From caeabb1a92096fa6b5d308ff1c77d4f4e99ae744 Mon Sep 17 00:00:00 2001 From: B Stack Date: Thu, 26 Mar 2020 07:57:26 -0400 Subject: pm 28.9.0.2 rpm and dpkg rc1 --- palemoon/debian/changelog | 70 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) (limited to 'palemoon/debian/changelog') diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog index 67d8f95..68e0945 100644 --- a/palemoon/debian/changelog +++ b/palemoon/debian/changelog @@ -1,3 +1,73 @@ +palemoon (28.9.0.2-1+devuan) obs; urgency=medium + + * This is a small bugfix update addressing 2 more important issues in 28.9.0. + - Fixed an issue with browser migration and initialization code causing various browser run-time problems. + - Fixed an issue with cache behavior where some users would have trouble having their windows and tabs restored in "soft refresh" mode (see v28.9.0 release notes). + - To solve this, we reverted to the previous (pull from cache) mode for now while we investigate the cause. + + -- Ben Stack Thu, 26 Mar 2020 07:50:02 -0400 + +palemoon (28.9.0.1-1+devuan) UNRELEASED; urgency=medium + + * From releasenotes.shtml: This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users. + + -- Ben Stack Thu, 26 Mar 2020 06:50:02 -0400 + +palemoon (28.9.0-1+devuan) UNRELEASED; urgency=medium + + * From releasenotes.shtml: This is a major development update. + * New features + - Implemented asynchronous iterators (`await iterator.next()` and `for await` loops) (ES2018) + - Implemented promise-based media playback. + - Implemented non-standard legacy CSSStyleSheet rules functions. + - Implemented the html5 `` element. To switch this on, flip `dom.dialog_element.enabled` to true. + - Implemented the optional hiding of pinned tabs in CtrlTab/AllTab panes. (controlled through the preferences `browser.ctrlTab.hidePinnedTabs` and `browser.allTabs.hidePinnedTabs`) + - Added 1.25x playback speed to html media elements. + - Added a hidden pref (`browser.places.smartBookmarks.max`) to control the sizes of default smart bookmarks categories. + * Changes/fixes + - Aligned `document.open()` with the overhauled specification. + - Aligned the way DOM styles are computed with mainstream browser behavior. + - Removed the (unused) DOM promise implementation. + - Enabled seeking to next frame in media files. + - Enabled dynamic UA updates for emergency use. + - Implemented rule processing stub for font-variation-settings. + - Increased the maximum XML nesting depth to 2048 levels for extreme corner cases and to conservatively align with other browsers. + - Improved the privacy of geolocation lookup calls, with thanks to a generous service donation from ip-api.com + - Improved reporting of the operating system in site-specific user-agent overrides. + - Improved table drawing performance again after the rewrite for sticky positioning making it slower. + - Updated CSP processing to allow custom scheme wildcards to be specified without a port. + - Aligned the behavior of outlines with other browsers when dealing with CSS-repositioned elements. + - Changed the way hardware acceleration is controlled from the application. + - Changed the default monospace font for main languages from Courier New to Consolas. + - This provides a more balanced font for fixed-width text that is slightly more condensed and more in line with the naturally compacter variable-width fonts used everywhere else. + - Changed the browser's behavior when restoring tabs from previous sessions. To prevent stale pages, it will now by default perform a "soft refresh" of the page instead of drawing it purely from cache without checking if the page needs updating. If you prefer the old behavior, set `browser.sessionstore.cache_behavior` to 0 in about:config. + - Updated NSPR to 4.24 and NSS to ~3.48.1-RTM, removing the previous custom patch level with NSS being able to support custom rounds for DBM now. + - For extensive release notes with all NSS changes, see [NSS_Releases](https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases) + - Implemented an NSS performance optimization for Master Password use with limited effect. + - Fixed some potential crashing scenarios with WebGL on Linux. + - Completely removed `showModalDialog`. + - Disabled some logging in production builds. + - Removed various gadgeteering/redundant/dead DOM APIs (casting/presentation, FlyWeb) + - Removed support for a number of critical libraries being system-supplied. + - Removed "Copy raw data" button from the troubleshooting information page, since it's never used by us in that format, and users mistakenly keep using it instead of copying text. + - Removed a bunch of Android and iOS support code. + - Fixed an issue with form elements sometimes being incorrectly disabled. + - Fixed several crashes. + - Fixed an issue with Captive Portal detection sometimes firing even when disabled by the user. + - Performed various tree-wide code cleanups. + - Backed out a large code cleanup patch for causing subtle issues in website operation (e.g. WordPress). This will have to be revisited later; the reintroduced code is not in use in practice. + - Cleaned up the application updater code. + * Security-related fixes: + - Fixed a potential pointer issue in cubeb. DiD + - Disabled allowing remote jar: URIs by default for security reasons. If you need this functionality for your non-standard environment, you can enable it with the preference `network.jar.block-remote-files`, but please consider moving away from this method of providing web-based applications. + - Removed a potentially dangerous and otherwise ineffective optimization from the JavaScript engine. + - Fixed unwanted behavior where created/focused pop-up windows could potentially cover the DOM fullscreen notification, hiding it from users. (CVE-2020-6810) + - Fixed an issue where copying data as a curl request from developer tools would not properly escape parameters. (CVE-2020-6811) + - Updated our sctp library code with several upstream fixes. + - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable. + + -- Ben Stack Thu, 26 Mar 2020 05:50:02 -0400 + palemoon (28.8.4-1+devuan) obs; urgency=low * From releasenotes.shtml: This is a small security and compatibility update. -- cgit