diff options
Diffstat (limited to 'palemoon/debian/changelog')
-rw-r--r-- | palemoon/debian/changelog | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index 56054f4..fa2ed60 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,3 +1,58 @@ +palemoon (28.13.0-1+devuan) obs; urgency=medium + + * This is a compatibility, bugfix and security update. Special thanks + to our new code contributors this cycle (you know who you are)! + - Updated the included site-specific user-agent overrides for a + number of websites that need them. + - Rewritten the browser's padlock code to use more modern APIs and + provide more accurate security status indication. + - Now also with localized tooltips! + - Fixed a missing close button on the undo prompt after removing a + thumbnail from the QuickDial new tab page. + - Fixed an issue with the alternative stylesheet menu in the + browser's UI not working. + - Implemented the use of intrinsic aspect ratios for images to + improve layout during load and page positioning. + - Added a preference to the use of node.getRootNode and disabled by + default. See implementation notes. + - Added CSS -webkit-appearance as an alias for -moz-appearance to + improve compatibility with websites that only try to use + Chrome-specific keywords to style standard form elements. + - Updated the SQLite library to 3.33.0. + - Reinstated precise floating point precision model in JavaScript + for those alternate builders who foolishly try to use the inaccurate + "fast" model. + - Improved spec compliance of modular JavaScript use (ECMAScript + modules). + - Changed media errors to be a more generic response, and added a + preference (media.sourceErrorDetails.enabled) to enable detailed error + reporting of media errors for debugging purposes. + - Previously, detailed errors were provided by default which could + lead to privacy issues. + - Improved code stability of the AbortController implementation. + - Fixed a race condition in the secure connection library (NSS). + - Security issues fixed: CVE-2020-15664, CVE-2020-15666, + CVE-2020-15667, CVE-2020-15668 and CVE-2020-15669. + - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 1 + defense-in-depth, 1 rejected, 9 not applicable. + * Implementation notes + - In 28.11.0 we introduced node.getRootNode because some websites + would fail with an error if this function was not present. + Unfortunately, this caused problems with other sites that (incorrectly) + assume Google WebComponents are available when this utility function is + present (feature detection gone wrong). While it is considered by some + to be part of the Google WebComponents implementation, it actually has + utility value outside of that use. Because of the problems caused, + we've added a preference and disabled it by default, fixing these kinds + of websites. + - When needed, you can re-enable this function with + dom.getRootNode.enabled + - This should improve web compatibility by default yet still allow + users to enable this function for websites that use its utility but do + not use WebComponents. + + -- Ben Stack <bgstack15@gmail.com> Fri, 04 Sep 2020 19:50:02 -0400 + palemoon (28.12.0-1+devuan) obs; urgency=medium * This is a development, bugfix and security update. |