[X2Go-Commits] [pale-moon] 02/03: debian: sync directory with Steven Pusser's palemoon_27.9.4~repack-1 version.

git-admin at x2go.org git-admin at x2go.org
Sat Sep 29 04:11:09 CEST 2018


This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository pale-moon.

commit 71e28cb01e54b0ed7105154da543980de09d12bd
Author: Mihai Moldovan <ionic at ionic.de>
Date:   Sat Sep 29 03:50:39 2018 +0200

    debian: sync directory with Steven Pusser's palemoon_27.9.4~repack-1 version.
---
 debian/README.7z-source | 12 ------------
 debian/changelog        | 42 +++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 41 insertions(+), 13 deletions(-)

diff --git a/debian/README.7z-source b/debian/README.7z-source
deleted file mode 100644
index c916e90..0000000
--- a/debian/README.7z-source
+++ /dev/null
@@ -1,12 +0,0 @@
-If you obtain the source in a 7z archive, it does not support Linux permissions.
-In order to compile it, and create a source tarball, extract the archive, run
-
-chmod -R 777 <extracted-source-directory>
-
-and then recompress the source into an approved Debian tarball format.
-
-Make sure to add a "~repack" to the versioning and the orig tarball to label it
-as repacked.
-
-Currently the tar.gz tarballs from the github releases don't require this, but
-a tar.xz repack will save considerable bandwidth.
diff --git a/debian/changelog b/debian/changelog
index ec1a696..12bed3c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,43 @@
+palemoon (27.9.4~repack-1) obs; urgency=medium
+
+  * Import new upstream 27.9.4 release.
+    - Updated the useragent for addons.mozilla.org to work around their "Only
+      with Firefox" discrimination preventing users from downloading themes, old
+      versions of extensions, and other files with Pale Moon.
+    - Restricted web access to the moz-icon:// scheme that could potentially be
+      abused to infringe the user's privacy.
+    - Prevented various location-based threats. DiD
+    - Fixed a potential vulnerability with plugins being redirected to different
+      origins (CVE-2018-12364).
+    - Improved the security check for launching executable files 
+      (by association) on Windows from the browser. For users who have (most 
+      likely accidentally) granted a system-wide waiver for opening these kinds
+      of files without being prompted, this permission has been reset.
+    - Fixed an issue with invalid qcms transforms (CVE-2018-12366).
+    - Fixed a buffer overflow using the computed size of canvas elements
+      (CVE-2018-12359).
+    - Fixed a use-after-free when using focus() (CVE-2018-12360).
+    - Added some sanity checks on nsMozIconURI. DiD
+    - Fixed an issue in the case the preferences file in the profile would not be
+      writable (e.g. temporary permission issues due to backup, virus scanning or
+      similar external processes).
+
+ -- Steven Pusser <stevep at mxlinux.org>  Wed, 11 Jul 2018 13:59:46 -0700
+
+palemoon (27.9.3~repack-1~mx17+1) mx; urgency=medium
+
+  * New upstream security update:
+  
+    - Changes/fixes:
+      - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to 
+        that report, the libopus maintainers state they don't believe remote 
+        code execution was possible, so this was not a critical patch.
+      - Fixed an issue with task counting in JS GC.
+      - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks 
+        to Berk Cem Göksel for reporting).
+
+ -- Steven Pusser <stevep at mxlinux.org>  Tue, 12 Jun 2018 11:12:06 -0700
+
 palemoon (27.9.2~repack-1-0x2go1) UNRELEASED; urgency=medium
 
   [ Mihai Moldovan ]
@@ -288,7 +328,7 @@ palemoon (27.9.2~repack-1-0x2go1) UNRELEASED; urgency=medium
 
  -- Mihai Moldovan <ionic at ionic.de>  Mon, 28 May 2018 03:44:10 +0200
 
-palemoon (27.9.2~repack-1) obs; urgency=medium
+palemoon (27.9.2~repack-1~mx17+1) mx; urgency=medium
 
   * New upstream security and stability update:
 

--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/pale-moon.git


More information about the x2go-commits mailing list