diff options
Diffstat (limited to 'palemoon')
| -rw-r--r-- | palemoon/debian/changelog | 81 | ||||
| -rw-r--r-- | palemoon/debian/control | 5 | ||||
| -rw-r--r-- | palemoon/debian/mozconfig | 1 | ||||
| -rw-r--r-- | palemoon/debian/mozconfig-unstable | 55 | ||||
| -rw-r--r-- | palemoon/debian/palemoon_devuan.dsc | 4 | ||||
| -rwxr-xr-x | palemoon/debian/rules | 9 | ||||
| -rw-r--r-- | palemoon/palemoon-mozconfig | 2 | ||||
| -rw-r--r-- | palemoon/palemoon.spec | 7 |
8 files changed, 140 insertions, 24 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index 192aad6..0d57595 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,3 +1,58 @@ +palemoon (28.11.0-1+devuan) obs; urgency=medium + + * This is a development, bugfix and security update. + - Changed storage format for certificates and passwords to SQLite. + - Added a preference (browser.tabs.insertAllAfterCurrent) to enable + always adding new tabs after the current tab, whether related or not. + - Changed the way Firefox extensions are displayed in the add-on + manager (provide a clear warning). + - Denied other types of add-ons that aren't explicitly targeting + Pale Moon's ID. + - Improved the browser's DPI-awareness to be per-monitor instead of + system-wide, on supported Windows operating systems. + - Updated bookmark backups code with the other half of what should + have been done way back when, so they work fully as-intended. + - Added a preference + (browser.bookmarks.editDialog.showForNewBookmarks) to enable + immediately showing the edit dialog for new bookmarks. + - If set to true, clicking the star in the address bar will pop + open the edit dialog immediately for changing details/sorting. + - Fixed the useragent string in native mode, and updated UA code to + properly respond to live changes to some preferences. + - Tidied up front-end browser JavaScript. + - Changed the way sources are compiled (on-going de-unification). + - Improved compatibility with gcc v10 + - Removed support for the obsolete and unmaintained NVidia 3DVision + stereoscopic interface. + - Fixed some build issues in non-standard configurations. + - Fixed wrong positions when calculating the position for + position:absolute child inside a table. + - Aligned file name extension of saved url files with other + applications (lower case) + - Fixed building with --disable-webspeech (to disable speech + synthesis) + - Added global menubar support for GTK. + - Implemented node.getRootNode + - Implemented AbortController (Abort API) + - Improved the uninstaller to use elevation when prudent and + actually remove program files. + - Fixed a rare issue with editable page content. + - Fixed a crash related to ES module scripts. + - Aligned ES module scripting better with the current spec and + removed eager instantiation. + - Fixed a potential issue with the JPEG encoder. (CVE-2020-12422) + DiD + - Fixed a potential issue with AppCache manifests. DiD + - Fixed a potential crash in JavaScript date parsing. + - Fixed a problem with RSA key generation that would make it + potentially vulnerable to side-channel attacks. (CVE-2020-12402) + - Fixed a potential crash due to multithread race condition. DiD + - Fixed a correctness issue in URL handling. (CVE-2020-12418) DiD + - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 4 + defense-in-depth, 10 not applicable. + + -- Ben Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400 + palemoon (28.10.0-1+devuan) obs; urgency=medium * This is a development, bugfix and security update. @@ -755,7 +810,7 @@ palemoon (28.1.0~repack-1) obs; urgency=medium - Fixed toolbar styling in toolkit themes. - Fixed viewing the source of a selection. - * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and + * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and recent Ubuntus where gcc-8 is default. -- Steven Pusser <stevep@mxlinux.org> Mon, 17 Sep 2018 19:05:20 -0700 @@ -834,8 +889,8 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium - Prevented various location-based threats. DiD - Fixed a potential vulnerability with plugins being redirected to different origins (CVE-2018-12364). - - Improved the security check for launching executable files - (by association) on Windows from the browser. For users who have (most + - Improved the security check for launching executable files + (by association) on Windows from the browser. For users who have (most likely accidentally) granted a system-wide waiver for opening these kinds of files without being prompted, this permission has been reset. - Fixed an issue with invalid qcms transforms (CVE-2018-12366). @@ -852,13 +907,13 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium palemoon (27.9.3~repack-1~mx17+1) mx; urgency=medium * New upstream security update: - + - Changes/fixes: - - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to - that report, the libopus maintainers state they don't believe remote + - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to + that report, the libopus maintainers state they don't believe remote code execution was possible, so this was not a critical patch. - Fixed an issue with task counting in JS GC. - - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks + - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks to Berk Cem Göksel for reporting). -- Steven Pusser <stevep@mxlinux.org> Tue, 12 Jun 2018 11:12:06 -0700 @@ -871,18 +926,18 @@ palemoon (27.9.2~repack-1~mx17+1) mx; urgency=medium - We changed the language strings for softblocked items so people will cry less when we do our job. - (CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10. - - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly - rendering some Unicode characters, allowing for the file name to be - spoofed. This could be used to obscure the file extension of potentially + - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly + rendering some Unicode characters, allowing for the file name to be + spoofed. This could be used to obscure the file extension of potentially executable files from user view in the panel. - (CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a buffer overflow and crash if it occurs. - - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia + - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia library resulting in possible out-of-bounds writes. - (CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating attributes during SVG animations with clip paths. - - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string - conversion within JavaScript with extremely large amounts of data. This + - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string + conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable extension in order to occur. - Fixed several stability issues (crashes) and memory safety hazards. diff --git a/palemoon/debian/control b/palemoon/debian/control index e9fa32b..862f239 100644 --- a/palemoon/debian/control +++ b/palemoon/debian/control @@ -8,7 +8,6 @@ Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), - libfontconfig-dev, libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, @@ -21,8 +20,6 @@ Build-Depends: debhelper (>= 12), unzip, yasm (>= 1.1), zip, - zlib1g-dev, -# libfontconfig-dev only added for Debian OBS which is choking as of 2020-04 on libfontconfig-dev | libfontconfig1-dev for deps: libgtk-3-dev, libpango1.0-dev, libcairo2-dev, libxft-dev Standards-Version: 3.9.6 Homepage: http://www.palemoon.org/ @@ -30,7 +27,7 @@ Package: palemoon Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libavcodec54 | libavcodec-extra54 |libavcodec55 | libavcodec-extra55 | libavcodec56 | libavcodec-extra56 | libavcodec57 | libavcodec-extra57 | libavcodec58 | libavcodec-extra58 | libavcodec-ffmpeg56 | libavcodec-ffmpeg-extra56 -Provides: x-www-browser +Provides: gnome-www-browser, www-browser, x-www-browser Conflicts: palemoon-nonsse2 Replaces: palemoon-nonsse2 Description: Firefox-based, efficient and easy to use web browser diff --git a/palemoon/debian/mozconfig b/palemoon/debian/mozconfig index 6513132..445c209 100644 --- a/palemoon/debian/mozconfig +++ b/palemoon/debian/mozconfig @@ -50,6 +50,5 @@ ac_add_options --enable-alsa # primarily for 32-bit but tolerated for 64-bit ac_add_options --x-libraries=/usr/lib -# TESTING FOR OBS # limit to 4 cpus to limit memory usage (approximately 0.75 GiB RAM/thread) mk_add_options MOZ_MAKE_FLAGS="-j4" diff --git a/palemoon/debian/mozconfig-unstable b/palemoon/debian/mozconfig-unstable new file mode 100644 index 0000000..aa04e06 --- /dev/null +++ b/palemoon/debian/mozconfig-unstable @@ -0,0 +1,55 @@ +mk_add_options AUTOCLOBBER=1 +export BUILDING_RELEASE=1 +export MC_OFFICIAL=1 +export MOZILLA_OFFICIAL=1 +export MC_PALEMOON=1 + +#mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/pmbuild + +ac_add_options --enable-application=palemoon +ac_add_options --enable-official-branding +ac_add_options --enable-official-vendor + +# Disable add-ons signing +# Disable checking that add-ons are signed by the trusted root +MOZ_ADDON_SIGNING= +# Disable enforcing that add-ons are signed by the trusted root +MOZ_REQUIRE_SIGNING= + +# Standard +# Enables +ac_add_options --enable-av1 +ac_add_options --enable-optimize="-O2 -Wl,--no-keep-memory -Wl,--reduce-memory-overhead" +ac_add_options --enable-default-toolkit=cairo-gtk2 +ac_add_options --enable-devtools +ac_add_options --enable-jemalloc +ac_add_options --with-pthreads +ac_add_options --enable-strip +# Disables +ac_add_options --disable-debug +ac_add_options --disable-eme +ac_add_options --disable-gamepad +ac_add_options --disable-necko-wifi +ac_add_options --disable-tests +ac_add_options --disable-updater +ac_add_options --disable-webrtc +# Disable temeletry +export MOZ_TELEMETRY_REPORTING= +ac_add_options --disable-crashreporter +ac_add_options --disable-parental-controls +ac_add_options --disable-accessibility + +# Debian style +ac_add_options --prefix=/usr +# Devuan style +ac_add_options --disable-dbus +ac_add_options --disable-pulseaudio +# even though this is redundant +ac_add_options --enable-alsa + +# primarily for 32-bit but tolerated for 64-bit +ac_add_options --x-libraries=/usr/lib + +# limit to 4 cpus to limit memory usage (approximately 0.75 GiB RAM/thread) +# single-threaded for Devuan unstable +mk_add_options MOZ_MAKE_FLAGS="-j1" diff --git a/palemoon/debian/palemoon_devuan.dsc b/palemoon/debian/palemoon_devuan.dsc index 3e314ec..40684b0 100644 --- a/palemoon/debian/palemoon_devuan.dsc +++ b/palemoon/debian/palemoon_devuan.dsc @@ -2,11 +2,11 @@ Format: 3.0 (quilt) Source: palemoon Binary: palemoon Architecture: any -Version: 28.10.0-1+devuan +Version: 28.11.0-1+devuan Maintainer: B Stack <bgstack15@gmail.com> Homepage: http://www.palemoon.org/ Standards-Version: 4.1.4 -Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, lsb-release, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip, zlib1g-dev, libfontconfig-dev +Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, lsb-release, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip Package-List: palemoon deb web optional arch=any Files: diff --git a/palemoon/debian/rules b/palemoon/debian/rules index 5705c90..2efbbcf 100755 --- a/palemoon/debian/rules +++ b/palemoon/debian/rules @@ -4,6 +4,7 @@ export SHELL=/bin/bash ## borrowed from stevepusser's logic ## Build with gcc-8 on Buster (beowulf/ceres) +## If you enable this, then d/control needs lsb-release as a build dependency. #distrelease := $(shell lsb_release -cs) #ifeq ($(distrelease),$(filter $(distrelease),buster beowulf/ceres)) #export CC=gcc-8 @@ -12,6 +13,12 @@ export SHELL=/bin/bash #export LD=gcc-8 #endif +export MCFILE=debian/mozconfig +distrelease := $(shell lsb_release -cs) +ifeq ($(distrelease),$(filter $(distrelease),sid unstable ceres)) +export MCFILE=debian/mozconfig-unstable +endif + %: dh $@ @@ -21,7 +28,7 @@ override_dh_auto_clean: find . -name '*.pyc' -delete override_dh_auto_configure: - cp debian/mozconfig mozconfig + cp ${MCFILE} mozconfig override_dh_auto_build: make -f client.mk build diff --git a/palemoon/palemoon-mozconfig b/palemoon/palemoon-mozconfig index 3a3c1de..e377731 100644 --- a/palemoon/palemoon-mozconfig +++ b/palemoon/palemoon-mozconfig @@ -2,7 +2,7 @@ mk_add_options AUTOCLOBBER=1 mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/pmbuild ac_add_options --enable-application=palemoon -ac_add_options --enable-optimize="-O2" +ac_add_options --enable-optimize="-O2 -Wl,--no-keep-memory -Wl,--reduce-memory-overhead" ac_add_options --enable-official-branding ac_add_options --enable-official-vendor diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec index b130f4c..b9c7454 100644 --- a/palemoon/palemoon.spec +++ b/palemoon/palemoon.spec @@ -5,7 +5,7 @@ %global stackrpms_custom 1 # derive from inside the full source tree or from notes at https://github.com/MoonchildProductions/Pale-Moon/releases # git submodule | awk -v "name=platform" '$2 == name {gsub("-","",$1); print $1}' -%global submodule_platform_tag RELBASE_20200603 +%global submodule_platform_tag RELBASE_20200712 # additional repos to get python27 and devtoolset-7 # for el6 and el7: Software Collection;, for x86_64 only @@ -42,7 +42,7 @@ Name: palemoon-stackrpms Name: palemoon %endif Summary: Pale Moon web browser -Version: 28.10.0 +Version: 28.11.0 Release: 1 Group: Networking/Web @@ -285,6 +285,9 @@ update-mime-database -n ${_datadir}/mime 1>/dev/null 2>&1 & : %doc AUTHORS LICENSE %changelog +* Tue Jul 14 2020 B Stack <bgstack15@gmail.com> - 28.11.0-1 +- update version + * Fri Jun 05 2020 B Stack <bgstack15@gmail.com> - 28.10.0-1 - update version |