards-Version: 4.1.4
-Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, lsb-release, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip, zlib1g-dev, libfontconfig-dev
+Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip
Package-List:
palemoon deb web optional arch=any
Files:
diff --git a/palemoon/debian/patches/fix_arm_FTBFS.patch b/palemoon/debian/patches/fix_arm_FTBFS.patch
new file mode 100644
index 0000000..a8b1582
--- /dev/null
+++ b/palemoon/debian/patches/fix_arm_FTBFS.patch
@@ -0,0 +1,78 @@
+Description: Fix build failure on armhf arch
+Author: Steven Pusser <stevep@mxlinux.org>
+Last-Update: 2020-06-09
+
+--- palemoon-28.10.0.orig/platform/js/src/wasm/WasmBaselineCompile.cpp
++++ palemoon-28.10.0/platform/js/src/wasm/WasmBaselineCompile.cpp
+@@ -3391,7 +3391,7 @@ class BaseCompiler
+ #ifdef JS_CODEGEN_ARM
+ void
+ loadI32(MemoryAccessDesc access, bool isSigned, RegI32 ptr, Register rt) {
+- if (access.byteSize() > 1 && IsUnaligned(ins->access())) {
++ if (access.byteSize() > 1 && IsUnaligned(access)) {
+ masm.add32(HeapReg, ptr.reg);
+ SecondScratchRegisterScope scratch(*this);
+ masm.emitUnalignedLoad(isSigned, access.byteSize(), ptr.reg, scratch, rt, 0);
+@@ -3405,7 +3405,7 @@ class BaseCompiler
+
+ void
+ storeI32(MemoryAccessDesc access, RegI32 ptr, Register rt) {
+- if (access.byteSize() > 1 && IsUnaligned(ins->access())) {
++ if (access.byteSize() > 1 && IsUnaligned(access)) {
+ masm.add32(HeapReg, ptr.reg);
+ masm.emitUnalignedStore(access.byteSize(), ptr.reg, rt, 0);
+ } else {
+@@ -3419,7 +3419,7 @@ class BaseCompiler
+
+ void
+ loadI64(MemoryAccessDesc access, RegI32 ptr, RegI64 dest) {
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ masm.add32(HeapReg, ptr.reg);
+ SecondScratchRegisterScope scratch(*this);
+ masm.emitUnalignedLoad(IsSigned(false), ByteSize(4), ptr.reg, scratch, dest.reg.low,
+@@ -3440,7 +3440,7 @@ class BaseCompiler
+
+ void
+ storeI64(MemoryAccessDesc access, RegI32 ptr, RegI64 src) {
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ masm.add32(HeapReg, ptr.reg);
+ masm.emitUnalignedStore(ByteSize(4), ptr.reg, src.reg.low, 0);
+ masm.emitUnalignedStore(ByteSize(4), ptr.reg, src.reg.high, 4);
+@@ -3459,7 +3459,7 @@ class BaseCompiler
+ void
+ loadF32(MemoryAccessDesc access, RegI32 ptr, RegF32 dest, RegI32 tmp1) {
+ masm.add32(HeapReg, ptr.reg);
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ SecondScratchRegisterScope scratch(*this);
+ masm.emitUnalignedLoad(IsSigned(false), ByteSize(4), ptr.reg, scratch, tmp1.reg, 0);
+ masm.ma_vxfer(tmp1.reg, dest.reg);
+@@ -3473,7 +3473,7 @@ class BaseCompiler
+ void
+ storeF32(MemoryAccessDesc access, RegI32 ptr, RegF32 src, RegI32 tmp1) {
+ masm.add32(HeapReg, ptr.reg);
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ masm.ma_vxfer(src.reg, tmp1.reg);
+ masm.emitUnalignedStore(ByteSize(4), ptr.reg, tmp1.reg, 0);
+ } else {
+@@ -3486,7 +3486,7 @@ class BaseCompiler
+ void
+ loadF64(MemoryAccessDesc access, RegI32 ptr, RegF64 dest, RegI32 tmp1, RegI32 tmp2) {
+ masm.add32(HeapReg, ptr.reg);
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ SecondScratchRegisterScope scratch(*this);
+ masm.emitUnalignedLoad(IsSigned(false), ByteSize(4), ptr.reg, scratch, tmp1.reg, 0);
+ masm.emitUnalignedLoad(IsSigned(false), ByteSize(4), ptr.reg, scratch, tmp2.reg, 4);
+@@ -3501,7 +3501,7 @@ class BaseCompiler
+ void
+ storeF64(MemoryAccessDesc access, RegI32 ptr, RegF64 src, RegI32 tmp1, RegI32 tmp2) {
+ masm.add32(HeapReg, ptr.reg);
+- if (IsUnaligned(ins->access())) {
++ if (IsUnaligned(access)) {
+ masm.ma_vxfer(src.reg, tmp1.reg, tmp2.reg);
+ masm.emitUnalignedStore(ByteSize(4), ptr.reg, tmp1.reg, 0);
+ masm.emitUnalignedStore(ByteSize(4), ptr.reg, tmp2.reg, 4);
diff --git a/palemoon/debian/patches/series b/palemoon/debian/patches/series
index 054d3bf..0a417be 100644
--- a/palemoon/debian/patches/series
+++ b/palemoon/debian/patches/series
@@ -1,3 +1,4 @@
small-icons.patch
bgstack15-palemoon.patch
pm-devuan.patch
+fix_arm_FTBFS.patch
diff --git a/palemoon/debian/rules b/palemoon/debian/rules
index 5705c90..d970f5e 100755
--- a/palemoon/debian/rules
+++ b/palemoon/debian/rules
@@ -4,6 +4,7 @@ export SHELL=/bin/bash
## borrowed from stevepusser's logic
## Build with gcc-8 on Buster (beowulf/ceres)
+## If you enable this, then d/control needs lsb-release as a build dependency.
#distrelease := $(shell lsb_release -cs)
#ifeq ($(distrelease),$(filter $(distrelease),buster beowulf/ceres))
#export CC=gcc-8
diff --git a/palemoon/palemoon-mozconfig b/palemoon/palemoon-mozconfig
index 3a3c1de..e377731 100644
--- a/palemoon/palemoon-mozconfig
+++ b/palemoon/palemoon-mozconfig
@@ -2,7 +2,7 @@ mk_add_options AUTOCLOBBER=1
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/pmbuild
ac_add_options --enable-application=palemoon
-ac_add_options --enable-optimize="-O2"
+ac_add_options --enable-optimize="-O2 -Wl,--no-keep-memory -Wl,--reduce-memory-overhead"
ac_add_options --enable-official-branding
ac_add_options --enable-official-vendor
diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec
index b130f4c..b9c7454 100644
--- a/palemoon/palemoon.spec
+++ b/palemoon/palemoon.spec
@@ -5,7 +5,7 @@
%global stackrpms_custom 1
# derive from inside the full source tree or from notes at https://github.com/MoonchildProductions/Pale-Moon/releases
# git submodule | awk -v "name=platform" '$2 == name {gsub("-","",$1); print $1}'
-%global submodule_platform_tag RELBASE_20200603
+%global submodule_platform_tag RELBASE_20200712
# additional repos to get python27 and devtoolset-7
# for el6 and el7: Software Collection;, for x86_64 only
@@ -42,7 +42,7 @@ Name: palemoon-stackrpms
Name: palemoon
%endif
Summary: Pale Moon web browser
-Version: 28.10.0
+Version: 28.11.0
Release: 1
Group: Networking/Web
@@ -285,6 +285,9 @@ update-mime-database -n ${_datadir}/mime 1>/dev/null 2>&1 & :
%doc AUTHORS LICENSE
%changelog
+* Tue Jul 14 2020 B Stack <bgstack15@gmail.com> - 28.11.0-1
+- update version
+
* Fri Jun 05 2020 B Stack <bgstack15@gmail.com> - 28.10.0-1
- update version
bgstack15