newmoon (28.16.0-1+devuan) obs; urgency=low

  * This is a development and security update to the browser.
  * Note for Linux users: With CentOS 6 going end-of-life, this
    version will be the last for which we will be building 32-bit Linux
    official binaries to download. While your distribution may choose to
    continue offering 32-bit versions of the browser, built from source
    by the maintainers, we won't be offering any further official 32-bit
    Linux binaries on our website. Please check with your distribution's
    package maintainers to know if further 32-bit support will be
    available on your particular flavor of Linux.
    - Aligned CSS tab-size with the specification and un-prefixed it.
    - Updated Brotli library to 1.0.9.
    - Updated JAR lib code.
    - Optimized UI code, resulting in smaller downloads and less
      space consumed on disk.
    - Changed the default Firefox Compatibility version number to
      68.0 (since versions ending in .9 makes some frameworks unhappy,
      refusing access to users)
    - Cleaned up HPKP leftovers.
    - Disabled the DOM filesystem API by default.
    - Removed Phone Vibrator API.
    - Fixed an issue where the software uninstaller would not remove
      the program files it should.
    - Fixed a devtools crash related to timeline snapshots.
    - Fixed an issue in Skia that could cause unsafe memory access.
      [DiD]
    - Fixed several data race conditions. [DiD]
    - Fixed an XSS vulnerability where scripts could be executed when
      pasting data into on-line editors.
    - Linux: Fixed an overflow issue in freetype.
    - Security issues addressed: CVE-2020-26960, CVE-2020-26951,
      CVE-2020-26956, CVE-2020-15999 and several others that do not have a
      CVE designation.
    - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4
      defense-in-depth, 3 rejected, 20 not applicable.

 -- Ben Stack <bgstack15@gmail.com>  Wed, 25 Nov 2020 09:13:05 -0500

newmoon (28.15.0-1+devuan) obs; urgency=low

  * This is a standard development and bugfix release.
    - Implemented support for CSS caret-color.
    - Implemented support for un-prefixed ::selection CSS pseudo-element styling.
    - Fixed another potential crashing scenario in ResizeObservers.
    - Fixed several crashes in the DOM Fetch API.
    - Fixed a crash in table pagination.
    - Security issues fixed: CVE-2020-15680 (VG-VD-20-115) and several memory safety hazards.
    - Unified XUL Platform Mozilla Security Patch Summary: 1 fixed, 2 defense-in-depth, 12 not applicable.
  * reenable jemalloc to match palemoon.
  * disable eme to match palemoon.
  * so now newmoon's only changes are config location and branding.

 -- Ben Stack <bgstack15@gmail.com>  Tue, 27 Oct 2020 20:05:31 -0400

newmoon (28.14.2-3+devuan) obs; urgency=low

  * disable all use-system options to see if stability returns

 -- Ben Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 14:58:17 -0400

newmoon (28.14.2-2+devuan) obs; urgency=low

  * revert to gtk2 to see if stability returns

 -- Ben Stack <bgstack15@gmail.com>  Fri, 23 Oct 2020 22:40:55 -0400

newmoon (28.14.2-1+devuan) obs; urgency=low

  * Update version

 -- Ben Stack <bgstack15@gmail.com>  Mon, 05 Oct 2020 09:07:33 -0400

newmoon (28.13.0-5+devuan) obs; urgency=medium

  * Import bluemoon icons from Gord N. Squash

 -- Ben Stack <bgstack15@gmail.com>  Wed, 16 Sep 2020 19:16:08 -0400

newmoon (28.13.0-4+devuan) obs; urgency=low

  * Import xfce-helper/palemoon.desktop from stevep@mxlinux.org release

 -- Ben Stack <bgstack15@gmail.com>  Wed, 09 Sep 2020 14:43:04 -0400

newmoon (28.13.0-3+devuan) obs; urgency=medium

  * This is a compatibility, bugfix and security update. Special thanks
    to our new code contributors this cycle (you know who you are)!
    - Updated the included site-specific user-agent overrides for a
      number of websites that need them.
    - Rewritten the browser's padlock code to use more modern APIs and
      provide more accurate security status indication.
    - Now also with localized tooltips!
    - Fixed a missing close button on the undo prompt after removing a
      thumbnail from the QuickDial new tab page.
    - Fixed an issue with the alternative stylesheet menu in the
      browser's UI not working.
    - Implemented the use of intrinsic aspect ratios for images to
      improve layout during load and page positioning.
    - Added a preference to the use of node.getRootNode and disabled by
      default. See implementation notes.
    - Added CSS -webkit-appearance as an alias for -moz-appearance to
      improve compatibility with websites that only try to use
      Chrome-specific keywords to style standard form elements.
    - Updated the SQLite library to 3.33.0.
    - Reinstated precise floating point precision model in JavaScript
      for those alternate builders who foolishly try to use the inaccurate
      "fast" model.
    - Improved spec compliance of modular JavaScript use (ECMAScript
      modules).
    - Changed media errors to be a more generic response, and added a
      preference (media.sourceErrorDetails.enabled) to enable detailed error
      reporting of media errors for debugging purposes.
    - Previously, detailed errors were provided by default which could
      lead to privacy issues.
    - Improved code stability of the AbortController implementation.
    - Fixed a race condition in the secure connection library (NSS).
    - Security issues fixed: CVE-2020-15664, CVE-2020-15666,
      CVE-2020-15667, CVE-2020-15668 and CVE-2020-15669.
    - Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 1
      defense-in-depth, 1 rejected, 9 not applicable.
  * Implementation notes
    - In 28.11.0 we introduced node.getRootNode because some websites
      would fail with an error if this function was not present.
      Unfortunately, this caused problems with other sites that (incorrectly)
      assume Google WebComponents are available when this utility function is
      present (feature detection gone wrong). While it is considered by some
      to be part of the Google WebComponents implementation, it actually has
      utility value outside of that use. Because of the problems caused,
      we've added a preference and disabled it by default, fixing these kinds
      of websites.
    - When needed, you can re-enable this function with
      dom.getRootNode.enabled
    - This should improve web compatibility by default yet still allow
      users to enable this function for websites that use its utility but do
      not use WebComponents.

 -- Ben Stack <bgstack15@gmail.com>  Fri, 04 Sep 2020 19:50:02 -0400

newmoon (28.12.0-2+devuan) obs; urgency=low

  * Forked from palemoon. This is an experimental release
    that does everything that the original dev team would
    consider wrong, including:
    - use gtk3 exclusively
    - enable webrtc
    - enable system libraries for everything possible

 -- Ben Stack <bgstack15@gmail.com>  Thu, 27 Aug 2020 16:55:11 -0400

newmoon (28.12.0-1+devuan) UNRELEASED; urgency=low

  * First release of newmoon.

 -- Ben Stack <bgstack15@gmail.com>  Wed, 05 Aug 2020 14:43:18 -0400