From 274ae43ad62bf0f6e6c5758e58609d9e7e4107df Mon Sep 17 00:00:00 2001 From: B Stack Date: Wed, 27 Mar 2019 11:22:33 -0400 Subject: palemoon 28.4.1 rpm rc1 fixes #3 palemoon customization --- palemoon/bgstack15-palemoon-prefs.js | 29 +++++++++++++++++++++++++++++ palemoon/bgstack15-palemoon.patch | 11 +++++++++++ palemoon/bgstack15-prefs.js | 24 ------------------------ palemoon/palemoon-stackrpms.spec | 6 ++++-- palemoon/palemoon.spec | 6 ++++-- 5 files changed, 48 insertions(+), 28 deletions(-) create mode 100644 palemoon/bgstack15-palemoon-prefs.js create mode 100644 palemoon/bgstack15-palemoon.patch delete mode 100644 palemoon/bgstack15-prefs.js diff --git a/palemoon/bgstack15-palemoon-prefs.js b/palemoon/bgstack15-palemoon-prefs.js new file mode 100644 index 0000000..d944010 --- /dev/null +++ b/palemoon/bgstack15-palemoon-prefs.js @@ -0,0 +1,29 @@ +// file: /usr/lib/palemoon/browser/defaults/preferences/bgstack15-palemoon-prefs.js +// deployed with palemoon-stackrpms package (rpm or dpkg) built by bgstack15 +// last modified 2019-03-27 +// reference: +// https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig +pref("browser.allTabs.previews", false); +pref("browser.backspace_action", 0); +pref("browser.ctrlTab.previews", false); +pref("browser.download.useDownloadDir", true); +pref("browser.newtab.choice", 1); +pref("browser.newtabpage.storageVersion", 1); +pref("browser.search.update", false); +pref("browser.sessionstore.restore_on_demand", false); +pref("browser.startup.page", 3); +pref("browser.tabs.closeWindowWithLastTab", false); +pref("captivedetect.canonicalURL", "http://127.0.0.1:9980"); +pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.3.0"); +pref("extensions.shownSelectionUI", true); +pref("extensions.update.autoUpdateDefault", false); +pref("general.warnOnAboutConfig", false); +pref("network.automatic-ntlm-auth.trusted-uris", ".ipa.smith122.com"); +pref("network.cookie.prefsMigrated", true); +pref("network.negotiate-auth.trusted-uris", ".ipa.smith122.com"); +pref("network.stricttransportsecurity.preloadlist", false); +pref("privacy.sanitize.migrateFx3Prefs", true); +pref("security.cert_pinning.enforcement_level", 0); +pref("services.sync.declinedEngines", ""); +pref("toolkit.telemetry.reportingpolicy.firstRun", false); +pref("xpinstall.whitelist.add", ""); diff --git a/palemoon/bgstack15-palemoon.patch b/palemoon/bgstack15-palemoon.patch new file mode 100644 index 0000000..94f9470 --- /dev/null +++ b/palemoon/bgstack15-palemoon.patch @@ -0,0 +1,11 @@ +diff -Naur 28.4.1-0/application/palemoon/branding/shared/locales/browserconfig.properties 28.4.1-1/application/palemoon/branding/shared/locales/browserconfig.properties +--- 28.4.1-0/application/palemoon/branding/shared/locales/browserconfig.properties 2019-03-26 13:33:15.000000000 -0400 ++++ 28.4.1-1/application/palemoon/branding/shared/locales/browserconfig.properties 2019-03-27 10:44:23.578435642 -0400 +@@ -3,5 +3,5 @@ + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + + # Do NOT localize or otherwise change these values +-browser.startup.homepage=http://start.palemoon.org/ +-browser.startup.homepage_reset=http://start.palemoon.org/ ++browser.startup.homepage=http://start.duckduckgo.com/ ++browser.startup.homepage_reset=http://start.duckduckgo.com/ diff --git a/palemoon/bgstack15-prefs.js b/palemoon/bgstack15-prefs.js deleted file mode 100644 index ec7ab94..0000000 --- a/palemoon/bgstack15-prefs.js +++ /dev/null @@ -1,24 +0,0 @@ -// file: /usr/lib/palemoon/browser/defaults/preferences/bgstack15-prefs.js -// reference: -// https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig -pref("browser.backspace_action", 0); -pref("browser.allTabs.previews", false); -pref("browser.ctrlTab.previews", false); -pref("browser.download.useDownloadDir", true); -pref("browser.newtab.choice", 1); -pref("browser.newtabpage.storageVersion", 1); -pref("browser.search.update", false); -pref("browser.startup.page", 3); -pref("browser.tabs.closeWindowWithLastTab", false); -pref("captivedetect.canonicalURL", "http://127.0.0.1:9980"); -pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.3.0"); -pref("extensions.shownSelectionUI", true); -pref("extensions.update.autoUpdateDefault", false); -pref("general.warnOnAboutConfig", false); -pref("network.cookie.prefsMigrated", true); -pref("network.stricttransportsecurity.preloadlist", false); -pref("privacy.sanitize.migrateFx3Prefs", true); -pref("security.cert_pinning.enforcement_level", 0); -pref("services.sync.declinedEngines", ""); -pref("toolkit.telemetry.reportingpolicy.firstRun", false); -pref("xpinstall.whitelist.add", ""); diff --git a/palemoon/palemoon-stackrpms.spec b/palemoon/palemoon-stackrpms.spec index 33058ba..9fc8c4a 100644 --- a/palemoon/palemoon-stackrpms.spec +++ b/palemoon/palemoon-stackrpms.spec @@ -35,7 +35,7 @@ Summary: Pale Moon web browser with stackrpms prefs Name: palemoon Summary: Pale Moon web browser %endif -Version: 28.4.0 +Version: 28.4.1 Release: 1 Group: Networking/Web @@ -46,8 +46,9 @@ Source1: palemoon-mozconfig Source2: palemoon.desktop Source3: palemoon-mimeinfo.xml %if 0%{stackrpms_custom} -Source4: bgstack15-prefs.js +Source4: bgstack15-palemoon-prefs.js Patch0: small-icons.patch +Patch1: bgstack15-palemoon.patch %endif Packager: Bgstack15 @@ -103,6 +104,7 @@ and themes to make the browser truly your own. %if 0%{stackrpms_custom} %patch0 -p1 +%patch1 -p1 %endif %build diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec index a0b97f5..05aca70 100644 --- a/palemoon/palemoon.spec +++ b/palemoon/palemoon.spec @@ -35,7 +35,7 @@ Summary: Pale Moon web browser with stackrpms prefs Name: palemoon Summary: Pale Moon web browser %endif -Version: 28.4.0 +Version: 28.4.1 Release: 1 Group: Networking/Web @@ -46,8 +46,9 @@ Source1: palemoon-mozconfig Source2: palemoon.desktop Source3: palemoon-mimeinfo.xml %if 0%{stackrpms_custom} -Source4: bgstack15-prefs.js +Source4: bgstack15-palemoon-prefs.js Patch0: small-icons.patch +Patch1: bgstack15-palemoon.patch %endif Packager: Bgstack15 @@ -103,6 +104,7 @@ and themes to make the browser truly your own. %if 0%{stackrpms_custom} %patch0 -p1 +%patch1 -p1 %endif %build -- cgit From 6ed122483a1e350b0aeb7907f82c9d43e6c0156a Mon Sep 17 00:00:00 2001 From: B Stack Date: Thu, 28 Mar 2019 20:12:39 -0400 Subject: suppress binary stripping on el6 The official release does not suffer from this, but for some reason the stackrpms release of palemoon fails the binary stripping at the end with messages similar to: + /usr/lib/rpm/check-buildroot + /usr/lib/rpm/redhat/brp-compress + /usr/lib/rpm/redhat/brp-strip /usr/bin/strip + /usr/lib/rpm/redhat/brp-strip-static-archive /usr/bin/strip BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libxpcomglue.a(PLDHashTable.o): invalid relocation type 42 /usr/bin/strip: PLDHashTable.o: Bad value BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libxpcomglue_s.a(Unified_cpp_xpcom_glue0.o): invalid relocation type 42 /usr/bin/strip: Unified_cpp_xpcom_glue0.o: Bad value BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libmozglue.a(SSE.o): invalid relocation type 42 /usr/bin/strip: SSE.o: Bad value BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libmemory.a(jemalloc_config.o): invalid relocation type 42 /usr/bin/strip: jemalloc_config.o: Bad value BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libunicharutil_external_s.a(chariter.o): invalid relocation type 42 /usr/bin/strip: chariter.o: Bad value BFD: /builddir/build/BUILDROOT/palemoon-stackrpms-28.4.1-1.x86_64/usr/lib64/palemoon-stackrpms-devel/sdk/lib/libcrmf.a(crmfenc.o): invalid relocation type 42 /usr/bin/strip: crmfenc.o: Bad value error: Bad exit status from /var/tmp/rpm-tmp.pudIld (%install) --- palemoon/palemoon-stackrpms.spec | 5 +++++ palemoon/palemoon.spec | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/palemoon/palemoon-stackrpms.spec b/palemoon/palemoon-stackrpms.spec index 9fc8c4a..ad1fc73 100644 --- a/palemoon/palemoon-stackrpms.spec +++ b/palemoon/palemoon-stackrpms.spec @@ -27,6 +27,11 @@ %define scl_buildreq devtoolset-7-toolchain %endif +# suppress binary strippping on el6 which fails for some reason +%if 0%{?el6} + %global __os_install_post %{nil} +%endif + %if 0%{stackrpms_custom} Name: palemoon-stackrpms Summary: Pale Moon web browser with stackrpms prefs diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec index 05aca70..2b00195 100644 --- a/palemoon/palemoon.spec +++ b/palemoon/palemoon.spec @@ -27,6 +27,11 @@ %define scl_buildreq devtoolset-7-toolchain %endif +# suppress binary strippping on el6 which fails for some reason +%if 0%{?el6} + %global __os_install_post %{nil} +%endif + %if 0%{stackrpms_custom} Name: palemoon-stackrpms Summary: Pale Moon web browser with stackrpms prefs -- cgit From a5ac6b1d868be7d023f8ee327c7b8220d73b297e Mon Sep 17 00:00:00 2001 From: B Stack Date: Thu, 28 Mar 2019 20:22:32 -0400 Subject: WIP: remove unneeded directories for binary package The dpkg cleans up /usr/share/idl, /usr/lib/palemoon-devel, and /usr/include, and the rpm will try that too. --- palemoon/palemoon-stackrpms.spec | 5 +++++ palemoon/palemoon.spec | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/palemoon/palemoon-stackrpms.spec b/palemoon/palemoon-stackrpms.spec index ad1fc73..34a22b7 100644 --- a/palemoon/palemoon-stackrpms.spec +++ b/palemoon/palemoon-stackrpms.spec @@ -142,6 +142,11 @@ rm -rf %{buildroot} installdir=%{_libdir}/%{name} \ sdkdir=%{_libdir}/%{name}-devel \ install + rm -rf %{buildroot}%{_datadir}/idl \ + %{buildroot}%{_libdir}/%{name}-devel \ + %{buildroot}%{_includedir} || : + # remove vestigial duplicate file + rm -rf %{buildroot}%{_libdir}/%{name}/%{appname}-bin || : %endif %if "%{?scl_env}" != "" popd || : diff --git a/palemoon/palemoon.spec b/palemoon/palemoon.spec index 2b00195..7de11a1 100644 --- a/palemoon/palemoon.spec +++ b/palemoon/palemoon.spec @@ -142,6 +142,11 @@ rm -rf %{buildroot} installdir=%{_libdir}/%{name} \ sdkdir=%{_libdir}/%{name}-devel \ install + rm -rf %{buildroot}%{_datadir}/idl \ + %{buildroot}%{_libdir}/%{name}-devel \ + %{buildroot}%{_includedir} || : + # remove vestigial duplicate file + rm -rf %{buildroot}%{_libdir}/%{name}/%{appname}-bin || : %endif %if "%{?scl_env}" != "" popd || : -- cgit From ef86e625bf57de2f3b569de5ea37ea75d74e85cc Mon Sep 17 00:00:00 2001 From: B Stack Date: Fri, 29 Mar 2019 16:09:37 -0400 Subject: palemoon 28.4.1 dpkg --- palemoon/debian/bgstack15-palemoon-prefs.js | 29 ++++++++++++++++++++++++++++ palemoon/debian/bgstack15-prefs.js | 24 ----------------------- palemoon/debian/changelog | 16 +++++++++++++++ palemoon/debian/control | 30 ++++++++++++++--------------- palemoon/debian/install | 2 +- 5 files changed, 61 insertions(+), 40 deletions(-) create mode 100644 palemoon/debian/bgstack15-palemoon-prefs.js delete mode 100644 palemoon/debian/bgstack15-prefs.js diff --git a/palemoon/debian/bgstack15-palemoon-prefs.js b/palemoon/debian/bgstack15-palemoon-prefs.js new file mode 100644 index 0000000..d944010 --- /dev/null +++ b/palemoon/debian/bgstack15-palemoon-prefs.js @@ -0,0 +1,29 @@ +// file: /usr/lib/palemoon/browser/defaults/preferences/bgstack15-palemoon-prefs.js +// deployed with palemoon-stackrpms package (rpm or dpkg) built by bgstack15 +// last modified 2019-03-27 +// reference: +// https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig +pref("browser.allTabs.previews", false); +pref("browser.backspace_action", 0); +pref("browser.ctrlTab.previews", false); +pref("browser.download.useDownloadDir", true); +pref("browser.newtab.choice", 1); +pref("browser.newtabpage.storageVersion", 1); +pref("browser.search.update", false); +pref("browser.sessionstore.restore_on_demand", false); +pref("browser.startup.page", 3); +pref("browser.tabs.closeWindowWithLastTab", false); +pref("captivedetect.canonicalURL", "http://127.0.0.1:9980"); +pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.3.0"); +pref("extensions.shownSelectionUI", true); +pref("extensions.update.autoUpdateDefault", false); +pref("general.warnOnAboutConfig", false); +pref("network.automatic-ntlm-auth.trusted-uris", ".ipa.smith122.com"); +pref("network.cookie.prefsMigrated", true); +pref("network.negotiate-auth.trusted-uris", ".ipa.smith122.com"); +pref("network.stricttransportsecurity.preloadlist", false); +pref("privacy.sanitize.migrateFx3Prefs", true); +pref("security.cert_pinning.enforcement_level", 0); +pref("services.sync.declinedEngines", ""); +pref("toolkit.telemetry.reportingpolicy.firstRun", false); +pref("xpinstall.whitelist.add", ""); diff --git a/palemoon/debian/bgstack15-prefs.js b/palemoon/debian/bgstack15-prefs.js deleted file mode 100644 index ec7ab94..0000000 --- a/palemoon/debian/bgstack15-prefs.js +++ /dev/null @@ -1,24 +0,0 @@ -// file: /usr/lib/palemoon/browser/defaults/preferences/bgstack15-prefs.js -// reference: -// https://support.mozilla.org/en-US/kb/customizing-firefox-using-autoconfig -pref("browser.backspace_action", 0); -pref("browser.allTabs.previews", false); -pref("browser.ctrlTab.previews", false); -pref("browser.download.useDownloadDir", true); -pref("browser.newtab.choice", 1); -pref("browser.newtabpage.storageVersion", 1); -pref("browser.search.update", false); -pref("browser.startup.page", 3); -pref("browser.tabs.closeWindowWithLastTab", false); -pref("captivedetect.canonicalURL", "http://127.0.0.1:9980"); -pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.3.0"); -pref("extensions.shownSelectionUI", true); -pref("extensions.update.autoUpdateDefault", false); -pref("general.warnOnAboutConfig", false); -pref("network.cookie.prefsMigrated", true); -pref("network.stricttransportsecurity.preloadlist", false); -pref("privacy.sanitize.migrateFx3Prefs", true); -pref("security.cert_pinning.enforcement_level", 0); -pref("services.sync.declinedEngines", ""); -pref("toolkit.telemetry.reportingpolicy.firstRun", false); -pref("xpinstall.whitelist.add", ""); diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index 54456ae..24911ec 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,3 +1,19 @@ +palemoon (28.4.1-1devuan) manual; urgency=low + + * New 28.4.1 security and bugfix release: + - Fixed hover state arrows on some controls. + - Fixed potential denial-of-service issues involving FTP (loading of subresources and spamming errors). + - Disabled Microsoft Family Safety (Win 8.1) by default. This prevents security issues as a result of a local MitM setup. + - Added several site-specific overrides (Firefox Send and polyfill.io) to work around website UA-sniffing isues. + - Implemented the origin-clean algorithm for controlling access to image resources. + - Cleaned up the helper application service code. + - Ported applicable security fixes from Mozilla (CVE-2019-9791, CVE-2019-9792, CVE-2019-9796, CVE-2019-9801, CVE-2019-9793, CVE-2019-9794, CVE-2019-9808 and ZDI-CAN-8368). + - Implemented several defense-in-depth measures (for CVE-2019-9790, CVE-2019-9797, CVE-2019-9804, and a JavaScript issue). + - Fixed several memory safety hazards and crashes. + - Binaries are now code-signed again (including the setup program for the installer). + + -- B Stack Fri, 29 Mar 2019 14:42:19 -0500 + palemoon (28.4.0-1devuan) manual; urgency=low * Import new 28.4.0 major development and security release: diff --git a/palemoon/debian/control b/palemoon/debian/control index a7f177f..f005f55 100644 --- a/palemoon/debian/control +++ b/palemoon/debian/control @@ -4,27 +4,27 @@ Priority: optional Maintainer: B Stack Bugs: mailto: XSBC-Original-Maintainer: Steven Pusser -Build-Depends: debhelper (>= 9), +Build-Depends: autoconf2.13, + debhelper (>= 9), gcc (>= 4.9), - autoconf2.13, - python (>= 2.7), - unzip, - zip, - pkg-config, + libasound2-dev, + libbz2-dev, + libdbus-glib-1-dev (>= 0.60), + libegl1-mesa-dev, libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), - libdbus-glib-1-dev (>= 0.60), - yasm (>= 1.1), - libasound2-dev, libpulse-dev, - libxt-dev, - libegl1-mesa-dev, - libx11-xcb-dev, - zlib1g-dev, - libssl-dev, libsqlite3-dev, - libbz2-dev, + libssl-dev, + libx11-xcb-dev, + libxt-dev, + pkg-config, + python (>= 2.7), python-dbus, + unzip, + yasm (>= 1.1), + zip, + zlib1g-dev, Standards-Version: 3.9.6 Homepage: http://www.palemoon.org/ diff --git a/palemoon/debian/install b/palemoon/debian/install index e04cc8f..506544e 100644 --- a/palemoon/debian/install +++ b/palemoon/debian/install @@ -1,2 +1,2 @@ application/palemoon/branding/official/palemoon.desktop usr/share/applications -debian/bgstack15-prefs.js /usr/lib/palemoon/browser/defaults/preferences/ +debian/bgstack15-palemoon-prefs.js /usr/lib/palemoon/browser/defaults/preferences/ -- cgit