summaryrefslogtreecommitdiff
path: root/palemoon/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'palemoon/debian/changelog')
-rw-r--r--palemoon/debian/changelog115
1 files changed, 84 insertions, 31 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog
index ad2dc47..6525761 100644
--- a/palemoon/debian/changelog
+++ b/palemoon/debian/changelog
@@ -1,53 +1,106 @@
+palemoon (29.0.0-1+devuan) obs; urgency=medium
+
+ * New major milestone release:
+ - Implemented Intl.PluralRules API for JavaScript.
+ - Added a frequently-requested preference (browser.tabs.allowTabDetach) to
+ disable "tearing off" of tabs (meaning dragging them outside of the tab
+ bar resulting in them being made into their own window).
+ - Added FLAC as a recognized filetype-by-extension.
+ - Implemented basic support for the scrollbar-width CSS keyword. See
+ implementation notes.
+ - Added preliminary support for modern FreeBSD builds.
+ - Selectively enabled core features of the DOM Animations API.
+ - Enabled AV1 video support by default (previously built but not enabled in
+ releases).
+ - Added support for pointer events.
+ - Added support for the SVG transform-box property.
+ - Added support for the inputmode property for forms to enable
+ context-sensitive display of soft keyboards.
+ - Enabled shutting down of the file I/O worker when idle for a while
+ (resource optimization).
+ - Enabled blocking of auto-play of media in the background by default.
+ - We now offer official GTK3 builds for Linux alongside the GTK2 builds.
+ - Partial (and as of yet, not acceptably functional) implementation of
+ Google WebComponents. See implementation notes.
+ Changes/fixes:
+ - Updated NSPR to 4.29.
+ - Updated NSS to 3.59.
+ - Disabled legacy database format for storage of certificates and passwords.
+ - Updated several site-specific user-agent overrides for web compatibility.
+ - Improved styling of the "find in page" bar to avoid unreadable text on
+ some system themes.
+ - Removed a large chunk of Android-specific code.
+ - Split gkmedias.dll back out from xul.dll.
+ - Cleaned up a number of redundant and obsolete code paths.
+ - Fixed a regression with the Performance API.
+ - Fixed an initialization issue in the browser when users would
+ force-disable certain types of caching.
+ - Fixed a crash when attempting to save a file from FTP that could be
+ displayed in the browser.
+ - Fixed the root cause of an issue with JavaScript module loading causing
+ crashes. See implementation notes.
+ - Fixed a rare initialization issue for the print preview window causing it
+ to not display.
+ - Fixed a crash on Mac when text input was not secure.
+ - Disabled the Storage Manager API by default.
+ - Disabled the <menuitem> html tag by default. If you still need this, you
+ can re-enable it with the preference dom.menuitem.enabled in about:config.
+ - Fixed a memory safety issue related to XUL trees (CVE-2021-23962).
+ - Implemented several defense-in-depth measures to improve stability and
+ future security.
+
+ -- B. Stack <bgstack15@gmail.com> Tue, 02 Feb 2021 19:04:30 -0500
+
palemoon (28.17.0-1+devuan) obs; urgency=low
* This is a development, bugfix and security update.
- - Changed the way dates and times are formatted in the UI to
+ - Changed the way dates and times are formatted in the UI to
properly adhere to the user's regional settings in the O.S.
- Re-enabled the DOM Filesystem API for web compatibility.
- - Moved the global user-agent override to the networking component.
+ - Moved the global user-agent override to the networking component.
See implementation notes.
- - Worked around crashes and run-time issues with module scripts.
+ - Worked around crashes and run-time issues with module scripts.
See implementation notes.
- - Fixed a website layout issue with table-styled elements
+ - Fixed a website layout issue with table-styled elements
potentially overlapping when placed inside a flexbox.
- Fixed some code logic issues with websockets.
- - Fixed a regression when waking the computer from standby causing
+ - Fixed a regression when waking the computer from standby causing
high CPU usage in some uncommon situations.
- - Updated the list of prohibited ports the browser can use. See
+ - Updated the list of prohibited ports the browser can use. See
implementation notes.
- Updated root certificates.
- - Windows: Changed the way downloaded files without an extension
+ - Windows: Changed the way downloaded files without an extension
are handled. See implementation notes.
- Mac-beta: Improved version detection of MacOS including Big Sur.
- Security issues addressed: CVE-2020-26978 and CVE-2020-35112.
- - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
+ - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1
deferred to the next release, 16 not applicable.
- - The global user-agent override was moved to the networking
- component where it is actually implemented. The new preference name is
- network.http.useragent.global_override. Please note that using a
- blanket override is normally (very) counterproductive and does not, in
- fact, help much with privacy. It would also override the compatibility
- modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
- now warn you if the user-agent is globally overridden (in preferences)
- and allow you to easily reset that override and re-enable the various
+ - The global user-agent override was moved to the networking
+ component where it is actually implemented. The new preference name is
+ network.http.useragent.global_override. Please note that using a
+ blanket override is normally (very) counterproductive and does not, in
+ fact, help much with privacy. It would also override the compatibility
+ modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will
+ now warn you if the user-agent is globally overridden (in preferences)
+ and allow you to easily reset that override and re-enable the various
compatibility modes.
- - Module scripting caused some persistent and very hard to track
- browser crashes that we've narrowed down to a specific optimization in
- the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
- optimization is now disabled by default but if you need that little
- extra performance (usually only noticed in very optimized code or some
- benchmarks) then you can re-enable it, trading in stability, by setting
+ - Module scripting caused some persistent and very hard to track
+ browser crashes that we've narrowed down to a specific optimization in
+ the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This
+ optimization is now disabled by default but if you need that little
+ extra performance (usually only noticed in very optimized code or some
+ benchmarks) then you can re-enable it, trading in stability, by setting
the new preference javascript.options.ion.inlining to true.
- - Prohibited ports: Pale Moon maintains a blacklist of ports the
- browser may normally not connect to on servers, to mitigate abusive web
- scripting employing your browser as an attack bot on servers (e.g. by
- connecting to mail servers or what not), NAT slipstreaming, and similar
- security issues. To more thoroughly prevent known abusable ports on
- servers, this list was extended with a number of additional default
+ - Prohibited ports: Pale Moon maintains a blacklist of ports the
+ browser may normally not connect to on servers, to mitigate abusive web
+ scripting employing your browser as an attack bot on servers (e.g. by
+ connecting to mail servers or what not), NAT slipstreaming, and similar
+ security issues. To more thoroughly prevent known abusable ports on
+ servers, this list was extended with a number of additional default
ports for various non-http protocols.
- - Downloaded files without a file extension: When a file without an
- extension is downloaded, we will now open the download folder where you
- may choose to take any specific action manually, instead of trying to
+ - Downloaded files without a file extension: When a file without an
+ extension is downloaded, we will now open the download folder where you
+ may choose to take any specific action manually, instead of trying to
execute it as a program or through an associated program.
-- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500
bgstack15