diff options
Diffstat (limited to 'palemoon/debian/changelog')
-rw-r--r-- | palemoon/debian/changelog | 115 |
1 files changed, 84 insertions, 31 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index ad2dc47..6525761 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,53 +1,106 @@ +palemoon (29.0.0-1+devuan) obs; urgency=medium + + * New major milestone release: + - Implemented Intl.PluralRules API for JavaScript. + - Added a frequently-requested preference (browser.tabs.allowTabDetach) to + disable "tearing off" of tabs (meaning dragging them outside of the tab + bar resulting in them being made into their own window). + - Added FLAC as a recognized filetype-by-extension. + - Implemented basic support for the scrollbar-width CSS keyword. See + implementation notes. + - Added preliminary support for modern FreeBSD builds. + - Selectively enabled core features of the DOM Animations API. + - Enabled AV1 video support by default (previously built but not enabled in + releases). + - Added support for pointer events. + - Added support for the SVG transform-box property. + - Added support for the inputmode property for forms to enable + context-sensitive display of soft keyboards. + - Enabled shutting down of the file I/O worker when idle for a while + (resource optimization). + - Enabled blocking of auto-play of media in the background by default. + - We now offer official GTK3 builds for Linux alongside the GTK2 builds. + - Partial (and as of yet, not acceptably functional) implementation of + Google WebComponents. See implementation notes. + Changes/fixes: + - Updated NSPR to 4.29. + - Updated NSS to 3.59. + - Disabled legacy database format for storage of certificates and passwords. + - Updated several site-specific user-agent overrides for web compatibility. + - Improved styling of the "find in page" bar to avoid unreadable text on + some system themes. + - Removed a large chunk of Android-specific code. + - Split gkmedias.dll back out from xul.dll. + - Cleaned up a number of redundant and obsolete code paths. + - Fixed a regression with the Performance API. + - Fixed an initialization issue in the browser when users would + force-disable certain types of caching. + - Fixed a crash when attempting to save a file from FTP that could be + displayed in the browser. + - Fixed the root cause of an issue with JavaScript module loading causing + crashes. See implementation notes. + - Fixed a rare initialization issue for the print preview window causing it + to not display. + - Fixed a crash on Mac when text input was not secure. + - Disabled the Storage Manager API by default. + - Disabled the <menuitem> html tag by default. If you still need this, you + can re-enable it with the preference dom.menuitem.enabled in about:config. + - Fixed a memory safety issue related to XUL trees (CVE-2021-23962). + - Implemented several defense-in-depth measures to improve stability and + future security. + + -- B. Stack <bgstack15@gmail.com> Tue, 02 Feb 2021 19:04:30 -0500 + palemoon (28.17.0-1+devuan) obs; urgency=low * This is a development, bugfix and security update. - - Changed the way dates and times are formatted in the UI to + - Changed the way dates and times are formatted in the UI to properly adhere to the user's regional settings in the O.S. - Re-enabled the DOM Filesystem API for web compatibility. - - Moved the global user-agent override to the networking component. + - Moved the global user-agent override to the networking component. See implementation notes. - - Worked around crashes and run-time issues with module scripts. + - Worked around crashes and run-time issues with module scripts. See implementation notes. - - Fixed a website layout issue with table-styled elements + - Fixed a website layout issue with table-styled elements potentially overlapping when placed inside a flexbox. - Fixed some code logic issues with websockets. - - Fixed a regression when waking the computer from standby causing + - Fixed a regression when waking the computer from standby causing high CPU usage in some uncommon situations. - - Updated the list of prohibited ports the browser can use. See + - Updated the list of prohibited ports the browser can use. See implementation notes. - Updated root certificates. - - Windows: Changed the way downloaded files without an extension + - Windows: Changed the way downloaded files without an extension are handled. See implementation notes. - Mac-beta: Improved version detection of MacOS including Big Sur. - Security issues addressed: CVE-2020-26978 and CVE-2020-35112. - - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 + - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 deferred to the next release, 16 not applicable. - - The global user-agent override was moved to the networking - component where it is actually implemented. The new preference name is - network.http.useragent.global_override. Please note that using a - blanket override is normally (very) counterproductive and does not, in - fact, help much with privacy. It would also override the compatibility - modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will - now warn you if the user-agent is globally overridden (in preferences) - and allow you to easily reset that override and re-enable the various + - The global user-agent override was moved to the networking + component where it is actually implemented. The new preference name is + network.http.useragent.global_override. Please note that using a + blanket override is normally (very) counterproductive and does not, in + fact, help much with privacy. It would also override the compatibility + modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will + now warn you if the user-agent is globally overridden (in preferences) + and allow you to easily reset that override and re-enable the various compatibility modes. - - Module scripting caused some persistent and very hard to track - browser crashes that we've narrowed down to a specific optimization in - the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This - optimization is now disabled by default but if you need that little - extra performance (usually only noticed in very optimized code or some - benchmarks) then you can re-enable it, trading in stability, by setting + - Module scripting caused some persistent and very hard to track + browser crashes that we've narrowed down to a specific optimization in + the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This + optimization is now disabled by default but if you need that little + extra performance (usually only noticed in very optimized code or some + benchmarks) then you can re-enable it, trading in stability, by setting the new preference javascript.options.ion.inlining to true. - - Prohibited ports: Pale Moon maintains a blacklist of ports the - browser may normally not connect to on servers, to mitigate abusive web - scripting employing your browser as an attack bot on servers (e.g. by - connecting to mail servers or what not), NAT slipstreaming, and similar - security issues. To more thoroughly prevent known abusable ports on - servers, this list was extended with a number of additional default + - Prohibited ports: Pale Moon maintains a blacklist of ports the + browser may normally not connect to on servers, to mitigate abusive web + scripting employing your browser as an attack bot on servers (e.g. by + connecting to mail servers or what not), NAT slipstreaming, and similar + security issues. To more thoroughly prevent known abusable ports on + servers, this list was extended with a number of additional default ports for various non-http protocols. - - Downloaded files without a file extension: When a file without an - extension is downloaded, we will now open the download folder where you - may choose to take any specific action manually, instead of trying to + - Downloaded files without a file extension: When a file without an + extension is downloaded, we will now open the download folder where you + may choose to take any specific action manually, instead of trying to execute it as a program or through an associated program. -- Ben Stack <bgstack15@gmail.com> Fri, 18 Dec 2020 13:52:12 -0500 |