[X2Go-Commits] [pale-moon] 07/21: debian: add directory based on Steven Pusser's palemoon_27.9.2~repack-1 version.
git-admin at x2go.org
git-admin at x2go.org
Tue May 29 00:03:05 CEST 2018
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository pale-moon.
commit 4607a7468d05662fb4080bb5f118a4b9051b8f9e
Author: Mihai Moldovan <ionic at ionic.de>
Date: Mon May 28 03:31:20 2018 +0200
debian: add directory based on Steven Pusser's palemoon_27.9.2~repack-1 version.
---
debian/README.7z-source | 12 +
debian/changelog | 1222 +++++++++++++++++++++++++++++++++++++
debian/compat | 1 +
debian/control | 46 ++
debian/copyright | 571 +++++++++++++++++
debian/install | 1 +
debian/mozconfig | 19 +
debian/palemoon.links | 6 +
debian/palemoon.lintian-overrides | 3 +
debian/palemoon.postinst | 11 +
debian/palemoon.prerm | 8 +
debian/rules | 46 ++
debian/source/format | 1 +
debian/source/include-binaries | 10 +
14 files changed, 1957 insertions(+)
diff --git a/debian/README.7z-source b/debian/README.7z-source
new file mode 100644
index 0000000..c916e90
--- /dev/null
+++ b/debian/README.7z-source
@@ -0,0 +1,12 @@
+If you obtain the source in a 7z archive, it does not support Linux permissions.
+In order to compile it, and create a source tarball, extract the archive, run
+
+chmod -R 777 <extracted-source-directory>
+
+and then recompress the source into an approved Debian tarball format.
+
+Make sure to add a "~repack" to the versioning and the orig tarball to label it
+as repacked.
+
+Currently the tar.gz tarballs from the github releases don't require this, but
+a tar.xz repack will save considerable bandwidth.
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..cff607f
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,1222 @@
+palemoon (27.9.2~repack-1) obs; urgency=medium
+
+ * New upstream security and stability update:
+
+ - Changes/fixes:
+ - We changed the language strings for softblocked items so people will cry
+ less when we do our job.
+ - (CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10.
+ - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly
+ rendering some Unicode characters, allowing for the file name to be
+ spoofed. This could be used to obscure the file extension of potentially
+ executable files from user view in the panel.
+ - (CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a
+ buffer overflow and crash if it occurs.
+ - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia
+ library resulting in possible out-of-bounds writes.
+ - (CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating
+ attributes during SVG animations with clip paths.
+ - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
+ conversion within JavaScript with extremely large amounts of data. This
+ vulnerability requires the use of a malicious or vulnerable extension in
+ order to occur.
+ - Fixed several stability issues (crashes) and memory safety hazards.
+
+ -- Steven Pusser <stevep at mxlinux.org> Mon, 21 May 2018 11:43:14 -0700
+
+palemoon (27.9.1~repack-1) obs; urgency=medium
+
+ * New upstream maintenance update:
+ - Removed the unused/incomplete places protocol handler.
+ - Worked around an issue with MSE media without a Track ID. This should help
+ with the playability of some live streams.
+ - Ported across jemalloc improvements from UXP.
+ - Ported across cairo mutex improvements from UXP.
+ - Added support for FFmpeg 4.0/libavcodec 58.
+ - Added a fix for Windows 10's "isAlpha()" not being what one would expect
+ in v1803.
+
+ -- Steven Pusser <stevep at mxlinux.org> Mon, 07 May 2018 15:07:33 -0700
+
+palemoon (27.9.0~repack-1~mx17+1) mx; urgency=medium
+
+ * New upstream release:
+ - Fixed a number of spec compliance issues in our media subsystem.
+ - Added a trailing slash to referrers when policy is set to fix some web
+ compatibility issues.
+ - Fixed the property order in Object.getOwnPropertyNames(string) and others
+ for web compatibility.
+ - Updated RegExp(RegExp object, flags) to the ES6 standard specification.
+ - Changed the embedded font from the no longer free EmojiOne to the
+ open-licensed Twemoji (with additional fixes). This also further extends
+ unicode support to Unicode 10 emoji(s). Please note that as a result, color
+ emoji(s) will look different than before.
+ - Adjusted some things in our memory allocator code to provide, among other
+ things, better allocation alignment on Windows.
+ - Made the attempt to migrate people from the old sync server domain name to
+ the current one more aggressive. We will be retiring the old
+ pmsync.palemoon.net Sync server address shortly to remove the need for us
+ to maintain a security certificate for it; this preference migration should
+ automatically put everyone on the correct server address when upgrading.
+ - Made reading of the sessionstore synchronous, to speed up startup and
+ prevent the homepage from being loaded when restoring a session.
+ - Added a fix to switch to the correct window/tab when a web notification
+ is clicked.
+ - Changed the placeholder text to not include "Search" when all search
+ functions from the address bar are disabled.
+ - Enabled the use of Skia for canvas on Linux and OSX.
+ - Worked around a potential cause for some non-standard bitmapped fonts
+ ending up with incorrect line heights (I'm looking at you, Noto fonts!).
+ - Added a workaround for incorrectly-encoded JPEG-XR images with planar
+ alpha. Ultimately, the jxrlib reference implementation should be fixed to
+ encode according to spec.
+ - Aligned XCTO:nosniff allowed script MIME types with the updated spec.
+ - Improved the logic for storing vector images in the surface cache.
+ - Fixed character set handling for XMLHttpRequests.
+
+ -- Steven Pusser <stevep at mxlinux.org> Tue, 17 Apr 2018 10:14:19 -0700
+
+palemoon (27.8.3~repack-1) obs; urgency=medium
+
+ * New upstream bugfix update:
+ - This is a small update to solve a pervasive crash in responsive web
+ layouts.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 29 Mar 2018 12:48:14 -0700
+
+palemoon (27.8.2~repack-1) obs; urgency=medium
+
+ * New upstream security update:
+ - Privacy fix: prevented update checks for the default theme.
+ - Added a user-agent override for Dropbox to improve compatibility with
+ their service.
+ - Fixed an issue with mouseover handling related to (CVE-2018-5103). DiD
+ - Disabled the Mac OSX Nano allocator. DiD
+ - Fixed (CVE-2018-5129) OOB Write.
+ - Updated the lz4 library to 1.8.0 to solve potential issues. DiD
+ - Fixed (CVE-2018-5137) Path traversal on chrome:// URLs
+ - Fixed several memory safety an synchronicity hazards.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 22 Mar 2018 10:31:24 -0700
+
+palemoon (27.8.1~repack-1) obs; urgency=medium
+
+ * New upstream release:
+ - Backed out the NSPR/NSS update from 27.8.0 for causing crashes, general
+ operational instability and handshake issues.
+ - Disabled TLS 1.3 draft support by default, because with the NSS backout we
+ only support an older draft right now that is no longer current and may
+ cause connectivity issues. You can manually re-enable it at your own risk
+ in about:config by setting security.tls.version.max to 4.
+
+ -- Steven Pusser <stevep at mxlinux.org> Tue, 06 Mar 2018 12:04:10 -0800
+
+palemoon (27.8.0~repack-1) obs; urgency=medium
+
+ * New upstream release:
+ - Added support for emojis on Windows systems that have relatively poor
+ support for them with standard font sets by including our own font
+ (EmojiOne based for now).
+ - Added a setting in preferences to select the use of tab previews with
+ Ctrl+Tab.
+ - Added Eyedropper menu entry to the AppMenu.
+ - Added a preference to control whether the text cursor (caret) should be
+ thicker when dealing with CJK characters or not (default = yes).
+ - Added URL fix-ups for schemes (mis-typed "ttp://" etc.).
+ - Added support for ES6 "Symbol species".
+ - Updated our TLS 1.3 support to the latest (probably final) draft.
+ - Fixed gap inconsistency in the tabstrip.
+ - Fixed a number of browser crashes.
+ - Fixed a crash with the exponentiation operator "**"
+ - Set the performance timer granularity to 1 ms.
+ - Updated the kiss-fft library to our forked 1.4.0 version.
+ - Disabled a potentially problematic optimization on Win 8+ with high
+ contrast themes in use.
+ - Removed the notification bar when in full screen to prevent unwanted
+ visible screen elements.
+ - Removed unmaintained and insecure WebRTC code - building with WebRTC
+ enabled is no longer an option.
+ - Removed redundant checks for "Vista or later" since that is all we support.
+ - Added display of the http status to raw request displays.
+ - Added a workaround for cloned videos not retaining their muted state.
+ - Added a temporary workaround to avoid crashes on trackless media.
+ - Removed some superfluous ellipses from menu labels.
+ - Fixed undesired shrinking of line heights as a result of setting minimum
+ font size in preferences.
+ - Fixed some issues with setting the new tab preference (regression).
+
+ * Add support for building on Debian Buster on gcc-4.9.
+
+ -- Steven Pusser <stevep at mxlinux.org> Fri, 02 Mar 2018 17:38:20 -0800
+
+palemoon (27.7.2~repack-1~mx17+1) mx; urgency=medium
+
+ * New upstream release:
+ - Changed the X-Content-Type-Options: nosniff behavior to only check
+ "success" class server responses, for web compatibility reasons.
+ - Changed the perfomance timer resolution once more to a granularity of
+ 1 ms, after evaluating more potential ways of abusing Spectre. This
+ takes the most cautious approach possible lacking more information
+ (because apparently NDAs have been signed over this between mainstream
+ players), follows Safari's lead, and should make it not just infeasible
+ but downright impossible to use these timers for nefarious purposes in
+ this context.
+ - Improved the debug-only startup cache wrapper to prevent a rare crash.
+ - Fixed a crash in the XML parser.
+ - Added a check for integer overflow in AesTask::DoCrypto()
+ (CVE-2018-5122) DiD
+ - Fixed a potential race condition in the browser cache.
+ - Fixed a crash in HTML media elements (CVE-2018-5102)
+ - Fixed a crash in XHR using workers.
+ - Fixed a crash with some uncommon FTP operations.
+ - Fixed a potential race condition in the JAR library.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 01 Feb 2018 13:48:26 -0800
+
+palemoon (27.7.1~repack-1~mx17+1) mx; urgency=medium
+
+ * New upstream release:
+ - Added support for Array.prototype[@@unscopables].
+ Unfortunately, the addition of Javascript's ES6 Unscopables in 27.7.0 was
+ incomplete, which caused a number of websites (e.g. Chase on-line banking,
+ some Russian government sites) to display blank or not complete loading
+ after updating to that version of the browser. This update should fix the
+ problem by adding the missing part of the feature.
+ - Fixed an issue with the default theme causing tab borders to be drawn too
+ thick at higher settings for visual element scaling (125/150%) in Windows.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 18 Jan 2018 10:03:02 -0800
+
+palemoon (27.7.0~repack-1~mx17+1) mx; urgency=medium
+
+ * New upstream release:
+ - Reorganized access to preferences (moved to the Tools menu on Linux, and
+ renamed from "Options" to "Preferences" on Windows).
+ - Renamed "Restart with add-ons disabled" to "Restart in Safe Mode" to
+ better reflect what it does.
+ - Worked around an issue with some improperly-encoded PNG files not decoding
+ after our libpng update.
+ - Fixed an issue on Mac builds not properly populating the application menu.
+ - Added "My home page" as an option for new tabs.
+ - Added an option to disable the 4th and 5th mouse buttons (Windows).
+ - (mouse.button4.enabled and mouse.button5.enabled, respectively)
+ - Improved the resetting of non-default profiles.
+ - Fixed an issue with details/summary having the incorrect height if floated,
+ breaking layouts.
+ - Implemented support for flex/columnset contents inside buttons to align
+ its behavior with other browsers.
+ - (this should fix layout issues with Twitch's new web interface)
+ - Made several more improvements to the details/summary tags to align them
+ with the current spec and fix several bugs.
+ - Fixed an issue where CSS clone operations would draw a border.
+ - Changed the way fractional border widths are rounded to provide more
+ natural behavior.
+ - Fixed an issue where number inputs would incorrectly be flagged as
+ read-only.
+ - Added assets for tile display in the Windows start panel.
+ - Finished sync infra swapover by adding a one-time pref migration for
+ server used.
+ - Improved WebAudio API: Return the connected audio node from
+ AudioNode.connect()
+ - Added support for a default playback start position in media elements.
+ - Fixed an assert in cubeb-alsa code (Linux).
+ - Added support for media cue-change events (e.g. subtitles).
+ - Updated SQLite to 3.21.0.
+ - Fixed a crash when trying to use the platform embedded.
+ - Fixed devtools (gcli) screenshots on vertical-text pages.
+ - Fixed devtools copy as cURL for POST requests.
+ - Improved the HTML editor component (several bugfixes).
+ - Added support for ES7's exponentiation a ** b operator.
+ - Fixed an issue with arrow functions incorrectly creating an arguments
+ binding.
+ - Added Javascript's ES6 unscopables.
+ Security/privacy fixes:
+ - Disabled automatic filling in of log-in details by default to prevent
+ potential risks of credentials being abused (e.g. for tracking) or stolen.
+ - Added a preference (in the category security) to easily enable or disable
+ automatic filling in of log-in data.
+ - Removed the sending of referrers when opening a link in a new
+ private window.
+ - Added an option to disable the page visibility Web API
+ (dom.visibilityAPI.enabled), allowing users to prevent pages from knowing
+ whether they are being actively displayed to the user or not.
+ - Removed the "ask every time" policy for cookies. For granular control,
+ please use any of the excellent available extensions to regulate cookie use
+ on a per-site or per-url basis.
+ - Added support for X-Content-Type-Options: nosniff (for scripts).
+ - Changed the resolution of performance timers to a level where any future
+ potential abuse for hardware-timing attacks becomes impractical.
+
+ -- Steven Pusser <stevep at mxlinux.org> Tue, 16 Jan 2018 12:02:55 -0800
+
+palemoon (27.6.2~repack-1) obs; urgency=medium
+
+ * Minor security and bugfix release:
+ - Implemented the concept of so-called "cookie-averse document objects",
+ which is a security&privacy measure that blocks certain web content from
+ setting cookies. This mitigates cookie-injection, which might help against
+ "hidden" cookie tracking.
+ - Mitigated some domain name spoofing through IDN by using dotless-i and
+ dotless-j with accents. (CVE-2017-7832)
+ - Pale Moon will display these kinds of spoofed domains in punycode now in
+ the actual address bar. Please note that the identity panel will always be
+ able to help you on secure sites when IDNs are in use to notice potential
+ spoofing, as opposed to relying on detection algorithms in the URL itself.
+ As such, some other issues like CVE-2017-7833 are already mitigated by us.
+ - Fixed an issue with mixed-content blocking. (CVE-2017-7835)
+ - Added an extra check for the correct signature data type on certificates.
+ - Added missing sanitization in exporting bookmarks to HTML. (CVE-2017-7840)
+ - Fixed several crashes and memory safety hazards.
+ * Bump debhelper build-depend to >= 9.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 29 Nov 2017 12:31:22 -0800
+
+palemoon (27.6.1~repack-1mx15+1) mx; urgency=medium
+
+ * Minor bugfix release:
+ - Fixed a regression with new windows (opening two windows from the
+ command-line or file association, focus issues on new windows, not
+ loading the home page in a new window, etc.)
+ - Aligned XHR with the currect spec to allow withCredentials.
+ - Fixed an input element focus issue within handlers.
+ - Fixed the processing of all-padding HTTP/2 frames to prevent rare
+ HTTP/2 hangups.
+ - Updated CitiBank override to work around their login issues.
+ - Updated Netflix override to a community-supplied one that seems to
+ satisfy their arbitrary restrictions better.
+
+ -- Steven Pusser <stevep at mxlinux.org> Mon, 20 Nov 2017 15:52:34 -0800
+
+palemoon (27.6.0~repack-1) obs; urgency=medium
+
+ * Major development update; changes can be viewed at
+ https://github.com/MoonchildProductions/Pale-Moon/releases.
+ * debian/mozconfig: add vectorization flags for distreleases that support it.
+ Those that don't get the mozconfig without the flags.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 08 Nov 2017 11:10:24 -0800
+
+palemoon (27.5.1~repack-1) obs; urgency=medium
+
+ * Minor bugfix release:
+ - Changed the default Windows 10 styling when no accent color is applied to
+ black-on-white.
+ - Changed the theme styling on Windows 10 when the system window frame is
+ used (menu bar enabled) to use the window manager background directly,
+ preventing visual lag updating the window color when it changes.
+ - Updated user agent overrides for DropBox, YouTube and Yahoo to work around
+ user agent sniffing issues.
+ - Fixed a crash in the media subsystem.
+ - Fixed a regression where video playback hardware acceleration was disabled
+ incorrectly on some systems.
+
+ -- Steven Pusser <stevep at mxlinux.org> Fri, 13 Oct 2017 15:15:01 -0700
+
+palemoon (27.5.0~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream major release, changes can be viewed at
+ https://github.com/MoonchildProductions/Pale-Moon/releases.
+ * Disable updater and installer in mozconfig.
+
+ -- Steven Pusser <stevep at mxlinux.org> Tue, 26 Sep 2017 18:32:35 -0700
+
+palemoon (27.4.2~repack-1) obs; urgency=medium
+
+ * New upstream bugfix release:
+ - Fixed a number of crashes.
+ - Enabled the opt-in debugging feature to log SSL keys to a file in all
+ builds.
+ - Added a fix for TLS 1.3 handshakes causing a browser hangup.
+ - Handshakes should be considerably faster now and no longer stall in the
+ wrong circumstances.
+ - Updated NSPR to 4.15.
+ - Updated NSS to 3.31.1.
+ - Fixed a DoS issue using overly long Username in URL scheme (CVE-2017-7783)
+ - Fixed an issue where (cross domain) iframes could break
+ scope (CVE-2017-7787)
+ - Fixed an issue in WindowsDllDetourPatcher (CVE-2017-7804)
+ - Fixed an issue with elliptic curve addition in mixed Jacobian-affine
+ coordinates (CVE-2017-7781)
+ - Fixed a UAF in nsImageLoadingContent (CVE-2017-7784)
+ - Fixed a UAF in WebSockets (CVE-2017-7800)
+ - Fixed a heap-UAF in RelocateARIAOwnedIfNeeded (CVE-2017-7809) DiD
+ (accessibility is disabled)
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 23 Aug 2017 15:50:07 -0700
+
+palemoon (27.4.1~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream bugfix release:
+ - Fixed an issue where MSE media playback would not use hardware
+ acceleration when it could, causing choppy playback and high CPU usage.
+ - Fixed ES6 iterator chains to be spec-compliant.
+ - Fixed ES6 vector append calls and some related memory leaks.
+ - Added a workaround to reduce the chances of a rare crash occurring.
+
+ -- Steven Pusser <stevep at mxlinux.org> Fri, 04 Aug 2017 18:22:19 -0700
+
+palemoon (27.4.0~repack-2) obs; urgency=medium
+
+ * debian/mozconfig: drop deprecated "--disable-gstreamer" option.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 12 Jul 2017 13:25:27 -0700
+
+palemoon (27.4.0~repack-1) obs; urgency=medium
+
+ * New upstream release--the github 27.4.0 was not a real release:
+ Changes/fixes:
+ - Completely re-worked the Media Source Extensions code to make it spec
+ compliant, and asynchronous as per specification for MSE with MP4. This
+ should fix playback problems on YouTube, Twitch, Vimeo and other sites
+ that previously had some issues. A massive thank you to Travis for his
+ tireless work on making this happen!
+ Please note that MSE+WebM (disabled by default) is not using this new code
+ yet (planned for the next release), and as such there is a temporary set
+ of things to keep in mind if you don't use default settings:
+ If you have previously enabled MSE+WebM, this setting will be reset when
+ you update to avoid conflicting settings with the updated MSE code.
+ We've added an extra setting in Options to disable the updated MSE code
+ (asynchronous use) in case you need to use WebM or are otherwise having
+ issues with the updated code (please let us know in that case).
+ Once again, the MSE+WebM and Asynchronous MSE use are currently mutually
+ exclusive. You can have one or the other, not both, until we sort out
+ the code for WebM. To enable MSE+WebM you will first have to disable
+ Asynchronouse MSE in settings (otherwise the WebM setting will be greyed
+ out and disabled).
+ - Added a control in options/preferences for HSTS and HPKP usage.
+ - Changed HTML bookmark exports to write CRLF line endings to the file on
+ Windows.
+ - Leveraged multi-core rendering for libVPX (VP8/VP9 WebM decoding).
+ - Fixed some issues accessing DeviantArt (useragent-sniffing).
+ - Aligned CSS text-align with the spec.
+ - Added a recovery module for browser initialization issues (e.g. when using
+ a wrong language pack).
+ - Fixed spurious console errors for XHR requests with certain http response
+ codes.
+ - Enabled v-sync aligned refresh for a smoother scrolling experience.
+ - Removed support for CSS XP-theme media queries.
+ - Improved console error reporting.
+ - Fixed resetting toolbars and controls from the safe mode dialog.
+ - Fixed bookmark recovery option from the safe mode dialog.
+ - Fixed innerText getters for display:none elements.
+ - Fixed a GL buffer crash that might occur with certain combinations of
+ drivers and hardware.
+ - Added some more details to about:support.
+ - Fixed a potential crash when the last audio device is removed during
+ playback.
+ - Fixed a crash on about:support when windowless browsers are created.
+ - Updated <select> elements to blank if the actively set value doesn't match
+ any of the options.
+ - Updated the interpretation of 2-digit years in date formats to match other
+ browsers:
+ - 0-49 = 2000-2049, 50-99 = 1950-1999.
+ - Added "q" units to CSS (quarter of a millimeter).
+ - Added .origin property to blobs.
+ - Fixed several minor layout issues.
+ - Fixed disabled HTML elements not producing the proper JS events.
+ - Implemented web content handler blacklist according to the spec, allowing
+ more than feeds to be registered.
+ - Fixed a spec compliance issue with execCommand() on HTML elements.
+ - Fixed a problem with table borders being drawn uneven or being omitted
+ when zooming the page.
+ - Added devtools "filter URLs" option in the network panel.
+ - Added visual sorting options to the Network inspector.
+ - Added importing of login data from Chrome profiles on Windows (Chrome
+ has to be closed first).
+ - Added importing of tags from bookmark export files (HTML format).
+ - Updated usage of SourceMap headers with the updated spec (SourceMap
+ header, keeping X-SourceMap as a fallback).
+ - Fixed several cases of wrongly-used negations in JS modules.
+ - Added the auxclick mouse event.
+ - Added a control to not autoplay video unless it is in view
+ (media.block-play-until-visible).
+ - Updated the Graphite font library to 1.3.10.
+ - Updated how image and media elements respond to window size changes
+ (responsive design).
+ - Added parsing and use of rotation meta data in video.
+ - Fixed several crashes in a number of modules.
+ - Fixed performance regression for scaling large vector images (e.g. MSIE
+ Chalkboard test) \o/
+ - Fixed some issues with notification icons.
+ - Fixed some internal errors with live bookmarks.
+ - Updated SQLite to 3.19.3.
+ - Fixed several reported issues with devtools (cli-cookies, cli help,
+ copying cURL, inspecting SVGs, element size calculations, etc.)
+ - Fixed an issue where a server response was allowed to override add-ons'
+ specified version ranges even for add-ons that have strict compatibility
+ (e.g. themes, language packs).
+
+ Security fixes:
+
+ - Removed preloading of HPKP hosts and enabled HPKP header enforcement.
+ - Added support for TLS 1.3, the up-next secure connection protocol.
+ - Fixed an issue with TLS 1.3 not supporting renegotiation by design.
+ - Relaxed some restrictions for CSP to temporarily work around web
+ compatibility issues with the CSP-3 deprecated `child-src` directive.
+ - Updated NSS to 3.28.5.1-PM to address some security issues.
+ - Updated the installer selfextractor module to address unsafe loading of
+ libraries.
+ - Changed the way certain resources are included to reduce effectiveness of
+ some common fingerprinting techniques. (e.g. browserleaks.org)
+ - Fixed a regression in the display of security information in the page info
+ dialog for insecure content.
+ - Fixed two potential issues with allocating memory for video. DiD
+ - Fixed a potential issue with the network prediction algorithm. DiD
+ - Restricted the use of Aspirational scripts in IDNs to prevent domain
+ spoofing, in anticipation of the UAX#31 update making this official.
+ - Prevented a Mac font specific issue that could be abused for domain
+ spoofing (CVE-2017-7763)
+ - Fixed several potentially exploitable crashes. (CVE-2017-7751)
+ (CVE-2017-7757) and some that do not have a CVE designation.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 12 Jul 2017 10:54:26 -0700
+
+palemoon (27.3.0~repack-1) obs; urgency=medium
+
+ * New upstream release.
+
+ -- Steven Pusser <stevep at mxlinux.org> Sat, 29 Apr 2017 19:50:41 -0700
+
+palemoon (27.2.1~repack-1) obs; urgency=medium
+
+ * New upstream release:
+
+ - Changes/Fixes:
+ - Fixed an issue with planar alpha handling (transparency) when drawing
+ JXR images.
+ - Fixed a crash related to a change JavaScript array handling introduced
+ in 27.2.0. This became apparent with the pentadactyl extension, but
+ could happen in other situations as well.
+ - Fixed a crash when opening ridiculously large images with HQ scaling
+ enabled (default). Pale Moon will now only apply HQ scaling for images
+ within reasonable limits (64 Mpix or smaller). Images larger than that
+ may not display properly when zooming in, or may not display at all,
+ even scaled down (e.g. >256 Mpix large) and show a "broken image"
+ placeholder instead; please use dedicated image viewer applications for
+ those kinds of images; it is outside the scope of a web browser to
+ handle such large images.
+ - Changed the way URL hashes are handled, and will no longer %-decode
+ anchor hash identifiers by default. Note that this is against RFC 3986,
+ which states that any part of the URL scheme that isn't data should be
+ decoded. This is required for web compatibility because several sites
+ use hash links to pass actual data to web applications (Please don't do
+ this! Hashes are part of the URL address, should only consist of "safe"
+ characters, and aren't suited to pass arbitrary data) and the most
+ common browsers no longer follow the RFC in that respect. If you want
+ RFC compliance, switch dom.url.getters_decode_hash to true.
+ - Restored 2 RSA Camellia cipher suites that were missing:
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA and TLS_RSA_WITH_CAMELLIA_256_CBC_SHA.
+ - Fixed an issue with custom toolbars getting deleted during upgrade
+ from 27.0/27.1 to 27.2
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 29 Mar 2017 12:27:06 -0700
+
+palemoon (27.2.0~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream release:
+
+ - Changes/Fixes:
+ - Updated the ICU lib to 58.2 to fix a number of issues.
+ - Added proper control for the user for offline storage for web
+ applications.
+ - Added a check to prevent auto-filled URLs from copying the auto-filled
+ selection to clipboard/primary.
+ - Added the feature to pass a URL to open in a private window from the
+ command-line.
+ - Improved the display of the downloads indicator on the button in
+ bright-text situations.
+ - DOM storage now honors the "3rd party cookie" setting in that it will
+ not allow 3rd party data to be stored if 3rd party cookies are
+ disallowed.
+ - Allowed toolbar button badges to be properly styled.
+ - Updated the hunspell spellchecking library to 1.6.0 to fix a number
+ of issues.
+ - Fixed desktop notifications being off-screen if fired in rapid
+ succession.
+ - Added Element.insertAdjacentElement and Element.insertAdjacentText
+ DOM functions.
+ - Added support for JPEG-XR images. This makes Pale Moon have the broadest
+ support for image formats of all web browsers. (enabled by default; you
+ can disable this with media.jxr.enabled).
+ - Completely removed the use of GStreamer on Linux.
+ - Added support for Element.innerText.
+ - Custom toolbars should now properly remember their state.
+ - Fixed some more playback issues with MP4/MSE videos. Please be aware
+ that we are still working on further improving MSE video handling.
+ - Changed media processing to reduce dangerous processing asynchronicity.
+ This should also make media elements and playback more responsive.
+ - Fixed a useragent string regression always displaying the minor Goanna
+ version as .0
+ - Updated NSPR to 4.13.1.
+ - Updated NSS to 3.28.3-RTM.
+ - Fixed unrestricted icon sizes in PMkit buttons.
+ - Fixed unresponsive buttons on support page when not building
+ the updater.
+ - Fixed the use of "View image" and "Save image as" on extremely
+ large images.
+ - Changed the way "View Image" and "Save image as" work on canvas
+ elements.
+ - Made checking for dangerously large resolution PNG images smarter. It
+ will now accept larger "strip"-aspect ratio images while reducing
+ unsupported large image resolutions. This will e.g. fix Gmail's "emoji"
+ window that uses a ridiculously long but very narrow single image to
+ store all the emoticon pictures.
+ - Converted several hard-coded URLs to preferences.
+ - Updated the google.com override so it would not cripple services based
+ on UA sniffing.
+ - Added Inner and Outer Window ID administration.
+ - Fixed the add-on discovery pane detection.
+ - Added support for canvas ellipse.
+ - Improved drawing of certain MathML elements at problematic zoom levels.
+ - No longer building gamepad support.
+ - Updated Harfbuzz font shaper to 1.4.3 to fix a number of issues.
+ - Fixed a number of crashes (layout, plugins, uncommon navigation,
+ bad URLs).
+ - Aligned SVG specular filters with the spec.
+
+ - Security/privacy changes:
+ - Added support for 256-bit AES-GCM encryption.
+ - Added support for ChaCha20-Poly1305 encryption.
+ - Removed support for Camellia-GCM since nobody seems interested in it.
+ (Camellia in 128/256-bit CBC block mode is still fully supported).
+ - Added support for SHA-224, SHA-256, SHA-384 and SHA-512 to Crypto utils.
+ - Improved status handling of secure sites to be less sensitive to
+ "insecure" items that are local.
+ - Fixed print preview hijacking. (CVE-2017-5421)
+ - Fixed a potentially exploitable crash in OnStartRequest. (CVE-2017-5416)
+ - Fixed potential cross-origin content-stealing through a timing
+ attack. (CVE-2017-5407)
+ - Fixed a denial-of-service problem with view-source. (CVE-2017-5422)
+ - Fixed crash in directional controls. (CVE-2017-5413)
+ - Fixed a perceived problem with chrome manifests. (CVE-2017-5427)
+ - Fixed the use of an uninitialized value. (CVE-2017-5405)
+ - Fixed a buffer overflow. (CVE-2017-5412)
+ - Fixed a UAF situation. (CVE-2017-5403)
+ - Fixed a potential spoofing issue with the address bar. (CVE-2017-5417)
+ - Fixed a potential issue in libvpx. (CVE-2017-5402) DiD
+ - Fixed a potential issue with HTTP auth. (CVE-2017-5418)
+ - Fixed several memory safety hazards and potentially exploitable crashes.
+
+ -- Steven Pusser <stevep at mxlinux.org> Sun, 19 Mar 2017 12:49:24 -0700
+
+palemoon (27.1.2~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream release:
+ -adds workaround for potential deadlocks happening in media elements.
+
+ -- Steven Pusser <stevep at mxlinux.org> Fri, 03 Mar 2017 13:45:54 -0800
+
+palemoon (27.1.1~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream release:
+ - Implemented a fix in media handling to prevent crashes with concurrent
+ videos and/or rapidly starting/stopping video playback in the browser.
+ - Fixed the way the Adobe Flash plugin is detected to prevent confusion with
+ other plugins that identify themselves as "Flash" (e.g. VLC).
+ - Windows: Solved stability issues caused by the release build process,
+ resulting in unexpected behavior (e.g. hangups).
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 22 Feb 2017 13:52:07 -0800
+
+palemoon (27.1.0~repack-1) obs; urgency=medium
+
+ * New major upstream release:
+ - Reworked the media back-end completely (thanks Travis!) to use FFmpeg
+ (including support for FFmpeg v3 and MP3 playback) and our own MP4 parser,
+ and no longer relying on gstreamer on Linux, as well as adding some
+ improvements on Windows for media parsing and playing.
+ - On Linux, Apple .mov files of the correct type will also be played through
+ FFmpeg now, for those rare occasions where they are still in use,
+ considering there is no Quicktime plug-in available on that operating
+ system.
+ - Restored the classic about:config styling.
+ - Added a fallback to US-ASCII if the autoconfig UTF-8 conversion fails.
+ - Improved cross-compartment wrapper handling when managing a large number
+ of tabs (fixes a performance regression with v27).
+ - Changed the way audio and video synchronization is calculated to account
+ for (slow) device latency, preventing things from getting out of sync on,
+ e.g. BlueTooth-connected speakers.
+ - Changed the way scripts are handled when they are stopped from the
+ "unresponsive script" dialog, to prevent browser lockup. We will now stop
+ all scripts in the affected compartment in one go.
+ - Fixed several errors in the devtools.
+ - Fixed a nasty crash caused by cross-origin referrers.
+ - Added HTML5-spec clipboard handling for content (cut© only -- paste
+ is not allowed for security reasons).
+ - Made multiple changes to the toolkit jetpack modules to cater to PMkit
+ extensions. This should make running SDK-based extensions as PMkit
+ extensions fairly simple for extension developers.
+ - Fixed a css layout issue: make max-width affect contributions to intrinsic
+ min-width.
+ - Implemented several updates to the permissions manager. Among others,
+ improved the permissions manager (about:permissions) with a more complete
+ set of permissions for pages.
+ - Removed otherwise unused Metro browser platform/widget code.
+ - Removed support for non-standard/deprecated let blocks and expressions.
+ - Made the use of let as a keyword versionless and ES6 compliant.
+ - Made the privacy category in preferences a tabbed setup to better fit the
+ current options.
+ - Fixed a regression preventing certain MP4 video files from playing.
+ - Fixed a regression where seeking in media files would halt playback/jump
+ to the end of the stream.
+ - Fixed a crash caused by certain downloadable fonts with DirectWrite
+ in use.
+ -Improved downloads-button indicator legibility on some combinations of
+ Windows versions and system theme colors.
+ - Changed the Facebook user-agent override to be our native one, based on
+ reports from users that it is (finally) working acceptably.
+ - Fixed site-specific useragents being ignored if a global override is
+ defined.
+
+ Security/privacy changes:
+
+ - Changed CORS handling to allow data: sources, assuming they are
+ same-origin. This should fix the infamous "Facebook endless reload" issue
+ and may make some other sites that assume this particular (unspecified)
+ CORS behavior happy with Pale Moon.
+ - Reinstated the network.stricttransportsecurity.enabled preference so
+ people who choose privacy over HSTS can do so again.
+ - Added, In HSTS "off" state, prevention of HSTS site status from being
+ written to disk.
+ - Updated the IDN blacklist with more extended unicode characters that
+ "look very similar to" normal ASCII characters, to prevent spoofing of
+ well-known domains. If blacklisted characters are found, the IDN domain
+ name will be displayed in its punycode form. (CVE-2017-5383 and similar)
+ - Fixed an exploitable crash when using MP4 video. (CVE-2017-5396)
+ - Fixed an exploitable crash in XSL parsing. (CVE-2017-5376)
+ - Fixed a potential security issue when exporting certificates with
+ specially-crafted credentials. (CVE-2017-5381)
+ - Fixed a potential use-after-free situation in frame selection.
+ (CVE-2017-5380) DiD
+ - Fixed a leak of window details through the Ion compiler in certain
+ situations.
+ - Fixed the potential for an exploitable crash involving Javascript GC. DiD
+ - Fixed a potential overflow situation in (non-released) WebRTC code. DiD
+ - Fixed a potentially unsafe situation in websockets. DiD
+ - Fixed several memory and other safety hazards (BMO bugs 1318766, 1325877,
+ 1328834 DiD, 1288561 DiD, 1322420 DiD, 1293327 DiD, 1322315, 1325344,
+ 1285960).
+ * debian/mozconfig:
+ - add "ac_add_options --disable-necko-wifi" and "--disable-gstreamer"..
+ - drop "ac_add_options --enable-jemalloc-lib".
+ * debian/control:
+ - remove all gstreamer dependencies and build-deps.
+ - ffmepg | libav-tools added to Depends.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 09 Feb 2017 13:53:41 -0800
+
+palemoon (27.0.3~repack-3) stable; urgency=medium
+
+ * debian rules and control: add some code and alternative depends to force
+ building on gcc-4.9 on releases that default to gcc 5 or 6.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 25 Jan 2017 10:19:25 -0800
+
+palemoon (27.0.3~repack-2) stable; urgency=medium
+
+ * debian/mozconfig: reenable the dev tools.
+ * debian/rules: don't install duplicate /usr/lib/palemoon/palemoon-bin file.
+
+ -- Steven Pusser <stevep at mxlinux.org> Thu, 29 Dec 2016 12:05:29 -0800
+
+palemoon (27.0.3~repack-1) stable; urgency=medium
+
+ * New upstream bugfix and security release.
+
+ -- Steven Pusser <stevep at mxlinux.org> Mon, 19 Dec 2016 20:05:49 -0800
+
+palemoon (27.0.2~repack-1mx15+1) mx; urgency=medium
+
+ * New upstream bugfix release.
+ -fixed crash in SVG renderer related to CVE-2016-9079 (defense in depth)
+ -Firefox compatibility mode is default in useragent string.
+ * Drop debian/menu, deprecated with the use of desktop file.
+ * Drop use of debian/palemoon.xpm, link takes care of that in pixmaps.
+ * Install much better palemoon.desktop from source instead of from debian
+ folder.
+
+ -- Steven Pusser <stevep at mxlinux.org> Fri, 02 Dec 2016 17:39:30 -0800
+
+palemoon (27.0.1~repack-3mx15+1) mx; urgency=medium
+
+ * Revise debian/mozconfig to remove deprecated configs and add sse2
+ optimization.
+ * debian/rules: add override to help shlibdeps find libs on some releases.
+
+ -- Steven Pusser <stevep at mxlinux.org> Wed, 30 Nov 2016 16:42:03 -0800
+
+palemoon (27.0.1~repack-2mx15+1) mx; urgency=medium
+
+ * debian/mozconfig: drop the "1.0" from the gstreamer flag.
+ * debian/install: don't install anything from /integration; part of default
+ install now.
+ * debian/compat: bump compat level to 9.
+
+ -- Steven Pusser <stevep at mxlinux.org> Sun, 27 Nov 2016 13:50:54 -0800
+
+palemoon (27.0.1~repack-1) mx; urgency=medium
+
+ * New upstream release.
+
+ -- Steven Pusser <stevep at mxlinux.org> Sat, 26 Nov 2016 10:09:18 -0800
+
+palemoon (26.5.0~repack-1mx150+1) mx; urgency=medium
+
+ * Repackaged for MX 15.
+
+ -- Mike Elstad (v3g4n) <maintainer at mepiscommunity.org> Thu, 29 Sep 2016 18:22:24 -0500
+
+palemoon (26.5.0~repack-1) obs; urgency=medium
+
+ * New upstream release:
+ Fixes/Changes:
+ - Implemented a breaking CSP (content security policy) spec change; when a
+ page with CSP is loaded over http, Pale Moon now interprets CSP directives
+ to also include https versions of the hosts listed in CSP if a scheme
+ (http/https) isn't explicitly listed. This breaks with CSP 1.0 which is
+ more restrictive and doesn't allow this cross-protocol access, but is in
+ line with CSP 2 where this is allowed.
+ - Fixed an issue with the XML parser where it would sometimes end up in an
+ unknown state and throw an error (e.g. when specific networking errors
+ would occur).
+ - Improved the performance of canvas poisoning by explicitly
+ parallelizing it.
+
+ Security fixes:
+ - Fixed a potentially exploitable crash related to text writing direction.
+ (CVE-2016-5280)
+ - Made checking for invalid PNG files more strict. Pale Moon will now reject
+ more PNG files that have corrupted/invalid data that could otherwise lead
+ to potential security issues.
+ - Changed the way paletted image frames are allocated so the space is
+ cleared before it's used. DiD
+ - Fixed a crash in nsNodeUtils::CloneAndAdopt() due to a typo. DiD
+ - Fixed several memory safety errors.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 28 Sep 2016 11:44:18 -0700
+
+palemoon (26.4.1~repack-1) obs; urgency=medium
+
+ * New upstream release:
+ Changes/fixes:
+ - Fixed a crash in the XSS filter.
+ - Slightly changed the address bar shading on secure sites to be more subtle
+ and easily-blended.
+ - Fixed the occurrence of "null" titles in bookmarks dragged from special
+ folders.
+ - Fixed an error initializing the browser due to trying to restore
+ scratchpad data from a stored session when having switched from a version
+ with devtools to a version without devtools, and the previous version had
+ scratchpad data saved.
+ - Fixed some minor issues in scratchpad and gcli devtools.
+
+ Security fixes:
+ - Updated the HSTS preload list to a much more updated source list, and
+ performing our own checks on validity from now on to have the list be as
+ accurate as possible.
+ - Disabled Triple-DES cipher suites by default (mitigating SWEET32).
+
+ * Add a "~repack" to the versioning because we have to repack the source.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 23 Sep 2016 17:07:58 -0700
+
+palemoon (26.4.0-1mx150+1) mx; urgency=medium
+
+ * New upstream release:
+ - Removed Google Search as a bundled search provider. If desired, you can
+ manually install it (or other search engines) after the update by following
+ the steps in the Manage Search Engines topic.
+ - Fixed the URL API to allow "stringification" of the object per
+ specification. This should make a number of websites happy.
+ - Added the ES6 string .includes() function in addition to the pre-existing
+ .contains() function for checking if a string contains another string.
+ The .contains() function is retained for compatibility with web and
+ extension scripts that adhere to the ES6 pre-release specification up to
+ and including RC3.
+ - Fixed the calculation of standalone SVG embeds width and height, which
+ should solve some reported issues with html5 graphs being displayed
+ incorrectly.
+ - Linux: improved memory allocation.
+ - Updated the graphite font library to 1.3.9.
+ - Added a blocking rule for F-Secure's 64-bit deepguard library to prevent
+ crashes.
+ - Updated the SQLite library to 3.13.0.
+ - Download= properties of links are now honored from the context menu
+ "Save" option.
+ - Fixed a crash in the XSS filter.
+ - Fixed a crash in the DOM error module.
+ - Worked around a crash on Linux
+ - Linux: Improved optimization and GCC6 compatibility (Note: compiling with
+ GCC 6 is still not recommended and it may or may not work, depending on
+ your environment)
+
+ Security fixes:
+ - (CVE-2016-5251)Potential URL spoofing in the address bar.
+ - (CVE-2016-0718) Context-dependent crash in expat 2.1.0.
+ - (CVE-2016-5266) Outgoing dataTransfer items are not properly filtered.
+ - Fixed potentially exploitable crash in the array splice implementation.
+ - Fixed potentially exploitable crash caused by badly formatted ICO files.
+ - (CVE-2016-5254) Heap-use-after-free in nsXULPopupManager::KeyDown
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 19 Aug 2016 13:08:56 -0700
+
+palemoon (26.3.3-1mx150+1) mx; urgency=medium
+
+ * New upstream release:
+ - Fixed an additional issue found that could cause menu text on Windows 10
+ to be white-on-white (and therefore unreadable).
+ - Fixed an issue with news feeds not showing up when embedded in web pages.
+ - Removed recently-added parsing of the child-src content security policy
+ directive, after some web compatibility issues with it came to light, as
+ well as it becoming clear that the CSP spec will see it removed in favor
+ of the previous directive for embedded content. This should fix some
+ intermittent issues people have reported on e.g. the main google.com page
+ and phpMyAdmin installations.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 01 Jul 2016 12:50:32 -0700
+
+palemoon (26.3.2-1mx150+1) mx; urgency=medium
+
+ * New upstream release:
+ - 26.3.2 (2016-06-27) - Windows only
+ This release only has pertinent changes for Windows. Other operating
+ systems do not need this update.
+ Changes/fixes:
+
+ -Fixed a rare issue where the browser would not initialize properly
+ (missing bookmarks and menu entries) if certain Windows registry values
+ were missing (Windows 8 only).
+ -Fixed an issue on Windows 10 where the classic menu bar would become
+ unreadable (white on white).
+ -Portable only: Switched to non-compressed binaries to prevent issues with
+ antivirus packages, to prevent issues with browser run-time operation, and
+ to simplify code signing.
+
+ - 26.3.1 (2016-06-25)
+ Changes/fixes:
+
+ -Fixed an issue with new tab button theming on dark toolbars.
+ -Reverted the useragent identification of Firefox compatibility mode to
+ 38.9 to avoid WOFF2 font issues for sites that don't use proper font
+ deployment as recommended by the W3C.
+ -Added a site-specific override for Google fonts to make sure it always
+ works even if not using Firefox compatibility mode. (workaround pending
+ for a proper solution on Google's side)
+ -Adjusted the "dark color" detection routine to switch text to white at
+ higher relative contrast levels. This will more closely match Windows 10's
+ "flip point" for different accent colors and is within the recommended
+ range determined by the WCAG.
+
+ - 26.3.0 (2016-06-21)
+ Changes/fixes:
+
+ -Added detection for dark system themes on Windows 10 and re-worked Windows
+ 10 specific theming to better integrate into the OS and provide more
+ clarity.
+ -HTML5 media controls have been reworked to a horizontal volume control on
+ all media, including HTML5 audio that was previously without an
+ element-control for volume.
+ -Default HTML5 media volume preference added as media.default_volume --
+ fractional, default 1.0 (=100%).
+ -String.prototype.match() and .replace() are now fully spec compliant.
+ -NSPR and NSS now correctly no longer enforce IA32 architecture
+ compatibility, getting the advantage of SSE2 like the rest of the code.
+ -Worked around crashes in the XSS filter when navigating back in history
+ due to document fragments.
+ -Instated a hard minimum of 10,000 places entries regardless of free disk
+ space and total memory to prevent undesired expiration of history. That is
+ around 16MB for an average entry size, which should be sane enough even on
+ low-memory machines.
+ -Fixed a typo in networking code introduced in 26.2.2 that would cause
+ issues on some sites due to adding extra forward slashes to the URL.
+
+ - Security fixes:
+
+ -Fixed a number of memory safety hazards and potentially exploitable
+ crashes.
+ -Fixed CVE-2016-2821 Use-after-free in the mozilla::dom::Element class
+ -Fixed netaddr deserialization for AF_UNSPEC and AF_LOCAL.
+ -Fixed a memory overrun error in the VP8 encoder. DiD
+ -Fixed non-threadsafe re-use of pixman images to prevent potential race
+ conditions. DiD
+ -Fixed CVE-2016-2825 Partial Same Origin Policy violation
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Mon, 27 Jun 2016 10:51:22 -0700
+
+palemoon (26.2.2-1mx150+1) mx; urgency=medium
+
+ * New upstream bugfix and security release:
+
+ - CSS classes prefixed with "--" no longer stop parsing of the selectors.
+ - Several crash fixes.
+ - Made GC suppression more aggressive to prevent issues when actually out
+ of memory.
+ - Fixed a memory safety hazard in jpeg decoding.
+ - Fixed a potentially exploitable crash when using bi-directional text.
+ - Updated NSS to 3.19.4.2-PM, fixing CVE-2016-1938 among other things.
+ * Add Suggested packages gstreamer1.0-libav, gstreamer1.0-plugins-good,
+ gstreamer1.0-plugins-bad, gstreamer1.0-plugins-ugly to provide the most
+ comprehensive HTML 5 media playback.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Tue, 10 May 2016 18:26:54 -0700
+
+palemoon (26.2.1-2) mx; urgency=medium
+
+ * Switch to gstreamer 1.0 build-deps.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Sat, 09 Apr 2016 10:58:13 -0700
+
+palemoon (26.2.1-1) mx; urgency=medium
+
+ * New upstream release.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 08 Apr 2016 20:50:19 -0700
+
+palemoon (26.1.1-1mx150+1) mx; urgency=medium
+
+ * Repackaged for MX 15.
+
+ -- Mike Purtell <mandbx at sbcglobal.net> Sat, 27 Feb 2016 19:41:04 -0800
+
+palemoon (26.1.0-1mx150+1) mx; urgency=medium
+
+ * New security, web compatibility, and bugfix release.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 17 Feb 2016 10:18:12 -0800
+
+palemoon (26.0.3-1mx150+1) mx; urgency=medium
+
+ * Repackaged for MX 15.
+
+ -- Mike Purtell <mandbx at sbcglobal.net> Sat, 06 Feb 2016 18:02:47 -0800
+
+palemoon (26.0.2-1mx150+1) mx; urgency=medium
+
+ * Repackaged for MX 15.
+
+ -- Mike Purtell <mandbx at sbcglobal.net> Thu, 04 Feb 2016 19:31:53 -0800
+
+palemoon (26.0.2-1mcr120+1) mepis; urgency=medium
+
+ * New security and bugfix release.
+ * Install extensions directly from /integration folder in source, remove
+ debian/distribution.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Thu, 04 Feb 2016 14:02:54 -0800
+
+palemoon (26.0.0-1mcr120+2) mepis; urgency=medium
+
+ * Install addons from debian/distribution, taken from Pale Moon tarball.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Mon, 01 Feb 2016 08:08:54 -0800
+
+palemoon (26.0.0-1mcr120+1) mepis; urgency=medium
+
+ * Add libpulse-dev to build-depends to prevent FTBFS.
+ * Add Suggests: gstreamer0.10-ffmpeg to debian/control file.
+ * Add Mozilla Public License 2.0 to debian/copyright.
+ * debian/mozconfig: use -O2 optimization and remove the jmalloc option,
+ and match what results from about:buildconfig from the official binary.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Tue, 26 Jan 2016 15:43:43 -0800
+
+palemoon (25.8.1-2mcr120+1) mepis; urgency=medium
+
+ * Drop mozconfig.patch; use debian/mozconfig instead.
+ * Refresh debian/copyright.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Sun, 06 Dec 2015 13:08:26 -0800
+
+palemoon (25.8.1-1mcr120+1) mepis; urgency=medium
+
+ * A small update to address two important issues:
+ - Fix for a crash that could occur at random since the update to 25.8.0.
+ - Fix for CSP (Content Security Policy) to be more lenient towards the
+ incorrect passing of full URLs with all sorts of parameters in the CSP
+ header, leading to misinterpretation of the header and incorrectly
+ blocking the loading of content.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Mon, 30 Nov 2015 10:20:18 -0800
+
+palemoon (25.8.0-1mcr120+1) mepis; urgency=medium
+
+ * New bugfix and maintenance release:
+ Fixes/changes:
+ - Updated LibVPX to 1.4.x to be able to play more kinds of VP9-encoded
+ videos.
+ - Updated the JPEG decoder library to 1.4.0.
+ - Fixed and cleaned up XPCOM timer thread code to avoid intermittent
+ issues with events not firing (especially after stand-by).
+ - Updated overrides to work around issues with Facebook and Netflix.
+ - Fixed an issue where too-old system-supplied NSPR and/or NSS libraries
+ would be accepted for use.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 18 Nov 2015 11:52:32 -0800
+
+palemoon (25.7.3-1mcr120+1) mepis; urgency=medium
+
+ * New bugfix and maintenance release:
+ - usability update needed due to the fact that Mozilla has shut down their key
+ exchange (J-PAKE) server along with the old Sync servers.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 14 Oct 2015 19:40:39 -0700
+
+palemoon (25.7.2-1mcr120+1) mepis; urgency=medium
+
+ * New bugfix and maintenance release:
+ - Fixed a critical hang caused by recursive reloads that might happen in
+ iframes if its hash changed.
+ - Fixed a critical hang caused by lazy-loading of stylesheets through a
+ specific web programming technique as advocated by Google's PageSpeed.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Mon, 05 Oct 2015 15:19:18 -0700
+
+palemoon (25.7.1-1mcr120+1) mepis; urgency=medium
+
+ * New bugfix and maintenance release:
+
+ Fixes/changes:
+
+ - Code cleanup: Removed the majority of remaining telemetry code (including
+ the data reporting back-end and health report) to prevent a few issues
+ with partially removed code in earlier versions.
+ - Fixed a crash due to handling of bogus URIs passed to CSS style filters
+ (e.g. whatsapp's web interface).
+ - Permitted spec-breaking syntax in Regex character classes, allowing
+ ranges that would be permitted per the grammar rules in the spec but not
+ necessarily following the syntax rules. This impacts a good number of
+ (also higher profile) sites that use invalid ranges in regular
+ expressions (e.g. Cisco's networking academy site, Yahoo Fantasy
+ Football).
+ - Fixed a crash due to the newly introduced WASAPI handling of audio
+ channel mapping that doesn't like actual surround hardware setups (e.g.
+ playing a video with quadraphonic audio on a 4-speaker setup).
+ - Fixed an issue where site-specific dictionary selections would be written
+ to content preferences without the user's action, potentially overwriting
+ or clearing a previously-chosen dictionary.
+ - Added support for drag and drop of local files from sources which use
+ text/uri-lists. (Some Linux flavors/file managers)
+ - Updated libnestegg to the most current version.
+ - Fixed an issue where setting the location to an empty string could cause
+ a reload loop.
+
+ Security fixes:
+
+ - Changed the jemalloc poison address to something that is not a NOP-slide.
+ DiD
+ - Fixed a memory safety hazard in ConvertDialogOptions (CVE-2015-4521)
+ - Fixed a buffer overflow/crash hazard in the
+ VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE
+ (CVE-2015-7179)
+ - Fixed an overflow/crash hazard in the XULContentSinkImpl::AddText function
+ (CVE-2015-7175)
+ - Fixed a stack buffer overread hazard in the ICC v4 profile parser
+ (CVE-2015-4504)
+ - Fixed an HTMLVideoElement Use-After-Free Remote Code Execution 0-day
+ vulnerability (ZDI-CAN-3176) (CVE-2015-4509)
+ - Fixed a potentially exploitable crash in nsXBLService::GetBinding
+ - Fixed a memory safety hazard in nsAttrAndChildArray::GrowBy
+ (CVE-2015-7174)
+ - Fixed a memory safety hazard for callers of nsUnicodeToUTF8::GetMaxLength
+ (CVE-2015-4522)
+ - Fixed a heap buffer overflow/crash hazard caused by invalid WebM headers
+ (CVE-2015-4511)
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 30 Sep 2015 12:11:14 -0700
+
+palemoon (25.7.0-1mcr120+1) mepis; urgency=medium
+
+ * New bugfix and maintenance release:
+ - Code cleanup: Removed the (otherwise unused) visual event tracer code.
+ - Code cleanup: Removed reflow performance tracing code (telemetry).
+ - Fixed a key JavaScript bug where defining properties on an object would
+ wipe the object.
+ - This seems to be a common issue with "modern" libraries that use "define"
+ instead of "change" and expecting the other properties on the object to be
+ retained, resulting in "x is undefined" errors all over the place if the
+ object is wiped.
+ - This aligns the behavior with ES6's "Validate and apply property
+ descriptor" pseudo-function.
+ - Updated the SQLite library to 3.8.11.1.
+ - Added support for the element.matches() Web API function.
+ - Added support for BASE tag parsing in source view. Previously, when
+ viewing the source of a document, clickable links would be incorrect if a
+ base path was specified in the document with this tag.
+ - Fixed an issue with running timers after the computer would have been put
+ to sleep with the browser opened.
+
+ Security fixes:
+
+ - Added protection against potential bugs where our SVG mPositions is out of
+ sync with the characters in the DOM. DiD
+ - Fixed use-after-free vulnerability in XMLHttpRequest::Open()
+ (CVE-2015-4492)
+ - Fixed use-after-free vulnerability in the StyleAnimationValue class
+ (CVE-2015-4488)
+ - Fixed crash or memory corruption in nsTArray (CVE-2015-4489)
+ - Fixed crash or memory corruption in nsTSubstring::ReplacePrep
+ (CVE-2015-4487)
+ - Fixed potential escalation of privileges or crash (out-of-bounds write)
+ via a crafted name in MARs (x64 only) -(CVE-2015-4482)
+ - Fixed an issue that would allow man-in-the-middle attackers to bypass a
+ mixed-content protection mechanism via a feed: URL in a POST request.
+ (CVE-2015-4483)
+ * Added blurb to postinst script.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Wed, 26 Aug 2015 14:50:58 -0700
+
+palemoon (25.6.0-1mcr120+1) mepis; urgency=medium
+
+ * New upstream release.
+ * Add debian README.7z-source to explain how to use the .7z source archive.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 31 Jul 2015 16:40:45 -0700
+
+palemoon (25.5.0-1mx150+1) mx; urgency=medium
+
+ * Rebuild for MX 15.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 26 Jun 2015 14:43:57 -0700
+
+palemoon (25.5.0-1mcr120+1) mepis; urgency=medium
+
+ * New upstream release.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Thu, 11 Jun 2015 14:53:31 -0700
+
+palemoon (25.4.1-1mcr120+1) mepis; urgency=low
+
+ * Bugfix release, rebuild for MEPIS 12.0.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Fri, 01 May 2015 12:47:55 -0700
+
+palemoon (25.3.1-0mcr120+1) mepis; urgency=low
+
+ * Rebuild for MEPIS 12.0.
+ * debian/rules: compress deb packages with xz.
+
+ -- Steven Pusser (Stevo) <maintainer at mepiscommunity.org> Thu, 26 Mar 2015 11:23:26 -0700
+
+palemoon (25.3.1-0~precise1) precise; urgency=low
+
+ * New upstream release
+
+ -- Marián Kadaňka <marian.kadanka at openmailbox.org> Wed, 25 Mar 2015 20:46:17 +0100
+
+palemoon (25.3.0-0~trusty1) trusty; urgency=low
+
+ * New upstream release
+
+ -- Marián Kadaňka <marian.kadanka at openmailbox.org> Sat, 14 Mar 2015 12:12:57 +0100
+
+palemoon (25.2.1-0~trusty1) trusty; urgency=low
+
+ * New upstream release
+
+ -- Marián Kadaňka <marian.kadanka at openmailbox.org> Sun, 01 Feb 2015 16:18:52 +0100
+
+palemoon (24.5.0-0~precise1) precise; urgency=low
+
+ * Initial packaging
+
+ -- Marián Kadaňka <marian.kadanka at openmailbox.org> Mon, 12 May 2014 20:42:01 +0200
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..a99eddf
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,46 @@
+Source: palemoon
+Section: web
+Priority: optional
+Maintainer: Steven Pusser <stevep at mxlinux.org>
+Bugs: mailto: <maintainer at mepiscommunity.org>
+XSBC-Original-Maintainer: Marian Kadanka <marian.kadanka at openmailbox.org>
+Build-Depends: debhelper (>= 9),
+# Add for the conditional in rules to force use of gcc-4.9 on newer distreleases
+# that default to gcc-5 or 6
+ lsb-release,
+ gcc-4.9 | gcc-4.8 | gcc-4.7,
+ g++-4.9 | g++-4.8 | g++-4.7,
+ cpp-4.9 | cpp-4.8 | cpp-4.7,
+# standard build-deps
+ autoconf2.13,
+ python (>= 2.7),
+ unzip,
+ zip,
+ pkg-config,
+ libgtk2.0-dev (>= 2.14),
+ libdbus-1-dev (>=0.60),
+ libdbus-glib-1-dev (>= 0.60),
+ yasm (>= 1.1),
+ libasound2-dev,
+ libpulse-dev,
+ libxt-dev,
+ mesa-common-dev
+Standards-Version: 3.9.6
+Homepage: http://www.palemoon.org/
+
+Package: palemoon
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends},
+ ffmpeg | libav-tools
+Provides: x-www-browser
+Conflicts: palemoon-nonsse2
+Replaces: palemoon-nonsse2
+Description: Firefox-based, efficient and easy to use web browser
+ Pale Moon offers selected features and optimizations to maximize
+ the browser's speed, stability and user experience, while maintaining
+ compatibility with the thousands of Firefox extensions you have come
+ to love and rely on.
+ .
+ Pale Moon requires a processor that supports the SSE2 instruction set.
+ Run "/proc/cpuinfo" in a terminal, and look for sse2 in the flags to ensure
+ that your processor supports it.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..ab36daa
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,571 @@
+Even though Pale Moon is open source and the source is supplied under
+the Mozilla Public License, redistribution of the Pale Moon binaries is
+limited by certain conditions under a proprietary license by Moonchild
+Productions, as permitted under 3.2b of the MPL v2.0. This has been
+required because of, among other things, the increasing number of
+rogue/altered copies and people taking advantage of the free
+availability of the browser to monetize upon, which is against Pale
+Moon's principles of free software.
+
+****** Pale Moon Freeware License ******
+Note: if not otherwise explicitly specified, the Copyright holder and Author of
+software subject to this license is M.C. Straver BASc, AKA "Moonchild". Also
+note that this license does not apply to the Pale Moon browser, but to other
+specific (helper) applications released by Moonchild Productions. For licensing
+of the browser, please see the MPL (for the source) and redistribution_license
+(for binary (re)distribution).
+
+===============================================================================
+Last updated: 16 November 2015
+The software provided under this license is provided as Freely Available
+Copyrighted Software ("Freeware"), which means:
+ 1. The author of this software retains full rights to all parts of the
+ software provided. No rights are given to copy, modify or create
+ derivative works of this software.
+ 2. The software may only be distributed by third parties if such
+ distribution is completely FREE OF CHARGE. No redistribution fee or cost
+ reimbursement may be charged, and the software must be supplied UNALTERED
+ and with all Copyright statements intact, accompanied by a copy of this
+ license.
+ 3. The software may not be included in whole or in part in other software,
+ either free or commercially, without the author's prior express written
+ permission.
+ 4. If the source code to the software is officially made available
+ (disclosed), it may be used for educational purposes, but (parts of) the
+ software's source code may not be copied verbatim to other software
+ without the author's prior express written permission. See (1).
+ 5. The term "Freeware" in this license should be interpreted as "gratis"
+ (with no attached cost or fee), and should not be interpreted as "libre"
+ (with no restrictions on use/modification).
+Software distributed under the License is distributed on an "AS IS" basis,
+WITHOUT WARRANTY OF ANY KIND, either express or implied.
+===============================================================================
+
+This license may be updated without notice, so please make sure to check back
+on occasion if you use or distribute this software. That being said, there is
+no intention of making changes to the core of this license and the main premise
+of free availability behind it.
+
+If you have any questions about this freeware license, think anything is in
+error or wish to discuss individual terms for your specific scenario or
+specific property/distribution rights issues, then please contact_me.
+
+
+Even though Pale Moon is open source and the source is supplied under
+the Mozilla Public License, redistribution of the Pale Moon binaries is
+limited by certain conditions under a proprietary license by Moonchild
+Productions, as permitted under 3.2b of the MPL v2.0. This has been
+required because of, among other things, the increasing number of
+rogue/altered copies and people taking advantage of the free
+availability of the browser to monetize upon, which is against Pale
+Moon's principles of free software.
+
+
+===============================================================================
+**** Redistribution license ****
+Last updated: 14 September 2015
+
+If you wish to redistribute the binaries (executable form of the code) of Pale
+Moon, you are free to do so, with the following limitations:
+ 1. There is NO CHARGE for the download or distribution of the browser
+ package.
+ It is therefore not permitted if, without limitation:
+ a. You charge for the download of the binary packages (e.g. paid
+ hosting service, pay-per-download, subscription, etc.) or access to
+ them (password protected sites/archives/etc.)
+ b. You charge for redistribution rights of the browser binaries,
+ yourself (you have no rights to it)
+ c. You charge for a physical medium like a CD or DVD. Example: If you
+ provide a "cover disk" with a printed magazine, that is considered
+ a "no charge" item (free bonus item with the magazine) and is
+ therefore allowed. If you provide a disk-based magazine (digital)
+ that includes Pale Moon, the medium itself is paid for and
+ considered a "charge" item, and is therefore not allowed.
+ 2. You don't require the obligatory submission of personal data (name, e-
+ mail, telephone number, address, age, gender, ID, or similar) to download
+ the binaries. If you require registration of users before they can
+ download Pale Moon, you are not allowed to distribute it. Users must, at
+ all times, have the clear and equal option to download Pale Moon without
+ surrendering any personal information to you.
+ 3. The binaries and/or archives are completely UNALTERED. This includes
+ addition or removal of any component of the browser. Redistribution is
+ therefore not permitted if, without limitation:
+ a. You have re-packed the browser in a different archive format
+ (either common or proprietary)
+ (an exception to this is re-packaging required for specific target
+ operating systems, e.g. rpm, deb, pet)
+ b. You have added language packs/add-ons/plugins/etc.
+ c. You have added third-party tools/toolbars/utilities/etc.
+ d. You have changed supplied default preferences of the browser
+ e. You include a pre-set profile
+ f. You have removed any component from the browser package
+ g. You have edited or removed text or script files (including license
+ files, readmes, JavaScript modules, etc.)
+ h. The binaries have been in any way infected with or include a virus,
+ trojan, or other malware
+ i. The binaries and program structure have been in any way obscured
+ (e.g. by using application virtualization) making it difficult or
+ impossible to check for the previously listed alterations
+ 4. The binaries can be obtained without the use of third-party software not
+ officially endorsed, including but not limited to: download managers,
+ stub installers, wrappers, proprietary clients or proprietary protocols.
+ This includes any offering of such unendorsed downloading software or
+ methods, regardless of offering "direct" downloads or allowed methods
+ alongside the unendorsed ones.
+ 5. The binaries are not supplied as an integral part of a commercial/non-
+ commercial software package/larger works ("package"). If you wish to do
+ this, you must contact me beforehand to obtain permission and discuss
+ terms. Inclusion in a package will be subject to an individual agreement
+ (either extemporaneous or legalized) which may or may not involve
+ compensation.
+ 6. The binaries are not supplied as an integral part of a commercial/non-
+ commercial website/web service/on-line venue/etc. ("service"). If you
+ wish to do this, you must contact me beforehand to obtain permission and
+ discuss terms. Inclusion in a service will be subject to an individual
+ agreement (either extemporaneous or legalized) which may or may not
+ involve compensation.
+ 7. An exception applies to points 5 and 6 of this license for educational
+ purposes if bundled with other open source software or supplied as part
+ of a curriculum or in-college resource for students.
+ 8. An exception applies to point 5 of this license for inclusion of the
+ officially branded binaries in freely available and fully Open Source
+ operating systems, including but not limited to non-commercial variants
+ of Linux, variants of BSD and ReactOS. This exception only applies to
+ unaltered versions of the Pale Moon binaries or officially branded
+ variants specifically built for the target operating system from source
+ that have not been materially changed (including brand-specific
+ configurations like e.g. home page, default search engine). If any of the
+ essential settings of the browser are altered beyond what is strictly
+ needed for providing a working build on the target operating system, the
+ exception in this point does not apply and the license defaults to point
+ 10, instead.
+ 1. Clarification of "officially branded variants specifically built
+ for the target operating system": If an officially-built binary
+ (i.e. built by our team) is available for the target operating
+ system (e.g. existing Linux binaries), then those binaries will
+ always, in principle, take precedence over a third-party build to
+ ensure necessary QA and compatibility. Building and distributing a
+ binary with official branding is in that situation only in
+ principle allowed if an actual variant build is required for the
+ target distribution's compatibility (e.g. kernel or library
+ requirements) or operation, and otherwise not impacting the
+ material content of the browser package as a whole. QA of and
+ support for the resulting variant binaries will in that case fall
+ on the maintainer who will have to take full responsibility for the
+ variant binary.
+ 9. This redistribution agreement and any Individual Agreements for the
+ redistribution of executable code are provided by Moonchild Productions
+ ("Moonchild", "M.C. Straver") explicitly for the Pale Moon executable
+ code, and not by the Initial Developer or any Contributor. The Initial
+ Developer and every Contributor is hereby indemnified for any liability
+ incurred by the Initial Developer or such Contributor as a result of
+ these terms.
+ 10. The only exception to this redistribution policy not otherwise covered in
+ points 7 or 8 is if the repackaged or private build with official
+ branding has been pre-approved by Moonchild for redistribution and is
+ listed on this website as a contributed build. Contributed builds are
+ subject to a screening process, may be accepted or rejected, may be re-
+ screened at a later time, and may be at any time removed, in Moonchild's
+ sole discretion, either with or without stated reason.
+ 11. If a distribution is authorized as per point 10, the contributed build
+ may be redistributed in unaltered form by third parties as set out in the
+ points above and under the same conditions.
+ 12. If you wish to distribute binaries for other platforms, building from
+ Pale Moon source code, you may not use official branding unless these
+ builds have also been approved as a contributed build as per point 10 of
+ this license or if they are exempt under points 7 or 8 of this license.
+ Even so, you obtain no rights to the Pale Moon name or logo, merely the
+ permission to use it for the 3rd party build, and only for as long as it
+ is officially endorsed or satisfies the conditions for exemption. In all
+ other cases you must use significantly different branding files/graphics
+ and a significantly different name for the browser.
+ 13. Unofficial branding ("New Moon") as supplied in the source code may be
+ used for unendorsed binaries at all times. Thusly branded binaries with
+ the New Moon logo and product name are not subject to the endorsement and
+ exception rules as set out in previous points of this license and may be
+ freely distributed in altered or unaltered form, subject to the Mozilla
+ Public License as regards source code changes and availability. This
+ permission does, however, not include any rights or license to the Pale
+ Moon name and logo that may still be present in the resulting
+ unofficially branded binaries.
+===============================================================================
+
+
+
+
+Mozilla Public License Version 2.0
+==================================
+
+1. Definitions
+--------------
+
+1.1. "Contributor"
+ means each individual or legal entity that creates, contributes to
+ the creation of, or owns Covered Software.
+
+1.2. "Contributor Version"
+ means the combination of the Contributions of others (if any) used
+ by a Contributor and that particular Contributor's Contribution.
+
+1.3. "Contribution"
+ means Covered Software of a particular Contributor.
+
+1.4. "Covered Software"
+ means Source Code Form to which the initial Contributor has attached
+ the notice in Exhibit A, the Executable Form of such Source Code
+ Form, and Modifications of such Source Code Form, in each case
+ including portions thereof.
+
+1.5. "Incompatible With Secondary Licenses"
+ means
+
+ (a) that the initial Contributor has attached the notice described
+ in Exhibit B to the Covered Software; or
+
+ (b) that the Covered Software was made available under the terms of
+ version 1.1 or earlier of the License, but not also under the
+ terms of a Secondary License.
+
+1.6. "Executable Form"
+ means any form of the work other than Source Code Form.
+
+1.7. "Larger Work"
+ means a work that combines Covered Software with other material, in
+ a separate file or files, that is not Covered Software.
+
+1.8. "License"
+ means this document.
+
+1.9. "Licensable"
+ means having the right to grant, to the maximum extent possible,
+ whether at the time of the initial grant or subsequently, any and
+ all of the rights conveyed by this License.
+
+1.10. "Modifications"
+ means any of the following:
+
+ (a) any file in Source Code Form that results from an addition to,
+ deletion from, or modification of the contents of Covered
+ Software; or
+
+ (b) any new file in Source Code Form that contains any Covered
+ Software.
+
+1.11. "Patent Claims" of a Contributor
+ means any patent claim(s), including without limitation, method,
+ process, and apparatus claims, in any patent Licensable by such
+ Contributor that would be infringed, but for the grant of the
+ License, by the making, using, selling, offering for sale, having
+ made, import, or transfer of either its Contributions or its
+ Contributor Version.
+
+1.12. "Secondary License"
+ means either the GNU General Public License, Version 2.0, the GNU
+ Lesser General Public License, Version 2.1, the GNU Affero General
+ Public License, Version 3.0, or any later versions of those
+ licenses.
+
+1.13. "Source Code Form"
+ means the form of the work preferred for making modifications.
+
+1.14. "You" (or "Your")
+ means an individual or a legal entity exercising rights under this
+ License. For legal entities, "You" includes any entity that
+ controls, is controlled by, or is under common control with You. For
+ purposes of this definition, "control" means (a) the power, direct
+ or indirect, to cause the direction or management of such entity,
+ whether by contract or otherwise, or (b) ownership of more than
+ fifty percent (50%) of the outstanding shares or beneficial
+ ownership of such entity.
+
+2. License Grants and Conditions
+--------------------------------
+
+2.1. Grants
+
+Each Contributor hereby grants You a world-wide, royalty-free,
+non-exclusive license:
+
+(a) under intellectual property rights (other than patent or trademark)
+ Licensable by such Contributor to use, reproduce, make available,
+ modify, display, perform, distribute, and otherwise exploit its
+ Contributions, either on an unmodified basis, with Modifications, or
+ as part of a Larger Work; and
+
+(b) under Patent Claims of such Contributor to make, use, sell, offer
+ for sale, have made, import, and otherwise transfer either its
+ Contributions or its Contributor Version.
+
+2.2. Effective Date
+
+The licenses granted in Section 2.1 with respect to any Contribution
+become effective for each Contribution on the date the Contributor first
+distributes such Contribution.
+
+2.3. Limitations on Grant Scope
+
+The licenses granted in this Section 2 are the only rights granted under
+this License. No additional rights or licenses will be implied from the
+distribution or licensing of Covered Software under this License.
+Notwithstanding Section 2.1(b) above, no patent license is granted by a
+Contributor:
+
+(a) for any code that a Contributor has removed from Covered Software;
+ or
+
+(b) for infringements caused by: (i) Your and any other third party's
+ modifications of Covered Software, or (ii) the combination of its
+ Contributions with other software (except as part of its Contributor
+ Version); or
+
+(c) under Patent Claims infringed by Covered Software in the absence of
+ its Contributions.
+
+This License does not grant any rights in the trademarks, service marks,
+or logos of any Contributor (except as may be necessary to comply with
+the notice requirements in Section 3.4).
+
+2.4. Subsequent Licenses
+
+No Contributor makes additional grants as a result of Your choice to
+distribute the Covered Software under a subsequent version of this
+License (see Section 10.2) or under the terms of a Secondary License (if
+permitted under the terms of Section 3.3).
+
+2.5. Representation
+
+Each Contributor represents that the Contributor believes its
+Contributions are its original creation(s) or it has sufficient rights
+to grant the rights to its Contributions conveyed by this License.
+
+2.6. Fair Use
+
+This License is not intended to limit any rights You have under
+applicable copyright doctrines of fair use, fair dealing, or other
+equivalents.
+
+2.7. Conditions
+
+Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted
+in Section 2.1.
+
+3. Responsibilities
+-------------------
+
+3.1. Distribution of Source Form
+
+All distribution of Covered Software in Source Code Form, including any
+Modifications that You create or to which You contribute, must be under
+the terms of this License. You must inform recipients that the Source
+Code Form of the Covered Software is governed by the terms of this
+License, and how they can obtain a copy of this License. You may not
+attempt to alter or restrict the recipients' rights in the Source Code
+Form.
+
+3.2. Distribution of Executable Form
+
+If You distribute Covered Software in Executable Form then:
+
+(a) such Covered Software must also be made available in Source Code
+ Form, as described in Section 3.1, and You must inform recipients of
+ the Executable Form how they can obtain a copy of such Source Code
+ Form by reasonable means in a timely manner, at a charge no more
+ than the cost of distribution to the recipient; and
+
+(b) You may distribute such Executable Form under the terms of this
+ License, or sublicense it under different terms, provided that the
+ license for the Executable Form does not attempt to limit or alter
+ the recipients' rights in the Source Code Form under this License.
+
+3.3. Distribution of a Larger Work
+
+You may create and distribute a Larger Work under terms of Your choice,
+provided that You also comply with the requirements of this License for
+the Covered Software. If the Larger Work is a combination of Covered
+Software with a work governed by one or more Secondary Licenses, and the
+Covered Software is not Incompatible With Secondary Licenses, this
+License permits You to additionally distribute such Covered Software
+under the terms of such Secondary License(s), so that the recipient of
+the Larger Work may, at their option, further distribute the Covered
+Software under the terms of either this License or such Secondary
+License(s).
+
+3.4. Notices
+
+You may not remove or alter the substance of any license notices
+(including copyright notices, patent notices, disclaimers of warranty,
+or limitations of liability) contained within the Source Code Form of
+the Covered Software, except that You may alter any license notices to
+the extent required to remedy known factual inaccuracies.
+
+3.5. Application of Additional Terms
+
+You may choose to offer, and to charge a fee for, warranty, support,
+indemnity or liability obligations to one or more recipients of Covered
+Software. However, You may do so only on Your own behalf, and not on
+behalf of any Contributor. You must make it absolutely clear that any
+such warranty, support, indemnity, or liability obligation is offered by
+You alone, and You hereby agree to indemnify every Contributor for any
+liability incurred by such Contributor as a result of warranty, support,
+indemnity or liability terms You offer. You may include additional
+disclaimers of warranty and limitations of liability specific to any
+jurisdiction.
+
+4. Inability to Comply Due to Statute or Regulation
+---------------------------------------------------
+
+If it is impossible for You to comply with any of the terms of this
+License with respect to some or all of the Covered Software due to
+statute, judicial order, or regulation then You must: (a) comply with
+the terms of this License to the maximum extent possible; and (b)
+describe the limitations and the code they affect. Such description must
+be placed in a text file included with all distributions of the Covered
+Software under this License. Except to the extent prohibited by statute
+or regulation, such description must be sufficiently detailed for a
+recipient of ordinary skill to be able to understand it.
+
+5. Termination
+--------------
+
+5.1. The rights granted under this License will terminate automatically
+if You fail to comply with any of its terms. However, if You become
+compliant, then the rights granted under this License from a particular
+Contributor are reinstated (a) provisionally, unless and until such
+Contributor explicitly and finally terminates Your grants, and (b) on an
+ongoing basis, if such Contributor fails to notify You of the
+non-compliance by some reasonable means prior to 60 days after You have
+come back into compliance. Moreover, Your grants from a particular
+Contributor are reinstated on an ongoing basis if such Contributor
+notifies You of the non-compliance by some reasonable means, this is the
+first time You have received notice of non-compliance with this License
+from such Contributor, and You become compliant prior to 30 days after
+Your receipt of the notice.
+
+5.2. If You initiate litigation against any entity by asserting a patent
+infringement claim (excluding declaratory judgment actions,
+counter-claims, and cross-claims) alleging that a Contributor Version
+directly or indirectly infringes any patent, then the rights granted to
+You by any and all Contributors for the Covered Software under Section
+2.1 of this License shall terminate.
+
+5.3. In the event of termination under Sections 5.1 or 5.2 above, all
+end user license agreements (excluding distributors and resellers) which
+have been validly granted by You or Your distributors under this License
+prior to termination shall survive termination.
+
+************************************************************************
+* *
+* 6. Disclaimer of Warranty *
+* ------------------------- *
+* *
+* Covered Software is provided under this License on an "as is" *
+* basis, without warranty of any kind, either expressed, implied, or *
+* statutory, including, without limitation, warranties that the *
+* Covered Software is free of defects, merchantable, fit for a *
+* particular purpose or non-infringing. The entire risk as to the *
+* quality and performance of the Covered Software is with You. *
+* Should any Covered Software prove defective in any respect, You *
+* (not any Contributor) assume the cost of any necessary servicing, *
+* repair, or correction. This disclaimer of warranty constitutes an *
+* essential part of this License. No use of any Covered Software is *
+* authorized under this License except under this disclaimer. *
+* *
+************************************************************************
+
+************************************************************************
+* *
+* 7. Limitation of Liability *
+* -------------------------- *
+* *
+* Under no circumstances and under no legal theory, whether tort *
+* (including negligence), contract, or otherwise, shall any *
+* Contributor, or anyone who distributes Covered Software as *
+* permitted above, be liable to You for any direct, indirect, *
+* special, incidental, or consequential damages of any character *
+* including, without limitation, damages for lost profits, loss of *
+* goodwill, work stoppage, computer failure or malfunction, or any *
+* and all other commercial damages or losses, even if such party *
+* shall have been informed of the possibility of such damages. This *
+* limitation of liability shall not apply to liability for death or *
+* personal injury resulting from such party's negligence to the *
+* extent applicable law prohibits such limitation. Some *
+* jurisdictions do not allow the exclusion or limitation of *
+* incidental or consequential damages, so this exclusion and *
+* limitation may not apply to You. *
+* *
+************************************************************************
+
+8. Litigation
+-------------
+
+Any litigation relating to this License may be brought only in the
+courts of a jurisdiction where the defendant maintains its principal
+place of business and such litigation shall be governed by laws of that
+jurisdiction, without reference to its conflict-of-law provisions.
+Nothing in this Section shall prevent a party's ability to bring
+cross-claims or counter-claims.
+
+9. Miscellaneous
+----------------
+
+This License represents the complete agreement concerning the subject
+matter hereof. If any provision of this License is held to be
+unenforceable, such provision shall be reformed only to the extent
+necessary to make it enforceable. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+shall not be used to construe this License against a Contributor.
+
+10. Versions of the License
+---------------------------
+
+10.1. New Versions
+
+Mozilla Foundation is the license steward. Except as provided in Section
+10.3, no one other than the license steward has the right to modify or
+publish new versions of this License. Each version will be given a
+distinguishing version number.
+
+10.2. Effect of New Versions
+
+You may distribute the Covered Software under the terms of the version
+of the License under which You originally received the Covered Software,
+or under the terms of any subsequent version published by the license
+steward.
+
+10.3. Modified Versions
+
+If you create software not governed by this License, and you want to
+create a new license for such software, you may create and use a
+modified version of this License if you rename the license and remove
+any references to the name of the license steward (except to note that
+such modified license differs from this License).
+
+10.4. Distributing Source Code Form that is Incompatible With Secondary
+Licenses
+
+If You choose to distribute Source Code Form that is Incompatible With
+Secondary Licenses under the terms of this version of the License, the
+notice described in Exhibit B of this License must be attached.
+
+Exhibit A - Source Code Form License Notice
+-------------------------------------------
+
+ This Source Code Form is subject to the terms of the Mozilla Public
+ License, v. 2.0. If a copy of the MPL was not distributed with this
+ file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+If it is not possible or desirable to put the notice in a particular
+file, then You may include the notice in a location (such as a LICENSE
+file in a relevant directory) where a recipient would be likely to look
+for such a notice.
+
+You may add additional accurate notices of copyright ownership.
+
+Exhibit B - "Incompatible With Secondary Licenses" Notice
+---------------------------------------------------------
+
+ This Source Code Form is "Incompatible With Secondary Licenses", as
+ defined by the Mozilla Public License, v. 2.0.
+
+
+
diff --git a/debian/install b/debian/install
new file mode 100644
index 0000000..de06d5e
--- /dev/null
+++ b/debian/install
@@ -0,0 +1 @@
+browser/branding/official/palemoon.desktop usr/share/applications
diff --git a/debian/mozconfig b/debian/mozconfig
new file mode 100644
index 0000000..edb14ad
--- /dev/null
+++ b/debian/mozconfig
@@ -0,0 +1,19 @@
+export MOZILLA_OFFICIAL=1
+mk_add_options MOZ_CO_PROJECT=browser
+ac_add_options --enable-official-branding
+ac_add_options --enable-application=browser
+ac_add_options --enable-release
+ac_add_options --disable-installer
+ac_add_options --disable-updater
+ac_add_options --enable-optimize="-O2 -msse2 -mfpmath=sse"
+ac_add_options --disable-debug
+ac_add_options --with-pthreads
+ac_add_options --enable-shared-js
+ac_add_options --enable-jemalloc
+ac_add_options --enable-strip
+ac_add_options --x-libraries=/usr/lib
+ac_add_options --prefix=/usr
+ac_add_options --enable-devtools
+ac_add_options --disable-necko-wifi
+ac_add_options --disable-installer
+ac_add_options --disable-updater
diff --git a/debian/palemoon.links b/debian/palemoon.links
new file mode 100644
index 0000000..fedb535
--- /dev/null
+++ b/debian/palemoon.links
@@ -0,0 +1,6 @@
+/usr/lib/palemoon/browser/chrome/icons/default/default16.png /usr/share/icons/hicolor/16x16/apps/palemoon.png
+/usr/lib/palemoon/browser/chrome/icons/default/default32.png /usr/share/icons/hicolor/32x32/apps/palemoon.png
+/usr/lib/palemoon/browser/chrome/icons/default/default48.png /usr/share/icons/hicolor/48x48/apps/palemoon.png
+/usr/lib/palemoon/browser/icons/mozicon128.png /usr/share/icons/hicolor/128x128/apps/palemoon.png
+/usr/lib/palemoon/browser/icons/mozicon128.png /usr/share/pixmaps/palemoon.png
+/usr/lib/palemoon/palemoon usr/bin/palemoon
\ No newline at end of file
diff --git a/debian/palemoon.lintian-overrides b/debian/palemoon.lintian-overrides
new file mode 100644
index 0000000..5954bcd
--- /dev/null
+++ b/debian/palemoon.lintian-overrides
@@ -0,0 +1,3 @@
+palemoon binary: embedded-library usr/lib/palemoon/libxul.so: libjpeg
+palemoon binary: embedded-library usr/lib/palemoon/libmozsqlite3.so: sqlite
+palemoon binary: image-file-in-usr-lib
diff --git a/debian/palemoon.postinst b/debian/palemoon.postinst
new file mode 100755
index 0000000..dde1357
--- /dev/null
+++ b/debian/palemoon.postinst
@@ -0,0 +1,11 @@
+#!/bin/sh -e
+
+if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ] || [ "$1" = "abort-remove" ] ; then
+ update-alternatives --install /usr/bin/gnome-www-browser \
+ gnome-www-browser /usr/bin/palemoon 40
+
+ update-alternatives --install /usr/bin/x-www-browser \
+ x-www-browser /usr/bin/palemoon 40
+fi
+
+#DEBHELPER#
diff --git a/debian/palemoon.prerm b/debian/palemoon.prerm
new file mode 100755
index 0000000..b03dbd6
--- /dev/null
+++ b/debian/palemoon.prerm
@@ -0,0 +1,8 @@
+#!/bin/sh -e
+
+if [ "$1" = "remove" ] || [ "$1" = "deconfigure" ] ; then
+ update-alternatives --remove x-www-browser /usr/bin/palemoon
+ update-alternatives --remove gnome-www-browser /usr/bin/palemoon
+fi
+
+#DEBHELPER#
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..645c67e
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,46 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+export SHELL=/bin/bash
+
+# Build with gcc-4.9 on Stretch, Buster,Xenial, Yakkety, Zesty, and Horizon.
+distrelease := $(shell lsb_release -cs)
+ifeq ($(distrelease),$(filter $(distrelease),stretch buster xenial yakkety \
+zesty artful bionic Horizon))
+export CC=gcc-4.9
+export CXX=g++-4.9
+export CPP=cpp-4.9
+export LD=gcc-4.9
+endif
+
+%:
+ dh $@ --parallel
+
+override_dh_auto_clean:
+ rm -f mozconfig
+ dh_auto_clean
+
+
+override_dh_auto_configure:
+ cp debian/mozconfig mozconfig
+
+override_dh_auto_build:
+ make -f client.mk build
+
+override_dh_auto_install:
+ make -f client.mk DESTDIR=$$(pwd)/debian/palemoon prefix=/usr \
+ installdir=/usr/lib/palemoon \
+ sdkdir=/usr/lib/palemoon-devel install
+ rm -rf $$(pwd)/debian/palemoon/usr/share/idl
+ rm -rf $$(pwd)/debian/palemoon/usr/lib/palemoon-devel
+ rm -rf $$(pwd)/debian/palemoon/usr/include
+# remove vestigial duplicate file
+ rm -rf $$(pwd)/debian/palemoon/usr/lib/palemoon/palemoon-bin
+
+override_dh_shlibdeps:
+ dh_shlibdeps -l /usr/lib/palemoon
+
+# For releases that don't use xz compression by default, such as Wheezy.
+# It's OK to leave this in for those that do.
+override_dh_builddeb:
+ dh_builddeb -- -Z xz
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/include-binaries b/debian/source/include-binaries
new file mode 100644
index 0000000..dd76db8
--- /dev/null
+++ b/debian/source/include-binaries
@@ -0,0 +1,10 @@
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/urlbar-over-link-arrow-rtl.png
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/pms24.png
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/pulse.png
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/throbberStatic.png
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/pms16.png
+debian/distribution/bundles/statusbar at palemoon.org/chrome/skin/all/urlbar-over-link-arrow.png
+debian/distribution/bundles/statusbar at palemoon.org/components/status4evar.xpt
+debian/distribution/bundles/{3ff46564-d77c-491c-bfc5-fc555c87dbc4}/chrome/content/images/stop.png
+debian/distribution/bundles/{3ff46564-d77c-491c-bfc5-fc555c87dbc4}/chrome/content/images/statusbar.png
+debian/distribution/bundles/{3ff46564-d77c-491c-bfc5-fc555c87dbc4}/chrome/content/images/icon.png
--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/pale-moon.git
More information about the x2go-commits
mailing list