diff options
Diffstat (limited to 'palemoon/debian/changelog')
-rw-r--r-- | palemoon/debian/changelog | 116 |
1 files changed, 80 insertions, 36 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index 86923f6..479f469 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,3 +1,47 @@ +palemoon (29.1.0-1+devuan) obs; urgency=medium + + * New features: + - Language packs for the following newly-supported languages: + Arabic (ar), Chinese Traditional (zh-TW), Croatian (hr), Danish (da), + Finnish (fi), Galician (gl), Indonesian (id), Icelandic (is), Japanese + (ja), Romanian (ro), Serbian (cyrillic) (sr), Slovenian (sl), Thai (th) + - Implemented String.prototype.replaceAll(). + - Implemented JSON superset proposal. + - Implemented well-formed JSON stringify. + - Implemented numeric separators in JavaScript. + * Changes/fixes: + - Updated timezone data to 2021a. + - Updated the wording and inclusion of more select license blocks + in about:license. + - Updated some site-specific user-agent overrides for web + compatibility. + - Updated the lz4 library for performance and security updates. + - Improved performance of JSON stringify. + - Further improved support for building on FreeBSD. + - Fixed a regression where changes to useragent compatibility + required a restart to take effect. + - Fixed a regression where AES-GCM in WebCrypto ("subtle" crypto + API) wasn't working. + - This could make certain login procedures fail to work. + - Fixed a full browser deadlock when page scripting would flood + browsing history with rapid location state changes. + - Disabled AV1 codec use by default again since our implementation + has significant streaming issues (particularly audio) that needs + further work. + - Added required interaction with file/folder open dialog boxes on + html file input elements on some operating systems to avoid malicious + content tricking users into uploading sensitive files unintentionally + (related to CVE-2021-23956). + - Added a font sanity check to avoid triggering a potential + vulnerability on unpatched Windows operating systems (related to + CVE-2021-24093). + - Security issues addressed: CVE-2021-23974, CVE-2021-23973 and + several memory safety hazards that don't have CVE numbers. + - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 2 + DiD, 19 not applicable. + + -- B. Stack <bgstack15@gmail.com> Tue, 02 Mar 2021 21:53:23 -0500 + palemoon (29.0.1-1+devuan) obs; urgency=medium * Changes/fixes: @@ -113,7 +157,7 @@ palemoon (28.17.0-1+devuan) obs; urgency=low may choose to take any specific action manually, instead of trying to execute it as a program or through an associated program. - -- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500 + -- B. Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500 palemoon (28.16.0-1+devuan) obs; urgency=low @@ -152,7 +196,7 @@ palemoon (28.16.0-1+devuan) obs; urgency=low - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4 defense-in-depth, 3 rejected, 20 not applicable. - -- Ben Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 25 Nov 2020 09:13:05 -0500 palemoon (28.15.0-1+devuan) obs; urgency=low @@ -165,20 +209,20 @@ palemoon (28.15.0-1+devuan) obs; urgency=low - Security issues fixed: CVE-2020-15680 (VG-VD-20-115) and several memory safety hazards. - Unified XUL Platform Mozilla Security Patch Summary: 1 fixed, 2 defense-in-depth, 12 not applicable. - -- Ben Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 27 Oct 2020 20:05:31 -0400 palemoon (28.14.2-1+devuan) obs; urgency=low * Fixed some additional crashes caused by the ResizeObserver API. This should take care of all crashes that have been attributed to this new code. * Fixed erroneous parsing of CSS percentages as number values. - -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:40 -0400 + -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:40 -0400 palemoon (28.14.1-1+devuan) UNRELEASED; urgency=low * This update addresses an intermittent crash in the newly-implemented ResizeObserver API (introduced in 28.14.0) occurring on a number of high-profile and often-used websites. - -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:30 -0400 + -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:30 -0400 palemoon (28.14.0-1+devuan) UNRELEASED; urgency=low @@ -204,13 +248,13 @@ palemoon (28.14.0-1+devuan) UNRELEASED; urgency=low * Security issues fixed: CVE-2020-15676 and CVE-2020-15677 * Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 defense-in-depth, 7 not applicable. - -- Ben Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:20 -0400 + -- B. Stack <bgstack15@gmail.com> Sat, 03 Oct 2020 13:18:20 -0400 palemoon (28.13.0-4+devuan) obs; urgency=low * Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release - -- Ben Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400 + -- B. Stack <bgstack15@gmail.com> Wed, 09 Sep 2020 14:43:04 -0400 palemoon (28.13.0-3+devuan) obs; urgency=medium @@ -265,7 +309,7 @@ palemoon (28.13.0-3+devuan) obs; urgency=medium users to enable this function for websites that use its utility but do not use WebComponents. - -- Ben Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400 + -- B. Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400 palemoon (28.12.0-1+devuan) obs; urgency=medium @@ -319,7 +363,7 @@ palemoon (28.12.0-1+devuan) obs; urgency=medium concerns (i.e. the main program .exe could also be replaced/infected in that case). - -- Ben Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400 + -- B. Stack <bgstack15@gmail.com> Wed, 05 Aug 2020 14:43:18 -0400 palemoon (28.11.0-1+devuan) obs; urgency=medium @@ -374,7 +418,7 @@ palemoon (28.11.0-1+devuan) obs; urgency=medium - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 4 defense-in-depth, 10 not applicable. - -- Ben Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400 palemoon (28.10.0-1+devuan) obs; urgency=medium @@ -406,7 +450,7 @@ palemoon (28.10.0-1+devuan) obs; urgency=medium - Unified XUL Platform Mozilla Security Patch Summary: 1 fixed, 1 - defense-in-depth, 8 not applicable. - -- Ben Stack <bgstack15@gmail.com> Fri, 05 Jun 2020 09:15:04 -0400 + -- B. Stack <bgstack15@gmail.com> Fri, 05 Jun 2020 09:15:04 -0400 palemoon (28.9.3-1+devuan) obs; urgency=medium @@ -418,13 +462,13 @@ palemoon (28.9.3-1+devuan) obs; urgency=medium - Improved memory safety in the XUL window destructor. DiD - Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 Defense-in-depth, 16 not applicable. - -- Ben Stack <bgstack15@gmail.com> Fri, 08 May 2020 10:39:55 -0400 + -- B. Stack <bgstack15@gmail.com> Fri, 08 May 2020 10:39:55 -0400 palemoon (28.9.2-2+devuan) obs; urgency=medium * testing OBS build optimization and removing animation from about dialog - -- Ben Stack <bgstack15@gmail.com> Tue, 06 May 2020 15:08:46 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 06 May 2020 15:08:46 -0400 palemoon (28.9.2-1+devuan) obs; urgency=medium @@ -435,7 +479,7 @@ palemoon (28.9.2-1+devuan) obs; urgency=medium - To enable this, set `browser.urlbar.decodeURLsOnCopy` to true in about:config - Fixed several application crashes (thanks, Fysac!) - -- Ben Stack <bgstack15@gmail.com> Thu, 30 Apr 2020 10:11:14 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 30 Apr 2020 10:11:14 -0400 palemoon (28.9.1-1+devuan) obs; urgency=medium @@ -450,7 +494,7 @@ palemoon (28.9.1-1+devuan) obs; urgency=medium - Fixed an issue with handling functions with rest parameters. DiD - Unified XUL Platform Mozilla Security Patch Summary: 2 Defense-in-depth, 14 not applicable. - -- Ben Stack <bgstack15@gmail.com> Fri, 10 Apr 2020 13:58:30 -0400 + -- B. Stack <bgstack15@gmail.com> Fri, 10 Apr 2020 13:58:30 -0400 palemoon (28.9.0.2-1+devuan) obs; urgency=medium @@ -459,13 +503,13 @@ palemoon (28.9.0.2-1+devuan) obs; urgency=medium - Fixed an issue with cache behavior where some users would have trouble having their windows and tabs restored in "soft refresh" mode (see v28.9.0 release notes). - To solve this, we reverted to the previous (pull from cache) mode for now while we investigate the cause. - -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 07:50:02 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 07:50:02 -0400 palemoon (28.9.0.1-1+devuan) UNRELEASED; urgency=medium * From releasenotes.shtml: This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users. - -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 06:50:02 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 06:50:02 -0400 palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium @@ -520,7 +564,7 @@ palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium - Updated our sctp library code with several upstream fixes. - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable. - -- Ben Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 05:50:02 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 26 Mar 2020 05:50:02 -0400 palemoon (28.8.4-1+devuan) obs; urgency=low @@ -528,7 +572,7 @@ palemoon (28.8.4-1+devuan) obs; urgency=low - Implemented optional catch binding (ES2019). - Fixed a hazardous crash related to module scripting (CVE-2020-9545). - -- Ben Stack <bgstack15@gmail.com> Mon, 02 Mar 2020 16:37:14 -0500 + -- B. Stack <bgstack15@gmail.com> Mon, 02 Mar 2020 16:37:14 -0500 palemoon (28.8.3-1+devuan) obs; urgency=medium @@ -541,14 +585,14 @@ palemoon (28.8.3-1+devuan) obs; urgency=medium - Fixed an issue in the html parser after using HTML5 template tags, allowing JavaScript parsing and execution when it should not be allowed, risking XSS vulnerabilities on sites relying on correct operation of the browser. (CVE-2020-6798) - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 2 DiD, 10 not applicable. - -- Ben Stack <bgstack15@gmail.com> Wed, 18 Feb 2020 11:06:28 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 18 Feb 2020 11:06:28 -0500 palemoon (28.8.2.1-1+devuan) obs; urgency=medium * From releasenotes.shtml: This is a small bugfix and compatibility update. - This is a minor release in response to YouTube deprecating their old web UI. This change will enable the new YouTube UI by default. - -- Ben Stack <bgstack15@gmail.com> Wed, 05 Feb 2020 08:08:06 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 05 Feb 2020 08:08:06 -0500 palemoon (28.8.2-1+devuan) obs; urgency=medium @@ -557,7 +601,7 @@ palemoon (28.8.2-1+devuan) obs; urgency=medium - Fixed an issue where FTP servers would hang the browser if they were not sending answers according to the protocol specification. - Added a workaround for GitHub trying to enforce more Google-isms (which we don't support at this time) to browsers that identify as "Firefox-alike". - -- Ben Stack <bgstack15@gmail.com> Tue, 28 Jan 2020 16:50:56 -0500 + -- B. Stack <bgstack15@gmail.com> Tue, 28 Jan 2020 16:50:56 -0500 palemoon (28.8.1-1+devuan) obs; urgency=medium @@ -570,7 +614,7 @@ palemoon (28.8.1-1+devuan) obs; urgency=medium - Fixed an issue with the JavaScript JIT compiler that could lead to exploitable crashes. (CVE-2019-17026) actively exploited - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 7 DiD, 12 not applicable. - -- B Stack <bgstack15@gmail.com> Mon, 13 Jan 2020 10:24:21 -0500 + -- B. Stack <bgstack15@gmail.com> Mon, 13 Jan 2020 10:24:21 -0500 palemoon (28.8.0-1+devuan) obs; urgency=medium @@ -624,7 +668,7 @@ palemoon (28.8.0-1+devuan) obs; urgency=medium - Updated NSS to 3.41.4 to address CVE-2019-11756 and CVE-2019-11745. - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 8 DiD, 16 not applicable. - -- B Stack <bgstack15@gmail.com> Wed, 11 Dec 2019 08:06:45 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 11 Dec 2019 08:06:45 -0500 palemoon (28.7.2-1+devuan) obs; urgency=medium @@ -644,7 +688,7 @@ palemoon (28.7.2-1+devuan) obs; urgency=medium - Sec bug fixes: CVE-2019-15903, CVE-2019-11757, CVE-2019-11763 and several potentially exploitable crashes and memory safety hazards that don't have a CVE number. - Unified XUL Platform Mozilla Security Patch Summary: 6 fixed, 6 DiD, 1 rejected, 24 not applicable. - -- B Stack <bgstack15@gmail.com> Tue, 29 Oct 2019 16:44:47 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 29 Oct 2019 16:44:47 -0400 palemoon (28.7.1-1+devuan) obs; urgency=medium @@ -656,7 +700,7 @@ palemoon (28.7.1-1+devuan) obs; urgency=medium - Fixed security issues: CVE-2019-11744, CVE-2019-11752, CVE-2019-11737, CVE-2019-11746, CVE-2019-11750, CVE-2019-11747 and CVE-2019-11738. - Unified XUL Platform Mozilla Security Patch Summary: 7 fixed, 1 DiD, 1 already covered, 22 not applicable. - -- B Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400 + -- B. Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400 palemoon (28.7.0-1+devuan) obs; urgency=medium @@ -704,13 +748,13 @@ palemoon (28.7.0-1+devuan) obs; urgency=medium - Removed the Financial Times' polyfill user-agent override since they updated their detection to work with Pale Moon. - -- B Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400 + -- B. Stack <bgstack15@gmail.com> Wed, 04 Sep 2019 08:23:21 -0400 palemoon (28.6.1-3+devuan) obs; urgency=medium * Specify gcc-8 on debian buster which is the upstream for beowulf/ceres. - -- B Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400 palemoon (28.6.1-2+devuan) obs; urgency=medium @@ -737,7 +781,7 @@ palemoon (28.6.1-1+devuan) manual; urgency=low - Added a port safety check for Alternative Services. - Implemented fixes for applicable security issues: CVE-2019-11719, CVE-2019-11711, CVE-2019-11715, CVE-2019-11717, CVE-2019-11714 (DiD), CVE-2019-11729 (DiD), CVE-2019-11727 (DiD), CVE-2019-11730 (DiD), CVE-2019-11713 (DiD) and several networking and memory-safety hazards that do not have CVE numbers. - -- B Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400 + -- B. Stack <bgstack15@gmail.com> Thu, 25 Jul 2019 13:03:15 -0400 palemoon (28.6.0.1-1+devuan) manual; urgency=low @@ -748,7 +792,7 @@ palemoon (28.6.0.1-1+devuan) manual; urgency=low - Updated the WhatsApp Web site-specific user-agent override to respond to Google refusing access based on the old string. - Updated the branding for the portable launcher. - -- B Stack <bgstack15@gmail.com> Fri, 5 Jul 2019 16:29:51 -0500 + -- B. Stack <bgstack15@gmail.com> Fri, 5 Jul 2019 16:29:51 -0500 palemoon (28.6.0-1+devuan) manual; urgency=low @@ -797,7 +841,7 @@ palemoon (28.6.0-1+devuan) manual; urgency=low - Fixed a build issue with Gnu-CC on PPC64. - Fixed browser.link.open_newwindow functionality. - -- B Stack <bgstack15@gmail.com> Tue, 2 Jul 2019 11:31:51 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 2 Jul 2019 11:31:51 -0400 palemoon (28.5.2-1+devuan) manual; urgency=low @@ -819,7 +863,7 @@ palemoon (28.5.2-1+devuan) manual; urgency=low - Applicable security issues fixed: CVE-2019-7317, CVE-2019-11701, CVE-2019-11698, CVE-2019-9817 (DiD), CVE-2019-11700, CVE-2019-11696, CVE-2019-11693, and several potentially exploitable crashes and memory safety hazards that do not have a CVE number assigned to them. - Fixed issues with image/texture allocation incorrectly being marked as insecure. - -- B Stack <bgstack15@gmail.com> Tue, 4 Jun 2019 22:22:10 -0400 + -- B. Stack <bgstack15@gmail.com> Tue, 4 Jun 2019 22:22:10 -0400 palemoon (28.5.0-1+devuan) manual; urgency=low @@ -873,7 +917,7 @@ palemoon (28.5.0-1+devuan) manual; urgency=low - Fixed several memory safety hazards and crashes. - Windows binaries are now code-signed again (including the setup program for the installer). - -- B Stack <bgstack15@gmail.com> Tue, 30 Apr 2019 08:36:47 -0500 + -- B. Stack <bgstack15@gmail.com> Tue, 30 Apr 2019 08:36:47 -0500 palemoon (28.4.1-1devuan) manual; urgency=low @@ -889,7 +933,7 @@ palemoon (28.4.1-1devuan) manual; urgency=low - Fixed several memory safety hazards and crashes. - Binaries are now code-signed again (including the setup program for the installer). - -- B Stack <bgstack15@gmail.com> Fri, 29 Mar 2019 14:42:19 -0500 + -- B. Stack <bgstack15@gmail.com> Fri, 29 Mar 2019 14:42:19 -0500 palemoon (28.4.0-1devuan) manual; urgency=low @@ -917,13 +961,13 @@ palemoon (28.4.0-1devuan) manual; urgency=low - Fixed several potentially-exploitable memory safety hazards and crashes. (DiD) - Fixed a possible data race when performing compacting GC. - -- B Stack <bgstack15@gmail.com> Wed, 20 Feb 2019 16:42:43 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 20 Feb 2019 16:42:43 -0500 palemoon (28.3.1-1devuan) manual; urgency=medium * Initial build for devuan - -- B Stack <bgstack15@gmail.com> Wed, 23 Jan 2019 13:11:18 -0500 + -- B. Stack <bgstack15@gmail.com> Wed, 23 Jan 2019 13:11:18 -0500 palemoon (28.3.0+repack-1) obs; urgency=medium |