From 01a9822e17e555568a7f3a8b5b5ad50d5599489f Mon Sep 17 00:00:00 2001 From: B Stack Date: Sat, 26 Jan 2019 15:31:03 +0000 Subject: Palemoon dpkg for devuan --- palemoon/debian/MPL-1.1 | 470 +++++++ palemoon/debian/MPL-2.0 | 373 ++++++ palemoon/debian/changelog | 1544 ++++++++++++++++++++++ palemoon/debian/compat | 1 + palemoon/debian/control | 46 + palemoon/debian/copyright | 1975 ++++++++++++++++++++++++++++ palemoon/debian/docs | 2 + palemoon/debian/install | 1 + palemoon/debian/make.mk | 14 + palemoon/debian/mozconfig | 51 + palemoon/debian/palemoon.links | 6 + palemoon/debian/palemoon.lintian-overrides | 3 + palemoon/debian/palemoon.postinst | 11 + palemoon/debian/palemoon.prerm | 8 + palemoon/debian/rules | 30 + palemoon/debian/source/format | 1 + palemoon/debian/source/include-binaries | 10 + 17 files changed, 4546 insertions(+) create mode 100644 palemoon/debian/MPL-1.1 create mode 100644 palemoon/debian/MPL-2.0 create mode 100644 palemoon/debian/changelog create mode 100644 palemoon/debian/compat create mode 100644 palemoon/debian/control create mode 100644 palemoon/debian/copyright create mode 100644 palemoon/debian/docs create mode 100644 palemoon/debian/install create mode 100644 palemoon/debian/make.mk create mode 100644 palemoon/debian/mozconfig create mode 100644 palemoon/debian/palemoon.links create mode 100644 palemoon/debian/palemoon.lintian-overrides create mode 100755 palemoon/debian/palemoon.postinst create mode 100755 palemoon/debian/palemoon.prerm create mode 100755 palemoon/debian/rules create mode 100644 palemoon/debian/source/format create mode 100644 palemoon/debian/source/include-binaries (limited to 'palemoon') diff --git a/palemoon/debian/MPL-1.1 b/palemoon/debian/MPL-1.1 new file mode 100644 index 0000000..7714141 --- /dev/null +++ b/palemoon/debian/MPL-1.1 @@ -0,0 +1,470 @@ + MOZILLA PUBLIC LICENSE + Version 1.1 + + --------------- + +1. Definitions. + + 1.0.1. "Commercial Use" means distribution or otherwise making the + Covered Code available to a third party. + + 1.1. "Contributor" means each entity that creates or contributes to + the creation of Modifications. + + 1.2. "Contributor Version" means the combination of the Original + Code, prior Modifications used by a Contributor, and the Modifications + made by that particular Contributor. + + 1.3. "Covered Code" means the Original Code or Modifications or the + combination of the Original Code and Modifications, in each case + including portions thereof. + + 1.4. "Electronic Distribution Mechanism" means a mechanism generally + accepted in the software development community for the electronic + transfer of data. + + 1.5. "Executable" means Covered Code in any form other than Source + Code. + + 1.6. "Initial Developer" means the individual or entity identified + as the Initial Developer in the Source Code notice required by Exhibit + A. + + 1.7. "Larger Work" means a work which combines Covered Code or + portions thereof with code not governed by the terms of this License. + + 1.8. "License" means this document. + + 1.8.1. "Licensable" means having the right to grant, to the maximum + extent possible, whether at the time of the initial grant or + subsequently acquired, any and all of the rights conveyed herein. + + 1.9. "Modifications" means any addition to or deletion from the + substance or structure of either the Original Code or any previous + Modifications. When Covered Code is released as a series of files, a + Modification is: + A. Any addition to or deletion from the contents of a file + containing Original Code or previous Modifications. + + B. Any new file that contains any part of the Original Code or + previous Modifications. + + 1.10. "Original Code" means Source Code of computer software code + which is described in the Source Code notice required by Exhibit A as + Original Code, and which, at the time of its release under this + License is not already Covered Code governed by this License. + + 1.10.1. "Patent Claims" means any patent claim(s), now owned or + hereafter acquired, including without limitation, method, process, + and apparatus claims, in any patent Licensable by grantor. + + 1.11. "Source Code" means the preferred form of the Covered Code for + making modifications to it, including all modules it contains, plus + any associated interface definition files, scripts used to control + compilation and installation of an Executable, or source code + differential comparisons against either the Original Code or another + well known, available Covered Code of the Contributor's choice. The + Source Code can be in a compressed or archival form, provided the + appropriate decompression or de-archiving software is widely available + for no charge. + + 1.12. "You" (or "Your") means an individual or a legal entity + exercising rights under, and complying with all of the terms of, this + License or a future version of this License issued under Section 6.1. + For legal entities, "You" includes any entity which controls, is + controlled by, or is under common control with You. For purposes of + this definition, "control" means (a) the power, direct or indirect, + to cause the direction or management of such entity, whether by + contract or otherwise, or (b) ownership of more than fifty percent + (50%) of the outstanding shares or beneficial ownership of such + entity. + +2. Source Code License. + + 2.1. The Initial Developer Grant. + The Initial Developer hereby grants You a world-wide, royalty-free, + non-exclusive license, subject to third party intellectual property + claims: + (a) under intellectual property rights (other than patent or + trademark) Licensable by Initial Developer to use, reproduce, + modify, display, perform, sublicense and distribute the Original + Code (or portions thereof) with or without Modifications, and/or + as part of a Larger Work; and + + (b) under Patents Claims infringed by the making, using or + selling of Original Code, to make, have made, use, practice, + sell, and offer for sale, and/or otherwise dispose of the + Original Code (or portions thereof). + + (c) the licenses granted in this Section 2.1(a) and (b) are + effective on the date Initial Developer first distributes + Original Code under the terms of this License. + + (d) Notwithstanding Section 2.1(b) above, no patent license is + granted: 1) for code that You delete from the Original Code; 2) + separate from the Original Code; or 3) for infringements caused + by: i) the modification of the Original Code or ii) the + combination of the Original Code with other software or devices. + + 2.2. Contributor Grant. + Subject to third party intellectual property claims, each Contributor + hereby grants You a world-wide, royalty-free, non-exclusive license + + (a) under intellectual property rights (other than patent or + trademark) Licensable by Contributor, to use, reproduce, modify, + display, perform, sublicense and distribute the Modifications + created by such Contributor (or portions thereof) either on an + unmodified basis, with other Modifications, as Covered Code + and/or as part of a Larger Work; and + + (b) under Patent Claims infringed by the making, using, or + selling of Modifications made by that Contributor either alone + and/or in combination with its Contributor Version (or portions + of such combination), to make, use, sell, offer for sale, have + made, and/or otherwise dispose of: 1) Modifications made by that + Contributor (or portions thereof); and 2) the combination of + Modifications made by that Contributor with its Contributor + Version (or portions of such combination). + + (c) the licenses granted in Sections 2.2(a) and 2.2(b) are + effective on the date Contributor first makes Commercial Use of + the Covered Code. + + (d) Notwithstanding Section 2.2(b) above, no patent license is + granted: 1) for any code that Contributor has deleted from the + Contributor Version; 2) separate from the Contributor Version; + 3) for infringements caused by: i) third party modifications of + Contributor Version or ii) the combination of Modifications made + by that Contributor with other software (except as part of the + Contributor Version) or other devices; or 4) under Patent Claims + infringed by Covered Code in the absence of Modifications made by + that Contributor. + +3. Distribution Obligations. + + 3.1. Application of License. + The Modifications which You create or to which You contribute are + governed by the terms of this License, including without limitation + Section 2.2. The Source Code version of Covered Code may be + distributed only under the terms of this License or a future version + of this License released under Section 6.1, and You must include a + copy of this License with every copy of the Source Code You + distribute. You may not offer or impose any terms on any Source Code + version that alters or restricts the applicable version of this + License or the recipients' rights hereunder. However, You may include + an additional document offering the additional rights described in + Section 3.5. + + 3.2. Availability of Source Code. + Any Modification which You create or to which You contribute must be + made available in Source Code form under the terms of this License + either on the same media as an Executable version or via an accepted + Electronic Distribution Mechanism to anyone to whom you made an + Executable version available; and if made available via Electronic + Distribution Mechanism, must remain available for at least twelve (12) + months after the date it initially became available, or at least six + (6) months after a subsequent version of that particular Modification + has been made available to such recipients. You are responsible for + ensuring that the Source Code version remains available even if the + Electronic Distribution Mechanism is maintained by a third party. + + 3.3. Description of Modifications. + You must cause all Covered Code to which You contribute to contain a + file documenting the changes You made to create that Covered Code and + the date of any change. You must include a prominent statement that + the Modification is derived, directly or indirectly, from Original + Code provided by the Initial Developer and including the name of the + Initial Developer in (a) the Source Code, and (b) in any notice in an + Executable version or related documentation in which You describe the + origin or ownership of the Covered Code. + + 3.4. Intellectual Property Matters + (a) Third Party Claims. + If Contributor has knowledge that a license under a third party's + intellectual property rights is required to exercise the rights + granted by such Contributor under Sections 2.1 or 2.2, + Contributor must include a text file with the Source Code + distribution titled "LEGAL" which describes the claim and the + party making the claim in sufficient detail that a recipient will + know whom to contact. If Contributor obtains such knowledge after + the Modification is made available as described in Section 3.2, + Contributor shall promptly modify the LEGAL file in all copies + Contributor makes available thereafter and shall take other steps + (such as notifying appropriate mailing lists or newsgroups) + reasonably calculated to inform those who received the Covered + Code that new knowledge has been obtained. + + (b) Contributor APIs. + If Contributor's Modifications include an application programming + interface and Contributor has knowledge of patent licenses which + are reasonably necessary to implement that API, Contributor must + also include this information in the LEGAL file. + + (c) Representations. + Contributor represents that, except as disclosed pursuant to + Section 3.4(a) above, Contributor believes that Contributor's + Modifications are Contributor's original creation(s) and/or + Contributor has sufficient rights to grant the rights conveyed by + this License. + + 3.5. Required Notices. + You must duplicate the notice in Exhibit A in each file of the Source + Code. If it is not possible to put such notice in a particular Source + Code file due to its structure, then You must include such notice in a + location (such as a relevant directory) where a user would be likely + to look for such a notice. If You created one or more Modification(s) + You may add your name as a Contributor to the notice described in + Exhibit A. You must also duplicate this License in any documentation + for the Source Code where You describe recipients' rights or ownership + rights relating to Covered Code. You may choose to offer, and to + charge a fee for, warranty, support, indemnity or liability + obligations to one or more recipients of Covered Code. However, You + may do so only on Your own behalf, and not on behalf of the Initial + Developer or any Contributor. You must make it absolutely clear than + any such warranty, support, indemnity or liability obligation is + offered by You alone, and You hereby agree to indemnify the Initial + Developer and every Contributor for any liability incurred by the + Initial Developer or such Contributor as a result of warranty, + support, indemnity or liability terms You offer. + + 3.6. Distribution of Executable Versions. + You may distribute Covered Code in Executable form only if the + requirements of Section 3.1-3.5 have been met for that Covered Code, + and if You include a notice stating that the Source Code version of + the Covered Code is available under the terms of this License, + including a description of how and where You have fulfilled the + obligations of Section 3.2. The notice must be conspicuously included + in any notice in an Executable version, related documentation or + collateral in which You describe recipients' rights relating to the + Covered Code. You may distribute the Executable version of Covered + Code or ownership rights under a license of Your choice, which may + contain terms different from this License, provided that You are in + compliance with the terms of this License and that the license for the + Executable version does not attempt to limit or alter the recipient's + rights in the Source Code version from the rights set forth in this + License. If You distribute the Executable version under a different + license You must make it absolutely clear that any terms which differ + from this License are offered by You alone, not by the Initial + Developer or any Contributor. You hereby agree to indemnify the + Initial Developer and every Contributor for any liability incurred by + the Initial Developer or such Contributor as a result of any such + terms You offer. + + 3.7. Larger Works. + You may create a Larger Work by combining Covered Code with other code + not governed by the terms of this License and distribute the Larger + Work as a single product. In such a case, You must make sure the + requirements of this License are fulfilled for the Covered Code. + +4. Inability to Comply Due to Statute or Regulation. + + If it is impossible for You to comply with any of the terms of this + License with respect to some or all of the Covered Code due to + statute, judicial order, or regulation then You must: (a) comply with + the terms of this License to the maximum extent possible; and (b) + describe the limitations and the code they affect. Such description + must be included in the LEGAL file described in Section 3.4 and must + be included with all distributions of the Source Code. Except to the + extent prohibited by statute or regulation, such description must be + sufficiently detailed for a recipient of ordinary skill to be able to + understand it. + +5. Application of this License. + + This License applies to code to which the Initial Developer has + attached the notice in Exhibit A and to related Covered Code. + +6. Versions of the License. + + 6.1. New Versions. + Netscape Communications Corporation ("Netscape") may publish revised + and/or new versions of the License from time to time. Each version + will be given a distinguishing version number. + + 6.2. Effect of New Versions. + Once Covered Code has been published under a particular version of the + License, You may always continue to use it under the terms of that + version. You may also choose to use such Covered Code under the terms + of any subsequent version of the License published by Netscape. No one + other than Netscape has the right to modify the terms applicable to + Covered Code created under this License. + + 6.3. Derivative Works. + If You create or use a modified version of this License (which you may + only do in order to apply it to code which is not already Covered Code + governed by this License), You must (a) rename Your license so that + the phrases "Mozilla", "MOZILLAPL", "MOZPL", "Netscape", + "MPL", "NPL" or any confusingly similar phrase do not appear in your + license (except to note that your license differs from this License) + and (b) otherwise make it clear that Your version of the license + contains terms which differ from the Mozilla Public License and + Netscape Public License. (Filling in the name of the Initial + Developer, Original Code or Contributor in the notice described in + Exhibit A shall not of themselves be deemed to be modifications of + this License.) + +7. DISCLAIMER OF WARRANTY. + + COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, + WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE IS FREE OF + DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. + THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE + IS WITH YOU. SHOULD ANY COVERED CODE PROVE DEFECTIVE IN ANY RESPECT, + YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE + COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER + OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF + ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER. + +8. TERMINATION. + + 8.1. This License and the rights granted hereunder will terminate + automatically if You fail to comply with terms herein and fail to cure + such breach within 30 days of becoming aware of the breach. All + sublicenses to the Covered Code which are properly granted shall + survive any termination of this License. Provisions which, by their + nature, must remain in effect beyond the termination of this License + shall survive. + + 8.2. If You initiate litigation by asserting a patent infringement + claim (excluding declatory judgment actions) against Initial Developer + or a Contributor (the Initial Developer or Contributor against whom + You file such action is referred to as "Participant") alleging that: + + (a) such Participant's Contributor Version directly or indirectly + infringes any patent, then any and all rights granted by such + Participant to You under Sections 2.1 and/or 2.2 of this License + shall, upon 60 days notice from Participant terminate prospectively, + unless if within 60 days after receipt of notice You either: (i) + agree in writing to pay Participant a mutually agreeable reasonable + royalty for Your past and future use of Modifications made by such + Participant, or (ii) withdraw Your litigation claim with respect to + the Contributor Version against such Participant. If within 60 days + of notice, a reasonable royalty and payment arrangement are not + mutually agreed upon in writing by the parties or the litigation claim + is not withdrawn, the rights granted by Participant to You under + Sections 2.1 and/or 2.2 automatically terminate at the expiration of + the 60 day notice period specified above. + + (b) any software, hardware, or device, other than such Participant's + Contributor Version, directly or indirectly infringes any patent, then + any rights granted to You by such Participant under Sections 2.1(b) + and 2.2(b) are revoked effective as of the date You first made, used, + sold, distributed, or had made, Modifications made by that + Participant. + + 8.3. If You assert a patent infringement claim against Participant + alleging that such Participant's Contributor Version directly or + indirectly infringes any patent where such claim is resolved (such as + by license or settlement) prior to the initiation of patent + infringement litigation, then the reasonable value of the licenses + granted by such Participant under Sections 2.1 or 2.2 shall be taken + into account in determining the amount or value of any payment or + license. + + 8.4. In the event of termination under Sections 8.1 or 8.2 above, + all end user license agreements (excluding distributors and resellers) + which have been validly granted by You or any distributor hereunder + prior to termination shall survive termination. + +9. LIMITATION OF LIABILITY. + + UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT + (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL + DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, + OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR + ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY + CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, + WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER + COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN + INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF + LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY + RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW + PROHIBITS SUCH LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE + EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO + THIS EXCLUSION AND LIMITATION MAY NOT APPLY TO YOU. + +10. U.S. GOVERNMENT END USERS. + + The Covered Code is a "commercial item," as that term is defined in + 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial computer + software" and "commercial computer software documentation," as such + terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 + C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), + all U.S. Government End Users acquire Covered Code with only those + rights set forth herein. + +11. MISCELLANEOUS. + + This License represents the complete agreement concerning subject + matter hereof. If any provision of this License is held to be + unenforceable, such provision shall be reformed only to the extent + necessary to make it enforceable. This License shall be governed by + California law provisions (except to the extent applicable law, if + any, provides otherwise), excluding its conflict-of-law provisions. + With respect to disputes in which at least one party is a citizen of, + or an entity chartered or registered to do business in the United + States of America, any litigation relating to this License shall be + subject to the jurisdiction of the Federal Courts of the Northern + District of California, with venue lying in Santa Clara County, + California, with the losing party responsible for costs, including + without limitation, court costs and reasonable attorneys' fees and + expenses. The application of the United Nations Convention on + Contracts for the International Sale of Goods is expressly excluded. + Any law or regulation which provides that the language of a contract + shall be construed against the drafter shall not apply to this + License. + +12. RESPONSIBILITY FOR CLAIMS. + + As between Initial Developer and the Contributors, each party is + responsible for claims and damages arising, directly or indirectly, + out of its utilization of rights under this License and You agree to + work with Initial Developer and Contributors to distribute such + responsibility on an equitable basis. Nothing herein is intended or + shall be deemed to constitute any admission of liability. + +13. MULTIPLE-LICENSED CODE. + + Initial Developer may designate portions of the Covered Code as + "Multiple-Licensed". "Multiple-Licensed" means that the Initial + Developer permits you to utilize portions of the Covered Code under + Your choice of the NPL or the alternative licenses, if any, specified + by the Initial Developer in the file described in Exhibit A. + +EXHIBIT A -Mozilla Public License. + + ``The contents of this file are subject to the Mozilla Public License + Version 1.1 (the "License"); you may not use this file except in + compliance with the License. You may obtain a copy of the License at + http://www.mozilla.org/MPL/ + + Software distributed under the License is distributed on an "AS IS" + basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the + License for the specific language governing rights and limitations + under the License. + + The Original Code is ______________________________________. + + The Initial Developer of the Original Code is ________________________. + Portions created by ______________________ are Copyright (C) ______ + _______________________. All Rights Reserved. + + Contributor(s): ______________________________________. + + Alternatively, the contents of this file may be used under the terms + of the _____ license (the "[___] License"), in which case the + provisions of [______] License are applicable instead of those + above. If you wish to allow use of your version of this file only + under the terms of the [____] License and not to allow others to use + your version of this file under the MPL, indicate your decision by + deleting the provisions above and replace them with the notice and + other provisions required by the [___] License. If you do not delete + the provisions above, a recipient may use your version of this file + under either the MPL or the [___] License." + + [NOTE: The text of this Exhibit A may differ slightly from the text of + the notices in the Source Code files of the Original Code. You should + use the text of this Exhibit A rather than the text found in the + Original Code Source Code for Your Modifications.] + diff --git a/palemoon/debian/MPL-2.0 b/palemoon/debian/MPL-2.0 new file mode 100644 index 0000000..14e2f77 --- /dev/null +++ b/palemoon/debian/MPL-2.0 @@ -0,0 +1,373 @@ +Mozilla Public License Version 2.0 +================================== + +1. Definitions +-------------- + +1.1. "Contributor" + means each individual or legal entity that creates, contributes to + the creation of, or owns Covered Software. + +1.2. "Contributor Version" + means the combination of the Contributions of others (if any) used + by a Contributor and that particular Contributor's Contribution. + +1.3. "Contribution" + means Covered Software of a particular Contributor. + +1.4. "Covered Software" + means Source Code Form to which the initial Contributor has attached + the notice in Exhibit A, the Executable Form of such Source Code + Form, and Modifications of such Source Code Form, in each case + including portions thereof. + +1.5. "Incompatible With Secondary Licenses" + means + + (a) that the initial Contributor has attached the notice described + in Exhibit B to the Covered Software; or + + (b) that the Covered Software was made available under the terms of + version 1.1 or earlier of the License, but not also under the + terms of a Secondary License. + +1.6. "Executable Form" + means any form of the work other than Source Code Form. + +1.7. "Larger Work" + means a work that combines Covered Software with other material, in + a separate file or files, that is not Covered Software. + +1.8. "License" + means this document. + +1.9. "Licensable" + means having the right to grant, to the maximum extent possible, + whether at the time of the initial grant or subsequently, any and + all of the rights conveyed by this License. + +1.10. "Modifications" + means any of the following: + + (a) any file in Source Code Form that results from an addition to, + deletion from, or modification of the contents of Covered + Software; or + + (b) any new file in Source Code Form that contains any Covered + Software. + +1.11. "Patent Claims" of a Contributor + means any patent claim(s), including without limitation, method, + process, and apparatus claims, in any patent Licensable by such + Contributor that would be infringed, but for the grant of the + License, by the making, using, selling, offering for sale, having + made, import, or transfer of either its Contributions or its + Contributor Version. + +1.12. "Secondary License" + means either the GNU General Public License, Version 2.0, the GNU + Lesser General Public License, Version 2.1, the GNU Affero General + Public License, Version 3.0, or any later versions of those + licenses. + +1.13. "Source Code Form" + means the form of the work preferred for making modifications. + +1.14. "You" (or "Your") + means an individual or a legal entity exercising rights under this + License. For legal entities, "You" includes any entity that + controls, is controlled by, or is under common control with You. For + purposes of this definition, "control" means (a) the power, direct + or indirect, to cause the direction or management of such entity, + whether by contract or otherwise, or (b) ownership of more than + fifty percent (50%) of the outstanding shares or beneficial + ownership of such entity. + +2. License Grants and Conditions +-------------------------------- + +2.1. Grants + +Each Contributor hereby grants You a world-wide, royalty-free, +non-exclusive license: + +(a) under intellectual property rights (other than patent or trademark) + Licensable by such Contributor to use, reproduce, make available, + modify, display, perform, distribute, and otherwise exploit its + Contributions, either on an unmodified basis, with Modifications, or + as part of a Larger Work; and + +(b) under Patent Claims of such Contributor to make, use, sell, offer + for sale, have made, import, and otherwise transfer either its + Contributions or its Contributor Version. + +2.2. Effective Date + +The licenses granted in Section 2.1 with respect to any Contribution +become effective for each Contribution on the date the Contributor first +distributes such Contribution. + +2.3. Limitations on Grant Scope + +The licenses granted in this Section 2 are the only rights granted under +this License. No additional rights or licenses will be implied from the +distribution or licensing of Covered Software under this License. +Notwithstanding Section 2.1(b) above, no patent license is granted by a +Contributor: + +(a) for any code that a Contributor has removed from Covered Software; + or + +(b) for infringements caused by: (i) Your and any other third party's + modifications of Covered Software, or (ii) the combination of its + Contributions with other software (except as part of its Contributor + Version); or + +(c) under Patent Claims infringed by Covered Software in the absence of + its Contributions. + +This License does not grant any rights in the trademarks, service marks, +or logos of any Contributor (except as may be necessary to comply with +the notice requirements in Section 3.4). + +2.4. Subsequent Licenses + +No Contributor makes additional grants as a result of Your choice to +distribute the Covered Software under a subsequent version of this +License (see Section 10.2) or under the terms of a Secondary License (if +permitted under the terms of Section 3.3). + +2.5. Representation + +Each Contributor represents that the Contributor believes its +Contributions are its original creation(s) or it has sufficient rights +to grant the rights to its Contributions conveyed by this License. + +2.6. Fair Use + +This License is not intended to limit any rights You have under +applicable copyright doctrines of fair use, fair dealing, or other +equivalents. + +2.7. Conditions + +Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted +in Section 2.1. + +3. Responsibilities +------------------- + +3.1. Distribution of Source Form + +All distribution of Covered Software in Source Code Form, including any +Modifications that You create or to which You contribute, must be under +the terms of this License. You must inform recipients that the Source +Code Form of the Covered Software is governed by the terms of this +License, and how they can obtain a copy of this License. You may not +attempt to alter or restrict the recipients' rights in the Source Code +Form. + +3.2. Distribution of Executable Form + +If You distribute Covered Software in Executable Form then: + +(a) such Covered Software must also be made available in Source Code + Form, as described in Section 3.1, and You must inform recipients of + the Executable Form how they can obtain a copy of such Source Code + Form by reasonable means in a timely manner, at a charge no more + than the cost of distribution to the recipient; and + +(b) You may distribute such Executable Form under the terms of this + License, or sublicense it under different terms, provided that the + license for the Executable Form does not attempt to limit or alter + the recipients' rights in the Source Code Form under this License. + +3.3. Distribution of a Larger Work + +You may create and distribute a Larger Work under terms of Your choice, +provided that You also comply with the requirements of this License for +the Covered Software. If the Larger Work is a combination of Covered +Software with a work governed by one or more Secondary Licenses, and the +Covered Software is not Incompatible With Secondary Licenses, this +License permits You to additionally distribute such Covered Software +under the terms of such Secondary License(s), so that the recipient of +the Larger Work may, at their option, further distribute the Covered +Software under the terms of either this License or such Secondary +License(s). + +3.4. Notices + +You may not remove or alter the substance of any license notices +(including copyright notices, patent notices, disclaimers of warranty, +or limitations of liability) contained within the Source Code Form of +the Covered Software, except that You may alter any license notices to +the extent required to remedy known factual inaccuracies. + +3.5. Application of Additional Terms + +You may choose to offer, and to charge a fee for, warranty, support, +indemnity or liability obligations to one or more recipients of Covered +Software. However, You may do so only on Your own behalf, and not on +behalf of any Contributor. You must make it absolutely clear that any +such warranty, support, indemnity, or liability obligation is offered by +You alone, and You hereby agree to indemnify every Contributor for any +liability incurred by such Contributor as a result of warranty, support, +indemnity or liability terms You offer. You may include additional +disclaimers of warranty and limitations of liability specific to any +jurisdiction. + +4. Inability to Comply Due to Statute or Regulation +--------------------------------------------------- + +If it is impossible for You to comply with any of the terms of this +License with respect to some or all of the Covered Software due to +statute, judicial order, or regulation then You must: (a) comply with +the terms of this License to the maximum extent possible; and (b) +describe the limitations and the code they affect. Such description must +be placed in a text file included with all distributions of the Covered +Software under this License. Except to the extent prohibited by statute +or regulation, such description must be sufficiently detailed for a +recipient of ordinary skill to be able to understand it. + +5. Termination +-------------- + +5.1. The rights granted under this License will terminate automatically +if You fail to comply with any of its terms. However, if You become +compliant, then the rights granted under this License from a particular +Contributor are reinstated (a) provisionally, unless and until such +Contributor explicitly and finally terminates Your grants, and (b) on an +ongoing basis, if such Contributor fails to notify You of the +non-compliance by some reasonable means prior to 60 days after You have +come back into compliance. Moreover, Your grants from a particular +Contributor are reinstated on an ongoing basis if such Contributor +notifies You of the non-compliance by some reasonable means, this is the +first time You have received notice of non-compliance with this License +from such Contributor, and You become compliant prior to 30 days after +Your receipt of the notice. + +5.2. If You initiate litigation against any entity by asserting a patent +infringement claim (excluding declaratory judgment actions, +counter-claims, and cross-claims) alleging that a Contributor Version +directly or indirectly infringes any patent, then the rights granted to +You by any and all Contributors for the Covered Software under Section +2.1 of this License shall terminate. + +5.3. In the event of termination under Sections 5.1 or 5.2 above, all +end user license agreements (excluding distributors and resellers) which +have been validly granted by You or Your distributors under this License +prior to termination shall survive termination. + +************************************************************************ +* * +* 6. Disclaimer of Warranty * +* ------------------------- * +* * +* Covered Software is provided under this License on an "as is" * +* basis, without warranty of any kind, either expressed, implied, or * +* statutory, including, without limitation, warranties that the * +* Covered Software is free of defects, merchantable, fit for a * +* particular purpose or non-infringing. The entire risk as to the * +* quality and performance of the Covered Software is with You. * +* Should any Covered Software prove defective in any respect, You * +* (not any Contributor) assume the cost of any necessary servicing, * +* repair, or correction. This disclaimer of warranty constitutes an * +* essential part of this License. No use of any Covered Software is * +* authorized under this License except under this disclaimer. * +* * +************************************************************************ + +************************************************************************ +* * +* 7. Limitation of Liability * +* -------------------------- * +* * +* Under no circumstances and under no legal theory, whether tort * +* (including negligence), contract, or otherwise, shall any * +* Contributor, or anyone who distributes Covered Software as * +* permitted above, be liable to You for any direct, indirect, * +* special, incidental, or consequential damages of any character * +* including, without limitation, damages for lost profits, loss of * +* goodwill, work stoppage, computer failure or malfunction, or any * +* and all other commercial damages or losses, even if such party * +* shall have been informed of the possibility of such damages. This * +* limitation of liability shall not apply to liability for death or * +* personal injury resulting from such party's negligence to the * +* extent applicable law prohibits such limitation. Some * +* jurisdictions do not allow the exclusion or limitation of * +* incidental or consequential damages, so this exclusion and * +* limitation may not apply to You. * +* * +************************************************************************ + +8. Litigation +------------- + +Any litigation relating to this License may be brought only in the +courts of a jurisdiction where the defendant maintains its principal +place of business and such litigation shall be governed by laws of that +jurisdiction, without reference to its conflict-of-law provisions. +Nothing in this Section shall prevent a party's ability to bring +cross-claims or counter-claims. + +9. Miscellaneous +---------------- + +This License represents the complete agreement concerning the subject +matter hereof. If any provision of this License is held to be +unenforceable, such provision shall be reformed only to the extent +necessary to make it enforceable. Any law or regulation which provides +that the language of a contract shall be construed against the drafter +shall not be used to construe this License against a Contributor. + +10. Versions of the License +--------------------------- + +10.1. New Versions + +Mozilla Foundation is the license steward. Except as provided in Section +10.3, no one other than the license steward has the right to modify or +publish new versions of this License. Each version will be given a +distinguishing version number. + +10.2. Effect of New Versions + +You may distribute the Covered Software under the terms of the version +of the License under which You originally received the Covered Software, +or under the terms of any subsequent version published by the license +steward. + +10.3. Modified Versions + +If you create software not governed by this License, and you want to +create a new license for such software, you may create and use a +modified version of this License if you rename the license and remove +any references to the name of the license steward (except to note that +such modified license differs from this License). + +10.4. Distributing Source Code Form that is Incompatible With Secondary +Licenses + +If You choose to distribute Source Code Form that is Incompatible With +Secondary Licenses under the terms of this version of the License, the +notice described in Exhibit B of this License must be attached. + +Exhibit A - Source Code Form License Notice +------------------------------------------- + + This Source Code Form is subject to the terms of the Mozilla Public + License, v. 2.0. If a copy of the MPL was not distributed with this + file, You can obtain one at http://mozilla.org/MPL/2.0/. + +If it is not possible or desirable to put the notice in a particular +file, then You may include the notice in a location (such as a LICENSE +file in a relevant directory) where a recipient would be likely to look +for such a notice. + +You may add additional accurate notices of copyright ownership. + +Exhibit B - "Incompatible With Secondary Licenses" Notice +--------------------------------------------------------- + + This Source Code Form is "Incompatible With Secondary Licenses", as + defined by the Mozilla Public License, v. 2.0. diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog new file mode 100644 index 0000000..6866558 --- /dev/null +++ b/palemoon/debian/changelog @@ -0,0 +1,1544 @@ +palemoon (28.3.0-devuan) obs; urgency=medium + + * Initial build for devuan + + -- B Stack Wed, 23 Jan 2019 13:11:18 -0500 + +palemoon (28.3.0+repack-1) obs; urgency=medium + + * Import new 28.3.0 major development and bugfix release: + - Added AV1 support for MP4/MSE videos. Please note that this is a reference + library implementation and the upstream decoding lib currently has poor + performance for higher resolutions (720p+). This is disabled by default; + use the about:config preference media.av1.enabled to enable this codec. + - Changed the API used for video playback with FFmpeg 58+. This should solve + performance issues (dropped frames) with VP8 and VP9. + - Redesigned the main toolbar icons as SVG images to make them HiDPI + compliant. + - Fixed the sync notification (infobar) icon. + - Fixed a potential cycle collector resource leak. + - Added icons and controls to tabs to indicate if sound is playing the tab + and if so, allowing the user to mute it with a click. This is a native + implementation of the API in use in Basilisk and performs the same + function as the "expose noisy tabs" extension, although the extension may + still be preferred by some for e.g. skinning capabilities. The feature may + be disabled with browser.tabs.showAudioPlayingIcon. + - Removed support for VR hardware. + - Fixed out-of-bounds sizes for CSS calculation strings. + - Removed the DirectShow component since it is no longer necessary. + - Removed Firefox Accounts integration, phase 1: + - Changed the Sync client to the one from Tycho. + - Made Sync optional at build time. + - Stopped trying to cater to addons.mozilla.org since they no longer offer + anything useful to Pale Moon after the Great XUL Extension Purge™. + - Added an option to process favicons for optimal sized display and removing + animations. Enable this with browser.chrome.favicons.process + - Fixed an incorrect preference reference in feed reader. + - Fixed an issue with lazy frame construction on display:contents elements. + This should solve e.g. the use of mathjax in comments on stackoverflow. + - Media code improvements and cleanup (ongoing). + - Updated the DropBox useragent override to solve login issues. + - Fixed potential crashes due to shutdown observers in VTT and font + lists. DiD + - Enabled some mistakingly-disabled optimizations in the JS JIT compiler. + - Fixed several potential crashes in JS. DiD + - Fixed several potential crashes in WebCrypto. DiD + - Fixed a potential crash in JS Range Analysis. DiD + - Fixed a potential crash in the layout engine due to combo boxes. DiD + - Fixed a potential shutdown crash in non-standard environments related to + 2D Canvas. DiD + - Fixed a potential overflow in the PNG writer. DiD + - Fixed a potential double-free in the MAR signing utility. DiD + - Fixed an issue where URLs could be extracted cross-origin (CVE-2018-18494). + - Updated NSPR to v4.20. + - Updated NSS to 3.41, providing (among other things) full compatibility with + the final version of TLS 1.3 on websites. + - Updated location.protocol to the latest spec. + - Updated Intersection Observers to the latest spec and enabled them + by default. + - Updated the SQLite lib to 3.26.0. + - Fixed errors about the login manager's recipeManager not being + available (yet). + - Switched status bar download arrow to SVG. + - Fixed a crash in IntersectionObservers. + - Fixed initialization of the Search service from browser code to avoid + synchronous init. + - Added logging of performance warnings to devtools consoles. + - Fixed favicons in taskbar tab preview listings. + - Blocked Comodo IS dll < version 6.3 to prevent startup crashes. + - Fixed issues in the HTML form submit observer module. + - Limited resolving depth of CSS variables to a sane maximum (fixes + cras.sh issue). + - Removed Mozilla's proprietary constructor on WebAudio's AudioContext, + aligning it with the standard specification. + - Exposed the previously hidden preference in about:config for page thumbnail + generation (some people prefer this for local privacy). + - Aligned Element.ScrollIntoView with the DOM specification. This improves, + among other things, compatibility with the React framework. + + * Totally revise debian/copyright to conform to Debian Policy. + * Install copies of MPL-1.1 and MPL-2 licenses in docs. + * Change versioning to "+repack" now that the OBS supports it. + + -- Steven Pusser Tue, 15 Jan 2019 12:11:18 -0800 + +palemoon (28.2.2~repack-1~mx17+1) mx; urgency=medium + + * New upstream minor security and stablility release. + + -- Steven Pusser Wed, 05 Dec 2018 12:23:18 -0800 + +palemoon (28.2.1~repack-1~mx17+1) mx; urgency=medium + + * New release; addresses issues with history and bookmarks. + + -- Steven Pusser Sun, 18 Nov 2018 11:54:00 -0800 + +palemoon (28.2.0~repack-1) obs; urgency=medium + + * Import new 28.2.0 major development and bugfix release: + - Fixed a major performance issue with web workers. + - Fixed a rare crash on local networks with HTTP basic auth and unsupported + cipher suites. + - Fixed a performance/timer issue when leaving the browser idle. + - Fixed an issue causing an empty dialog when launching executable files + from the browser. + - Fixed an issue preventing making entries to disallow sites to store data + for off-line use. + - Removed code to prevent extensions with binary components. + - Fixed an issue with common dialogs being sized incorrectly for their + content. + - Fixed an issue with event handling on the tab bar that would cause + frustrating behavior when trying to open/close tabs in rapid succession. + - Switched default behavior for scrolling when a context or pop-up menu is + open to allow scrolling, like in v27. This also affects scrolling in very + long menus, e.g. bookmarks. + - Added experimental Asynchronous Panning and Zooming (APZ) for desktop use. + - Re-enabled the use and parsing of ICC v4 color profiles. + - Removed telemetry code from the caching subsystem. + - Improved full-screen detection for suppressing status messages. + - Made all arguments passed to Init*Event() optional except the first for + parity with other browsers. + - Cleaned up some internal installer code. + - Fixed making caret width configurable when dealing with CJK characters + (regression). + - Fixed drawing of table borders consistently when zooming a page + (regression). + - Exposed the "Save download location per site" pref in about:config. + - Improved media handling (ongoing). + - Added experimental support for AV1 in WebM videos (disabled by default). + - Note: this is for WebM only for now, so MP4 and MSE AV1 streams (e.g. + YouTube) will not (yet) play. + - Removed the (defunct and incomplete) in-browser translation code. + - Fixed an issue with CSS Grid layouts unnecessarily shrinking element + blocks. + - Fixed notification settings menu entry (opes about:permissions with + relevant data now). + - Fixed the launching of an undesirable background content process for + capturing page thumbnails. + - Fixed a focus issue in the bookmark properties dialog. + - Changed the setting for reporting CSS errors to the console to false by + default, to prevent unnecessary performance loss for recording this data. + - Added control mechanisms for Opportunistic Encryption (both for + alternative services and upgrade-insecure-requests) in preferences, + and disabled this by default due to potential security and privacy issues + with this transitional technology. + - Updated the default reported Firefox version in Firefox Compatibility Mode + to prevent "too old Firefox" complaints on websites. + - Updated libnestegg, ffvpx, reader view components and several other + modules from upstream. + - Implemented security fixes for CVE-2018-12381, CVE-2017-7797, a better fix + for CVE-2018-12386 (DiD), CVE-2018-12401 (DiD), CVE-2018-12398, + CVE-2018-12392, several Skia bugs, and several crashes and memory safety + hazards that do not have a CVE number. + + * debian/mozconfig: enable AV1 decoding. + + -- Steven Pusser Mon, 12 Nov 2018 09:38:43 -0800 + +palemoon (28.1.0~repack-1) obs; urgency=medium + + * New upstream release: + + - Updated NSS to 3.38, removed TLS 1.3 draft version check since it's + considered final. + - Reinstated RC4 as an optional encryption cypher for non-standard + environments (e.g. old routing/peripheral networked hardware on LAN). RC4 + and 3DES are marked weak and disabled, and will never be used in the first + handshake with a site, only as last-ditch fallback when specifically + enabled (meaning they won't show up on ssllabs' test, for example). + - Removed Telemetry accumulation calls, automatic timers and stopwatches. + This removes a very noticeable performance sink for all operations on all + platforms. + - Fixed many occurrences of discouraged types of memory access for primarily + GCC 8 compatibility. This improves overall code security as a + defense-in-depth measure. + - Re-implemented the pref-controlled custom background color for + standalone images. + - Updated session history handling for internal pages. about:logopage is no + longer stored in history, and you can choose to store the QuickDial page in + history by setting the pref browser.newtabpage.add_to_session_history to + true. This is disabled by default (meaning you can't use the "Back" button + to go back to the QuickDial page) as a defense-in-depth security measure. + - Added ui.menu.allow_content_scroll to control whether content can be + scrolled if a context menu is open. + - Fixed incorrect code removal in ipc. + - Removed support for TLS session caches in TLSServerSocket. + - Added support for local-ref as SVG xlink:href values. + - Changed the find bar to be a browser-global toolbar again (like in Pale + Moon 27) instead of per-tab. For people who prefer search terms to be + saved on a per-tab basis (like with the per-tab findbar previously), this + is possible by setting findbar.termPerTab to true. This resolves a number + of issues, including styling with lightweight themes not applying to the + find bar, and status pop-ups overlapping the find bar. + - Ported all relevant security fixes from Mozilla's Gecko/62 release, + including CVE-2018-12377 and CVE-2018-12379. + - Restored part of the searchplugin API that was removed by Mozilla, so + extensions can provide and save edits to installed search engines. + - Improved the speed of restoring browsing sessions upon startup. + - Fixed the "Restore previous session" button sometimes being missing from + about:home, while a restorable session would be present. + - Fixed tab previews in the Windows taskbar (if enabled). + - Fixed the setting of the new tab page being "My Home Page" so it'll pick up + subsequent changes to the home page URL automatically. + - Removed the Firefox Accounts migrator from Sync. + - Fixed an issue with the enabled state of number controls if appearances + changed. + - Stopped building ffvpx on 32-bit platforms (except Windows) to use the + (faster) system-installed lib instead. + - Re-added a horizontal scroll action option for mouse wheel. (regression) + - Fixed handling of content language if the locale is changed. + - Fixed document navigation with the F6 key. + - Fixed toolbar styling in toolkit themes. + - Fixed viewing the source of a selection. + + * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and + recent Ubuntus where gcc-8 is default. + + -- Steven Pusser Mon, 17 Sep 2018 19:05:20 -0700 + +palemoon (28.0.1~repack-1~mx17+1) mx; urgency=medium + + * New upstream release. + - Backed out a Mozilla upstream patch causing issues with IPC and texture + allocation for the compositor. + - Backed out a Mozilla upstream patch causing issues with Javascript memory + buffer allocation. + * debian/mozconfig: add an option to tune for the number of parallel build + threads. + + -- Steven Pusser Fri, 31 Aug 2018 17:26:11 -0700 + +palemoon (28.0.0~repack-3) obs; urgency=medium + + * Add libavcodec-ffmpeg56 and libavcodec-ffmpeg-extra56 D for Ubuntu 16.04. + + -- Steven Pusser Sat, 18 Aug 2018 11:19:45 -0700 + +palemoon (28.0.0~repack-2) obs; urgency=medium + + * Add alternative libavcodec-extraXX dependencies. + + -- Steven Pusser Thu, 16 Aug 2018 18:15:14 -0700 + +palemoon (28.0.0~repack-1) obs; urgency=medium + + * Import final 28.0.0 release. + + -- Steven Pusser Wed, 15 Aug 2018 11:55:12 -0700 + +palemoon (28.0.0~rc1~repack-2) obs; urgency=medium + + * Depend on a version of libavcodec instead of ffmpeg. + * For Buster, build on gcc-7, just to be safe. Restore the lsb-release distro + detection setup to rules to enable this, and add the new build-depends. This + should no longer be required in 28.1.0. + + -- Steven Pusser Tue, 14 Aug 2018 12:13:31 -0700 + +palemoon (28.0.0~rc1~repack-1) obs; urgency=medium + + * New upstream release. + + -- Steven Pusser Sun, 12 Aug 2018 13:28:16 -0700 + +palemoon (28.0.0~b5~repack-1) obs; urgency=medium + + * Import new beta release. + + -- Steven Pusser Wed, 01 Aug 2018 14:41:07 -0700 + +palemoon (28.0~b4~repack-1mx17+1) mx; urgency=medium + + * New beta release. + * Build with native gcc releases, remove lsb-release as build-depend since it's + no longer needed to check for the distrelease. + * Add libgconf2-dev and libx11-xcb-dev to build-depends. + * Add command to dh_auto_clean override to remove pyc files somehow generated + by dh_clean. + * Add new options to debian/mozconfig. + + -- Steven Pusser Sat, 28 Jul 2018 15:06:18 -0700 + +palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium + + * Import new upstream 27.9.4 release. + - Updated the useragent for addons.mozilla.org to work around their "Only + with Firefox" discrimination preventing users from downloading themes, old + versions of extensions, and other files with Pale Moon. + - Restricted web access to the moz-icon:// scheme that could potentially be + abused to infringe the user's privacy. + - Prevented various location-based threats. DiD + - Fixed a potential vulnerability with plugins being redirected to different + origins (CVE-2018-12364). + - Improved the security check for launching executable files + (by association) on Windows from the browser. For users who have (most + likely accidentally) granted a system-wide waiver for opening these kinds + of files without being prompted, this permission has been reset. + - Fixed an issue with invalid qcms transforms (CVE-2018-12366). + - Fixed a buffer overflow using the computed size of canvas elements + (CVE-2018-12359). + - Fixed a use-after-free when using focus() (CVE-2018-12360). + - Added some sanity checks on nsMozIconURI. DiD + - Fixed an issue in the case the preferences file in the profile would not be + writable (e.g. temporary permission issues due to backup, virus scanning or + similar external processes). + + -- Steven Pusser Wed, 11 Jul 2018 13:59:46 -0700 + +palemoon (27.9.3~repack-1~mx17+1) mx; urgency=medium + + * New upstream security update: + + - Changes/fixes: + - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to + that report, the libopus maintainers state they don't believe remote + code execution was possible, so this was not a critical patch. + - Fixed an issue with task counting in JS GC. + - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks + to Berk Cem Göksel for reporting). + + -- Steven Pusser Tue, 12 Jun 2018 11:12:06 -0700 + +palemoon (27.9.2~repack-1~mx17+1) mx; urgency=medium + + * New upstream security and stability update: + + - Changes/fixes: + - We changed the language strings for softblocked items so people will cry + less when we do our job. + - (CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10. + - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly + rendering some Unicode characters, allowing for the file name to be + spoofed. This could be used to obscure the file extension of potentially + executable files from user view in the panel. + - (CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a + buffer overflow and crash if it occurs. + - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia + library resulting in possible out-of-bounds writes. + - (CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating + attributes during SVG animations with clip paths. + - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string + conversion within JavaScript with extremely large amounts of data. This + vulnerability requires the use of a malicious or vulnerable extension in + order to occur. + - Fixed several stability issues (crashes) and memory safety hazards. + + -- Steven Pusser Mon, 21 May 2018 11:43:14 -0700 + +palemoon (27.9.1~repack-1) obs; urgency=medium + + * New upstream maintenance update: + - Removed the unused/incomplete places protocol handler. + - Worked around an issue with MSE media without a Track ID. This should help + with the playability of some live streams. + - Ported across jemalloc improvements from UXP. + - Ported across cairo mutex improvements from UXP. + - Added support for FFmpeg 4.0/libavcodec 58. + - Added a fix for Windows 10's "isAlpha()" not being what one would expect + in v1803. + + -- Steven Pusser Mon, 07 May 2018 15:07:33 -0700 + +palemoon (27.9.0~repack-1~mx17+1) mx; urgency=medium + + * New upstream release: + - Fixed a number of spec compliance issues in our media subsystem. + - Added a trailing slash to referrers when policy is set to fix some web + compatibility issues. + - Fixed the property order in Object.getOwnPropertyNames(string) and others + for web compatibility. + - Updated RegExp(RegExp object, flags) to the ES6 standard specification. + - Changed the embedded font from the no longer free EmojiOne to the + open-licensed Twemoji (with additional fixes). This also further extends + unicode support to Unicode 10 emoji(s). Please note that as a result, color + emoji(s) will look different than before. + - Adjusted some things in our memory allocator code to provide, among other + things, better allocation alignment on Windows. + - Made the attempt to migrate people from the old sync server domain name to + the current one more aggressive. We will be retiring the old + pmsync.palemoon.net Sync server address shortly to remove the need for us + to maintain a security certificate for it; this preference migration should + automatically put everyone on the correct server address when upgrading. + - Made reading of the sessionstore synchronous, to speed up startup and + prevent the homepage from being loaded when restoring a session. + - Added a fix to switch to the correct window/tab when a web notification + is clicked. + - Changed the placeholder text to not include "Search" when all search + functions from the address bar are disabled. + - Enabled the use of Skia for canvas on Linux and OSX. + - Worked around a potential cause for some non-standard bitmapped fonts + ending up with incorrect line heights (I'm looking at you, Noto fonts!). + - Added a workaround for incorrectly-encoded JPEG-XR images with planar + alpha. Ultimately, the jxrlib reference implementation should be fixed to + encode according to spec. + - Aligned XCTO:nosniff allowed script MIME types with the updated spec. + - Improved the logic for storing vector images in the surface cache. + - Fixed character set handling for XMLHttpRequests. + + -- Steven Pusser Tue, 17 Apr 2018 10:14:19 -0700 + +palemoon (27.8.3~repack-1) obs; urgency=medium + + * New upstream bugfix update: + - This is a small update to solve a pervasive crash in responsive web + layouts. + + -- Steven Pusser Thu, 29 Mar 2018 12:48:14 -0700 + +palemoon (27.8.2~repack-1) obs; urgency=medium + + * New upstream security update: + - Privacy fix: prevented update checks for the default theme. + - Added a user-agent override for Dropbox to improve compatibility with + their service. + - Fixed an issue with mouseover handling related to (CVE-2018-5103). DiD + - Disabled the Mac OSX Nano allocator. DiD + - Fixed (CVE-2018-5129) OOB Write. + - Updated the lz4 library to 1.8.0 to solve potential issues. DiD + - Fixed (CVE-2018-5137) Path traversal on chrome:// URLs + - Fixed several memory safety an synchronicity hazards. + + -- Steven Pusser Thu, 22 Mar 2018 10:31:24 -0700 + +palemoon (27.8.1~repack-1) obs; urgency=medium + + * New upstream release: + - Backed out the NSPR/NSS update from 27.8.0 for causing crashes, general + operational instability and handshake issues. + - Disabled TLS 1.3 draft support by default, because with the NSS backout we + only support an older draft right now that is no longer current and may + cause connectivity issues. You can manually re-enable it at your own risk + in about:config by setting security.tls.version.max to 4. + + -- Steven Pusser Tue, 06 Mar 2018 12:04:10 -0800 + +palemoon (27.8.0~repack-1) obs; urgency=medium + + * New upstream release: + - Added support for emojis on Windows systems that have relatively poor + support for them with standard font sets by including our own font + (EmojiOne based for now). + - Added a setting in preferences to select the use of tab previews with + Ctrl+Tab. + - Added Eyedropper menu entry to the AppMenu. + - Added a preference to control whether the text cursor (caret) should be + thicker when dealing with CJK characters or not (default = yes). + - Added URL fix-ups for schemes (mis-typed "ttp://" etc.). + - Added support for ES6 "Symbol species". + - Updated our TLS 1.3 support to the latest (probably final) draft. + - Fixed gap inconsistency in the tabstrip. + - Fixed a number of browser crashes. + - Fixed a crash with the exponentiation operator "**" + - Set the performance timer granularity to 1 ms. + - Updated the kiss-fft library to our forked 1.4.0 version. + - Disabled a potentially problematic optimization on Win 8+ with high + contrast themes in use. + - Removed the notification bar when in full screen to prevent unwanted + visible screen elements. + - Removed unmaintained and insecure WebRTC code - building with WebRTC + enabled is no longer an option. + - Removed redundant checks for "Vista or later" since that is all we support. + - Added display of the http status to raw request displays. + - Added a workaround for cloned videos not retaining their muted state. + - Added a temporary workaround to avoid crashes on trackless media. + - Removed some superfluous ellipses from menu labels. + - Fixed undesired shrinking of line heights as a result of setting minimum + font size in preferences. + - Fixed some issues with setting the new tab preference (regression). + + * Add support for building on Debian Buster on gcc-4.9. + + -- Steven Pusser Fri, 02 Mar 2018 17:38:20 -0800 + +palemoon (27.7.2~repack-1~mx17+1) mx; urgency=medium + + * New upstream release: + - Changed the X-Content-Type-Options: nosniff behavior to only check + "success" class server responses, for web compatibility reasons. + - Changed the perfomance timer resolution once more to a granularity of + 1 ms, after evaluating more potential ways of abusing Spectre. This + takes the most cautious approach possible lacking more information + (because apparently NDAs have been signed over this between mainstream + players), follows Safari's lead, and should make it not just infeasible + but downright impossible to use these timers for nefarious purposes in + this context. + - Improved the debug-only startup cache wrapper to prevent a rare crash. + - Fixed a crash in the XML parser. + - Added a check for integer overflow in AesTask::DoCrypto() + (CVE-2018-5122) DiD + - Fixed a potential race condition in the browser cache. + - Fixed a crash in HTML media elements (CVE-2018-5102) + - Fixed a crash in XHR using workers. + - Fixed a crash with some uncommon FTP operations. + - Fixed a potential race condition in the JAR library. + + -- Steven Pusser Thu, 01 Feb 2018 13:48:26 -0800 + +palemoon (27.7.1~repack-1~mx17+1) mx; urgency=medium + + * New upstream release: + - Added support for Array.prototype[@@unscopables]. + Unfortunately, the addition of Javascript's ES6 Unscopables in 27.7.0 was + incomplete, which caused a number of websites (e.g. Chase on-line banking, + some Russian government sites) to display blank or not complete loading + after updating to that version of the browser. This update should fix the + problem by adding the missing part of the feature. + - Fixed an issue with the default theme causing tab borders to be drawn too + thick at higher settings for visual element scaling (125/150%) in Windows. + + -- Steven Pusser Thu, 18 Jan 2018 10:03:02 -0800 + +palemoon (27.7.0~repack-1~mx17+1) mx; urgency=medium + + * New upstream release: + - Reorganized access to preferences (moved to the Tools menu on Linux, and + renamed from "Options" to "Preferences" on Windows). + - Renamed "Restart with add-ons disabled" to "Restart in Safe Mode" to + better reflect what it does. + - Worked around an issue with some improperly-encoded PNG files not decoding + after our libpng update. + - Fixed an issue on Mac builds not properly populating the application menu. + - Added "My home page" as an option for new tabs. + - Added an option to disable the 4th and 5th mouse buttons (Windows). + - (mouse.button4.enabled and mouse.button5.enabled, respectively) + - Improved the resetting of non-default profiles. + - Fixed an issue with details/summary having the incorrect height if floated, + breaking layouts. + - Implemented support for flex/columnset contents inside buttons to align + its behavior with other browsers. + - (this should fix layout issues with Twitch's new web interface) + - Made several more improvements to the details/summary tags to align them + with the current spec and fix several bugs. + - Fixed an issue where CSS clone operations would draw a border. + - Changed the way fractional border widths are rounded to provide more + natural behavior. + - Fixed an issue where number inputs would incorrectly be flagged as + read-only. + - Added assets for tile display in the Windows start panel. + - Finished sync infra swapover by adding a one-time pref migration for + server used. + - Improved WebAudio API: Return the connected audio node from + AudioNode.connect() + - Added support for a default playback start position in media elements. + - Fixed an assert in cubeb-alsa code (Linux). + - Added support for media cue-change events (e.g. subtitles). + - Updated SQLite to 3.21.0. + - Fixed a crash when trying to use the platform embedded. + - Fixed devtools (gcli) screenshots on vertical-text pages. + - Fixed devtools copy as cURL for POST requests. + - Improved the HTML editor component (several bugfixes). + - Added support for ES7's exponentiation a ** b operator. + - Fixed an issue with arrow functions incorrectly creating an arguments + binding. + - Added Javascript's ES6 unscopables. + Security/privacy fixes: + - Disabled automatic filling in of log-in details by default to prevent + potential risks of credentials being abused (e.g. for tracking) or stolen. + - Added a preference (in the category security) to easily enable or disable + automatic filling in of log-in data. + - Removed the sending of referrers when opening a link in a new + private window. + - Added an option to disable the page visibility Web API + (dom.visibilityAPI.enabled), allowing users to prevent pages from knowing + whether they are being actively displayed to the user or not. + - Removed the "ask every time" policy for cookies. For granular control, + please use any of the excellent available extensions to regulate cookie use + on a per-site or per-url basis. + - Added support for X-Content-Type-Options: nosniff (for scripts). + - Changed the resolution of performance timers to a level where any future + potential abuse for hardware-timing attacks becomes impractical. + + -- Steven Pusser Tue, 16 Jan 2018 12:02:55 -0800 + +palemoon (27.6.2~repack-1) obs; urgency=medium + + * Minor security and bugfix release: + - Implemented the concept of so-called "cookie-averse document objects", + which is a security&privacy measure that blocks certain web content from + setting cookies. This mitigates cookie-injection, which might help against + "hidden" cookie tracking. + - Mitigated some domain name spoofing through IDN by using dotless-i and + dotless-j with accents. (CVE-2017-7832) + - Pale Moon will display these kinds of spoofed domains in punycode now in + the actual address bar. Please note that the identity panel will always be + able to help you on secure sites when IDNs are in use to notice potential + spoofing, as opposed to relying on detection algorithms in the URL itself. + As such, some other issues like CVE-2017-7833 are already mitigated by us. + - Fixed an issue with mixed-content blocking. (CVE-2017-7835) + - Added an extra check for the correct signature data type on certificates. + - Added missing sanitization in exporting bookmarks to HTML. (CVE-2017-7840) + - Fixed several crashes and memory safety hazards. + * Bump debhelper build-depend to >= 9. + + -- Steven Pusser Wed, 29 Nov 2017 12:31:22 -0800 + +palemoon (27.6.1~repack-1mx15+1) mx; urgency=medium + + * Minor bugfix release: + - Fixed a regression with new windows (opening two windows from the + command-line or file association, focus issues on new windows, not + loading the home page in a new window, etc.) + - Aligned XHR with the currect spec to allow withCredentials. + - Fixed an input element focus issue within handlers. + - Fixed the processing of all-padding HTTP/2 frames to prevent rare + HTTP/2 hangups. + - Updated CitiBank override to work around their login issues. + - Updated Netflix override to a community-supplied one that seems to + satisfy their arbitrary restrictions better. + + -- Steven Pusser Mon, 20 Nov 2017 15:52:34 -0800 + +palemoon (27.6.0~repack-1) obs; urgency=medium + + * Major development update; changes can be viewed at + https://github.com/MoonchildProductions/Pale-Moon/releases. + * debian/mozconfig: add vectorization flags for distreleases that support it. + Those that don't get the mozconfig without the flags. + + -- Steven Pusser Wed, 08 Nov 2017 11:10:24 -0800 + +palemoon (27.5.1~repack-1) obs; urgency=medium + + * Minor bugfix release: + - Changed the default Windows 10 styling when no accent color is applied to + black-on-white. + - Changed the theme styling on Windows 10 when the system window frame is + used (menu bar enabled) to use the window manager background directly, + preventing visual lag updating the window color when it changes. + - Updated user agent overrides for DropBox, YouTube and Yahoo to work around + user agent sniffing issues. + - Fixed a crash in the media subsystem. + - Fixed a regression where video playback hardware acceleration was disabled + incorrectly on some systems. + + -- Steven Pusser Fri, 13 Oct 2017 15:15:01 -0700 + +palemoon (27.5.0~repack-1mx15+1) mx; urgency=medium + + * New upstream major release, changes can be viewed at + https://github.com/MoonchildProductions/Pale-Moon/releases. + * Disable updater and installer in mozconfig. + + -- Steven Pusser Tue, 26 Sep 2017 18:32:35 -0700 + +palemoon (27.4.2~repack-1) obs; urgency=medium + + * New upstream bugfix release: + - Fixed a number of crashes. + - Enabled the opt-in debugging feature to log SSL keys to a file in all + builds. + - Added a fix for TLS 1.3 handshakes causing a browser hangup. + - Handshakes should be considerably faster now and no longer stall in the + wrong circumstances. + - Updated NSPR to 4.15. + - Updated NSS to 3.31.1. + - Fixed a DoS issue using overly long Username in URL scheme (CVE-2017-7783) + - Fixed an issue where (cross domain) iframes could break + scope (CVE-2017-7787) + - Fixed an issue in WindowsDllDetourPatcher (CVE-2017-7804) + - Fixed an issue with elliptic curve addition in mixed Jacobian-affine + coordinates (CVE-2017-7781) + - Fixed a UAF in nsImageLoadingContent (CVE-2017-7784) + - Fixed a UAF in WebSockets (CVE-2017-7800) + - Fixed a heap-UAF in RelocateARIAOwnedIfNeeded (CVE-2017-7809) DiD + (accessibility is disabled) + + -- Steven Pusser Wed, 23 Aug 2017 15:50:07 -0700 + +palemoon (27.4.1~repack-1mx15+1) mx; urgency=medium + + * New upstream bugfix release: + - Fixed an issue where MSE media playback would not use hardware + acceleration when it could, causing choppy playback and high CPU usage. + - Fixed ES6 iterator chains to be spec-compliant. + - Fixed ES6 vector append calls and some related memory leaks. + - Added a workaround to reduce the chances of a rare crash occurring. + + -- Steven Pusser Fri, 04 Aug 2017 18:22:19 -0700 + +palemoon (27.4.0~repack-2) obs; urgency=medium + + * debian/mozconfig: drop deprecated "--disable-gstreamer" option. + + -- Steven Pusser Wed, 12 Jul 2017 13:25:27 -0700 + +palemoon (27.4.0~repack-1) obs; urgency=medium + + * New upstream release--the github 27.4.0 was not a real release: + Changes/fixes: + - Completely re-worked the Media Source Extensions code to make it spec + compliant, and asynchronous as per specification for MSE with MP4. This + should fix playback problems on YouTube, Twitch, Vimeo and other sites + that previously had some issues. A massive thank you to Travis for his + tireless work on making this happen! + Please note that MSE+WebM (disabled by default) is not using this new code + yet (planned for the next release), and as such there is a temporary set + of things to keep in mind if you don't use default settings: + If you have previously enabled MSE+WebM, this setting will be reset when + you update to avoid conflicting settings with the updated MSE code. + We've added an extra setting in Options to disable the updated MSE code + (asynchronous use) in case you need to use WebM or are otherwise having + issues with the updated code (please let us know in that case). + Once again, the MSE+WebM and Asynchronous MSE use are currently mutually + exclusive. You can have one or the other, not both, until we sort out + the code for WebM. To enable MSE+WebM you will first have to disable + Asynchronouse MSE in settings (otherwise the WebM setting will be greyed + out and disabled). + - Added a control in options/preferences for HSTS and HPKP usage. + - Changed HTML bookmark exports to write CRLF line endings to the file on + Windows. + - Leveraged multi-core rendering for libVPX (VP8/VP9 WebM decoding). + - Fixed some issues accessing DeviantArt (useragent-sniffing). + - Aligned CSS text-align with the spec. + - Added a recovery module for browser initialization issues (e.g. when using + a wrong language pack). + - Fixed spurious console errors for XHR requests with certain http response + codes. + - Enabled v-sync aligned refresh for a smoother scrolling experience. + - Removed support for CSS XP-theme media queries. + - Improved console error reporting. + - Fixed resetting toolbars and controls from the safe mode dialog. + - Fixed bookmark recovery option from the safe mode dialog. + - Fixed innerText getters for display:none elements. + - Fixed a GL buffer crash that might occur with certain combinations of + drivers and hardware. + - Added some more details to about:support. + - Fixed a potential crash when the last audio device is removed during + playback. + - Fixed a crash on about:support when windowless browsers are created. + - Updated