summaryrefslogtreecommitdiff
path: root/newmoon/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'newmoon/debian/changelog')
-rw-r--r--newmoon/debian/changelog54
1 files changed, 54 insertions, 0 deletions
diff --git a/newmoon/debian/changelog b/newmoon/debian/changelog
index 6f276dc..ff61d33 100644
--- a/newmoon/debian/changelog
+++ b/newmoon/debian/changelog
@@ -1,3 +1,57 @@
+newmoon (28.17.0-1+devuan) obs; urgency=low
+
+ * This is a development, bugfix and security update.
+ - Changed the way dates and times are formatted in the UI to
+ properly adhere to the user's regional settings in the O.S.
+ - Re-enabled the DOM Filesystem API for web compatibility.
+ - Moved the global user-agent override to the networking component.
+ See implementation notes.
+ - Worked around crashes and run-time issues with module scripts.
+ See implementation notes.
+ - Fixed a website layout issue with table-styled elements
+ potentially overlapping when placed inside a flexbox.
+ - Fixed some code logic issues with websockets.
+ - Fixed a regression when waking the computer from standby causing
+ high CPU usage in some uncommon situations.
+ - Updated the list of prohibited ports the browser can use. See
+ implementation notes.
+ - Updated root certificates.
+ - Windows: Changed the way downloaded files without an extension
+ are handled. See implementation notes.
+ - Mac-beta: Improved version detection of MacOS including Big Sur.
+ - Security issues addressed: CVE-2020-26978 and CVE-2020-35112.
+ - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
+ deferred to the next release, 16 not applicable.
+ - The global user-agent override was moved to the networking
+ component where it is actually implemented. The new preference name is
+ network.http.useragent.global_override. Please note that using a
+ blanket override is normally (very) counterproductive and does not, in
+ fact, help much with privacy. It would also override the compatibility
+ modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
+ now warn you if the user-agent is globally overridden (in preferences)
+ and allow you to easily reset that override and re-enable the various
+ compatibility modes.
+ - Module scripting caused some persistent and very hard to track
+ browser crashes that we've narrowed down to a specific optimization in
+ the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
+ optimization is now disabled by default but if you need that little
+ extra performance (usually only noticed in very optimized code or some
+ benchmarks) then you can re-enable it, trading in stability, by setting
+ the new preference javascript.options.ion.inlining to true.
+ - Prohibited ports: Pale Moon maintains a blacklist of ports the
+ browser may normally not connect to on servers, to mitigate abusive web
+ scripting employing your browser as an attack bot on servers (e.g. by
+ connecting to mail servers or what not), NAT slipstreaming, and similar
+ security issues. To more thoroughly prevent known abusable ports on
+ servers, this list was extended with a number of additional default
+ ports for various non-http protocols.
+ - Downloaded files without a file extension: When a file without an
+ extension is downloaded, we will now open the download folder where you
+ may choose to take any specific action manually, instead of trying to
+ execute it as a program or through an associated program.
+
+ -- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
+
newmoon (28.16.0-1+devuan) obs; urgency=low
* This is a development and security update to the browser.
bgstack15