From 5bf076fa8606ecf6cc3cd1669a6b8056e2fd08cb Mon Sep 17 00:00:00 2001 From: B Stack Date: Tue, 2 Mar 2021 21:59:57 -0500 Subject: nm 29.1.0 rc1 --- newmoon/debian/changelog | 127 +++++++++++++++++++++++++------------- newmoon/debian/newmoon+devuan.dsc | 2 +- 2 files changed, 86 insertions(+), 43 deletions(-) (limited to 'newmoon/debian') diff --git a/newmoon/debian/changelog b/newmoon/debian/changelog index 24b5b2c..6dfdd11 100644 --- a/newmoon/debian/changelog +++ b/newmoon/debian/changelog @@ -1,3 +1,46 @@ +newmoon (29.1.0-1+devuan) obs; urgency=medium + + * New features: + - Language packs for the following newly-supported languages: + Arabic (ar), Chinese Traditional (zh-TW), Croatian (hr), Danish (da), + Finnish (fi), Galician (gl), Indonesian (id), Icelandic (is), Japanese + (ja), Romanian (ro), Serbian (cyrillic) (sr), Slovenian (sl), Thai (th) + - Implemented String.prototype.replaceAll(). + - Implemented JSON superset proposal. + - Implemented well-formed JSON stringify. + - Implemented numeric separators in JavaScript. + * Changes/fixes: + - Updated timezone data to 2021a. + - Updated the wording and inclusion of more select license blocks + in about:license. + - Updated some site-specific user-agent overrides for web + compatibility. + - Updated the lz4 library for performance and security updates. + - Improved performance of JSON stringify. + - Further improved support for building on FreeBSD. + - Fixed a regression where changes to useragent compatibility + required a restart to take effect. + - Fixed a regression where AES-GCM in WebCrypto ("subtle" crypto + API) wasn't working. + - This could make certain login procedures fail to work. + - Fixed a full browser deadlock when page scripting would flood + browsing history with rapid location state changes. + - Disabled AV1 codec use by default again since our implementation + has significant streaming issues (particularly audio) that needs + further work. + - Added required interaction with file/folder open dialog boxes on + html file input elements on some operating systems to avoid malicious + content tricking users into uploading sensitive files unintentionally + (related to CVE-2021-23956). + - Added a font sanity check to avoid triggering a potential + vulnerability on unpatched Windows operating systems (related to + CVE-2021-24093). + - Security issues addressed: CVE-2021-23974, CVE-2021-23973 and + several memory safety hazards that don't have CVE numbers. + - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 2 + DiD, 19 not applicable. + + -- B. Stack Tue, 02 Mar 2021 21:53:23 -0500 newmoon (29.0.1-1+devuan) obs; urgency=medium * Changes/fixes: @@ -64,56 +107,56 @@ newmoon (29.0.0-1+devuan) obs; urgency=medium newmoon (28.17.0-1+devuan) obs; urgency=low * This is a development, bugfix and security update. - - Changed the way dates and times are formatted in the UI to + - Changed the way dates and times are formatted in the UI to properly adhere to the user's regional settings in the O.S. - Re-enabled the DOM Filesystem API for web compatibility. - - Moved the global user-agent override to the networking component. + - Moved the global user-agent override to the networking component. See implementation notes. - - Worked around crashes and run-time issues with module scripts. + - Worked around crashes and run-time issues with module scripts. See implementation notes. - - Fixed a website layout issue with table-styled elements + - Fixed a website layout issue with table-styled elements potentially overlapping when placed inside a flexbox. - Fixed some code logic issues with websockets. - - Fixed a regression when waking the computer from standby causing + - Fixed a regression when waking the computer from standby causing high CPU usage in some uncommon situations. - - Updated the list of prohibited ports the browser can use. See + - Updated the list of prohibited ports the browser can use. See implementation notes. - Updated root certificates. - - Windows: Changed the way downloaded files without an extension + - Windows: Changed the way downloaded files without an extension are handled. See implementation notes. - Mac-beta: Improved version detection of MacOS including Big Sur. - Security issues addressed: CVE-2020-26978 and CVE-2020-35112. - - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 + - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 1 deferred to the next release, 16 not applicable. - - The global user-agent override was moved to the networking - component where it is actually implemented. The new preference name is - network.http.useragent.global_override. Please note that using a - blanket override is normally (very) counterproductive and does not, in - fact, help much with privacy. It would also override the compatibility - modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will - now warn you if the user-agent is globally overridden (in preferences) - and allow you to easily reset that override and re-enable the various + - The global user-agent override was moved to the networking + component where it is actually implemented. The new preference name is + network.http.useragent.global_override. Please note that using a + blanket override is normally (very) counterproductive and does not, in + fact, help much with privacy. It would also override the compatibility + modes (Native/Gecko/Firefox) in Pale Moon. As such, the browser will + now warn you if the user-agent is globally overridden (in preferences) + and allow you to easily reset that override and re-enable the various compatibility modes. - - Module scripting caused some persistent and very hard to track - browser crashes that we've narrowed down to a specific optimization in - the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This - optimization is now disabled by default but if you need that little - extra performance (usually only noticed in very optimized code or some - benchmarks) then you can re-enable it, trading in stability, by setting + - Module scripting caused some persistent and very hard to track + browser crashes that we've narrowed down to a specific optimization in + the JavaScript JIT (Just-In-Time) compiler (IonMonkey). This + optimization is now disabled by default but if you need that little + extra performance (usually only noticed in very optimized code or some + benchmarks) then you can re-enable it, trading in stability, by setting the new preference javascript.options.ion.inlining to true. - - Prohibited ports: Pale Moon maintains a blacklist of ports the - browser may normally not connect to on servers, to mitigate abusive web - scripting employing your browser as an attack bot on servers (e.g. by - connecting to mail servers or what not), NAT slipstreaming, and similar - security issues. To more thoroughly prevent known abusable ports on - servers, this list was extended with a number of additional default + - Prohibited ports: Pale Moon maintains a blacklist of ports the + browser may normally not connect to on servers, to mitigate abusive web + scripting employing your browser as an attack bot on servers (e.g. by + connecting to mail servers or what not), NAT slipstreaming, and similar + security issues. To more thoroughly prevent known abusable ports on + servers, this list was extended with a number of additional default ports for various non-http protocols. - - Downloaded files without a file extension: When a file without an - extension is downloaded, we will now open the download folder where you - may choose to take any specific action manually, instead of trying to + - Downloaded files without a file extension: When a file without an + extension is downloaded, we will now open the download folder where you + may choose to take any specific action manually, instead of trying to execute it as a program or through an associated program. - -- Ben Stack Fri, 18 Dec 2020 13:52:12 -0500 + -- B. Stack Fri, 18 Dec 2020 13:52:12 -0500 newmoon (28.16.0-1+devuan) obs; urgency=low @@ -152,7 +195,7 @@ newmoon (28.16.0-1+devuan) obs; urgency=low - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4 defense-in-depth, 3 rejected, 20 not applicable. - -- Ben Stack Wed, 25 Nov 2020 09:13:05 -0500 + -- B. Stack Wed, 25 Nov 2020 09:13:05 -0500 newmoon (28.15.0-1+devuan) obs; urgency=low @@ -168,37 +211,37 @@ newmoon (28.15.0-1+devuan) obs; urgency=low * disable eme to match palemoon. * so now newmoon's only changes are config location and branding. - -- Ben Stack Tue, 27 Oct 2020 20:05:31 -0400 + -- B. Stack Tue, 27 Oct 2020 20:05:31 -0400 newmoon (28.14.2-3+devuan) obs; urgency=low * disable all use-system options to see if stability returns - -- Ben Stack Fri, 23 Oct 2020 14:58:17 -0400 + -- B. Stack Fri, 23 Oct 2020 14:58:17 -0400 newmoon (28.14.2-2+devuan) obs; urgency=low * revert to gtk2 to see if stability returns - -- Ben Stack Fri, 23 Oct 2020 22:40:55 -0400 + -- B. Stack Fri, 23 Oct 2020 22:40:55 -0400 newmoon (28.14.2-1+devuan) obs; urgency=low * Update version - -- Ben Stack Mon, 05 Oct 2020 09:07:33 -0400 + -- B. Stack Mon, 05 Oct 2020 09:07:33 -0400 newmoon (28.13.0-5+devuan) obs; urgency=medium * Import bluemoon icons from Gord N. Squash - -- Ben Stack Wed, 16 Sep 2020 19:16:08 -0400 + -- B. Stack Wed, 16 Sep 2020 19:16:08 -0400 newmoon (28.13.0-4+devuan) obs; urgency=low * Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release - -- Ben Stack Wed, 09 Sep 2020 14:43:04 -0400 + -- B. Stack Wed, 09 Sep 2020 14:43:04 -0400 newmoon (28.13.0-3+devuan) obs; urgency=medium @@ -253,7 +296,7 @@ newmoon (28.13.0-3+devuan) obs; urgency=medium users to enable this function for websites that use its utility but do not use WebComponents. - -- Ben Stack Fri, 04 Sep 2020 19:50:02 -0400 + -- B. Stack Fri, 04 Sep 2020 19:50:02 -0400 newmoon (28.12.0-2+devuan) obs; urgency=low @@ -264,10 +307,10 @@ newmoon (28.12.0-2+devuan) obs; urgency=low - enable webrtc - enable system libraries for everything possible - -- Ben Stack Thu, 27 Aug 2020 16:55:11 -0400 + -- B. Stack Thu, 27 Aug 2020 16:55:11 -0400 newmoon (28.12.0-1+devuan) UNRELEASED; urgency=low * First release of newmoon. - -- Ben Stack Wed, 05 Aug 2020 14:43:18 -0400 + -- B. Stack Wed, 05 Aug 2020 14:43:18 -0400 diff --git a/newmoon/debian/newmoon+devuan.dsc b/newmoon/debian/newmoon+devuan.dsc index ff2b2fc..f8dc554 100644 --- a/newmoon/debian/newmoon+devuan.dsc +++ b/newmoon/debian/newmoon+devuan.dsc @@ -2,7 +2,7 @@ Format: 3.0 (quilt) Source: newmoon Binary: newmoon Architecture: any -Version: 29.0.1-1+devuan +Version: 29.1.0-1+devuan Maintainer: B Stack Homepage: http://www.palemoon.org/ Standards-Version: 4.1.4 -- cgit