firefox-esr (128.5.0esr-1~deb12u1) bookworm-security; urgency=medium * New upstream release. * Fixes for mfsa2024-64, also known as: CVE-2024-11691, CVE-2024-11692, CVE-2024-11694, CVE-2024-11695, CVE-2024-11696, CVE-2024-11697, CVE-2024-11699. -- Mike Hommey Wed, 27 Nov 2024 09:12:42 +0900 firefox-esr (128.4.0esr-1~deb12u1) bookworm-security; urgency=medium * New upstream release. * Fixes for mfsa2024-56, also known as: CVE-2024-10458, CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466, CVE-2024-10467. -- Mike Hommey Wed, 30 Oct 2024 06:15:11 +0900 firefox-esr (128.3.1esr-1~deb12u1) bookworm-security; urgency=medium * New upstream release. * Fixes for mfsa2024-51, also known as CVE-2024-9680. * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp, js/src/jit/mips-shared/MacroAssembler-mips-shared.h, js/src/jit/mips64/MacroAssembler-mips64.cpp, js/src/jit/mips64/MacroAssembler-mips64.h, js/src/wasm/WasmGenerator.cpp, js/src/wasm/WasmSummarizeInsn.cpp: Fix FTBFS on mipsel64. bz#1855960. -- Mike Hommey Thu, 10 Oct 2024 06:42:03 +0900 firefox-esr (128.3.0esr-1~deb12u1) bookworm-security; urgency=medium * New upstream release. * Fixes for mfsa2024-47, also known as: CVE-2024-9392, CVE-2024-9393, CVE-2024-9394, CVE-2024-8900, CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400, CVE-2024-9401, CVE-2024-9402. * debian/control.in: Use rustc-web and cbindgen-web on bookworm and bullseye. * debian/control.in, debian/rules: Use gcc-11 on bookworm, working around #1056561. * debian/browser.mozconfig.in, debian/browser.preinst.in, debian/control.in, debian/l10n/browser-l10n.control, debian/l10n/browser-l10n.control.in, debian/l10n/gen, debian/rules, debian/upstream.mk: Remove support for buster. -- Mike Hommey Wed, 02 Oct 2024 07:53:32 +0900 firefox-esr (128.2.0esr-1) UNRELEASED; urgency=medium * New upstream release. * Fixes for mfsa2024-40, also known as: CVE-2024-8385, CVE-2024-8381, CVE-2024-8382, CVE-2024-8383, CVE-2024-8384, CVE-2024-8386, CVE-2024-8387. -- Mike Hommey Wed, 04 Sep 2024 06:29:13 +0900 firefox-esr (128.1.0esr-1) UNRELEASED; urgency=medium * Fixes for mfsa2024-35, also known as: CVE-2024-7518, CVE-2024-7519, CVE-2024-7520, CVE-2024-7521, CVE-2024-7522, CVE-2024-7524, CVE-2024-7525, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7531. -- Mike Hommey Wed, 07 Aug 2024 07:35:48 +0900 firefox (128.0.3-1) unstable; urgency=medium * New upstream release. * gfx/cairo/libpixman/src/pixman-arm-simd-asm.S: Adjust arm assembly for binutils change. -- Mike Hommey Sat, 27 Jul 2024 04:55:38 +0900 firefox (128.0.2-1) unstable; urgency=medium * New upstream release. * debian/extra-stuff/*: - Remove plugin information from reportbug script output. NPAPI plugin support was removed a while ago. - Convert addonsInfo to an ES module. Closes: #1076240. -- Mike Hommey Wed, 24 Jul 2024 05:21:48 +0900 firefox (128.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-29, also known as: CVE-2024-6605, CVE-2024-6606, CVE-2024-6607, CVE-2024-6608, CVE-2024-6609, CVE-2024-6610, CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603, CVE-2024-6611, CVE-2024-6612, CVE-2024-6613, CVE-2024-6614, CVE-2024-6604, CVE-2024-6615. * debian/control*: Bump nss, rustc, cargo and python3 build dependencies. * debian/control, debian/l10n/browser-l10n.control: Refreshed to include new locale. -- Mike Hommey Wed, 10 Jul 2024 06:25:33 +0900 firefox (127.0.2-1) unstable; urgency=medium * New upstream release. * debian/repack.py, debian/upstream.mk: Handle the upstream l10n migration to github. -- Mike Hommey Wed, 26 Jun 2024 05:19:57 +0900 firefox (127.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 20 Jun 2024 05:42:59 +0900 firefox (127.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-25, also known as: CVE-2024-5688, CVE-2024-5689, CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5694, CVE-2024-5695, CVE-2024-5696, CVE-2024-5697, CVE-2024-5698, CVE-2024-5699, CVE-2024-5700, CVE-2024-5701. * debian/control*: Bump rustc, cargo and nss build dependencies. * python/mozboot/mozboot/util.py, third_party/rust/neqo-common/.cargo-checksum.json, third_party/rust/neqo-common/Cargo.toml, third_party/rust/neqo-crypto/.cargo-checksum.json, third_party/rust/neqo-crypto/Cargo.toml, third_party/rust/neqo-crypto/src/agentio.rs, third_party/rust/neqo-http3/.cargo-checksum.json, third_party/rust/neqo-http3/Cargo.toml, third_party/rust/neqo-qpack/.cargo-checksum.json, third_party/rust/neqo-qpack/Cargo.toml, third_party/rust/neqo-transport/.cargo-checksum.json, third_party/rust/neqo-transport/Cargo.toml: Relax minimum supported rust version to 1.75 -- Mike Hommey Wed, 12 Jun 2024 06:09:08 +0900 firefox (126.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 29 May 2024 05:31:51 +0900 firefox (126.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-21, also known as: CVE-2024-4764, CVE-2024-4367, CVE-2024-4767, CVE-2024-4768, CVE-2024-4769, CVE-2024-4770, CVE-2024-4771, CVE-2024-4772, CVE-2024-4773, CVE-2024-4774, CVE-2024-4775, CVE-2024-4776, CVE-2024-4777, CVE-2024-4778. * debian/browser.install.in: Don't install now removed crashreporter files. * third_party/rust/bumpalo/.cargo-checksum.json, third_party/rust/bumpalo/Cargo.toml, third_party/rust/naga/.cargo-checksum.json, third_party/rust/naga/Cargo.toml, third_party/rust/wgpu-core/.cargo-checksum.json, third_party/rust/wgpu-core/Cargo.toml, third_party/rust/wgpu-core/src/snatch.rs, third_party/rust/wgpu-hal/.cargo-checksum.json, third_party/rust/wgpu-hal/Cargo.toml, third_party/rust/wgpu-types/.cargo-checksum.json, third_party/rust/wgpu-types/Cargo.toml: Relax minimum supported rust version to 1.70. -- Mike Hommey Wed, 15 May 2024 06:46:24 +0900 firefox (125.0.3-1) unstable; urgency=medium * New upstream release. * debian/rules: Avoid conflicting initializations of the mozbuild state directory. -- Mike Hommey Wed, 01 May 2024 11:43:16 +0900 firefox (125.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Tue, 23 Apr 2024 05:42:33 +0900 firefox (125.0.1-2) unstable; urgency=medium * debian/browser.install.in, debian/rules: Install libmozav*.so on all archs. -- Mike Hommey Thu, 18 Apr 2024 09:47:44 +0900 firefox (125.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-18, also known as: CVE-2024-3852, CVE-2024-3853, CVE-2024-3854, CVE-2024-3855, CVE-2024-3856, CVE-2024-3857, CVE-2024-3858, CVE-2024-3859, CVE-2024-3860, CVE-2024-3861, CVE-2024-3862, CVE-2024-3302, CVE-2024-3864, CVE-2024-3865. * debian/control*: Bump nss build dependency. * python/mozboot/mozboot/util.py, third_party/rust/neqo-common/.cargo-checksum.json, third_party/rust/neqo-common/Cargo.toml, third_party/rust/neqo-crypto/.cargo-checksum.json, third_party/rust/neqo-crypto/Cargo.toml, third_party/rust/neqo-crypto/src/p11.rs, third_party/rust/neqo-http3/.cargo-checksum.json, third_party/rust/neqo-http3/Cargo.toml, third_party/rust/neqo-qpack/.cargo-checksum.json, third_party/rust/neqo-qpack/Cargo.toml, third_party/rust/neqo-transport/.cargo-checksum.json, third_party/rust/neqo-transport/Cargo.toml: Relax minimum supported rust version to 1.70 -- Mike Hommey Wed, 17 Apr 2024 09:11:02 +0900 firefox (124.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-15, also known as CVE-2024-29943, CVE-2024-29944. -- Mike Hommey Sat, 23 Mar 2024 05:17:50 +0900 firefox (124.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-12, also known as: CVE-2024-2606, CVE-2024-2607, CVE-2024-2608, CVE-2023-5388, CVE-2024-2609, CVE-2024-2610, CVE-2024-2611, CVE-2024-2612, CVE-2024-2613, CVE-2024-2614, CVE-2024-2615. * debian/control*, debian/rules: Undo workaround for bug 1052002. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 20 Mar 2024 06:13:42 +0900 firefox (123.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Tue, 12 Mar 2024 05:58:24 +0900 firefox (123.0-1) unstable; urgency=medium * New upstream release. - Fixes webrtc when using system libvpx. Closes: #1061495. * Fixes for mfsa2024-05, also known as: CVE-2024-1546, CVE-2024-1547, CVE-2024-1554, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1555, CVE-2024-1556, CVE-2024-1552, CVE-2024-1553, CVE-2024-1557. * debian/control*: Bump nss build dependency. * debian/rules: Disable dwz for libgkcodecs. -- Mike Hommey Wed, 21 Feb 2024 10:04:06 +0900 firefox (122.0.1-1) unstable; urgency=medium * New upstream release. * debian/browser.install.in, debian/rules: Install vaapitest on all architectures. -- Mike Hommey Wed, 07 Feb 2024 08:55:14 +0900 firefox (122.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2024-01, also known as: CVE-2024-0741, CVE-2024-0742, CVE-2024-0744, CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, CVE-2024-0754, CVE-2024-0755. * gfx/skia/moz.build: Adjust our patch to upstream changes. -- Mike Hommey Wed, 24 Jan 2024 06:11:22 +0900 firefox (121.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 11 Jan 2024 06:03:46 +0900 firefox (121.0-2) unstable; urgency=medium * debian/rules: - Don't capitalize MOZ_APP_REMOTING_NAME. Closes: #1059162. - Parallelize l10n build. * third_party/xsimd/include/xsimd/config/xsimd_config.hpp: Backport xsimd unsupported architectures patch. bz#1868933. Fixes FTBFS on i386 and armhf. -- Mike Hommey Fri, 22 Dec 2023 11:04:30 +0900 firefox (121.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-56, also known as: CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, CVE-2023-6859, CVE-2023-6866, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861, CVE-2023-6869, CVE-2023-6870, CVE-2023-6871, CVE-2023-6872, CVE-2023-6863, CVE-2023-6864, CVE-2023-6873. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 20 Dec 2023 05:38:51 +0900 firefox (120.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Fri, 01 Dec 2023 05:06:06 +0900 firefox (120.0-2) unstable; urgency=medium * memory/build/PHC.cpp: Check if PHC is initialised on all entrypoints. bz#1866025. Closes: #1056550. -- Mike Hommey Fri, 24 Nov 2023 05:59:53 +0900 firefox (120.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-49, also known as: CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207, CVE-2023-6208, CVE-2023-6209, CVE-2023-6210, CVE-2023-6211, CVE-2023-6212, CVE-2023-6213. * debian/control*: Bump rustc build dependency. -- Mike Hommey Wed, 22 Nov 2023 09:04:26 +0900 firefox (119.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 16 Nov 2023 06:33:57 +0900 firefox (119.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-45, also known as: CVE-2023-5721, CVE-2023-5722, CVE-2023-5723, CVE-2023-5724, CVE-2023-5725, CVE-2023-5728, CVE-2023-5729, CVE-2023-5730, CVE-2023-5731. * debian/control*: - Bump nss and cbindgen build dependencies. - Add Santali language pack. * debian/browser.install.in: Remove plugin-container. -- Mike Hommey Wed, 25 Oct 2023 06:31:58 +0900 firefox (118.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 11 Oct 2023 06:33:19 +0900 firefox (118.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-41, also known as: CVE-2023-5169, CVE-2023-5170, CVE-2023-5171, CVE-2023-5172, CVE-2023-5173, CVE-2023-5175, CVE-2023-5176. * debian/rules: Avoid race condition on virtualenv creation. * debian/control*, debian/rules: Work around bug 1052002 by force-using clang-14. * debian/control*: Bump nss build dependency. * debian/browser.install.in: Install libgkcodecs.so. -- Mike Hommey Wed, 27 Sep 2023 05:43:46 +0900 firefox (117.0.1-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2023-40, also known as CVE-2023-4863. * debian/upstream.mk, debian/repack.py: Get l10n sources from zip archives. Thanks David Turner for the initial implementation. -- Mike Hommey Wed, 13 Sep 2023 06:36:30 +0900 firefox (117.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-34, also known as: CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4577, CVE-2023-4578, CVE-2023-4579, CVE-2023-4580, CVE-2023-4581, CVE-2023-4583, CVE-2023-4584, CVE-2023-4585. -- Mike Hommey Wed, 30 Aug 2023 06:13:08 +0900 firefox (116.0-2) unstable; urgency=medium * debian/rules, debian/browser.install.in: Install vaapitest and v4l2test appropriately vaapitest is now shipped on less platforms, and v4l2test was added on a more limited set. -- Mike Hommey Thu, 03 Aug 2023 08:39:52 +0900 firefox (116.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-29, also known as: CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, CVE-2023-4049, CVE-2023-4050, CVE-2023-4051, CVE-2023-4053, CVE-2023-4055, CVE-2023-4056, CVE-2023-4057, CVE-2023-4058. * debian/control*: Bump nss and rustc build dependencies. * debian/rules: Work around https://sourceware.org/bugzilla/show_bug.cgi?id=30566. * security/nss/lib/freebl/unix_rand.c, security/nss/cmd/shlibsign/shlibsign.c: Unapply changes for Hurd, as there is no rustc there. * Cargo.lock, python/mozboot/mozboot/util.py, servo/components/selectors/context.rs, servo/components/selectors/parser.rs, servo/components/style/gecko/selector_parser.rs, servo/components/style/properties/gecko.mako.rs, servo/components/style/style_resolver.rs, servo/components/style/stylesheets/container_rule.rs, servo/components/style/stylist.rs, third_party/rust/cstr/.cargo-checksum.json, third_party/rust/cstr/Cargo.toml, third_party/rust/cstr/README.md, third_party/rust/cstr/src/lib.rs: Undo changes to rupport rust version 1.63. It's getting harder to pretend 1.66 is not required for real now. * build/moz.configure/rust.configure: Relax cargo version requirement. -- Mike Hommey Wed, 02 Aug 2023 08:49:23 +0900 firefox (115.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-26, also known as CVE-2023-3600. * debian/control*, debian/compat: Bump debhelper compat level to 12. * debian/rules: - Stop compressing debug info at link time. - Use dh_missing. - Disable dwz for libxul. - Disable debug symbols on riscv64, because linking takes so long that buildds kill the build after 420 minutes of "inactivity". - Remove libgtk2 exclusion in dh_shlibdeps call. The dependency is long gone. - Stop cleaning up configure. It is unnecessary nowadays. - Rely on dh_update_autotools_config instead of manual grunt work. - Stop overriding dh_clean. * debian/browser.mozconfig.in, debian/control.in, debian/rules, debian/upstream.mk: Remove support for stretch. * debian/symbols.apt.conf, debian/symbols.mk, debian/symbols.sources.list: Remove symbol dumping scripts. They haven't been used to upload symbols for a long time, and Mozilla now pulls the symbols rather than us uploading them. * build/unix/elfhack/elf.cpp, build/unix/elfhack/elfhack.cpp, build/unix/elfhack/elfxx.h: More properly handle files > 4GB in elfhack. bz#1840931. * media/libaom/moz.build: After all, we did need that patch. bz#1842933. -- Mike Hommey Wed, 12 Jul 2023 09:16:06 +0900 firefox (115.0.1-1) unstable; urgency=medium * New upstream release. * debian/patches: Consolidate patches in two categories instead of four. Also remove some unuseful patches: + xpcom/reflect/xptcall/md/unix/moz.build, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_sh.cpp, xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_sh.cpp: Remove xptcall support for SH4. We don't have rustc on SH4 anyways. + media/libaom/moz.build: libaom neon flags are better set as of bz#1791482 and shouldn't require a patch. * gfx/skia/moz.build: Work around GCC ICE on ppc64el. -- Mike Hommey Tue, 11 Jul 2023 06:39:31 +0900 firefox (115.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-22, also known as: CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203, CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207, CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, CVE-2023-37212. * debian/rules, media/ffvpx/config_unix64.h: Work around https://sourceware.org/bugzilla/show_bug.cgi?id=30578. Closes: #1040328. * gfx/skia/moz.build: Undefine the mips builtin macro on mips in skia. bz#1841197. -- Mike Hommey Wed, 05 Jul 2023 06:46:25 +0900 firefox (114.0.2-1) unstable; urgency=medium * New upstream release. * debian/upstream.mk: Unstable is trixie. * debian/rules: Use in-tree NSS on bookworm. -- Mike Hommey Thu, 22 Jun 2023 13:54:23 +0900 firefox (114.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-20, also known as: CVE-2023-34414, CVE-2023-34415, CVE-2023-34416, CVE-2023-34417. * debian/browser.install.in: Install gfxtest and vaapitest. -- Mike Hommey Wed, 07 Jun 2023 05:52:21 +0900 firefox (113.0.2-1) unstable; urgency=medium * New upstream release. * dom/base/nsTextFragment.cpp, dom/base/nsTextFragmentGeneric.h, dom/base/nsTextFragmentGenericFwd.h: Isolate SSE2 requirements to SSE-compiled file. bz#1827566. -- Mike Hommey Sat, 27 May 2023 05:00:29 +0900 firefox (113.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-16, also known as: CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, CVE-2023-32213, CVE-2023-32215, CVE-2023-32216. * debian/control, debian/l10n/browser-l10n.control: Refresh locales. -- Mike Hommey Wed, 10 May 2023 06:47:20 +0900 firefox (112.0.1-1) unstable; urgency=medium * New upstream release. * gfx/thebes/gfxFont.cpp, gfx/thebes/gfxFontEntry.cpp: Don't attempt to use font extents if we didn't get a valid 'head' table, or if it's not an sfnt resource. bz#1827950. Closes: #1034363. -- Mike Hommey Thu, 20 Apr 2023 06:12:33 +0900 firefox (112.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-13, also known as: CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29537, CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, CVE-2023-29549, CVE-2023-29550, CVE-2023-29551. * debian/control*: Bump nss build dependency. * debian/control: Add libavcodec60 recommendation. * security/manager/ssl/builtins/build.rs, security/manager/ssl/builtins/src/certdata.rs: Revert upstream change to preserve compatibility with rustc 1.63. -- Mike Hommey Wed, 12 Apr 2023 09:53:55 +0900 firefox (111.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Sat, 25 Mar 2023 05:21:58 +0900 firefox (111.0-3) unstable; urgency=medium * dom/media/webaudio/AudioNodeEngine*: Forward declare arch-specific xsimd specialization. bz#1822901. -- Mike Hommey Tue, 21 Mar 2023 09:28:00 +0900 firefox (111.0-2) unstable; urgency=medium * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON flags from skia build. Thanks Emanuele Rocca. * dom/media/webaudio/AudioNodeEngineGeneric.h: Use fully specified xsimd::batch type. bz#1821363. * third_party/libwebrtc/moz.build: Add now removed desktop_capture_generic_gn directory. -- Mike Hommey Tue, 21 Mar 2023 06:18:07 +0900 firefox (111.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-09, also known as: CVE-2023-25750, CVE-2023-25751, CVE-2023-28160, CVE-2023-28164, CVE-2023-28161, CVE-2023-28162, CVE-2023-25752, CVE-2023-28176, CVE-2023-28177. * debian/control*: Bump nss build dependency. * debian/control, debian/l10n/browser-l10n.control: Refresh locales. * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now. It doesn't work at the moment. -- Mike Hommey Wed, 15 Mar 2023 07:56:18 +0900 firefox (110.0.1-1) unstable; urgency=medium * New upstream release. * debian/control*: Build depend on the rustc version we have in unstable. Closes: #1031357. * Cargo.lock, python/mozboot/mozboot/util.py, servo/components/selectors/context.rs, servo/components/selectors/parser.rs, servo/components/style/gecko/selector_parser.rs, servo/components/style/properties/gecko.mako.rs, servo/components/style/style_resolver.rs, servo/components/style/stylesheets/container_rule.rs, servo/components/style/stylist.rs, third_party/rust/cstr/.cargo-checksum.json, third_party/rust/cstr/Cargo.toml, third_party/rust/cstr/README.md, third_party/rust/cstr/src/lib.rs: Relax minimum supported rust version to 1.63. * js/src/irregexp/moz.build: Suppress false positive error for GCC. bz#1810584. -- Mike Hommey Wed, 01 Mar 2023 08:35:30 +0900 firefox (110.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-05, also known as: CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735, CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732, CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25741, CVE-2023-25742, CVE-2023-25744, CVE-2023-25745. * debian/control*: Bump nss, rustc and cargo build dependencies. * third_party/wasm2c/src/common.h, third_party/wasm2c/src/prebuilt/wasm2c.include.c, third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big endian. -- Mike Hommey Wed, 15 Feb 2023 09:14:45 +0900 firefox (109.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2023-01, also known as: CVE-2022-23597, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23605, CVE-2023-23606. * debian/control*: - Bump nss build dependency. - Bump cargo dependency back to what it's supposed to be. * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing on bookworm. * build/moz.configure/compilers-util.configure, toolkit/moz.configure: Add more configure checks for the wasm toolchain setup. bz#1747145. toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627 * build/moz.configure/rust.configure: Revert the relaxing of the cargo dependency now that we have the right version in unstable. -- Mike Hommey Wed, 18 Jan 2023 06:27:19 +0900 firefox (108.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Tue, 10 Jan 2023 08:00:05 +0900 firefox (108.0-2) unstable; urgency=medium * security/manager/ssl/tests/unit/tlsserver/cmd/moz.build, security/manager/ssl/tests/unit/tlsserver/lib/moz.build, security/moz.build: Pseudo-revert bz#1754746 and bz#1799121. Closes: #1026072. * .cargo/config.in, Cargo.lock, Cargo.toml, third_party/rust/uniffi*, third_party/rust/weedle2*: Make uniffi-bindgen more deterministic across platforms. -- Mike Hommey Thu, 15 Dec 2022 17:42:19 +0900 firefox (108.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-51, also known as: CVE-2022-46871, CVE-2022-46872, CVE-2022-46873, CVE-2022-46874, CVE-2022-46877, CVE-2022-46878, CVE-2022-46879. * debian/control*: Bump rustc and nss build dependencies. -- Mike Hommey Wed, 14 Dec 2022 07:56:15 +0900 firefox (107.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Sat, 03 Dec 2022 05:49:43 +0900 firefox (107.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-47, also known as: CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, CVE-2022-45407, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, CVE-2022-45411, CVE-2022-45412, CVE-2022-40674, CVE-2022-45415, CVE-2022-45416, CVE-2022-45417, CVE-2022-45418, CVE-2022-45419, CVE-2022-45420, CVE-2022-45421. * debian/rules: - Use internal libevent on buster. - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 16 Nov 2022 08:10:27 +0900 firefox (106.0.5-1) unstable; urgency=medium * New upstream release. * media/ffvpx/config_unix_aarch64.h: Don't build libav with sysctl on Unix AArch64. bz#1791275. -- Mike Hommey Mon, 07 Nov 2022 06:06:42 +0900 firefox (106.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-44, also known as: CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, CVE-2022-42931, CVE-2022-42932. * debian/control*: Bump nss and libvpx build dependencies. * debian/rules: Build with vendored libvpx on bullseye. * mozglue/misc/SIMD.cpp, mozglue/misc/SIMD_avx2.cpp: Restrict SIMD_avx2 to AMD64. bz#1792158. * modules/fdlibm/src/math_private.h: Do not define unused float_t type in fdlibm. bz#1789560. * js/src/jit/GenerateAtomicOperations.py: Add missing includes to AtomicOperationsGenerated.h. bz#1792159. * third_party/libwebrtc/build/config/compiler/BUILD.gn, third_party/libwebrtc/**/moz.build: Fix webrtc FTBFS from missing sse2 flags. bz#1795993. -- Mike Hommey Wed, 19 Oct 2022 05:59:30 +0900 firefox (105.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 28 Sep 2022 07:40:44 +0900 firefox (105.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-40, also known as: CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956, CVE-2022-40957, CVE-2022-40962. * debian/control*: Bump rustc and nss build dependencies. * python/mozbuild/mozbuild/nodeutil.py: Relax nodejs minimum version. -- Mike Hommey Wed, 21 Sep 2022 07:22:10 +0900 firefox (104.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Tue, 13 Sep 2022 09:08:49 +0900 firefox (104.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-33, also known as: CVE-2022-38472, CVE-2022-38473, CVE-2022-38475, CVE-2022-38477, CVE-2022-38478. * debian/rules, debian/control: Fix libavcodec recommends. Closes: #1017782. * debian/control*: Bump nss and nodejs build dependencies. -- Mike Hommey Wed, 24 Aug 2022 07:17:28 +0900 firefox (103.0.2-2) unstable; urgency=medium * debian/rules: Remove old and now unnecessary workarounds. * intl/icu/source/common/unicode/std_string.h, intl/icu/source/common/utypeinfo.h, intl/icu/source/io/unicode/ustream.h: Remove workaround for old libstdc++ problem, which now causes problems with GCC 12 on arm. * third_party/libwebrtc/moz.build: Add missing webrtc directory for ppc64el (bz#1775202). -- Mike Hommey Mon, 15 Aug 2022 15:46:49 +0900 firefox (103.0.2-1) unstable; urgency=medium * New upstream release. * debian/rules: - Use thinLTO for rust on armhf, to stay in the memory budget with an armhf toolchain. - Use MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=none instead of MACH_USE_SYSTEM_PYTHON=1. * debian/rules, debian/watch, debian/watch.in: Generate debian/watch and fix it. * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, js/src/jit/mips-shared/SharedICHelpers-mips-shared-inl.h, js/src/jit/mips-shared/SharedICHelpers-mips-shared.h, js/src/jit/mips64/Assembler-mips64.h, js/src/jit/mips64/MacroAssembler-mips64.cpp, js/src/jit/mips64/Simulator-mips64.cpp, js/src/jit/mips64/Trampoline-mips64.cpp, js/src/jit/shared/Lowering-shared-inl.h, js/src/wasm/WasmFrameIter.cpp: Fix FTBFS on mips64. bz#1776825. * third_party/libwebrtc/moz.build: Work around bz#1775202 to fix FTBFS on ppc64el. * config/makefiles/rust.mk: Allow to override rust LTO flag. -- Mike Hommey Sun, 14 Aug 2022 15:28:01 +0900 firefox (103.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-28, also known as: CVE-2022-36319, CVE-2022-36318, CVE-2022-36315, CVE-2022-36316, CVE-2022-36320, CVE-2022-2505. * debian/control*: Bump cbindgen and nss build dependencies. -- Mike Hommey Wed, 27 Jul 2022 10:07:35 +0900 firefox (102.0.1-3) unstable; urgency=medium * debian/rules: Fix the logic of the aarch64 test. -- Mike Hommey Thu, 14 Jul 2022 11:31:47 +0900 firefox (102.0.1-2) unstable; urgency=medium * debian/rules: Tentatively improve detection of known failing cases on armhf. -- Mike Hommey Thu, 14 Jul 2022 09:32:47 +0900 firefox (102.0.1-1) unstable; urgency=medium * New upstream release. * debian/rules: Tentatively improve detection of known failing cases on armhf and mipsel. -- Mike Hommey Thu, 14 Jul 2022 06:17:52 +0900 firefox (102.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-24, also known as: CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34482, CVE-2022-34483, CVE-2022-34476, CVE-2022-34481, CVE-2022-34474, CVE-2022-34471, CVE-2022-34472, CVE-2022-2200, CVE-2022-34480, CVE-2022-34477, CVE-2022-34475, CVE-2022-34473, CVE-2022-34484, CVE-2022-34485. * build/moz.configure/bindgen.configure, gfx/webrender_bindings/webrender_ffi.h: Work around build failure with newer cbindgen. bz#1773259 -- Mike Hommey Wed, 29 Jun 2022 07:41:32 +0900 firefox (101.0.1-1) unstable; urgency=medium * New upstream release. * build/moz.configure/rust.configure, debian/control*: Allow to build with cargo in unstable. -- Mike Hommey Fri, 10 Jun 2022 06:24:01 +0900 firefox (101.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-20, also known as: CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, CVE-2022-31741, CVE-2022-31742, CVE-2022-31743, CVE-2022-31744, CVE-2022-31745, CVE-2022-1919, CVE-2022-31747, CVE-2022-31748. * debian/rules: Fail the build early when building for armhf on armhf (only works on arm64), and when building for mipsel on mipsel. * debian/control*: Bump rustc, cargo, cbindgen and nss build dependencies. -- Mike Hommey Wed, 01 Jun 2022 06:07:37 +0900 firefox (100.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529. -- Mike Hommey Sat, 21 May 2022 07:32:04 +0900 firefox (100.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-16, also known as: CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911, CVE-2022-29912, CVE-2022-29915, CVE-2022-29917, CVE-2022-29918. -- Mike Hommey Wed, 04 May 2022 08:48:41 +0900 firefox (99.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-13, also known as: CVE-2022-1097, CVE-2022-28281, CVE-2022-28282, CVE-2022-28283, CVE-2022-28284, CVE-2022-28285, CVE-2022-28286, CVE-2022-28287, CVE-2022-24713, CVE-2022-28289, CVE-2022-28288. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 06 Apr 2022 09:04:22 +0900 firefox (98.0-2) unstable; urgency=medium * debian/rules: Install crash reporter files on arm64. * js/src/jit/GenerateAtomicOperations.py: Work around a GCC issue with generated atomics. bz#1756347. -- Mike Hommey Thu, 10 Mar 2022 09:09:43 +0900 firefox (98.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-10, also known as: CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381, CVE-2022-26382, CVE-2022-26385, CVE-2022-0843. * Fixes for mfsa2022-09, also known as: CVE-2022-26485, CVE-2022-26486. * debian/control*: - Bump nss build dependency. - Downgrade rust dependency to 1.56, and cargo to 0.57. * Cargo.lock, config/makefiles/rust.mk, python/mozboot/mozboot/util.py, servo/components/style/Cargo.toml, servo/components/style/build.rs, servo/components/style/lib.rs, servo/components/style/stylesheets/page_rule.rs, servo/components/style/stylist.rs, third_party/rust/audioipc2-client/.cargo-checksum.json, third_party/rust/audioipc2-client/Cargo.toml, third_party/rust/audioipc2-client/build.rs, third_party/rust/audioipc2-client/src/lib.rs, third_party/rust/wgpu-hal/.cargo-checksum.json, third_party/rust/wgpu-hal/src/gles/egl.rs: Relax minimum supported Rust version to 1.56.0. -- Mike Hommey Wed, 09 Mar 2022 07:09:27 +0900 firefox (97.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-04, also known as: CVE-2022-22754, CVE-2022-22755, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22764, CVE-2022-0511. * debian/control*: Bump nss, rustc and cargo build dependencies. * debian/browser.install.in: Install libipcclientcerts.so. -- Mike Hommey Wed, 09 Feb 2022 07:53:42 +0900 firefox (96.0.3-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Mon, 31 Jan 2022 06:21:31 +0900 firefox (96.0.1-1) unstable; urgency=medium * New upstream release. * modules/libpref/init/StaticPrefList.yaml: Disable cookie sameSite schemeful. bz#1750264. * dom/media/webrtc/third_party_build/gn-configs/x64_*_arm_linux.json, dom/media/webrtc/third_party_build/gn-configs/x64_*_ppc64_linux.json, third_party/libwebrtc/**/moz.build: Add webrtc configs for arm and ppc64 linux. bz#1738845. -- Mike Hommey Sat, 15 Jan 2022 07:41:14 +0900 firefox (96.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2022-01, also known as: CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751, CVE-2022-22752. * debian/rules: - Adjust preprocessor command to upstream changes. - Set an objdir when using the preprocessor, and clean that up. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 12 Jan 2022 08:03:30 +0900 firefox (95.0.1-1) unstable; urgency=medium * New upstream release. * debian/control.in: Build against rustc-mozilla/cargo-mozilla on relevant older releases. * modules/fdlibm/src/math_private.h: Fix FTBFS on i386. bz#1729459. -- Mike Hommey Fri, 17 Dec 2021 07:05:23 +0900 firefox (95.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-52, also known as: CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, CVE-2021-43540, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, CVE-2021-43544, CVE-2021-43545, CVE-2021-43546, MOZ-2021-0009. * debian/browser.mozconfig.in: Explicitly disable wasm sandboxing. We don't have the necessary tools yet. -- Mike Hommey Wed, 08 Dec 2021 06:38:07 +0900 firefox (94.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 24 Nov 2021 06:57:55 +0900 firefox (94.0-2) unstable; urgency=medium * debian/firefox.in: Use `command -v` instead of `which`. Does not affect this package, though. * .cargo/config.in, Cargo.lock, Cargo.toml, third_party/rust/cc/.cargo-checksum.json, third_party/rust/cc/Cargo.toml, third_party/rust/cc/src/lib.rs, third_party/rust/cc/src/windows_registry.rs: Update cc crate to b2f6b146b75299c444e05bbde50d03705c7c4b6e, aka 1.0.71 + GCC-11 fix for armhf. bz#1739040. * .cargo/config.in, Cargo.lock, third_party/rust/cubeb-pulse/.cargo-checksum.json, third_party/rust/cubeb-pulse/src/backend/stream.rs, toolkit/library/rust/shared/Cargo.toml: Upgrade cubeb-pulse to fix a race condition that can lead to shutdown deadlock. bz#1735905. (suspected to) Closes: #998108. -- Mike Hommey Thu, 11 Nov 2021 16:32:50 +0900 firefox (94.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-48, also known as: CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, CVE-2021-38508, MOZ-2021-0004, CVE-2021-38509, MOZ-2021-0005, MOZ-2021-0006, MOZ-2021-0007. (MOZ-* pending CVE assignment) * debian/control*: Bump nss, rustc and cargo build dependencies. * Cargo.toml, Cargo.lock, third_party/rust/naga/.cargo-checksum.json, third_party/rust/naga/Cargo.toml, third_party/rust/wgpu-core/.cargo-checksum.json, third_party/rust/wgpu-core/Cargo.toml, build/moz.configure/rust.configure: Remove workaround to build with an old cargo, now that Debian has a recent version. -- Mike Hommey Wed, 03 Nov 2021 08:20:50 +0900 firefox (93.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-43, also known as: CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-32810, CVE-2021-38500, CVE-2021-38501, CVE-2021-38499. * debian/control*: Bump nss build dependency. * debian/rules: Set MOZBUILD_STATE_PATH. * Cargo.toml, Cargo.lock, third_party/rust/naga/.cargo-checksum.json, third_party/rust/naga/Cargo.toml, third_party/rust/wgpu-core/.cargo-checksum.json, third_party/rust/wgpu-core/Cargo.toml: Work around the lack of resolver feature in unstable's cargo. -- Mike Hommey Wed, 06 Oct 2021 06:53:13 +0900 firefox (92.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-38, also known as: CVE-2021-38491, CVE-2021-38493, CVE-2021-38494. * debian/rules: Build against embedded nspr and nss on bullseye. * debian/upstream.mk: Add bookworm and trixie. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 08 Sep 2021 07:57:38 +0900 firefox (91.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-37, also known as CVE-2021-29991. * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. -- Mike Hommey Wed, 18 Aug 2021 10:28:35 +0900 firefox (91.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-33, also known as: CVE-2021-29986, CVE-2021-29981, CVE-2021-29988, CVE-2021-29984, CVE-2021-29980, CVE-2021-29987, CVE-2021-29985, CVE-2021-29982, CVE-2021-29989, CVE-2021-29990. * debian/control*: Bump nspr, nss and rustc build dependencies. -- Mike Hommey Wed, 11 Aug 2021 07:18:22 +0900 firefox (90.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-28, also known as: CVE-2021-29970, CVE-2021-29971, CVE-2021-29972, CVE-2021-29974, CVE-2021-29975, CVE-2021-29976, CVE-2021-29977. * debian/control*: - Bump nss build dependency. - Remove libgtk2 build dependency. * debian/browser.install.in: Don't install gtk2/libmozgtk.so. * widget/gtk/mozgtk/moz.build: Remove old workaround for bug #844357, which was fixed in binutils a long time ago. -- Mike Hommey Wed, 14 Jul 2021 06:07:27 +0900 firefox (89.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 24 Jun 2021 07:57:24 +0900 firefox (89.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Fri, 18 Jun 2021 06:03:11 +0900 firefox (89.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-23, also known as: CVE-2021-29960, CVE-2021-29961, CVE-2021-29959, CVE-2021-29967, CVE-2021-29966. * debian/control*: Bump nss and cbindgen build dependency. -- Mike Hommey Wed, 02 Jun 2021 05:36:18 +0900 firefox (88.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-20, also known as CVE-2021-29952. -- Mike Hommey Thu, 06 May 2021 07:01:54 +0900 firefox (88.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-16, also known as: CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, CVE-2021-24002, CVE-2021-29945, CVE-2021-29944, CVE-2021-29946, CVE-2021-29947. * debian/control*: Bump nss build dependency. -- Mike Hommey Tue, 20 Apr 2021 07:54:02 +0900 firefox (87.0-2) unstable; urgency=medium * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, js/src/jit/mips-shared/MacroAssembler-mips-shared*, js/src/jit/mips*/MacroAssembler-mips*: Add missing JIT functions. * js/src/jit/mips64/MacroAssembler-mips64.cpp: Fix register conflict in ma_addPtrTestOverflow. bz#1685662. * gfx/wr/swgl/src/blend.h, gfx/wr/swgl/src/gl.cc: Don't use always_inline on large SWGL functions. bz#1700520. -- Mike Hommey Wed, 31 Mar 2021 10:12:40 +0900 firefox (87.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-10, also known as: CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23984, CVE-2021-23985, CVE-2021-23986, CVE-2021-23987, CVE-2021-23988. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 24 Mar 2021 06:06:10 +0900 firefox (86.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Fri, 12 Mar 2021 10:30:34 +0900 firefox (86.0-2) unstable; urgency=medium * gfx/qcms/src/iccread.rs: Fix startup crash with malformed ICC profiles. bz#1694670. -- Mike Hommey Tue, 09 Mar 2021 07:24:46 +0900 firefox (86.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-07, also known as: CVE-2021-23969, CVE-2021-23970, CVE-2021-23968, CVE-2021-23974, CVE-2021-23971, CVE-2021-23972, CVE-2021-23975, CVE-2021-23973, CVE-2021-23978, CVE-2021-23979. * debian/control*: Bump nss and cbindgen build dependencies. -- Mike Hommey Wed, 24 Feb 2021 06:57:42 +0900 firefox (85.0.1-1) unstable; urgency=medium * New upstream release. * build/moz.configure/rust.configure, debian/control*: Allow to build with cargo in unstable. -- Mike Hommey Sat, 06 Feb 2021 07:54:04 +0900 firefox (85.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-03, also known as: CVE-2021-23953, CVE-2021-23954, CVE-2021-23955, CVE-2021-23956, CVE-2021-23958, CVE-2021-23960, CVE-2021-23961, CVE-2021-23962, CVE-2021-23963, CVE-2021-23964, CVE-2021-23965. * debian/control*: Bump rustc, cargo and nss build dependencies. -- Mike Hommey Wed, 27 Jan 2021 09:06:28 +0900 firefox (84.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2021-01, also known as CVE-2020-16044. * debian/control*: Bump nss build dependency. -- Mike Hommey Thu, 07 Jan 2021 07:27:55 +0900 firefox (84.0-3) unstable; urgency=medium * debian/browser.install.in: s/aarch64/arm64/, facepalm. -- Mike Hommey Fri, 18 Dec 2020 10:09:12 +0900 firefox (84.0-2) unstable; urgency=medium * debian/browser.install.in: Install libmozsandbox.so on aarch64 and arm*. -- Mike Hommey Fri, 18 Dec 2020 05:59:54 +0900 firefox (84.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-54, also known as: CVE-2020-16042, CVE-2020-26971, CVE-2020-26972, CVE-2020-26973, CVE-2020-26974, CVE-2020-26976, CVE-2020-26978, CVE-2020-26979, CVE-2020-35111, CVE-2020-35113, CVE-2020-35114. * debian/control*: Bump nss build dependency. * build/moz.configure/rust.configure, debian/control*: Revert changes from 79.0-1 allowing to build with cargo in unstable as of 2020-07-29 because we have the right version now. * intl/icu_sources_data.py: Revert changes from 72.0-1 to avoid building ICU in parallel because we don't build ICU using this script anymore. -- Mike Hommey Wed, 16 Dec 2020 06:30:02 +0900 firefox (83.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-50, also known as: CVE-2020-26951, CVE-2020-26952, CVE-2020-16012, CVE-2020-26953, CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, CVE-2020-26961, CVE-2020-26962, CVE-2020-26963, CVE-2020-26965, CVE-2020-26967, CVE-2020-26968, CVE-2020-26969. * debian/control*: Bump nss and cbindgen build dependencies. -- Mike Hommey Wed, 18 Nov 2020 07:06:09 +0900 firefox (82.0.3-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-49, also known as CVE-2020-26950. -- Mike Hommey Tue, 10 Nov 2020 07:32:32 +0900 firefox (82.0.2-1) unstable; urgency=medium * New upstream release. * debian/control*: Remove autoconf2.13 build dependency. * config/external/icu/data/moz.build: Use the right data file for ICU on big endians. bz#1673769. -- Mike Hommey Fri, 30 Oct 2020 06:03:59 +0900 firefox (82.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-45, also known as: CVE-2020-15969, CVE-2020-15254, CVE-2020-15680, CVE-2020-15681, CVE-2020-15682, CVE-2020-15683, CVE-2020-15684. [Emilio Pozuelo Monfort] * debian/browser.bug-presubj.in, debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove support for jessie. * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't support -std=gnu++17. * debian/rules: - stretch: build with GCC 7 from gcc-mozilla. - Call python with -B when regenerating the control files, so as to not generate bytecode files. - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails in stretch when opening the iso-codes files. - stretch: don't set NASM on !x86. [Mike Hommey] * debian/control*: Bump nss build dependency. * build/unix/elfhack/elf.cpp, build/unix/elfhack/elfxx.h: Fix elfhack for files > 2GiB and < 4GiB. bz#1495733. -- Mike Hommey Wed, 21 Oct 2020 11:53:39 +0900 firefox (81.0-2) unstable; urgency=medium * dom/media/AsyncLogger.h: Fix AsyncLogger::TracePayload's mName size calculation. bz#1667007. -- Mike Hommey Thu, 24 Sep 2020 16:22:35 +0900 firefox (81.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-42, also known as: CVE-2020-15675, CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, CVE-2020-15673, CVE-2020-15674. * debian/control*: Bump nss build dependency. * debian/rules: Change l10n build integration: - it is not necessary to override LOCALE_MERGEDIR anymore - it is not necessary to call compare-locales manually - set MACH_USE_SYSTEM_PYTHON=1 * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. bz#1666646. -- Mike Hommey Wed, 23 Sep 2020 07:56:45 +0900 firefox (80.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 03 Sep 2020 09:36:06 +0900 firefox (80.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-36, also known as: CVE-2020-15664, CVE-2020-12401, CVE-2020-6829, CVE-2020-12400, CVE-2020-15665, CVE-2020-15666, CVE-2020-15667, CVE-2020-15668, CVE-2020-15670. * debian/control*: Bump nss build dependency. -- Mike Hommey Wed, 26 Aug 2020 07:24:49 +0900 firefox (79.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-30, also known as: CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, CVE-2020-15659. * debian/control*: Bump cbindgen, rustc, cargo, nss and python3 build dependencies. * debian/rules: Add -Cembed-bitcode=yes to rust command lines when using rustc >= 1.45.0. * build/moz.configure/rust.configure, debian/control*: Allow to build with cargo in unstable as of 2020-07-29. -- Mike Hommey Wed, 29 Jul 2020 13:45:30 +0900 firefox (78.0.2-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2020-28. -- Mike Hommey Fri, 10 Jul 2020 09:37:04 +0900 firefox (78.0.1-1) unstable; urgency=medium * New upstream release. * debian/rules: - Replace --disable-ion with --disable-jit. - Don't generated the ICU data file for big-endian manually. * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, js/src/jit/mips64/MacroAssembler-mips64-inl.h: Add branchTestSymbol and fallibleUnboxPtr. bz#1642265. * config/external/icu/data/*icudata*, config/external/icu/data/moz.build, js/moz.configure: Unify the includion of the ICU data file. bz#1650299. * config/external/icu/common/moz.build, config/external/icu/common/sources.mozbuild, config/external/icu/data/convert_icudata.py, config/external/icu/data/moz.build, config/external/icu/defs.mozbuild, config/external/icu/i18n/moz.build, config/external/icu/i18n/sources.mozbuild, config/external/icu/icupkg/moz.build, config/external/icu/icupkg/sources.mozbuild, config/external/icu/moz.build, config/external/icu/toolutil/moz.build, config/external/icu/toolutil/sources.mozbuild, config/recurse.mk, intl/icu_sources_data.py: Automatically convert the little-endian ICU data file for big-endian builds. -- Mike Hommey Fri, 03 Jul 2020 17:07:38 +0900 firefox (78.0-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-24, also known as: CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422, CVE-2020-12424, CVE-2020-12425, CVE-2020-12426. * debian/control*: Bump nss build dependency. * debian/control*, debian/rules: Remove build dependency on python2.7. * debian/browser.mozconfig.in: Remove obsolete configure options. * build/virtualenv_packages.txt: Don't install enum and enum34 virtualenv packages in python3 virtualenvs. bz#1632429. -- Mike Hommey Wed, 01 Jul 2020 10:14:06 +0900 firefox (77.0-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-20, also known as: CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411. * debian/l10n/gen, debian/l10n_revs.py, debian/latest_nightly.py, debian/rules, debian/symbols.mk: Convert to python 3. * debian/control*: Bump nss and cbindgen build dependencies. * debian/rules: - Revert PKCS11 API change from 76.0.1-1 because the new API is now explicitly used by upstream code. - Stop passing -fno-schedule-insns2 -fno-lifetime-dse and -fno-delete-null-pointer-checks to GCC. -- Mike Hommey Wed, 03 Jun 2020 07:53:04 +0900 firefox (76.0.1-2) unstable; urgency=medium * debian/browser.mozconfig.in: Allow addon sideload. Closes: #960084. * debian/control*: Bump nasm build dependency to 2.14. -- Mike Hommey Fri, 15 May 2020 09:10:36 +0900 firefox (76.0.1-1) unstable; urgency=medium * New upstream release * debian/rules: Force using old PKCS11 API when building against newer NSS releases. Closes: #960012. -- Mike Hommey Wed, 13 May 2020 09:09:57 +0900 firefox (76.0-2) unstable; urgency=medium * Cargo.lock, third_party/rust/typenum/*: Upgrade typename to 1.12.0. bz#1635671. Fixes FTBFS on i386. -- Mike Hommey Wed, 06 May 2020 14:27:30 +0900 firefox (76.0-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-16, also known as: CVE-2020-12387, CVE-2020-6831, CVE-2020-12390, CVE-2020-12391, CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396. * debian/control*: Bump nss build dependency. * debian/browser.install.in: Don't install blocklist.xml, it's not there anymore. * config/recurse.mk: Don't depend on in-tree NSS/NSPR when building against system NSS/NSPR. bz#1634926. -- Mike Hommey Wed, 06 May 2020 05:41:56 +0900 firefox (75.0-2) unstable; urgency=medium * build/moz.configure/util.configure: In configure, pass extra compiler flags after source path. Fixes FTBFS with --with-system-libvpx with gcc-9 >= 9-20190125-2. -- Mike Hommey Sun, 19 Apr 2020 09:03:28 +0900 firefox (75.0-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-12, also known as: CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826. * debian/control*: Bump nss, rustc, cargo, cbindgen and nodejs build dependencies. * debian/control*, debian/rules: Build against libvpx >= 1.8. We used to build-conflicts with that version, but that's not necessary now that upstream needs that version. * debian/browser.install.in: Don't install .chk files, they aren't produced anymore. * debian/browser.install.in, debian/browser.mozconfig.in, debian/control*, debian/rules: Don't build against system sqlite. This is not supported anymore. * python/mozbuild/mozbuild/nodeutil.py: Allow to build with older versions of nodejs 10. -- Mike Hommey Wed, 08 Apr 2020 09:41:38 +0900 firefox (74.0.1-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. -- Mike Hommey Sat, 04 Apr 2020 06:42:37 +0900 firefox (74.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-08, also known as: CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2019-20503, CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815. * debian/rules: - Use the -o flag to redirect preprocessor output rather than shell redirection to work around bz#1621465. - Remove obj-*/.mozbuild on clean. * debian/control*: Bump nspr, nss, sqlite and cbindgen build dependencies. * config/mozunit/mozunit/mozunit.py, python/mozbuild/mozbuild/action/langpack_manifest.py, python/mozbuild/mozbuild/jar.py, python/mozbuild/mozbuild/preprocessor.py, python/mozbuild/mozbuild/test/backend/test_build.py: Use io.open() rather than open() in mozbuild/preprocessor.py. bz#1613263. * dom/canvas/ClientWebGLContext.h, dom/canvas/WebGLContext.h: Fix build errors with -Werror=format-security with GCC. -- Mike Hommey Wed, 11 Mar 2020 12:15:37 +0900 firefox (73.0.1-1) unstable; urgency=medium * New upstream release. * gfx/2d/SwizzleNEON.cpp: Fix NEON compile error with gcc and RGB unpacking. bz#1610814. -- Mike Hommey Thu, 20 Feb 2020 09:07:58 +0900 firefox (73.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-05, also known as: CVE-2020-6796, CVE-2020-6798, CVE-2020-6800, CVE-2020-6801. * debian/control*: Bump nss, rustc, cargo and cbindgen build dependencies. * debian/browser.install.in: Do not install now removed chrome.manifest and libnssdbm3.* files. -- Mike Hommey Wed, 12 Feb 2020 06:57:23 +0900 firefox (72.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 22 Jan 2020 12:06:25 +0900 firefox (72.0.1-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2020-03, also known as CVE-2019-17026. -- Mike Hommey Thu, 09 Jan 2020 06:46:44 +0900 firefox (72.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2020-01, also known as: CVE-2019-17016, CVE-2019-17017, CVE-2019-17020, CVE-2019-17022, CVE-2019-17023, CVE-2019-17024, CVE-2019-17025. * debian/rules: - Don't build with --compress-debug-sections on jessie. - Use sourcestamp.txt for MOZ_BUILD_DATE. - Avoid running dh_update_autotools_config. We're dealing with this manually and we don't want config.* files being touched under third_party/rust. * debian/control*: - Bump nspr, nss and sqlite build dependencies. - Add missing dependency on libdrm-dev. * debian/browser.mozconfig.in: Explicitly build with wayland support enabled. * intl/icu_sources_data.py: Don't build ICU in parallel. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older GCC ICE on arm. (Thanks Emilio Pozuelo Monfort) -- Mike Hommey Wed, 08 Jan 2020 08:54:04 +0900 firefox (71.0-2) unstable; urgency=medium * dom/indexedDB/ActorsParent.cpp: Work around lack of support for http://eel.is/c++draft/class.temporary#6.7 in compilers. bz#1601707 Closes: #946249, #946547. * layout/generic/WritingModes.h, servo/ports/geckolib/cbindgen.toml: Fix build with newer cbindgen. bz#1602358. -- Mike Hommey Thu, 12 Dec 2019 09:38:33 +0900 firefox (71.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-36, also known as: CVE-2019-11756, CVE-2019-17008, CVE-2019-11745, CVE-2019-17014, CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012, CVE-2019-17013. * debian/l10n/gen: Add support for ca-valencia. * debian/control*: Bump nspr, nss, rustc and cargo build dependencies. * debian/rules, debian/control.in: - Build with nodejs-mozilla on jessie and stretch. - Build with nasm-mozilla on jessie and stretch. - Don't build with system libvpx on stretch. (Thanks Emilio Pozuelo Monfort) -- Mike Hommey Wed, 04 Dec 2019 10:09:38 +0900 firefox (70.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Sat, 09 Nov 2019 07:53:49 +0900 firefox (70.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-34, also known as: CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002, CVE-2019-11764. * debian/control*: Bump nss, sqlite, rustc, cargo, and cbindgen build dependencies. -- Mike Hommey Wed, 23 Oct 2019 07:30:42 +0900 firefox (69.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Tue, 08 Oct 2019 08:06:31 +0900 firefox (69.0.1-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2019-31, also known as CVE-2019-11754. * debian/control*: - Bump nss, rustc, cargo and cbindgen build dependencies. Closes: #939412. - Remove build dependency versions where Debian has had the right version since Jessie. * debian/source/lintian-overrides: Adjust DotZlib.chm path. -- Mike Hommey Tue, 24 Sep 2019 06:39:36 +0900 firefox (69.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-25, also known as: CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, CVE-2019-11740. * debian/upstream.mk: Read source repo and revision from json when getting upstream info. Instead of the .txt file that doesn't exist as of 69. * debian/control*: - Remove unused build dependency against python-ply. - Remove python-minimal build dependency. All supported versions of Debian have a new enough version. - Remove build dependency against libjsoncpp-dev. * debian/l10n/gen, debian/latest_nightly.py, debian/rules, debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit python2.7 instead of python. * debian/rules: Use `mach python --no-virtualenv` to invoke the preprocessor. * config/system-headers, toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, toolkit/crashreporter/minidump-analyzer/moz.build: Revert hack to build against libjsoncpp. It was fine when it was only used by the crash reporter, but that's not the case anymore, and it breaks the build. Also, the bundled version is newer than what is available in Debian. -- Mike Hommey Wed, 04 Sep 2019 13:48:54 +0900 firefox (68.0.2-3) unstable; urgency=medium * debian/control.in: Take source package name from preprocessing. * build/moz.configure/old.configure: Avoid race condition creating old-configure. bz#1574761. * dom/media/systemservices/CamerasChild.cpp, dom/media/systemservices/CamerasParent.cpp, dom/media/systemservices/VideoEngine.cpp, dom/media/webrtc/MediaEngineRemoteVideoSource.cpp: Don't use __PRETTY_FUNCTION__ or __FUNCTION__ as format strings. bz#1531309. Closes: #925680. -- Mike Hommey Sun, 18 Aug 2019 20:47:26 +0900 firefox (68.0.2-2) unstable; urgency=medium * debian/rules: Fix MOZ_APP_REMOTINGNAME. Upstream build system changes made the config.status editing trick stop working. Export the variable for configure to pick it instead. Closes: #932256 -- Mike Hommey Sun, 18 Aug 2019 08:41:43 +0900 firefox (68.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-24, also known as CVE-2019-11733. * debian/control*, debian/rules: Don't build against system vpx >= 1.8.0. It has API changes that cause FTBFS. -- Mike Hommey Thu, 15 Aug 2019 08:06:59 +0900 firefox (68.0.1-2) unstable; urgency=medium * debian/rules: Work around https://github.com/rust-lang/cargo/issues/7147. -- Mike Hommey Fri, 19 Jul 2019 10:51:09 +0900 firefox (68.0.1-1) unstable; urgency=medium * New upstream release. * debian/rules: - Hook stamps/dh_install-l10n to override_dh_install-indep rather than binary-indep. - Pass make job server down through dh_auto_build. * debian/rules, debian/dh: Wrap dh to ensure debian/rules is invoked with parallelism. -- Mike Hommey Fri, 19 Jul 2019 07:53:19 +0900 firefox (68.0-3) unstable; urgency=medium * debian/browser.README.Debian.in: Fix a reference to iceweasel in README.Debian. Thanks Edward Betts. * debian/rules: - Only exclude "-g" from dpkg-buildflags output. All the other flags that used to be excluded either already match upstream or add reproducibility. - Don't unexpectedly reset LDFLAGS. - [firefox-esr] Remove iceweasel transitional packages on bullseye. - Disable dh_strip_nondeterminism. Upstream build system already avoids non-determinism it would strip, so there is no need for it further modifying files. - Avoid arch:all builds building arch:any stuff. - Move AUTOCONF_DIRS cleanup after dh_clean. - Add rust flags to improve reproducibility. - Only touch or remove configure when it wasn't there to begin with. - Call configure using its full path. - Factor common configure arguments. - Build langpacks with --disable-compile-environment, and pass less configure arguments. - Build each langpack from a separate build directory. This means time wasted running configure more times, but all locales can now be built in parallel. * debian/symbols.mk, debian/symbols.apt.conf, debian/symbols.sources.list: Miscellaneous changes to symbols download script. * debian/make.mk: Exclude symbols.mk variables from dump output. * debian/browser.mozconfig.in: Remove redundant --prefix=/usr. * debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Remove packaging scripts compatibility with Wheezy. * moz.configure: Only add confvars.sh as a dependency to config.status when it exists. bz#1560340. -- Mike Hommey Sun, 14 Jul 2019 15:20:45 +0900 firefox (68.0-2) unstable; urgency=medium * debian/rules, debian/upstream.mk: Account for next Debian release. * debian/rules, debian/control: Build against system sqlite again. * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around GCC ICE on mips*, i386 and s390x. Closes: #931757 * python/mozbuild/mozbuild/action/langpack_manifest.py: Use build id as langpack version for reproducibility. bz#1565504. -- Mike Hommey Fri, 12 Jul 2019 20:37:51 +0900 firefox (68.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-21, also known as: CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-11718, CVE-2019-11720, CVE-2019-11721, CVE-2019-11730, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11710, CVE-2019-11709. * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. Remove Build-Conflicts with nss 3.44-1, since we now build-depend on a more recent version. * debian/rules, debian/control: Don't build against system sqlite, as Debian doesn't have the required version yet. * [firefox-esr] debian/l10n/browser-l10n.control*, debian/l10n/gen: Don't generate iceweasel l10n transition packages for locales that were never offered with iceweasel. * debian/control, debian/l10n/browser-l10n.control.in: Add transition dependencies for Bengali l10n. There is now only one Bengali l10n package instead of two. * debian/rules: Disable JIT at build time on mips because it fails to build. * build/gyp.mozbuild: Revert patch that disables libyuv assembly on mips64. It apparently compiles, now. -- Mike Hommey Wed, 10 Jul 2019 08:22:05 +0900 firefox (67.0.4-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-19, also known as CVE-2019-11708. -- Mike Hommey Thu, 20 Jun 2019 11:05:27 -0700 firefox (67.0.3-2) unstable; urgency=medium * python/mozbuild/mozbuild/action/node.py: Attempt to work around make issue happening on arch: all buildd. -- Mike Hommey Wed, 19 Jun 2019 13:16:37 -0700 firefox (67.0.3-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-18, also known as CVE-2019-11707. -- Mike Hommey Tue, 18 Jun 2019 11:35:40 -0700 firefox (67.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 12 Jun 2019 06:01:15 +0900 firefox (67.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 05 Jun 2019 07:14:08 +0900 firefox (67.0-4) unstable; urgency=medium * debian/rules: Work around FTBFS on mips* by disabling webrtc Build fails because of missing configurations for mips*. * debian/control*: Build-Conflicts with libnss3-dev 2:3.44-1. Closes: #929846. * js/src/jit/mips32/MacroAssembler-mips32-inl.h: Fix FTBFS on mips/mipsel. bz#1556197. -- Mike Hommey Sun, 02 Jun 2019 13:13:13 +0900 firefox (67.0-3) unstable; urgency=medium * media/webrtc/trunk/webrtc/system_wrappers/source/cpu_features.cc: Remove WebRtc_GetCPUFeaturesARM from cpu_features.cc. It is already in cpu_features_linux.c (and is not in cpu_features.cc in webrtc upstream). Fixes FTBFS on armhf. bz#1523162. -- Mike Hommey Sat, 01 Jun 2019 13:44:05 +0900 firefox (67.0-2) unstable; urgency=medium * debian/extra-stuff/addonsInfo.jsm: - Avoid running -dumps-addons-info without a running Firefox counting as a crash. - Support addons in resource:// locations in -dump-addons-info * js/src/wasm/WasmSignalHandlers.cpp: Include struct definitions for user_vfp and user_vfp_exc. Fixes FTBFS on armhf. bz#1526653. * js/src/jit/mips*/MacroAssembler-mips*-inl.h, js/src/jit/mips*/Trampoline-mips*.cpp: Fix functions: branchTestBigInt, negPtr, generateVMWrapper on MIPS. bz#1544631. * toolkit/modules/sessionstore/PrivacyFilter.jsm: Update and harden form data filtering for privacy to account for no data being passed in. bz#1553413. -- Mike Hommey Sat, 01 Jun 2019 09:18:27 +0900 firefox (67.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2019-13, also known as: CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, CVE-2019-9821, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, CVE-2019-7317, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, CVE-2019-11698, CVE-2019-11699, CVE-2019-11701, CVE-2019-9814, CVE-2019-9800. * Upload to experimental because the required cbindgen is not available in unstable. * debian/control*: Bump nspr, sqlite, rustc, cargo and cbindgen build dependencies. * debian/extra-stuff/addonsInfo.*, debian/extra-stuff/moz.build, debian/installer/package-manifest.browser, debian/rules: Modernize addonsInfo per bz#1431533, bz#1432992, bz#1514594, bz#1524688, etc. -- Mike Hommey Wed, 22 May 2019 09:28:01 +0900 firefox (66.0.5-1) unstable; urgency=medium * New upstream release. - Additional fixes for addon signature validation. -- Mike Hommey Wed, 08 May 2019 08:07:21 +0900 firefox (66.0.4-1) unstable; urgency=medium * New upstream release. - Fixes issues with addon signature validation. Closes: #928417. Note: this didn't affect addons installed via Debian packages. -- Mike Hommey Sun, 05 May 2019 22:52:24 +0900 firefox (66.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-09, also known as: CVE-2019-9810, CVE-2019-9813. * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. -- Mike Hommey Sun, 24 Mar 2019 08:17:24 +0900 firefox (66.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-07, also known as: CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, CVE-2019-9796, CVE-2019-9797, CVE-2019-9799, CVE-2019-9802, CVE-2019-9803, CVE-2019-9805, CVE-2019-9806, CVE-2019-9807, CVE-2019-9809, CVE-2019-9808, CVE-2019-9789, CVE-2019-9788. * debian/browser.mozconfig.in: Adjust to the upstream change wrt Google API key configure options. * debian/control*: Add nasm build dependency on amd64 and i386. -- Mike Hommey Wed, 20 Mar 2019 18:35:38 +0900 firefox (65.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-04, also known as: CVE-2018-18356, CVE-2019-5795, CVE-2018-18511. * debian/rules, debian/upstream.mk: Manually set the update channel. Closes: #921381, #921121, #921654. * debian/rules: Build with -mfp32 on mips and mipsel. This should fix the FTBFS. -- Mike Hommey Thu, 14 Feb 2019 19:33:05 +0900 firefox (65.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2019-01, also known as: CVE-2018-18500, CVE-2018-18503, CVE-2018-18504, CVE-2018-18505, CVE-2018-18506, CVE-2018-18502, CVE-2018-18501. * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build dependencies. * debian/browser.install.in: Install libmozwayland.so. -- Mike Hommey Wed, 30 Jan 2019 11:04:24 +0900 firefox (64.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-29, also known as: CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, CVE-2018-18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, CVE-2018-18498, CVE-2018-12406, CVE-2018-12405. * debian/rules, debian/browser.install.in: Properly copy the watermark to /usr/share/icons/hicolor/symbolic/apps. * debian/rules: Disable debug symbols on 32-bits architectures, that requires too much memory. * debian/browser.mozconfig.in: - Remove --enable-pie option, it's the default, now. - Remove --disable-nodejs now that it's required. * debian/control*: - Bump rustc, cargo, cbindgen, nss and sqlite dependencies. - Add nodejs build dependency. * debian/browser-symbolic.svg.in: Import the watermark used for the symbolic icon in the debian/ directory. -- Mike Hommey Wed, 12 Dec 2018 09:26:47 +0900 firefox (63.0.3-1) unstable; urgency=medium * New upstream release. * debian/control*: Build depend on unversioned clang/llvm. Closes: #912802. * debian/rules: Use embedded libevent in backports. Closes: #910397. * debian/rules: Use GNU gold linker on i386 because BFD ld fails to link libxul.so (memory exhausted). * build/unix/elfhack/test.c: Try to ensure the bss section of the elfhack testcase stays large enough. bz#1505608. * memory/build/mozjemalloc.cpp: Fix run sizes for size classes >= 16KB on systems with large pages. bz#1507035. Closes: #911898. * media/libaom/moz.build: Use NEON_FLAGS instead of VPX_ASFLAGS for libaom neon code. * gfx/cairo/libpixman/src/pixman-vmx.c: Protect #include in pixman-vmx.c like in other pixman-*.c files -- Mike Hommey Mon, 26 Nov 2018 10:17:08 +0900 firefox (63.0.1-1) unstable; urgency=medium * New upstream release. * debian/google.key: Use new Google API key, courtesy of Francois Marier. -- Mike Hommey Fri, 02 Nov 2018 10:50:57 +0900 firefox (63.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-26, also known as: CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, CVE-2018-12397, CVE-2018-12398, CVE-2018-12399, CVE-2018-12401, CVE-2018-12402, CVE-2018-12403, CVE-2018-12388, CVE-2018-12390. * debian/control*: - Bump nss dependency. - Add build dependency on cbindgen. * debian/browser.mozconfig.in: Disable nodejs until it's actually necessary. * debian/rules: Add -Wl,--compress-debug-sections=zlib to LDFLAGS to work around elfhack failing with unstripped binaries larger than 2GiB. -- Mike Hommey Wed, 24 Oct 2018 08:32:15 +0900 firefox (62.0.3-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-24, also known as: CVE-2018-12386, CVE-2018-12387. * debian/extra-stuff/addonsInfo.js: Fixes to work with recent versions of Firefox. Closes: #909056. * debian/control*, debian/browser.mozconfig.in: Build ALSA support. Closes: #864987, #900062, #908349 -- Mike Hommey Wed, 03 Oct 2018 16:21:53 +0900 firefox (62.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-22, also known as CVE-2018-12385. * Ignore locale change events for the search service on shutdown. bz#1489820. Closes: #908932. * debian/control*: - Remove the sqlite and nss dependencies when not building against the system libraries. - Enforce nss, nspr and sqlite dependencies to the same versions as build dependencies. There are subtle non-ABI differences between versions that Firefox might be relying on (be it features, behavior changes/fixes, etc.) and can cause subtle problems when older versions are used. Closes: #908225, #908520. - Add a suggestion for pulseaudio. * debian/rules, debian/control: Add libavcodec-extra* packages to the list of recommends. Closes: #909130 * js/src/jit/BaselineJIT.h: Disable baseline JIT when SSE2 is not supported at runtime. bz#1492064. Closes: #908396, #908449. * gfx/2d/Swizzle.cpp: Use Swizzle fallback when SSE2 is not supported. bz#1492065. Closes: #877445. -- Mike Hommey Sat, 22 Sep 2018 09:02:25 +0900 firefox (62.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-20, also known as: CVE-2018-12377, CVE-2018-12378, CVE-2018-12383, CVE-2018-12375, CVE-2018-12376. * debian/control*: - Bump nss and sqlite build dependencies. - Build depend on llvm/clang 6.0 for buster. Closes: #906175. * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove build dependency on libbz2-dev. It's not used anymore. * debian/noinstall.in: Remove the dictionaries directory, not part of the packaged Firefox anymore. * debian/l10n/gen: Use iso-codes json data instead of XML when present. Closes: #907611. * widget/gtk/nsAppShell.cpp: Use remoting name for call to gdk_set_program_class. Closes: #907574. -- Mike Hommey Thu, 06 Sep 2018 07:42:45 +0900 firefox (61.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Thu, 19 Jul 2018 06:54:40 +0900 firefox (61.0-2) unstable; urgency=medium * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove build dependency on system libhunspell. Using system hunspell lacks features required by Firefox. Next version of Firefox doesn't allow to build against system hunspell anyways. Closes: #900469. * debian/browser.links.in, debian/rules, debian/vendor.js: Use the spellchecker.dictionary_path pref to set the hunspell directory. * debian/browser.mozconfig.in: Allow unsigned addons in app and system scopes. * debian/rules: Work around the effect the above has on the --{enable,with}-system-* check. * debian/control*: Remove old conflicts. Thanks Sylvestre Ledru. Closes: #882956. * debian/l10n/recommends, debian/l10n/browser-l10n.control, debian/control: Update dictionary recommendations, following these rules: - Transitional myspell packages are not listed except when stable doesn't have the corresponding hunspell package. - Both hunspell and myspell packages are listed if they are different. Closes: #813832, #825843 * debian/copyright, debian/rules: Refer to /usr/share/common-licenses/MPL* instead of installing our own copy. Closes: #704303. * debian/make.mk: Use the same code as dump target for the dump-% target. * debian/control*, debian/rules: Add Recommends on all supported libavcodec libraries for h264 playback. Closes: #901600. * toolkit/modules/AppConstants.jsm, toolkit/modules/moz.build, toolkit/moz.configure, toolkit/mozapps/extensions/internal/XPIInstall.jsm, toolkit/mozapps/extensions/content/extensions.js, toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Change how addon signature requirement relaxation is done. Closes: #899390. -- Mike Hommey Sun, 08 Jul 2018 10:39:03 +0900 firefox (61.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-15, also known as: CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12358, CVE-2018-12362, CVE-2018-5156, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12371, CVE-2018-12366, CVE-2018-12367, CVE-2018-12369, CVE-2018-12370, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188. * debian/control*: - Bump nss and sqlite build dependencies. - Add a build dependency on python3. * debian/browser.install.in: Adjust to upstream changes. * debian/vendor.js: Relax the addon signature requirements. * toolkit/mozapps/extensions/content/extensions.js, toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Allow to relax the addon signature requirements. -- Mike Hommey Wed, 27 Jun 2018 10:25:44 +0900 firefox (60.0.2-2) unstable; urgency=medium * build/unix/elfhack/elfhack.cpp, build/unix/elfhack/inject.c, build/unix/elfhack/test.c: Use run-time page size when changing mapping permissions in elfhack injected code. bz#1470701. Closes: #902231. -- Mike Hommey Sun, 24 Jun 2018 09:23:16 +0900 firefox (60.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-14, also known as CVE-2018-6126. * debian/upstream.mk: Use the same logic for betas as for releases to find the source. * debian/browser.NEWS.in: Adjust to show the ESR version. -- Mike Hommey Fri, 08 Jun 2018 18:25:04 +0900 firefox (60.0.1-5) unstable; urgency=medium * gfx/skia/moz.build: Revert change from 60.0.1-4. * dom/media/webaudio/blink/DenormalDisabler.h: Avoid using vmrs/vmsr on armel. * mfbt/LinuxSignal.h, mfbt/moz.build, tools/profiler/core/platform-linux-android.cpp: Remove MOZ_SIGNAL_TRAMPOLINE. bz#1463035. * build/autoconf/arch.m4: Add -mfloat-abi=softfp to NEON_FLAGS when it makes sense. bz#1463036. * xpcom/string/moz.build: Use HAVE_ARM_NEON instead of BUILD_ARM_NEON for nsUTF8UtilsNEON.cpp. bz#1463036. -- Mike Hommey Tue, 22 May 2018 08:01:55 +0900 firefox (60.0.1-4) unstable; urgency=medium * gfx/skia/moz.build: Don't build skia neon on armel. -- Mike Hommey Mon, 21 May 2018 07:58:43 +0900 firefox (60.0.1-3) unstable; urgency=medium * debian/browser.links.in: Remove /usr/lib/*/browser/icons symlink, leftover after the removal of /usr/share/*/browser/icons. Closes: #893323. * media/webrtc/trunk/moz.build: Only build webrtc neon on aarch64. -- Mike Hommey Sun, 20 May 2018 10:12:15 +0900 firefox (60.0.1-2) unstable; urgency=medium * third_party/rust/libc/.cargo-checksum.json, third_party/rust/libc/src/unix/notbsd/linux/mod.rs, third_party/rust/libc/src/unix/notbsd/linux/musl/mod.rs, third_party/rust/libc/src/unix/notbsd/linux/other/mod.rs, third_party/rust/libc/src/unix/notbsd/linux/s390x.rs: Apply upstream patch to add struct ucred for Linux on MIPS. * gfx/skia/skia/src/jumper/SkJumper_stages.cpp: Fix Skia build on arm64 linux with GCC. bz#1462868. * intl/icu_sources_data.py: Add --disable-layoutex when running ICU configure. bz#1462859. * media/webrtc/trunk/gtest/moz.build: Link chromium_atomics to webrtc tests. bz#1462873. -- Mike Hommey Sat, 19 May 2018 13:07:39 +0900 firefox (60.0.1-1) unstable; urgency=medium * New upstream release. * debian/control*: Remove mozplugger suggestion. Closes: #888396. * debian/browser.install.in, debian/browser.mozconfig.in, debian/control.in, debian/rules: Remove the option to build against gtk+2, it is not supported anymore. * debian/control*, debian/rules: Avoid hard dependency on libgtk2.0-0. Closes: #885144. * media/webrtc/trunk/moz.build: Attempt to fix building webrtc on non-x86. * js/src/jit/mips-shared/LIR-mips-shared.h, js/src/jit/mips32/LIR-mips32.h, js/src/jit/mips64/LIR-mips64.h: Fix FTBFS on mips*. bz#1444303. -- Mike Hommey Sat, 19 May 2018 07:25:23 +0900 firefox (60.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-11, also known as CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5160, CVE-2018-5152, CVE-2018-5153, CVE-2018-5163, CVE-2018-5164, CVE-2018-5166, CVE-2018-5167, CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5165, CVE-2018-5180, CVE-2018-5181, CVE-2018-5182, CVE-2018-5151, CVE-2018-5150. * debian/control*: - Bump nspr, nss, sqlite, rustc and cargo build dependencies. - Update Maintainer and Vcs fields, moving off alioth. * debian/browser.js.in, debian/vendor.js: Use the new syntax for locked and sticky prefs. * debian/browser.NEWS.in: Add a NEWS about the deprecation of lockPref. * debian/rules: Automatically find the ICU data file name. * debian/browser.mozconfig.in: Revert workaround for bz#1341234. * debian/browser.install.in, debian/rules: Don't install the ICU data file, it's linked as a data section in libxul. * modules/libpref/parser/src/lib.rs: Adapt to upstream changes to keep supporting lockPref() for transition purposes, now that upstream has locked prefs out of the box. -- Mike Hommey Thu, 10 May 2018 09:36:46 +0900 firefox (59.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-10, also known as CVE-2018-5148. -- Mike Hommey Tue, 27 Mar 2018 08:29:16 +0900 firefox (59.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-08, also known as CVE-2018-5146, CVE-2018-5147. -- Mike Hommey Sat, 17 Mar 2018 13:48:08 +0900 firefox (59.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-06, also known as: CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5132, CVE-2018-5133, CVE-2018-5134, CVE-2018-5135, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, CVE-2018-5141, CVE-2018-5142, CVE-2018-5143, CVE-2018-5126, CVE-2018-5125. * debian/upstream.mk: - Change how we find the source tarball for releases. - Stop using milestone.py, it went away in this version. * debian/control*: Bump nspr, nss, sqlite, rustc and cargo build dependencies. * debian/rules: Update ICU_DATA_FILE version. * debian/browser.install.in, debian/browser.links.in, debian/rules: Take all icons from chrome/icons/default/ now they are all there. * debian/browser.install.in, debian/rules: Install watermark icon through dh_install. * debian/browser.js.in: Use the new intl.locale.requested instead of intl.locale.matchOS. -- Mike Hommey Wed, 14 Mar 2018 08:30:34 +0900 firefox (58.0.1-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2018-05. * debian/upstream.mk, debian/l10n_revs.py: Use l10n-changesets.json from the source tree to find the l10n changesets. * debian/usptream.mk: Stop using milestone.py, it goes away in version 59. * intl/icu/source/i18n/digitlst.cpp: Apply part of http://bugs.icu-project.org/trac/changeset/40603 to fix FTBFS with glibc 2.26 on big endian platforms. Closes: #888638. -- Mike Hommey Tue, 30 Jan 2018 07:43:28 +0900 firefox (58.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-02, also known as: CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5105, CVE-2018-5106, CVE-2018-5107, CVE-2018-5108, CVE-2018-5109, CVE-2018-5111, CVE-2018-5112, CVE-2018-5113, CVE-2018-5114, CVE-2018-5115, CVE-2018-5116, CVE-2018-5117, CVE-2018-5118, CVE-2018-5119, CVE-2018-5122, CVE-2018-5090, CVE-2018-5089. * debian/rules: - Don't disable necko-wifi on kfreebsd/hurd. This used to be necessary because that was using libiw, which was linux-only, but libiw is not used anymore. - Refresh configure files manually. - Remove --with-default-mozilla-five-home, it's gone. - Adapt to compare-locales changes. - Define MOZ_FFVPX on arm and aarch64. * debian/browser.install.in, debian/rules, debian/test.mk: Use DEB_HOST_ARCH* instead of DEB_BUILD_ARCH*. * debian/control*: - Bump rustc, cargo and nss build dependencies. - Add a dependency on libnss3 3.34 for the firefox package. * debian/noinstall.in: Remove run-mozilla.sh from there, it's not installed anymore. -- Mike Hommey Wed, 24 Jan 2018 08:16:43 +0900 firefox (57.0.4-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2018-01, mitigating "Spectre" side-channel attack. * debian/control*: Remove build dependencies on unused -dev packages. * debian/rules: Clean l10n build directory. * debian/installer/Makefile.in, debian/installer/package-manifest.browser, debian/rules, moz.build: Let upstream packaging step preprocess our package manifest, instead of preprocessing it manually first. -- Mike Hommey Fri, 05 Jan 2018 15:55:05 +0900 firefox (57.0.3-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Sat, 30 Dec 2017 12:06:22 +0900 firefox (57.0.1-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-27, also known as: * CVE-2017-7843, CVE-2017-7844. * debian/rules: Don't pass unused variables during make install. * debian/installer/Makefile.in: Small path correctness fixup. -- Mike Hommey Fri, 01 Dec 2017 14:35:58 +0900 firefox (57.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-24, also known as: CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7836, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842, CVE-2017-7827, CVE-2017-7826. * debian/control*: Bump nss, sqlite, rustc and cargo build dependencies. * debian/rules: - Always remove configure/old-configure during clean. - Use a new file as source for the symbolic icon. Closes: #867729. - Disable tests until they're fixed. The script to run tests uses old entry points that weren't updated to deal with the sandbox in Firefox, causing the tests to fail in a way that takes days to go through the entire suites. Closes: #877565. * debian/import-tar.py: Make python 3.6 happy. * old-configure*: Allow to build against nspr 4.16. -- Mike Hommey Wed, 15 Nov 2017 09:20:05 +0900 firefox (56.0-2) unstable; urgency=medium * debian/browser.mozconfig.in: Pass NSPR directory to bindgen to workaround bz#1341234. -- Mike Hommey Fri, 29 Sep 2017 13:28:38 +0900 firefox (56.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-21, also known as: CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7812, CVE-2017-7814, CVE-2017-7813, CVE-2017-7815, CVE-2017-7816, CVE-2017-7821, CVE-2017-7823, CVE-2017-7822, CVE-2017-7820, CVE-2017-7811, CVE-2017-7810. * debian/control*: - Bump nspr, nss, rustc and cargo build dependencies. - Build depend on llvm-4.0-dev, libclang-4.0-dev and clang-4.0. * debian/rules: Update ICU_DATA_FILE version. * debian/browser.mozconfig.in, debian/google.key: Add the Google API key from the chromium package for safebrowsing. Thanks Francois Marier. -- Mike Hommey Fri, 29 Sep 2017 07:51:07 +0900 firefox (55.0.3-1) unstable; urgency=medium * New upstream release. * debian/source/lintian-overrides: Add a lintian override for dotzlib.chm. -- Mike Hommey Sat, 09 Sep 2017 20:24:43 +0900 firefox (55.0.2-1) unstable; urgency=medium * New upstream release. * js/src/jit/ExecutableAllocator.h, js/src/jit/none/MacroAssembler-none.h: Fix Spidermonkey build with no jit backend. bz#1376268. -- Mike Hommey Wed, 23 Aug 2017 09:41:36 +0900 firefox (55.0-2) unstable; urgency=medium * ipc/chromium/src/base/message_pump_libevent.cc, ipc/chromium/src/third_party/libevent/linux/event2/event-config.h: Fix FTBFS on i386. bz#1388981. * dom/base/nsWrapperCache.h: Fix FTBFS on powerpc64el. bz#1376277. * media/libcubeb/cubeb-pulse-rs/src/backend/context.rs: Fix cubeb-pulse-rs FTBFS on arm64. -- Mike Hommey Thu, 10 Aug 2017 14:29:21 +0900 firefox (55.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-18, also known as: CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, CVE-2017-7809, CVE-2017-7784, CVE-2017-7802, CVE-2017-7785, CVE-2017-7786, CVE-2017-7806, CVE-2017-7753, CVE-2017-7787, CVE-2017-7807, CVE-2017-7792, CVE-2017-7791, CVE-2017-7808, CVE-2017-7781, CVE-2017-7794, CVE-2017-7803, CVE-2017-7799, CVE-2017-7783, CVE-2017-7788, CVE-2017-7789, CVE-2017-7797, CVE-2017-7780, CVE-2017-7779. * debian/control*: Bump nspr, nss and sqlite build dependencies. * debian/rules: - Preserve Cargo.toml.orig files ; cargo doesn't like that dh_clean removes them. - Copy the MPL-2.0 license from nsprpub instead of b2g, the latter being gone. * debian/browser.js.in: Default to no suggestions in the urlbar. This still brings a panel asking the user whether they want to opt-in on first use. * debian/upstream.mk: Set DIST differently for experimental. * media/webrtc/trunk/gtest/moz.build: Make webrtc-gtest build work with system jpeg and libvpx. bz#1373988. * media/mtransport/third_party/nICEr/nicer.gyp, media/mtransport/third_party/nrappkit/nrappkit.gyp: Disable -Wformat-security where -Wformat is disabled. bz#1388681. Closes: #871386. ('ppc64le', 'Linux'): 'powerpc64le-unknown-linux-gnu', * build/moz.configure/rust.configure: Add ppc64el target for rust code (second attempt). Closes: #864822. -- Mike Hommey Wed, 09 Aug 2017 20:21:59 +0900 firefox (54.0-2) unstable; urgency=medium * debian/upstream.mk: Consider testing/unstable as buster, which implies build depending on system nspr, nss, sqlite and hunspell again. * debian/rules: Really make overrides with USE_SYSTEM_* set to nothing work. * build/moz.configure/rust.configure: Add ppc64el target for rust code. Closes: #864822. -- Mike Hommey Sat, 17 Jun 2017 07:20:23 +0900 firefox (54.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-15, also known as: CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, CVE-2017-7778, CVE-2017-7758, CVE-2017-7762, CVE-2017-7764, CVE-2017-5471, CVE-2017-5470. * Targetting unstable because the required rustc version is available there, and the freeze is almost over, meaning new versions of rustc will receive updates, allowing to build newer versions of Firefox. * debian/rules, debian/control.in: Switch to GCC 4.8 on wheezy. * debian/rules: Don't remove debian/control on clean. Thanks to Emilio Pozuelo Monfort for those two changes for wheezy LTS support. * debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: Rename the BACKPORT variable to DIST, and set it to "stretch" for unstable/testing targetted builds. * debian/rules: Normalize the system libraries used depending on the Debian version. * debian/control*: - Bump nspr and build dependencies. - Bump rustc and cargo build dependencies. * debian/rules: - Allow to override USE_SYSTEM_* variables from the environment. - Remove rules to create mozilla-nspr.pc. It hasn't been shipped since 45.0-1. * debian/browser.install.in: Add the pingsender executable. -- Mike Hommey Wed, 14 Jun 2017 10:56:14 +0900 firefox (53.0.is.53.0-1) experimental; urgency=medium * The "oops, uploaded to unstable instead of experimental" release. -- Mike Hommey Thu, 20 Apr 2017 05:25:25 +0900 firefox (53.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-10, also known as: CVE-2017-5433, CVE-2017-5435, CVE-2017-5436, CVE-2017-5459, CVE-2017-5466, CVE-2017-5434, CVE-2017-5432, CVE-2017-5460, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5464, CVE-2017-5443, CVE-2017-5444, CVE-2017-5446, CVE-2017-5447, CVE-2017-5465, CVE-2017-5448, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5469, CVE-2017-5445, CVE-2017-5449, CVE-2017-5451, CVE-2017-5467, CVE-2017-5453, CVE-2017-5458, CVE-2017-5468, CVE-2017-5430, CVE-2017-5429. * debian/control*: - Bump nss and hunspell build dependencies. * debian/browser-dev*, debian/control*, debian/noinstall.in, debian/rules: Remove the -dev packages, there is no SDK provided for Firefox anymore. * debian/browser.install.in: Install manifest.json instead of clearkey.info. * debian/rules: - No system hunspell for backports. - Build against system nspr/nss, experimental has the right versions. * debian/browser.mozconfig.in, debian/control*, debian/rules: Always enable rust, and bump the rustc dependency. As of version 54, it is not possible to disable rust code anymore. While this is still version 53, there is not much to win by keeping --disable-rust builds on Debian architectures without rustc for 6 more weeks. -- Mike Hommey Wed, 19 Apr 2017 14:50:13 +0900 firefox (52.0.2-1) unstable; urgency=medium * New upstream release. * debian/browser.mozconfig.in, debian/mls.key: Enable geolocation using Mozilla's Location Service. Closes: #726230. * browser/app/profile/firefox.js: Use the Mozilla Location Service when the Google Key is not there. -- Mike Hommey Sun, 02 Apr 2017 06:45:39 +0900 firefox (52.0.1-1) unstable; urgency=medium * New upstream release. * Fix for mfsa2017-08, also known as CVE-2017-5428. * debian/browser.lintian-overrides.in: Add a lintian override for NSPR and NSS. * debian/control*: Build depend on libjsoncpp-dev. * config/system-headers, toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, toolkit/crashreporter/minidump-analyzer/moz.build: Build against system libjsoncpp. -- Mike Hommey Sat, 18 Mar 2017 08:49:59 +0900 firefox (52.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-05, also known as: CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, CVE-2017-5404, CVE-2017-5406, CVE-2017-5407, CVE-2017-5410, CVE-2017-5408, CVE-2017-5412, CVE-2017-5413, CVE-2017-5414, CVE-2017-5415, CVE-2017-5416, CVE-2017-5417, CVE-2017-5426, CVE-2017-5427, CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, CVE-2017-5405, CVE-2017-5421, CVE-2017-5422, CVE-2017-5399, CVE-2017-5398. * debian/control*: Bump nss and sqlite build dependencies. * debian/rules: - Update ICU_DATA_FILE version. - Don't build against system sqlite until we have the right version in Debian. * debian/browser.install.in: - Install chrome.manifest, libmozsandbox.so and minidump-analyzer. - Remove browser/components. -- Mike Hommey Wed, 08 Mar 2017 10:24:05 +0900 firefox (51.0.1-3) unstable; urgency=medium * js/src/jit/mips-shared/Assembler-mips-shared.h, js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, js/src/jit/mips-shared/CodeGenerator-mips-shared.h, js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp, js/src/jit/mips-shared/MacroAssembler-mips-shared.h, js/src/jit/mips32/MacroAssembler-mips32-inl.h, js/src/jit/mips32/MacroAssembler-mips32.cpp, js/src/jit/mips32/MacroAssembler-mips32.h, js/src/jit/mips64/MacroAssembler-mips64-inl.h, js/src/jit/mips64/MacroAssembler-mips64.cpp, js/src/jit/mips64/MacroAssembler-mips64.h: Apply patch from bz#1303688 hopefully fixing the FTBFS on mips*. -- Mike Hommey Thu, 23 Feb 2017 16:34:17 +0900 firefox (51.0.1-2) unstable; urgency=medium * debian/symbols.mk: - Better handle downloading symbols from packages with epochs. - Don't filter file names when getting symbols. - Add experimental buildd apt source for symbols download. - Avoid apt-get download being re-run when the file is already there. - Adjust DBGTYPE depending on package version, not whether it's a backport. - Only dump symbols for files of type application/x-sharedlib. This covers binary executables too because they are PIE and undistinguishable from shared libraries as a consequence. * debian/rules: - Add -fno-schedule-insns2 back. Closes: #854258. - Build with -fno-schedule-insns on armel and armhf when building with GCC6. Closes: #854640. - Hack to disable --gc-sections when building NSS, working around bug #844357 again. Should fix FTBFS on mips*. * debian/browser.desktop.in, debian/rules: Followup for the StartupWMClass changes in 51.0.1-1: Use the same name in desktop file and application.ini RemotingName. Closes: #854397. -- Mike Hommey Sat, 18 Feb 2017 08:17:22 +0900 firefox (51.0.1-1) unstable; urgency=medium * New upstream release. * debian/browser.desktop.in: - Use the application name as StartupWMClass in the desktop file. Along the change to nsAppRunner.cpp, this prevents e.g. GNOME Shell from making Firefox appear as Firefox ESR when both are used. - Remove Encoding key from desktop file. Closes: #812493 * debian/rules: Remove -fno-schedule-insns2 and add -fno-lifetime-dse when building with GCC6. * debian/rules, debian/control*: Build with GCC6 on arm*. Closes: #852009. AFAIK, that will lead to FTBFS on at least armhf, but let's already see how it goes. * debian/upstream.mk: Use pkg-info.mk to figure out source name and version. Closes: #850720. * debian/control*: - Remove build dependency and suggest on libgnome*. It hasn't actually been used for a long time. Closes: #850265. - Bump Standards-Version to 3.9.8. No changes required. - Bump libvpx build dependency. * debian/rules: Resize the symbolic icon. * Move the -l10n-all package to the metapackages section. Closes: #824784. * debian/browser.postrm.in, debian/browser.preinst.in, debian/rules: Don't install preinst and postrm at all for the firefox package. * debian/symbols.apt.conf, debian/symbols.mk, debian/symbols.sources.list: Add scripts to create symbols archive to upload to Mozilla crash servers. * debian/browser-dev.links.in, debian/browser.install.in, debian/browser.mozconfig.in, debian/control*, debian/make.mk, debian/rules: Add more granularity as to what system libraries are used and only disable NSPR/NSS until we have the right versions in Debian. * gfx/2d/BorrowedContext.h, gfx/layers/composite/LayerManagerComposite.*, gfx/layers/moz.build: Fix --disable-skia builds. bz#1319374. * gfx/skia/moz.build: Build Skia NEON code on arm64. * toolkit/xre/nsAppRunner.cpp: Set program name from the remoting name. * config/recurse.mk: Work around race condition between building NSPR and NSS. bz#1115944, bz#1315882. -- Mike Hommey Sun, 05 Feb 2017 15:52:36 +0900 firefox (51.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2017-01, also known as: CVE-2017-5375, CVE-2017-5376, CVE-2017-5377, CVE-2017-5378, CVE-2017-5379, CVE-2017-5380, CVE-2017-5390, CVE-2017-5389, CVE-2017-5396, CVE-2017-5381, CVE-2017-5382, CVE-2017-5383, CVE-2017-5384, CVE-2017-5385, CVE-2017-5386, CVE-2017-5391, CVE-2017-5393, CVE-2017-5387, CVE-2017-5388, CVE-2017-5374, CVE-2017-5373. * debian/upstream.mk: Don't rely on FIREFOX_*_RELEASE tags to pull some files to determine all source urls. * debian/browser.bug-presubj.in: Add a note about submitting crash reports upstream and pasting the url to Debian bug reports. * debian/rules, debian/control*: Adjust rust build configure to new upstream. It requires rustc >= 1.10 and cargo, the latter of which is not available on arm64. Also depend on cargo >= 0.13, that doesn't access the network with the Cargo.toml files in the source. Note rust code is still not enabled unless building a beta release. * debian/control*: Bump nspr, nss and sqlite build dependencies. * debian/rules, debian/control: Use more embedded libraries until the required versions of NSPR and NSS can be in unstable. * build/moz.configure/rust.configure: Force use the i686 rust target. * gfx/skia/skia/include/core/SkPreConfig.h: Generically set SK_CPU_[BL]ENDIAN based on __BYTE_ORDER__ when available. bz#1319389. -- Mike Hommey Wed, 25 Jan 2017 11:27:12 +0900 firefox (50.1.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2016-95, also known as: CVE-2016-9894, CVE-2016-9899, CVE-2016-9895, CVE-2016-9896, CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9904, CVE-2016-9901, CVE-2016-9902, CVE-2016-9903, CVE-2016-9080, CVE-2016-9893. -- Mike Hommey Wed, 14 Dec 2016 06:15:10 +0900 firefox (50.0.2-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2016-{91-92}, also known as: CVE-2016-9078, CVE-2016-9079. * widget/gtk/mozgtk/mozgtk.c: work around race in system Cairo's XShm usage. bz#1271100. -- Mike Hommey Thu, 01 Dec 2016 08:32:08 +0900 firefox (50.0-3) unstable; urgency=medium * media/libjpeg/simd/jsimd_mips.c: Pull libjpeg-turbo upstream fix for FTBFS on mips. * widget/gtk/mozgtk/gtk3/moz.build: Work around Debian bug #844357. -- Mike Hommey Mon, 21 Nov 2016 08:16:53 +0900 firefox (50.0-2) unstable; urgency=medium * debian/rules: Use mach to run icu_source_data.py. This should fix FTBFS on big endian platforms. * js/src/jit/mips64/CodeGenerator-mips64.cpp: Fix CodeGenerator::visitAsmSelectI64. bz#1290811. -- Mike Hommey Sat, 19 Nov 2016 06:16:41 +0900 firefox (50.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2016-{87,89} also known as: CVE-2016-5287, CVE-2016-5288, CVE-2016-5296, CVE-2016-5292, CVE-2016-5297, CVE-2016-9064, CVE-2016-9066, CVE-2016-9067, CVE-2016-9068, CVE-2016-9075, CVE-2016-9077, CVE-2016-5291, CVE-2016-9070, CVE-2016-9073, CVE-2016-9076, CVE-2016-9063, CVE-2016-9071, CVE-2016-5289, CVE-2016-5290. * debian/rules: Only generate configure files on nightlies, and use client.mk to generate them instead of using autoconf manually (which, while compatible, is wrong nowadays). * debian/control*: - Remove outdated alternative build dependencies. - Bump sqlite and nss build dependency. - Add build dependency on libx11-xcb-dev. * debian/browser.mozconfig.in, debian/control*, debian/rules: Enable rust on non-release/ESR. * debian/browser.install.in: Add the EmojiOneMozilla font. -- Mike Hommey Wed, 16 Nov 2016 09:04:23 +0900 firefox (49.0-5) unstable; urgency=medium * debian/rules: - Don't install crashreporter files on arm64, where it's not built. Should fix FTBFS on arm64. - Ship a symbolic icon from the silhouette icon from branding. Closes: #832297. - Remove old workaround for GCC 4.5 on armel. - Remove old workarounds for ia64. - Remove GENSYMBOLS_FLAGS, which hasn't been used for 5 years. - Remove CMP_AWK, which hasn't been used since xulrunner packages were removed. - Remove dh_builddeb override forcing xz compression, which is the default since dpkg 1.15.6. - Remove old workaround for ppc64. - Disable both baseline JIT and ion on mips via prefs. * debian/rules, debian/control: Re-enable Gtk+3 to see how it goes. Closes: #832301. * security/sandbox/linux/SandboxFilter.cpp: Allow media plugins to call madvise with MADV_FREE. bz#1303813. Closes: #838911. * js/src/jit/AtomicOperations.h: Fix crashes in AtomicOperations-none on s390x. Should fix FTBFS on s390x. -- Mike Hommey Sat, 29 Oct 2016 19:54:35 +0900 firefox (49.0-4) unstable; urgency=medium * debian/rules, dbeian/browser.install.in: Always install GMP clearkey. Should fix FTBFSes on non-x86/x86-64, this time. * debian/browser.js.in: Unset media.gmp-manager.url.override. Closes: #838902. * debian/compat, debian/control*: Bump debhelper compat and dependency to 9. * debian/rules, debian/control*: Generate debug symbols debs when not backporting. * debian/browser.install.in, browser.mozconfig.in, debian/rules: Don't disable the crash reporter. -- Mike Hommey Sun, 02 Oct 2016 13:28:11 +0900 firefox (49.0-3) unstable; urgency=medium * debian/browser.desktop.in: Use the full path to the real Firefox executable in the .desktop file. Closes: #832298 * toolkit/moz.configure: Ensure we don't enable Widevine unintentionally. bz#1299694. Should fix FTBFSes on non-x86/x86-64. -- Mike Hommey Sun, 25 Sep 2016 17:34:05 +0900 firefox (49.0-2) unstable; urgency=medium * debian/rules, debian/control*: Only force GCC 5 on arm when building for stretch+. * debian/browser.mozconfig.in, debian/browser.install.in, debian/rules: Do not disable EME. Closes: #838478. * debian/rules, debian/browser.install.in: Build and use big-endian ICU data on big-endian architectures. Fixes FTBFS on big-endian architectures. * build/autoconf/icu.m4: Allow to override ICU_DATA_FILE from the environment. * js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp: OdinMonkey: MIPS: Fix nop-jump patching code. bz#1277478. Fixes FTBFS on mips*el. * media/libjpeg/moz.build: Fix CPU_ARCH test for libjpeg on mips. Fixes FTBFS on mips. -- Mike Hommey Sun, 25 Sep 2016 09:47:54 +0900 firefox (49.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa-2016-85, also known as: CVE-2016-2827, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, CVE-2016-5273, CVE-2016-5276, CVE-2016-5274, CVE-2016-5277, CVE-2016-5275, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284, CVE-2016-5256, CVE-2016-5257. * debian/control*, debian/rules: Compile with GCC 5 on testing/unstable on arm* because of crashes when building with GCC 6. (FTBFS) * debian/control*: Force build against libnss3-dev >= 2:3.26-2~, which fixed its symbols file. Closes: #833719. * build/gyp.mozbuild: Disable libyuv assembly on mips64. (FTBFS) -- Mike Hommey Wed, 21 Sep 2016 10:30:16 +0900 firefox (48.0-2) unstable; urgency=medium * debian/rules: Build with -fno-schedule-insns2 and -fno-delete-null-pointer-checks with GCC >= 6 because it miscompiles Firefox. Closes: #836533. -- Mike Hommey Mon, 05 Sep 2016 07:25:54 +0900 firefox (48.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa-2016-{62-68,70-81,83-84}, also known as: CVE-2016-2836, CVE-2016-2835, CVE-2016-2830, CVE-2016-2838, CVE-2016-2839, CVE-2016-5251, CVE-2016-5252, CVE-2016-0718, CVE-2016-5254, CVE-2016-5255, CVE-2016-5258, CVE-2016-5259, CVE-2016-5260, CVE-2016-5261, CVE-2016-5262, CVE-2016-2837, CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-5266, CVE-2016-5268, CVE-2016-5250. * debian/control*: Bump nss and sqlite build dependencies. * debian/rules: Remove --build from configure invocation. * debian/browser.mozconfig.in: s/NATIVE/SYSTEM/. The variables set for --enable-system flags have changed upstream. * debian/browser.install.in, debian/browser.links.in: Don't install webapprt files, they are gone. * debian/browser.install.in: - Install ICU data file. - libfreebl3 changed name. - Take mozicon128.png from dist/firefox instead of dist/bin. -- Mike Hommey Wed, 03 Aug 2016 09:45:22 +0900 firefox (47.0.1-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 29 Jun 2016 19:25:53 +0900 firefox (47.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa-2016-{49-52,54,56-60}, also known as: CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833. * debian/rules: Read default toolkit from old-configure.in, but still keep Gtk+3 disabled. * debian/upstream.mk: Use l10n_changesets.txt from last candidate build for L10N_REV. -- Mike Hommey Wed, 08 Jun 2016 10:00:04 +0900 firefox (46.0.1-1) unstable; urgency=medium * New upstream release. * debian/control*: Remove build dependencies that were only required for the iceweasel branding. * debian/control*, debian/browser.mozconfig.in: Remove configure flags and build dependencies related to gnomevfs. They have been ignored for close to a year. * debian/browser.mozconfig.in: - Remove configure flags explicitly enabling gio, it has been enabled by default for more than 3 years. - Remove --enable-svg, the option has been ignored for more than 5 years. - Remove --enable-mathml, the option has been ignored for more than 4 years. - Remove --enable-pango, the option has been ignored for 2 years. - Remove --disable-pedantic, the option has been ignored for 3 years. - Remove --disable-long-long-warning, the option has been ignored for almost 5 years. - Remove --disable-gnomeui, it is the default. - Remove --disable-mochitest, the option has been ignored for more than 7 years. - Remove --disable-debug, it is the default. - Remove --enable-canvas, the option has been ignored for more than 6 years. - Remove --disable-installer, the option has been ignored for close to 4 years. - Remove --disable-javaxpcom, the option has been ignored for close to 5 years. - Remove --disable-elf-dynstr-gc, the option has been ignored for more than 2 years. - Remove --enable-url-classifier, it is the default. - Remove --with-user-appdir=.mozilla, it is the default. - Remove --enable-single-profile, the option has been ignored for more than 7 years. - Remove --disable-profilesharing, the option has been ignored for more than 7 years. * debian/rules: Use the mach compare-locales command for l10n. * debian/upstream.mk, debian/watch: Remove "mozilla.org" from path in archive.mozilla.org urls. * debian/upstream.mk: Don't use get a separate source tarball for compare-locales. There is a copy in-tree that we now use. * debian/browser.desktop.in, debian/control*, debian/rules: Allow to distinguish between firefox and firefox-esr. Closes: #821952. * debian/control, debian/rules: Disable Gtk+3 for now. Closes: #822807. -- Mike Hommey Sun, 08 May 2016 09:11:06 +0900 firefox (46.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2016-{39,42,44-48}, also known as: CVE-2016-2807, CVE-2016-2806, CVE-2016-2804, CVE-2016-2811, CVE-2016-2812, CVE-2016-2814, CVE-2016-2816, CVE-2016-2817, CVE-2016-2808, CVE-2016-2820. * debian/browser.install.in: Add ffmpeg vp9 libraries. * debian/browser.lintian-overrides.in: Add a lintian override for libmozavutil.so, which is not exactly libavutil. * debian/control*: Bump nss and sqlite3 build dependencies. * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove gstreamer dependencies and such, gstreamer support was removed upstream. -- Mike Hommey Wed, 27 Apr 2016 09:04:38 +0900 firefox (45.0.2-1) unstable; urgency=medium * New upstream release. -- Mike Hommey Wed, 13 Apr 2016 10:07:02 +0900 firefox (45.0.1-1) unstable; urgency=medium * New upstream release. - Disables Graphite font shaping library. * debian/browser.js.in: Don't mention the pref subdirectory in /etc/firefox*/firefox*.js. Also reword the comment there, and remove some parts of it. Closes: #818322. * debian/control*: - Bump libvpx build dependency to 1.4.0. Closes: #818454. - Switch Vcs-* fields to https urls. - Point Vcs-* urls to the right branch. * debian/rules: Add --exclude=.mkdir.done to TAR_CREATE_FLAGS. * debian/control*, debian/firefox.in, debian/iceweasel.*, debian/l10n/browser-l10n.control.in, debian/rules: Synchronize with the firefox-esr source package. * ipc/chromium/moz.build, ipc/chromium/src/build/build_config.h, ipc/chromium/src/base/atomicops.h, ipc/chromium/src/base/atomicops_internals_arm64_gcc.h: Add aarch64 support for atomic operations. bz#1250403. * ipc/chromium/atomics/moz.build, ipc/chromium/moz.build, media/webrtc/signaling/test/common.build: Link chromium mutex-based atomics implementation to webrtc signaling tests. bz#1257888. This should fix the powerpc FTBFSes. -- Mike Hommey Sat, 19 Mar 2016 02:51:43 +0900 firefox (45.0-1) unstable; urgency=medium * New upstream non-ESR release. -- Mike Hommey Thu, 10 Mar 2016 13:43:34 +0900 firefox-esr (45.0esr-1) unstable; urgency=medium * Farewell, Iceweasel. * New upstream release. * Fixes for mfsa2016-{16-34,37}, also known as: CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1967, CVE-2016-1968, CVE-2016-1966, CVE-2016-1970, CVE-2016-1971, CVE-2016-1975, CVE-2016-1976, CVE-2016-1973, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802. * debian/rules, debian/browser.install.in: Remove xpm icon. It was only shipped for the menu file, which is not there anymore. * debian/control*, debian/changelog: Rename the source package to firefox-esr. * debian/browser.install.in, debian/control*, debian/rules, debian/upstream.mk, debian/vendor.js*: Remove the OFFICIAL_NAME variable and adjust packaging code accordingly. Now all cases will be using the official name, although in some cases the package name might be different. * debian/rules: Remove epoch from l10n package names. * debian/branding, debian/installer/package-manifest.browser, debian/rules, debian/source/include-binaries: Remove debian/branding. * debian/browser.postinst.in, debian/browser.prerm.in: Do not remove compreg.dat, xpti.dat and .autoreg. Those files have not been created for a long time, so no Debian "firefox" package will have created them. * debian/browser.install.in, debian/browser.links.in, debian/rules: Remove the default profile. It's going away for good in version 46 anyways, and hasn't been provided upstream for a very long time. * browser-dev.install.in, debian/libxul.pc.in, debian/mozilla-nspr.pc.in, debian/mozilla-plugin.pc.in, debian/rules: Remove pkg-config files. They don't exist upstream, and are obviously unused in Debian since libxul.pc has been broken since version 40.0. * debian/control*, debian/l10n/browser-l10n.control.in, debian/rules: Add transitional packages when building firefox-esr. * debian/upstream.mk: Remove -esr suffix from PRODUCT_NAME when downloading. * debian/copyright: Update debian/copyright with some missing files. * debian/browser.NEWS.in, debian/browser.README.Debian.in, debian/firefox-esr.NEWS: Rearrange README and NEWS files. Removed outdated information, moved the NTLM info from NEWS to README and added a NEWS file for the transition off iceweasel. * debian/browser.install.in, debian/browser.links.in: Move debsearch searchplugin to usr/share/firefox{-esr,}/distribution/searchplugins. * debian/browser.install.in, debian/browser.links.in: Move preferences from /etc/firefox{-esr,}/pref to /etc/firefox{-esr,}. * debian/control*: Bump nspr and nss build dependencies. * debian/browser.mozconfig.in: Add --with-app-name option for firefox-esr. * debian/browser.install.in: - Don't install libmozgnome.so and corresponding manifests, it's gone. - The default theme is now an XPI. - Install features addons. * debian/browser.preinst.in: Remove iceweasel diversion of /usr/bin/firefox. * debian/rules, debian/removed_conffiles*: Remove all iceweasel conffiles. * debian/source/lintian-overrides: - Remove source package name so that the same file can be used for both firefox and firefox-esr. - Fix some existing lintian overrides to actually work. - Add lintian overrides for new false positives. -- Mike Hommey Thu, 10 Mar 2016 08:43:16 +0900 iceweasel (44.0.2-1) unstable; urgency=medium * New upstream release * Fixes for mfsa2016-13, also known as CVE-2016-1949. * debian/control*: - Bump sqlite3 build dependency. - Bump Standards-Version. No changes required. * debian/copyright: - Rename all BSD-n licenses to BSD-n-clause. - Remove commas separating lines in Files and Copyright. - Fixup some lintian warnings. * debian/source/lintian-overrides: Add lintian overrides for various "errors" in the source package. See associated comments. * debian/rules: Avoid tar creating hard links with -h for symlinks pointing to the same file. * debian/browser.menu.in: Remove menu file. -- Mike Hommey Sun, 14 Feb 2016 18:25:51 +0900 iceweasel (44.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2016-{01-04,06,09-11}, also known as: CVE-2016-1930, CVE-2016-1931, CVE-2016-1933, CVE-2016-1935, CVE-2016-1939, CVE-2016-1937, CVE-2016-1942, CVE-2016-1943, CVE-2016-1944, CVE-2016-1945, CVE-2016-1946, CVE-2016-1947. * js/src/jit/mips-shared/Architecture-mips-shared.h, js/src/jit/mips-shared/Assembler-mips-shared.*, js/src/jit/mips32/Architecture-mips32.*, js/src/jit/mips32/Assembler-mips32.*, js/src/jit/mips64/Architecture-mips64.*, js/src/jit/mips64/Assembler-mips64.*: Fix build failure on mipsel. bz#1213146. -- Mike Hommey Wed, 27 Jan 2016 11:12:44 +0900 iceweasel (43.0.4-1) unstable; urgency=medium * New upstream release. * debian/removed_conffiles: Add profile/bookmarks.html to the list of removed conffiles. Closes: #809309. * debian/removed_conffiles*, debian/rules: Add @browser@rc to the list of removed conffiles. Closes: #809386. -- Mike Hommey Fri, 08 Jan 2016 08:03:06 +0900 iceweasel (43.0.2-1) unstable; urgency=medium * New upstream release. * debian/latest_nightly.py, debian/upstream.mk: Ensure aurora/nightly versions match the requested one for `debian/rules download`. * toolkit/mozapps/extensions/internal/XPIProvider.jsm: Simplify change allowing unsigned addons in /usr/{lib,share}/mozilla/extensions. * browser/components/migration/MigrationUtils.jsm, browser/components/nsBrowserGlue.js, browser/installer/package-manifest.in, browser/locales/Makefile.in: Move bookmarks.html to a chrome localized location. bz#1235107. * js/src/jit/mips-shared/Lowering-mips-shared.*, js/src/jit/mips32/Lowering-mips32.h: Move LIRGeneratorMIPS::visitRandom to architecture-specific: bz#1206591. -- Mike Hommey Mon, 28 Dec 2015 16:45:41 +0900 iceweasel (43.0.1-1) experimental; urgency=medium * New upstream release. * toolkit/mozapps/extensions/content/extensions.js, toolkit/mozapps/extensions/internal/XPIProvider.jsm: Allow unsigned addons in /usr/{lib,share}/mozilla/extensions when upgrading as well, and avoid message about them not being verified in about:addons. Closes: #808228. * security/nss/lib/ckfw/builtins/certdata.txt: Remove the SPI Inc. and CAcert.org CA certificates for backports. The former was removed in NSS 3.21-1 and the latter in 3.16-1, and remained here largely overlooked. * media/webrtc/trunk/build/build_config.h: Add aarch64 macros. bz#1219566. -- Mike Hommey Sat, 19 Dec 2015 12:15:56 +0900 iceweasel (43.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{134-149}, also known as: CVE-2015-7201, CVE-2015-7202, CVE-2015-7204, CVE-2015-7207, CVE-2015-7208, CVE-2015-7210, CVE-2015-7212, CVE-2015-7215, CVE-2015-7211, CVE-2015-7218, CVE-2015-7219, CVE-2015-7216, CVE-2015-7217, CVE-2015-7203, CVE-2015-7220, CVE-2015-7221, CVE-2015-7205, CVE-2015-7213, CVE-2015-7222, CVE-2015-7223, CVE-2015-7214. * debian/control*: Bump nss build dependency. * debian/rules: - Follow upstream default for Gtk+2 vs. Gtk+3 automatically. - Only extract defaults/{preferences,profile} from browser/omni.ja. * debian/browser.install.in: Don't install libdbusservice.so, it's gone. * toolkit/mozapps/extensions/internal/XPIProvider.jsm: Allow unsigned addons in /usr/{lib,share}/mozilla/extensions. Closes: #800150. -- Mike Hommey Wed, 16 Dec 2015 10:56:36 +0900 iceweasel (42.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{116-118,121-123,127-132}, also known as: CVE-2015-4513, CVE-2015-4514, CVE-2015-4515, CVE-2015-4518, CVE-2015-7187, CVE-2015-7188, CVE-2015-7189, CVE-2015-7193, CVE-2015-7194, CVE-2015-7195, CVE-2015-7196, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200, CVE-2015-7197. * debian/control*: Bump nspr, nss and sqlite build dependencies. * debian/browser.install.in: - Adapt to location change for the Gtk+2 wrapper library. - Install liblgpllibs.so. * debian/branding/content/Makefile.in: identity-icons-brand*.png were replaced by a svg. -- Mike Hommey Wed, 04 Nov 2015 09:08:45 +0900 iceweasel (41.0.2-1) experimental; urgency=medium * New upstream release. * Fix for mfsa2015-115, also known as CVE-2015-7184. -- Mike Hommey Fri, 16 Oct 2015 08:30:41 +0900 iceweasel (41.0.1-1) experimental; urgency=medium * New upstream release. * debian/watch: Update watch file to use https://archive.mozilla.org/ and xz archives. * toolkit/library/moz.build: Link libxul against libatomic when necessary. bz#1178266. -- Mike Hommey Mon, 05 Oct 2015 09:38:16 +0900 iceweasel (41.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{96,98,102-112}, also known as: CVE-2015-4500, CVE-2015-4501, CVE-2015-4504, CVE-2015-4507, CVE-2015-4508, CVE-2015-4510, CVE-2015-4511, CVE-2015-4509, CVE-2015-4512, CVE-2015-4502, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7177. * debian/control*: Bump sqlite build dependency. * config/system-headers: Add a system header wrapper for . bz#1194520. -- Mike Hommey Wed, 23 Sep 2015 11:34:28 +0900 iceweasel (40.0.3-3) experimental; urgency=medium * debian/browser.js.in: Disable Health Report upload. * build/autoconf/toolchain.m4: Fixup for libatomic detection. * browser/components/preferences/applications.js, uriloader/exthandler/nsHandlerService.js: Revert patch from 3.0.1-1 that doesn't seem useful anymore. * browser/confvars.sh: Stop not building Health Report. * l10n-ru/browser/chrome/browser-region/region.properties: Revert reordering of mailto handlers. * toolkit/components/search/nsSearchService.js: Revert change from 12.0-1 that handled the transition to /etc//searchplugins more gracefully because that's not doing anything useful anymore. -- Mike Hommey Mon, 31 Aug 2015 11:32:14 +0900 iceweasel (40.0.3-2) experimental; urgency=medium * debian/rules, debian/removed_conffiles, debian/browser.postinst.in, debian/browser.postrm.in, debian/browser.preinst.in: Remove past conffiles. Closes: #795353. * build/autoconf/toolchain.m4, mfbt/moz.build: Link against libatomic when necessary to fix FTBFS on powerpc and mips. -- Mike Hommey Sun, 30 Aug 2015 20:08:08 +0900 iceweasel (40.0.3-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{94-95}, also known as: CVE-2015-4497, CVE-2015-4498. * debian/import-tar.py, debian/repack.py, debian/upstream.mk: Adjust debian/upstream.mk, debian/repack.py and debian/import-tar.py to cope with xz source tarballs. * debian/control*: Suggest Latin Modern Math instead of MathJax TeX fonts for MathML rendering, and remove suggestion for Asana Math. Thanks Frédéric Wang. Closes: #792012. * debian/rules, debian/upstream.mk: Don't set LESS_SYSTEM_LIBS when building a backport for stretch. Closes: #795331. * debian/copyright: Fix typo in MPL 1.1 license version number. Closes: #755802. * debian/upstream.mk: Avoid latest_nightly.py being run every time debian/rules is invoked for aurora builds. * debian/rules, debian/control.in: Force build with GCC 4.7 when backporting to wheezy. * media/libvpx/moz.build: Build libvpx neon code without -mthumb and -mfloat-abi=softfp. Closes: #795337. * configure.in: Build libvpx neon code with -mfloat-abi=softfp on armel. * media/libjpeg/simd/jsimd_mips_dspr2.S: Fix build error in MIPS SIMD when compiling with -mfpxx. -- Mike Hommey Fri, 28 Aug 2015 18:49:49 +0900 iceweasel (40.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{79-83,86-88,90-92}, also known as: CVE-2015-4473, CVE-2015-4474, CVE-2015-4475, CVE-2015-4477, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4493, CVE-2015-4483, CVE-2015-4484, CVE-2015-4491, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4490, CVE-2015-4492. * debian/latest_nightly.py, debian/upstream.mk: Modify latest_nightly.py to work without ftp now that it's gone. * debian/upstream.mk: Switch to HTTPS for all hg.mozilla.org urls. * debian/rules, debian/browser.install.in: Don't copy searchplugins to /etc/iceweasel. They now are in chrome://. * debian/browser.install.in: Don't install libmozalloc.so, it doesn't exist anymore. * toolkit/components/search/nsSearchService.js: Revert change from 32.0.3-1 that bumped the search engine max icon size to 35kB because it's not needed anymore. -- Mike Hommey Wed, 12 Aug 2015 09:21:06 +0900 iceweasel (39.0.3-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-78, also known as CVE-2015-4495. * debian/source.filter: Remove the source tarball filtering of search plugin icons. See 20150715221703.GD19084@glandium.org. -- Mike Hommey Fri, 07 Aug 2015 08:52:52 +0900 iceweasel (39.0-1) experimental; urgency=medium * New upstream release. * debian/branding/content/Makefile.in: Re-revert to non-ESR branding. -- Mike Hommey Fri, 03 Jul 2015 19:07:36 +0900 iceweasel (38.1.0esr-2) unstable; urgency=medium * debian/control*: Bump NSS build dependency. -- Mike Hommey Fri, 03 Jul 2015 15:26:43 +0900 iceweasel (38.1.0esr-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2015-{59-67,69}, also known as: CVE-2015-2724, CVE-2015-2725, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2731, CVE-2015-2730, CVE-2015-2722, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, CVE-2015-2741, CVE-2015-2743. * debian/rules: Use the right --target, --host and --build arguments to configure for the Mozilla build system, which uses different meanings. * debian/branding/firefox-branding.js: Add devtools.selfxss.count pref to the iceweasel branding to match unofficial branding. Closes: #787975. * debian/browser.js.in: Use a sticky pref for browser.newtabpage.enhanced. * debian/branding/content/Makefile.in: Revert branding changes for SVG wordmark, not used on ESR * modules/libpref/prefapi.*, modules/libpref/prefread.*, modules/libpref/test/unit/data/testPrefSticky*.js, modules/libpref/test/unit/test_stickyprefs.js, modules/libpref/test/unit/xpcshell.ini: support 'sticky' preferences, meaning a user value is retained even when it matches the default. bz#1098343. * browser/app/profile/firefox.js, browser/base/content/newtab/intro.js, browser/base/content/newtab/page.js, browser/modules/DirectoryLinksProvider.jsm: Update patch from bz#1094324 to fit what landed upstream in newer versions. -- Mike Hommey Fri, 03 Jul 2015 08:57:25 +0900 iceweasel (38.0.1-5) unstable; urgency=medium * debian/rules: Force a timezone when extracting defaults/* files from omni.ja archives. -- Mike Hommey Wed, 27 May 2015 07:36:04 +0900 iceweasel (38.0.1-4) unstable; urgency=medium * python/mozbuild/mozpack/files.py: Fixup to keep file type. * toolkit/content/Makefile.in, toolkit/content/buildconfig.html: Remove build machine name from about:buildconfig. bz#1168316. -- Mike Hommey Tue, 26 May 2015 21:39:38 +0900 iceweasel (38.0.1-3) unstable; urgency=medium * debian/upstream.mk: Force a timezone when setting MOZ_BUILD_DATE. * python/mozbuild/mozpack/files.py: Normalize file mode in jars. bz#1168231. -- Mike Hommey Tue, 26 May 2015 08:13:55 +0900 iceweasel (38.0.1-2) unstable; urgency=medium * debian/upstream.mk: Set MOZ_BUILD_DATE to the date of the last debian/changelog entry for non-Aurora builds. * debian/branding/content/Makefile.in: Add a dummy conversion for about.png to remove timestamps. * debian/browser.js.in: Default to classic view for about:newtab. * debian/copyright: Update copyright file to some degree. * debian/control*: Bump Standards-Version to 3.9.6.0. - debian/rules: Add build-arch and build-indep targets to debian/rules. * debian/control*: Switch Vcs-* urls to anonscm.debian.org. * ipc/testshell/XPCShellEnvironment.cpp, js/src/shell/js.cpp, js/xpconnect/src/XPCShellImpl.cpp: Remove build() function from js and xpc shells. bz#1166243. * toolkit/locales/l10n.mk. Use dozip.py for langpacks. bz#1166538. * browser/app/profile/firefox.js, browser/base/content/newtab/intro.js browser/modules/DirectoryLinksProvider.jsm: Set browser.newtabpage.enhanced default in prefs. bz#1094324. -- Mike Hommey Mon, 25 May 2015 13:25:40 +0900 iceweasel (38.0.1-1) unstable; urgency=medium * New upstream release. * debian/vendor.js.in: Disable auto-installing webide related addons. Closes: #785595. * debian/rules: Disable jit on mips. Only mipsel is supported by the jit code currently. * configure.in, media/libjpeg/moz.build: Fixup libjpeg-turbo assembly cleanup. * security/manager/ssl/src/SSLServerCertVerification.cpp: Add a NULL-check for extensions on the end entity certificate when gathering EKU telemetry. Closes: #782772. -- Mike Hommey Tue, 19 May 2015 13:56:45 +0900 iceweasel (38.0-2) unstable; urgency=medium * debian/repack.py: Fix to support filter patterns excluding a top-level directory. * configure.in: Cleanup how libjpeg-turbo assembly build variables are set. bz#1165654. This should fix FTBFSes on arm64 and mips*. * memory/mozjemalloc/jemalloc.c: Make powerpc not use static page sizes. Closes: #763900. -- Mike Hommey Sun, 17 May 2015 10:48:06 +0900 iceweasel (38.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2015-{46,48-51,53-56}, also know as: CVE-2015-2708, CVE-2015-2709, CVE-2015-2710, CVE-2015-2711, CVE-2015-2712, CVE-2015-2713, CVE-2015-2715, CVE-2015-2716, CVE-2015-2717, CVE-2015-2718. * debian/branding/Makefile.in, debian/branding/moz.build: Adapt build rules to upstream changes * debian/branding/locales/en-US/brand.*: Add brandShorterName to Iceweasel branding. * debian/branding/content/Makefile.in: Add silhouette-40.svg from the unofficial branding to iceweasel branding * debian/control*: Bump nss and sqlite build dependencies. * debian/control.in, debian/upstream.mk: Change backport rules. - Set LESS_SYSTEM_LIBS on wheezy and jessie. - Only use gstreamer 0.10 on wheezy. -- Mike Hommey Wed, 13 May 2015 09:59:33 +0900 iceweasel (37.0.2-1) experimental; urgency=medium * New upstream release. * Fix for mfsa2015-45, also known as CVE-2015-2706. -- Mike Hommey Tue, 21 Apr 2015 07:44:32 +0900 iceweasel (37.0.1-1) experimental; urgency=medium * New upstream release. * Fix for mfsa2015-44, also known as CVE-2015-0799. * debian/browser.js.in: Change the pref used to disable openh264. Closes: #769716. -- Mike Hommey Sat, 04 Apr 2015 10:29:21 +0900 iceweasel (37.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{30-34,36-40,42}, also known as: CVE-2015-0815, CVE-2015-0814, CVE-2015-0813, CVE-2015-0812, CVE-2015-0816, CVE-2015-0811, CVE-2015-0808, CVE-2015-0807, CVE-2015-0805, CVE-2015-0806, CVE-2015-0803, CVE-2015-0804, CVE-2015-0801, CVE-2015-0802. -- Mike Hommey Wed, 01 Apr 2015 08:47:45 +0900 iceweasel (36.0.4-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{28-29}, also known as: CVE-2015-0818, CVE-2015-0817. -- Mike Hommey Sun, 22 Mar 2015 10:30:14 +0900 iceweasel (36.0.1-2) experimental; urgency=medium * debian/browser.mozconfig.in: Don't build with --disable-eme, reverting the change from 36.0-1. -- Mike Hommey Mon, 09 Mar 2015 11:04:37 +0900 iceweasel (36.0.1-1) experimental; urgency=medium * New upstream release. * gfx/layers/basic/BasicCompositor.cpp, gfx/layers/basic/BasicLayerManager.cpp: Reintroduce pixman code path removed in bz#1097776 for --disable-skia builds. bz#1136958. -- Mike Hommey Mon, 09 Mar 2015 08:45:03 +0900 iceweasel (36.0-2) experimental; urgency=medium * debian/browser.mozconfig.in: Force enable skia, to possibly fix FTBFS on non-x86/amd64/arm architectures. * gfx/skia/moz.build: Remove duplicate SkDiscardableMemory_none.cpp. bz#1136958. -- Mike Hommey Thu, 26 Feb 2015 18:12:45 +0900 iceweasel (36.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{11,13-17,19-27}, also known as: CVE-2015-0836, CVE-2015-0835, CVE-2015-0832, CVE-2015-0830, CVE-2015-0834, CVE-2015-0831, CVE-2015-0829, CVE-2015-0827, CVE-2015-0826, CVE-2015-0825, CVE-2015-0824, CVE-2015-0823, CVE-2015-0822, CVE-2015-0821, CVE-2015-0819, CVE-2015-0820. * debian/control*: Bump nss and sqlite build dependencies. * debian/branding/Makefile.in, debian/branding/moz.build, debian/extra-stuff/Makefile.in, debian/extra-stuff/moz.build: Update and cleanup. * debian/browser.install.in: Remove mozilla-xremote-client, it was removed upstream. * debian/browser.install.in, debian/rules: Remove libmozsandbox.so, it's not a shared library anymore. * debian/browser.mozconfig.in: Build with --disable-eme for now, -- Mike Hommey Wed, 25 Feb 2015 16:16:40 +0900 iceweasel (35.0.1-1) experimental; urgency=medium * New upstream release. * debian/browser.install.in, debian/rules: Only install libmozsandbox.so on i386 and amd64. * debian/control: Recommend gstreamer packages for video playing capabilities. Closes: #737092. Also change the gstreamer build dependencies not to use alternatives. -- Mike Hommey Fri, 30 Jan 2015 10:31:28 +0900 iceweasel (35.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2015-{01-06,08-09}, also known as: CVE-2014-8634, CVE-2014-8635, CVE-2014-8637, CVE-2014-8637, CVE-2014-8639, CVE-2014-8640, CVE-2014-8641, CVE-2014-8642, CVE-2014-8636. * debian/browser.mozconfig.in: Build with --enable-pie instead of our own patch to the build system. * moz.build: Fix how debian/extra-stuff is added to upstream build system directory traversal after upstream changes. -- Mike Hommey Wed, 14 Jan 2015 11:46:37 +0900 iceweasel (34.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{83-89,91}, also known as: CVE-2014-1587, CVE-2014-1588, CVE-2014-1589, CVE-2014-1590, CVE-2014-1591, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594, CVE-2014-8631, CVE-2014-8632. * debian/branding/firefox-branding.js: Set browser.aboutHomeSnippets.updateUrl to "data:text/html,", which resets previously downloaded snippets after a day. * debian/browser.js.in: Avoid openh264 being downloaded and disable it if it is already there. Closes: #769716. * debian/control*: Bump nss and sqlite build dependencies. * debian/rules: Remove --disable-compile-environment for l10n builds because of bz#1063880. * debian/browser.install.in: Add sandbox library. -- Mike Hommey Wed, 03 Dec 2014 01:11:24 -0800 iceweasel (33.1-1) experimental; urgency=medium * New upstream release. * debian/changelog: Add missing entries for 27.0.1-1. * debian/rules: Don't force to build with GCC 4.9 on armhf anymore. * debian/browser.mozconfig.in: Don't build with --enable-unified-compilation. It may be causing build problems on architectures with limited resources. * debian/browser.install.in, debian/browser.postinst.in, debian/browser.postrm.in, debian/browser.preinst.in, debian/duckduckgo.xml: Remove duckduckgo search engine, since upstream now has it included. * debian/branding/firefox-branding.js: - Set browser.startup.homepage_override.mstone to "ignore". - Set browser.aboutHomeSnippets.updateUrl to nothing. Closes: #721689. * Import patches from the nss source package that are relevant to building iceweasel against the in-tree nss source, for backports: - security/nss/lib/freebl/unix_rand.c, security/nss/cmd/shlibsign/shlibsign.c: Fix FTBFS on Hurd because of MAXPATHLEN - security/nss/coreconf/Linux.mk, security/nss/coreconf/arch.mk, security/nss/coreconf/config.mk, security/nss/lib/freebl/unix_rand.c, security/nss/lib/softoken/softoken.h, security/nss/lib/ssl/sslmutex.*: GNU/kFreeBSD support. - security/nss/lib/ckfw/builtins/certdata.txt: Adds the SPI Inc. and CAcert.org CA certificates. Those patches were applied on the esr24 branch, but were forgotten on the release branch at the time. * media/libcubeb/tests/moz.build: Work around binutils assertion on mips. -- Mike Hommey Tue, 11 Nov 2014 12:08:34 +0900 iceweasel (33.0-2) experimental; urgency=medium * debian/control*, debian/rules: Do not build depend on gstreamer 1.0 when building a backport. * netwerk/base/public/security-prefs.js, security/manager/ssl/src/nsNSSComponent.cpp: Disable SSLv3 to address CVE-2014-3566. bz#1076983. -- Mike Hommey Sat, 18 Oct 2014 10:45:27 +0900 iceweasel (33.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{74-76,78-82}, also known as: CVE-2014-1574, CVE-2014-1575, CVE-2014-1576, CVE-2014-1577, CVE-2014-1580, CVE-2014-1581, CVE-2014-1582, CVE-2014-1584, CVE-2014-1585, CVE-2014-1586, CVE-2014-1583. * debian/control*: Bump nss and sqlite build dependencies. * debian/browser.install.in, debian/control.in, debian/rules, debian/upstream.mk, debian/vendor.js.in: Change how official branding is handled. * debian/rules: Disable tests on stable-security. * debian/browser.install.in, debian/browser.mozconfig.in, debian/control.in, debian/rules: Allow to build against Gtk+3 by setting the GTK3 environment variable while building. -- Mike Hommey Wed, 15 Oct 2014 09:40:22 +0900 iceweasel (32.0.3-1) experimental; urgency=medium * New upstream release. * toolkit/components/search/nsSearchService.js: Bump search engine max icon size to 35kB. Closes: #749084. * build/autoconf/compiler-opts.m4, config/rules.mk: Build target programs as position independent executable when supported by gcc/clang. bz#857628. -- Mike Hommey Thu, 25 Sep 2014 15:27:37 +0900 iceweasel (32.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{67-70,72}, also known as: CVE-2014-1562, CVE-2014-1553, CVE-2014-1554, CVE-2014-1563, CVE-2014-1564, CVE-2014-1565, CVE-2014-1567. * debian/browser.bug-script.in, debian/browser.install.in, debian/extra-stuff/Makefile.in, debian/extra-stuff/reportbug-helper-script, debian/installer/package-manifest.browser: Fix bug script. * debian/browser.install.in, debian/rules, debian/upstream.mk: Install libreplace_malloc.so when building a nightly. * debian/control*: Bump nss and sqlite build dependencies. -- Mike Hommey Wed, 03 Sep 2014 15:08:17 +0900 iceweasel (31.0-3) unstable; urgency=high * The "this time it's going to build on armel" release. * debian/rules, debian/control*: Update configure with autoconf2.13 every time. * configure.in: Use integers for audio when on Android, or when using ARM on other OSes, and disable webm encoding. bz#1047791. -- Mike Hommey Sun, 03 Aug 2014 09:52:28 +0900 iceweasel (31.0-2) unstable; urgency=high * Urgency set to high to have a faster transition after armel FTBFS is fixed (which is the only thing that prevented the transition). * debian/control*: Remove forced gcc-4.9 build dependency for armhf. * media/libopus/moz.build: Disable some libopus ARM features on < ARMv6. bz#1025689. -- Mike Hommey Sat, 02 Aug 2014 09:28:53 +0900 iceweasel (31.0-1) unstable; urgency=medium * New upstream release. - Fixes crashes in WbGL when building with GCC 4.9. Closes: #751569. * Fixes for mfsa2014-{56-58,60-62,64-66}, also known as: CVE-2014-1547, CVE-2014-1548, CVE-2014-1549, CVE-2014-1550, CVE-2014-1561, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557, CVE-2014-1558, CVE-2014-1559, CVE-2014-1560, CVE-2014-1552. * debian/browser.lintian-overrides.in: Add lintian override for embedded srtp. * debian/browser.NEWS.in: Add a NEWS file to note the deprecation of NTLMv1 authentication. -- Mike Hommey Wed, 23 Jul 2014 08:00:15 +0900 iceweasel (30.0-2) unstable; urgency=medium * debian/browser-dev.install.in, debian/control*, debian/libxul.pc.in, debian/mozilla-nspr.pc.in, debian/mozilla-plugin.pc.in, debian/rules: Add a few pkg-config files to the iceweasel-dev package. Closes: #751268. * gfx/skia/trunk/src/opts/SkBlitRow_opts_arm.cpp: Re-apply patch from bz#901208 that upstream dropped when updating skia. -- Mike Hommey Sat, 14 Jun 2014 09:30:39 +0900 iceweasel (30.0-1) unstable; urgency=medium * New upstream release. * Fixes for mfsa2014-{48-49,51-54}, almost known as: CVE-2014-1533, CVE-2014-1534, CVE-2014-1536, CVE-2014-1537, CVE-2014-1538, CVE-2014-1540, CVE-2014-1541, CVE-2014-1542, CVE-2014-1543. * debian/control*: Bump sqlite3 and nspr build dependencies. * debian/rules: Don't check autoconf.mk and emptyvars.mk in js/src/config, that's not used anymore. * debian/browser-dev.install.in, debian/browser-dev.links.in, debian/browser.install.in, debian/browser.links.in, debian/browser.lintian-overrides.in, debian/browser.mozconfig.in debian/control*, debian/extra-stuff/Makefile.in, debian/installer/package-manifest.browser, debian/noinstall.in, debian/rules, debian/test.mk: Stop building xulrunner packages. * debian/installer/package-manifest.xulrunner, debian/dh/*, debian/xulrunner*: Removed. * debian/browser.lintian-overrides.in: Add lintian override for embedded libpng with APNG support. * debian/rules: Make xpcshell executable in the SDK. * debian/copyright: Point to /usr/share/common-licenses/Apache-2.0 instead of including the whole license. Also fix a couple typos. * browser/components/migration/content/migration.js, browser/components/migration/content/migration.xul, browser/components/migration/src/BrowserProfileMigrators.manifest, browser/components/migration/src/FirefoxProfileMigrator.js, browser/components/migration/src/MigrationUtils.jsm, browser/components/migration/src/ProfileMigrator.js, browser/locales/en-US/chrome/browser/migration/migration.dtd, browser/locales/en-US/chrome/browser/migration/migration.properties, l10n-*/browser/chrome/browser/migration/migration.properties, toolkit/content/resetProfile.js, toolkit/modules/ResetProfile.jsm, toolkit/profile/nsIProfileMigrator.idl, toolkit/xre/nsAppRunner.cpp: Revert previous "Reset Firefox" changes. * toolkit/modules/ResetProfile.jsm, toolkit/xre/nsAppRunner.cpp: Use "firefox" instead of MOZ_APP_NAME for profile reset. * xulrunner/moz.build, xulrunner/installer/*.pc.in, xulrunner/confvars.sh, xulrunner/app/xulrunner.js, netwerk/test/unit/test_socks.js, webapprt/gtk2/webapprt.cpp, configure.in, xpcom/glue/standalone/nsXPCOMGlue.cpp: Revert changes that are irrelevant now that Iceweasel is not a xulrunner application. * browser/app/profile/firefox.js, browser/locales/en-US/firefox-l10n.js: Revert changes to general.useragent.locale. They are actually not required. -- Mike Hommey Sat, 07 Jun 2014 10:27:46 +0900 iceweasel (29.0.1-2) unstable; urgency=medium * debian/rules: - Don't pull MOZ_UA_BUILDID from official branding, it's not there anymore and not useful anyways since bz#728773. - Properly create all stamp files. * debian/control*: xulrunner-dev conflicts with libmozjs-dev. Closes: #747761 * debian/rules, debian/control*: Use GCC 4.9 on armhf to work around bug #748422. * js/xpconnect/src/XPCWrappedJSClass.cpp, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_ppc_*.cpp, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_sparc_*.cpp: Fixup ppc and sparc xpconnect -- Mike Hommey Sat, 24 May 2014 08:11:59 +0900 iceweasel (29.0.1-1) unstable; urgency=medium * New upstream release. * debian/control*, debian/rules: Don't separate out the libdbusservice component for dh_shlibdeps. libxul.so has had the same dependencies for a while anyways. * debian/rules: Replace occurrences of /usr/lib/$($(PRODUCT)) with $(LIB_DIR). * debian/xulrunner-dev.links.in: Install nspr-config in the sdk, not the application directory. Also don't install it when building with bundled nspr. * debian/browser.mozconfig*, debian/rules: Move --with-system-nspr/nss flags to browser.mozconfig. * debian/rules: Use browser.mozconfig to build l10n. * debian/control*, debian/rules, debian/xulrunner.mozconfig.in: Build against gstreamer 1.0 when possible. * js/src/jit/BaselineIC.cpp, js/src/jit/arm/MacroAssembler-arm.cpp, js/src/jit/arm/MacroAssembler-arm.h: Fix mis-refactoring, and add some asserts to let debug users know that float32 can be broken. bz#957504. * Pass JSVAL as a pointer to the structure on ppc. bz#961488. * configure.in, content/media/gstreamer/GStreamerAllocator.*, content/media/gstreamer/GStreamerFormatHelper.cpp, content/media/gstreamer/GStreamerFunctionList.h, content/media/gstreamer/GStreamerLoader.*, content/media/gstreamer/GStreamerReader*, content/media/gstreamer/moz.build, content/media/test/manifest.js: Add support for GStreamer 1.0. bz#806917. -- Mike Hommey Sun, 11 May 2014 15:53:14 +0900 iceweasel (29.0-2) experimental; urgency=medium * debian/rules: Don't use find to get the list of autoconf.mk and emptyvars.mk files. This should fix the FTBFSes on i386 and armhf. * debian/branding/content/Makefile.in, debian/branding/content/jar.mn, debian/branding/locales/Makefile.in, debian/branding/locales/jar.mn: Add missing icons to branding. Closes: #747049. * debian/browser.links.in: Remove dangling /usr/lib/iceweasel/browser/modules. Closes: #746529. * gfx/src/nsDeviceContext.cpp: Backout bz#991767 for causing bz#1003707. Closes: #746598. -- Mike Hommey Wed, 07 May 2014 10:30:20 +0900 iceweasel (29.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{34,36-39,41-44,46-47}, almost known as: CVE-2014-1518, CVE-2014-1519, CVE-2014-1522, CVE-2014-1523, CVE-2014-1525, CVE-2014-1528, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532, CVE-2014-1526. * debian/control*: Bump nspr and sqlite3 build dependencies. * debian/rules: Adjust AUTOCONF_DIRS. * debian/branding/moz.build, debian/branding/content/moz.build, debian/branding/locales/moz.build: Add now necessary definition for jar.mn. * debian/branding/configure.sh: Set MOZ_APP_NAME. * debian/browser.install.in, debian/browser.mozconfig, debian/rules: Use omnijar chrome format for browser. * debian/control*: Build depend on iso-codes. * config/makefiles/target_binaries.mk, config/rules.mk, js/src/Makefile.in: Revert changes to add sonames, since the last library this was used for is mozjs, and it was removed in 28.0-1. -- Mike Hommey Mon, 28 Apr 2014 23:21:57 -0700 iceweasel (28.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{15,17-20,22-23,26-32}, also known as CVE-2014-1493, CVE-2014-1494, CVE-2014-1497, CVE-2014-1498, CVE-2014-1499, CVE-2014-1500, CVE-2014-1502, CVE-2014-1504, CVE-2014-1508, CVE-2014-1509, CVE-2014-1505, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514. * debian/branding/content/Makefile.in, debian/branding/content/jar.mn, debian/branding/content/wordmark.xsl: Adapt Iceweasel branding to upstream changes. Closes: #739797. * debian/extra-stuff/Makefile.in, debian/installer/Makefile.in, debian/rules: Fix various places to use the new location of the upstream preprocessor. * debian/control*: - Bump nspr, sqlite and vpx build dependencies. - Add build dependency on libpulse-dev. * debian/branding/content/Makefile.in: Fix iceweasel branding build after bz#934361. * moz.build, debian/rules, debian/extra-stuff/moz.build: Add debian/extra-stuff to upstream build system directory traversal. * moz.build: Make upstream build system create debian/installer/Makefile. * debian/rules: Remove rules to create Makefiles, they don't work anymore. * debian/rules: Fix dh_xulrunner npapi check to fit upstream changes. * debian/xulrunner.mozconfig.in, debian/control*: Use in-tree libvpx for backports. * debian/latest_nightly.py: Use ftplib instead of ftputil. * debian/noinstall.in, debian/xulrunner-dev.install.in: Install mozilla-nspr.pc and mozilla-nss.pc when building backports. Closes: #739490. * debian/control*, debian/libmozjs*, debian/noinstall.in, debian/rules, debian/smjs.1, debian/spidermonkey-bin*, debian/xulrunner-GRE_VERSION.links.in, debian/xulrunner-dev.install.in, debian/xulrunner.mozconfig.in: Stop building spidermonkey packages. * debian/xulrunner.mozconfig.in: Enable unified compilation for faster builds, smaller debug info and possibly less memory usage when linking. * modules/libpref/src/moz.build, modules/libpref/src/Makefile.in: Fixup MOZ_OFFICIAL_BRANDING use for phishing shavar after upstream build system changes. * xulrunner/installer/mozilla-ns*.pc.in: Fix includedir in mozilla-nspr.pc and mozilla-nss.pc. bz#985200. -- Mike Hommey Wed, 19 Mar 2014 13:18:08 +0900 iceweasel (27.0.1-1) experimental; urgency=medium * New upstream release. * debian/copyright, debian/rules: Update copyright info. Closes: #735297. * debian/source.filter: - Remove build/pgo/blueprint/valid.png from the source archive. Closes: #736592 - Remove minified jquery from source archive. Closes: #736725. * debian/control*: Bump nspr and nss build dependencies. * debian/rules: Work around build failure following the removal of valid.png. -- Mike Hommey Sat, 22 Feb 2014 12:15:46 +0900 iceweasel (27.0-2) experimental; urgency=medium * debian/installer/package-manifest.browser: Install files from the right location to fix about:iceweasel. * debian/rules: Add missing branding flag to l10n configure. Closes: #737824. * xpcom/base/nsMemoryReporterManager.cpp: Fix FTBFS on kFreeBSD. -- Mike Hommey Sat, 08 Feb 2014 08:24:19 +0900 iceweasel (27.0-1) experimental; urgency=medium * New upstream release. * Fixes for mfsa2014-{01-05,07-11,13}, also known as CVE-2014-1477, CVE-2014-1478, CVE-2014-1479, CVE-2014-1480, CVE-2014-1482, CVE-2014-1483, CVE-2014-1485, CVE-2014-1486, CVE-2014-1487, CVE-2014-1489, CVE-2014-1488, CVE-2014-1481. * debian/upstream.mk: Only use one digit of the GRE_MILESTONE for GRE_VERSION. * debian/control*: Bump sqlite3 and nss build dependencies. * debian/rules: Use a separate build directory for l10n, without --with-libxul-sdk. * debian/copyright: Updated. * config/makefiles/target_libs.mk, js/src/config/makefiles/target_libs.mk: Fixup soname rules for upstream changes. * moz.build, widget/gonk/libdisplay/moz.build, xpcom/ds/moz.build, xpcom/reflect/xptcall/src/md/unix/moz.build: Fix --disable-compile-environment a little. bz#862770. -- Mike Hommey Wed, 05 Feb 2014 20:06:49 +0900 iceweasel (26.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{104-116}, also known as CVE-2013-5609, CVE-2013-5610, CVE-2013-5611, CVE-2013-5612, CVE-2013-5614, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, CVE-2013-6671, CVE-2013-6672, CVE-2013-6673, CVE-2013-5613, CVE-2013-5615, CVE-2013-6629, CVE-2013-6630. * debian/*.mozconfig: Add --enable-release configure flag. * debian/control*: Bump nspr build dependency. * debian/*.mozconfig: Don't build --with-system-ply, the option is gone. * debian/noinstall.in: Don't install usr/lib/xulrunner-devel-*/sdk/bin/ply. * debian/control*, debian/noinstall.in, debian/rules, debian/upstream.mk, debian/xulrunner-GRE_VERSION.install.in, debian/xulrunner.mozconfig: Don't build against system nspr, nss and sqlite3 when building backports. * debian/control*, debian/xulrunner.mozconfig.in: Build with the in-tree cairo. I think it's time to admit that there are too many issues with system cairo. * debian/rules: Ensure debian/control is updated when running debian/rules clean. * toolkit/content/resetProfile.js, toolkit/modules/ResetProfile.jsm: Fixup "Reset Firefox" after bad merge. * configure*: Fixup NSPR_CFLAGS when building with libxul-sdk and in-tree nspr. -- Mike Hommey Sun, 15 Dec 2013 16:45:37 +0900 iceweasel (25.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{93-102}, also known as CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, CVE-2013-5604, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5598, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603. * debian/rules: Don't try to disable methodjit, since it's long gone. * debian/upstream.mk: Adjust version mangling to handle the version scheme change without changing package names. -- Mike Hommey Sat, 02 Nov 2013 10:38:15 +0900 iceweasel (24.0-2) unstable; urgency=low * debian/control*: Build-depend on fonts-freefont-ttf instead of fonts-freefont, which doesn't exist. Closes: #714056. Interestingly, experimental was happy with that, but unstable isn't. -- Mike Hommey Thu, 19 Sep 2013 07:03:08 +0900 iceweasel (24.0-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2013-{76-82,85,88-92}, also known as CVE-2013-1718, CVE-2013-1719, CVE-2013-1720, CVE-2013-1721, CVE-2013-1722, CVE-2013-1723, CVE-2013-1724, CVE-2013-1725, CVE-2013-1728, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737, CVE-2013-1738. * debian/control*: - Bump sqlite build dependency. - Add build dependencies on gstreamer. Closes: #682917. - Build depend on fonts-freefont and fonts-dejima-mincho. Closes: #714056. - Use strict dependencies between binary packages. Closes: #720467. - Add Suggests for MathML-friendly fonts. Closes: #697277. -- Mike Hommey Wed, 18 Sep 2013 09:10:25 +0900 iceweasel (23.0.1-1) unstable; urgency=low * New upstream release. * debian/rules: - Don't use --no-keep-memory on ia64. Somehow, it makes ld fail to relax some relocations. - Don't use --as-needed on ia64. Somehow, it makes ld crash on some files. * ipc/chromium/chromium-config.mk: Add missing piece of the upstream patch for bz#901414. Fixes FTBFS on kFreeBSD. * js/public/Value.h: Remove uintptr_t word payload union member on 64BE, it grows jsval_layout size and is unused. bz#618485. Fixes FTBFS on s390x. * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fixups landed upstream. Fixes FTBFS on armel. -- Mike Hommey Wed, 21 Aug 2013 22:07:49 +0900 iceweasel (23.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{63-65,67-70,72-73,75}, also known as CVE-2013-1701, CVE-2013-1702, CVE-2013-1704, CVE-2013-1705, CVE-2013-1708, CVE-2013-1709, CVE-2013-1710, CVE-2013-1711, CVE-2013-1713, CVE-2013-1714, CVE-2013-1717. * debian/control*: Bump nss build dependency. * debian/rules: - Avoid installing libmozjs.a. - Install mozjs.pc as mozilla-js.pc. - Reduce memory usage of the linker at the expense of processing time. This should help on lower-end architectures like arm and mips, which spend an immense amount of time swapping. * debian/dh/dh_xulrunner.in: Change one of the searched strings to detect the xulrunner stub. This avoids an error in detection when gcc inlines strings in the code for strcpy. * build/unix/elfhack/elfhack.cpp: Support R_ARM_JUMP24 and R_ARM_CALL relocations. bz#892366. Fixes FTBFS on armel. * build/unix/elfhack/elfhack.cpp, build/unix/elfhack/inject.c: Turn BL into BLX when doing thumb call relocations and the target is ARM. bz#898998. Fixes FTBFS on armhf. * xpcom/glue/nsIClassInfoImpl.h: Properly align statically allocated classinfo objects. bz#898916. Fixes FTBFS on armel. * js/public/HeapAPI.h, js/src/gc/Memory.*, js/src/gc/Nursery.cpp, js/src/ion/AsmJS.*, js/src/ion/AsmJSModule.h, js/src/jsapi.cpp, js/src/jscntxt.h, js/src/jsgc.cpp, js/src/jstypedarray.cpp: Use the runtime page size to control arena decommit. bz#840242. Fixes FTBFS on sparc and runtime issues on mips and likely other architectures. * js/src/configure*: Disable Yarr JIT on sparc and mips. bz#900821. * xpcom/reflect/xptcall/src/md/unix/xptcstubs_*: Change SharedStub definition in tier-3 xptcstubs to better fit reality and make the compiler happy now that nsresult is an enum. bz#901200. * configure*: Set WEBRTC_TARGET_ARCH to a right value on ia64. bz#901202. * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fix Skia for ARM v4t. bz#901208. * js/src/ion/AsmJSSignalHandlers.cpp: Support GNU/kFreeBSD. * ipc/chromium/Makefile.in, ipc/chromium/chromium-config.mk, ipc/chromium/src/base/dir_reader_posix.h, ipc/chromium/src/base/platform_thread.h, ipc/chromium/src/base/platform_thread_posix.cc, ipc/chromium/src/base/process_util.h, ipc/chromium/src/build/build_config.h: Fix ipc/chromium to build for GNU/kFreeBSD. bz#901414. -- Mike Hommey Wed, 07 Aug 2013 08:25:28 +0900 iceweasel (22.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{49-62}, also known as CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1688, CVE-2013-1690, CVE-2013-1692, CVE-2013-1693, CVE-2013-1694, CVE-2013-1695, CVE-2013-1696, CVE-2013-1697, CVE-2013-1698, CVE-2013-1699, CVE-2013-1700. * debian/rules: - Fix configure-check-xulrunner with gawk. Closes: #708765. - Work around moz.build limitations for l10n. - Work around the variable override limitation for MODULE. - gc and ds include subdirectories have been removed. - Disable branding check for now. * debian/control*: Bump sqlite build dependency. * debian/*/Makefile.in, debian/branding/**/moz.build: Accomodate our extra Makefiles to upstream build system changes. * debian/xulrunner-GRE_VERSION.install.in: libxpcom was removed. * debian/rules, debian/check_resources.*: Remove resource:// url checker, now that resource://app and resource://gre are different upstream, too. * memory/mozjemalloc/jemalloc.c: Don't hardcode page size on mips. Should fix FTBFS on mips. * js/src/vm/Stack.cpp: Fix FTBFS on non-Linux glibc systems due to mincore prototype discrepancy. Thanks Samuel Thibault. Closes: #697891. -- Mike Hommey Wed, 26 Jun 2013 08:43:55 +0900 iceweasel (21.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{41-43,46-48}, also known as CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1671, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681. * debian/control*: - Add Breaks: xul-ext-torbutton. Closes: #690729. - Build depend on python 2.7 and python-minimal >= 2.6.6-13~. - Bump nspr build dependencies. * debian/rules: - Use config.status directly to generate Makefiles. - Adjust --{with,enable}-system options check to upstream build system changes (in advance). * debian/browser.install.in, debian/browser.links.in, debian/check_resources.overrides, debian/installer/package-manifest.xulrunner, debian/noinstall.in, debian/rules, debian/branding/defs.mk: Browser parts moved in a subdirectory. * debian/check_resources.overrides: Add new overrides for providermanager.jsm. * debian/xulrunner-GRE_VERSION.links.in: Use the full libmozjs soname for the symlink in the xulrunner directory. * browser/confvars.sh: Disable Firefox Health Report. -- Mike Hommey Wed, 15 May 2013 12:40:11 +0200 iceweasel (20.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{30,35-39}, also known as CVE-2013-0788, CVE-2013-0789, CVE-2013-0796, CVE-2013-0795, CVE-2013-0794, CVE-2013-0793, CVE-2013-0792. * debian/browser.mozconfig: Disable DASH when building browser part. * debian/check_resources.overrides: Add override for gcli.jsm. * debian/rules: Test plugins have moved from dist/bin/plugins to dist/plugins. * debian/control.*: Bump nss and sqlite3 build dependencies. -- Mike Hommey Tue, 02 Apr 2013 21:13:56 +0200 iceweasel (19.0.2-1) experimental; urgency=low * New upstream release. * Fix for mfsa2013-29, also known as CVE-2013-0787. -- Mike Hommey Fri, 08 Mar 2013 22:29:04 +0100 iceweasel (19.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{21-28}, also known as CVE-2013-0783, CVE-2013-0784, CVE-2013-0772, CVE-2013-0765, CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776, CVE-2013-0780, CVE-2013-0782, CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0781. * debian/control*: Bump nspr build dependency and add missing epoch to nspr and nss build dependencies. Closes: #698961. -- Mike Hommey Wed, 20 Feb 2013 09:22:52 +0100 iceweasel (18.0.2-1) experimental; urgency=low * New upstream release. -- Mike Hommey Fri, 08 Feb 2013 16:03:33 +0100 iceweasel (18.0.1-1) experimental; urgency=low * New upstream release. - Fixes handling of language packs. Closes: #697836. -- Mike Hommey Fri, 18 Jan 2013 22:39:42 +0100 iceweasel (18.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2013-{01-19}, also known as CVE-2013-0769, CVE-2013-0749, CVE-2013-0770, CVE-2013-0760, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0761, CVE-2013-0763, CVE-2013-0771, CVE-2012-5829, CVE-2013-0768, CVE-2012-0759, CVE-2013-0744, CVE-2013-0751, CVE-2013-0764, CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0750, CVE-2013-0752, CVE-2013-0757, CVE-2013-0758, CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756. * debian/control*: Bump nspr, nss and sqlite build dependencies. * debian/control*, debian/xulrunner.mozconfig: Build against embedded libjpeg-turbo and build depend on yasm accordingly. * debian/xulrunner-GRE_VERSION.lintian-overrides.in: Add a lintian override for libjpeg-turbo. * debian/check_resources.overrides: Add an override for SettingsDB.jsm. * services/*, testing/marionette/*: Fix services import urls. bz#815320. -- Mike Hommey Wed, 09 Jan 2013 08:56:15 +0100 iceweasel (17.0.1-2) experimental; urgency=low * debian/iceweasel-runner, debian/iceweasel.bug-presubj, debian/iceweasel.install, debian/iceweasel.links.in, debian/noinstall.in, debian/rules: Use the iceweasel binary instead of the xulrunner stub, and remove the shell wrapper * debian/control*: Remove xulrunner dependency on libnspr4-0d. Closes: #695346. * debian/iceweasel-xremote-client, debian/iceweasel.install, debian/rules: Remove iceweasel-xremote-client. * debian/noinstall.in, debian/rules: Don't remove update-settings.ini and move firefox-l10n.js removal to debian/noinstall.in. * debian/rules: Cleanup *.pyc removal, and remove *.pyo as well. * debian/iceweasel.1: Update manpage. * debian/noinstall.in: Remove usr/lib/xulrunner-@GRE_VERSION@/libmozjs.so with noinstall.in, it's symlinked later on. * debian/test.mk: Use the iceweasel binary for tests. * debian/branding/Makefile.in, debian/iceweasel.install, debian/rules: Don't generate mozicon*.xpm or firefox.ico, and generate iceweasel.xpm from debian/rules. * debian/*: Allow to build with the firefox branding. * debian/browser.README.Debian.in: Update the text about the application not being named Firefox. * browser/app/Makefile.in: Move MOZ_OFFICIAL_BRANDING definition to avoid conflict with bz#755724. * browser/app/Makefile.in, browser/app/nsBrowserApp.cpp, configure.in: Don't use the xulrunner stub when building Firefox against a libxul SDK. bz#755724. * toolkit/mozapps/installer/Packager.pm: Dereference symbolic links when packaging. This effectively reverts a part of bz#552864 that ended up not being useful. -- Mike Hommey Fri, 28 Dec 2012 17:56:41 +0100 iceweasel (17.0.1-1) experimental; urgency=low * New upstream release. * debian/upstream.mk: Add a rule to import tarballs in git repository. * debian/repack.py: Don't error out when a repack filter is unused. * debian/iceweasel.desktop: Fix StartupWMClass. Closes: #693714. * media/webrtc/shared_libs.mk, media/webrtc/trunk/src/modules/audio_coding/codecs/pcm16b/pcm16b.c, media/webrtc/trunk/src/typedefs.h: Allow webrtc to build on more architectures (hopefully). Thanks Michel Dänzer for the original patch. bz#814693. Closes: #694071. -- Mike Hommey Sat, 01 Dec 2012 09:58:43 +0100 iceweasel (17.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{91-106}, also known as CVE-2012-5842, CVE-2012-5843, CVE-2012-4202, CVE-2012-4201, CVE-2012-5836, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4206, CVE-2012-4208, CVE-2012-5841, CVE-2012-4207, CVE-2012-5837, CVE-2012-4209, CVE-2012-4210, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838. * debian/upstream.mk: Get l10n for nightlies. * debian/rules: - Use a more generic command to build Makefiles. This avoids ftbfs because make-makefile is gone. - Modify the dh_xulrunner test to account for the second test plugin. * debian/iceweasel.mozconfig: Disable webrtc during the browser build. * browser/locales/jar.mn: Preprocess appstrings.properties. Closes: #688987. * toolkit/mozapps/installer/packager.mk: Avoid installing .mkdir.done and precomplete with make install. bz#798450 -- Mike Hommey Tue, 20 Nov 2012 23:54:09 +0100 iceweasel (16.0.2-1) experimental; urgency=high * New upstream release. * Fixes for mfsa2012-90, also known as CVE-2012-4194, CVE-2012-4195, CVE-2012-4196. -- Mike Hommey Fri, 26 Oct 2012 20:46:21 +0200 iceweasel (16.0.1-1) experimental; urgency=high * New upstream release. * Fixes for mfsa2012-{88-89}, also known as CVE-2012-4191, CVE-2012-4192, CVE-2012-4193. * config/autoconf.mk.in, configure.in, extensions/gio/Makefile.in, toolkit/library/Makefile.in, toolkit/library/nsStaticXULComponents.cpp: toolkit/toolkit-tiers.mk: Actually build the GIO extension in libxul. bz#799441. -- Mike Hommey Fri, 12 Oct 2012 00:24:42 +0200 iceweasel (16.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{74-77,79-87}, also known as CVE-2012-3983, CVE-2012-3982, CVE-2012-3984, CVE-2012-3985, CVE-2012-3985, CVE-2012-3986, CVE-2012-3988, CVE-2012-3989, CVE-2012-3991, CVE-2012-3994, CVE-2012-3993, CVE-2012-4184, CVE-2012-3992, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188, CVE-2012-3990. * debian/rules: Use xz compression for binary packages. Closes: #686325. * debian/xulrunner.mozconfig: Enable gio protocol-handler and icon decoder. * debian/control*: - Bump libnspr4-dev build dependency to 4.9.2. - Bump libsqlite3-dev build dependency to 3.7.13. * debian/iceweasel.install, debian/iceweasel.links.in: Install webapprt files. * media/webrtc/trunk/src/modules/video_coding/codecs/vp8/main/source/vp8.cc: Fix to build against libvpx 1.1. * extensions/gio/Makefile.in: Build the GIO extension in libxul. bz#799441. * webapprt/gtk2/Makefile.in, webapprt/gtk2/webapprt.cpp: Don't search firefox executable in $exe/../../dist/bin. bz#798233. * webapprt/gtk2/webapprt.cpp: Fallback to the xulrunner subdirectory if webapprt can't find xpcom in firefox directory. bz#762833. -- Mike Hommey Tue, 09 Oct 2012 15:13:08 +0200 iceweasel (15.0.1-1) experimental; urgency=low * New upstream release. -- Mike Hommey Sun, 16 Sep 2012 09:18:40 +0200 iceweasel (15.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{57-66,68-70,72}, also known as CVE-2012-1971, CVE-2012-1970, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-1956, CVE-2012-3965, CVE-2012-3966, CVE-2012-3968, CVE-2012-3967, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3973, CVE-2012-3975, CVE-2012-3976, CVE-2012-3978, CVE-2012-3980. * debian/iceweasel.mozconfig: Build iceweasel with system ply. * debian/xulrunner-GRE_VERSION.install.in: Don't install xulrunner-bin, as it's gone. * debian/rules: Also use an epoch for iceweasel-l10n-all. -- Mike Hommey Wed, 29 Aug 2012 08:19:45 +0200 iceweasel (14.0.1-2) experimental; urgency=low * mfbt/double-conversion/utils.h: Declare double conversion correctness for more architectures. bz#750620. Should fix FTBFSes on most (all?) Debian architecures. -- Mike Hommey Thu, 19 Jul 2012 08:03:16 +0200 iceweasel (14.0.1-1) experimental; urgency=high * New upstream release. * Fixes for mfsa2012-{42-56}, also known as CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, CVE-2012-1953, CVE-2012-1952, CVE-2012-1966, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1967. * debian/rules: Remove packager fatal warnings. * debian/xulrunner-GRE_VERSION.install.in: Don't install run-mozilla.sh and xpcshell in usr/lib/xulrunner-x.y. They are in the SDK, now. * debian/check_resources.py: Allow missing manifests when checking resources. * browser/installer/package-manifest.in: Install URL classifier components when MOZ_URL_CLASSIFIER is set. bz#762617. -- Mike Hommey Tue, 17 Jul 2012 12:13:48 +0200 iceweasel (13.0.1-2) experimental; urgency=low * debian/control*: Change font suggestions for MathML. Closes: #679469. * dom/ipc/Makefile.in, dom/ipc/PBrowser.ipdl, dom/ipc/TabMessageUtils.cpp: Only export TabMessageUtils.h in mozilla/dom. bz#761082. Closes: #675920. -- Mike Hommey Fri, 29 Jun 2012 09:56:00 +0200 iceweasel (13.0.1-1) experimental; urgency=low * New upstream release. -- Mike Hommey Sat, 16 Jun 2012 08:00:38 +0200 iceweasel (13.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{34,36-38,40}, also known as CVE-2012-1938, CVE-2012-1937, CVE-2011-3101, CVE-2012-1944, CVE-2012-1945, CVE-2012-1946, CVE-2012-1947, CVE-2012-1940, CVE-2012-1941. * debian/check_resources.overrides: Remove now unused entries. * debian/rules: Adjust mozjs includes copied in libmozjs-dev. * debian/installer/Makefile.in: Use DEFINES from browser/installer to build package manifests. * debian/branding/Makefile.in, debian/extra-stuff/Makefile.in, debian/installer/*: Remove build script compatibility with Firefox < 4.0. * browser/components/migration/content/migration.js, browser/components/migration/content/migration.xul, browser/components/migration/src/BrowserProfileMigrators.manifest, browser/components/migration/src/FirefoxProfileMigrator.js, browser/components/migration/src/ProfileMigrator.js, browser/locales/en-US/chrome/browser/migration/migration.dtd, browser/locales/en-US/chrome/browser/migration/migration.properties, l10n-*/browser/chrome/browser/migration/migration.properties, toolkit/content/aboutSupport.js, toolkit/content/jar.mn, toolkit/content/resetProfile.js, toolkit/profile/nsIProfileMigrator.idl, toolkit/xre/nsAppRunner.cpp: Make the "Reset Firefox" feature more generic. bz#756390. Closes: #673353. -- Mike Hommey Tue, 05 Jun 2012 09:31:15 +0200 iceweasel (12.0-7) experimental; urgency=low * debian/rules: Also set LDFLAGS from dpkg-buildflags (although in practice it changes nothing because relro is disabled) * debian/control*: - Force build and runtime dependency on libsqlite3-0 >= 3.7.12-1~ for a right value of SQLITE_MAX_SCHEMA_RETRY and SQLITE_MAX_DEFAULT_PAGE_SIZE. - Suggest fonts-lyx. Closes: #673222. - Make xulrunner-dbg depend on nspr and nss debug packages. * debian/xulrunner-GRE_VERSION.links.in, debian/xulrunner-GRE_VERSION.install.in: Move omni.ja to /usr/lib/xulrunner-x.0 because it contains arch-depend data. * debian/xulrunner.mozconfig: Use system cairo again. * gfx/thebes/gfxPlatform.cpp: Make system cairo work again. bz#722975. -- Mike Hommey Thu, 17 May 2012 11:59:46 +0200 iceweasel (12.0-6) experimental; urgency=low * ipc/chromium/src/base/file_util_linux.cc, ipc/chromium/src/base/message_pump_libevent.cc, ipc/chromium/src/base/time_posix.cc: gcc 4.7 build failures (missing headers). bz#725655. * layout/base/tests/TestPoisonArea.cpp: fix build failures with Clang and GCC 4.7 in TestPoisonArea.cpp. bz#734490. -- Mike Hommey Fri, 11 May 2012 19:09:23 +0200 iceweasel (12.0-5) experimental; urgency=low * debian/xulrunner-GRE_VERSION.1.in: Fix xulrunner-x.y manual page to say XULRunner instead of Iceweasel. * gfx/skia/include/core/SkMath.h, gfx/skia/include/core/SkPostConfig.h, gfx/skia/src/opts/SkBitmapProcState_opts_arm.cpp, gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fixup for bz#751814, and refreshed as sent upstream. Should fix FTBFS on armel and armhf. -- Mike Hommey Fri, 11 May 2012 10:46:18 +0200 iceweasel (12.0-4) experimental; urgency=low * memory/jemalloc/jemalloc.c: Don't hardcode page size on sparc. * gfx/skia/include/core/SkPreConfig.h: Fixup for bz#749533 for Hurd. * gfx/skia/src/opts/SkBitmapProcState_opts_arm.cpp, * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Various Skia fixes for ARMv4T and ARMv6+. bz#751814. * js/src/Makefile.in, js/src/assembler/jit/ExecutableAllocator.h, js/src/jsapi.cpp, js/src/jscntxt.cpp, js/src/jscntxt.h: Refresh to use the last version of bz#691898 + some cleanup. -- Mike Hommey Fri, 04 May 2012 09:11:59 +0200 iceweasel (12.0-3) experimental; urgency=low * ipc/chromium/src/base/atomicops_internals_mips_gcc.h: Import atomicops_internals_mips_gcc.h from protobuf. bz#749530. * gfx/skia/include/core/SkPreConfig.h: Add support for GNU/kFreeBSD and Hurd in SKIA. bz#749533. * browser/locales/en-US/searchplugins/google.xml: Fix Google search plugin. -- Mike Hommey Fri, 27 Apr 2012 08:47:34 +0200 iceweasel (12.0-2) experimental; urgency=low * js/src/jsapi.cpp: Fixup for bz691898. Should fix FTBFSes. -- Mike Hommey Thu, 26 Apr 2012 20:28:58 +0200 iceweasel (12.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{20,22-24,26-33}, also known as CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, CVE-2012-0479. * debian/control*: Bump libsqlite3-dev build dependency. * debian/xulrunner.mozconfig: Use in-tree cairo until things settle down for bz#722975. * debian/rules: - Remove update-settings.ini. - Remove MOZ_PHOENIX define, it's not useful anymore. * debian/make.mk, debian/rules, debian/upstream.mk: Avoid spawning shells from debian/rules when possible. * debian/rules, debian/control*: - Remove special case for Lenny, it's not supported anymore. - Build with hardening flags. Closes: #609975. * debian/iceweasel.mozconfig, debian/rules: Move --with-branding option to debian/rules. * debian/control, debian/l10n, debian/rules: Simplify l10n control generation. * memory/jemalloc/jemalloc.c: Fix jemalloc mmap wrapper for s390. bz#747322. Closes: #667901. * toolkit/components/search/nsSearchService.js: Handle transition to /etc//searchplugins more gracefully. Closes: #666675. * js/xpconnect/src/xpcprivate.h: Properly align XPCLazyCallContext::mData. bz#747870. Closes: #669905. * config/Preprocessor.py, config/tests/unit-Preprocessor.py, js/src/config/Preprocessor.py: Use filters in #defines and #includes. bz#508942. -- Mike Hommey Tue, 24 Apr 2012 08:21:07 +0200 iceweasel (11.0-4) experimental; urgency=low * debian/branding/content/Makefile.in: Work around imagemagick svg support broken by latest librsvg2-bin. * debian/vendor.js: Default to en-US searchplugins when locale's aren't found. Closes: #665817. * debian/iceweasel.links.in, debian/iceweasel.preinst: Don't create /usr/lib/iceweasel/distribution/searchplugins symlink. * debian/extra-stuff/addonsInfo.js: Synchronously get addons list. * debian/branding/aboutIce.js: Use Services.jsm in aboutIce.js. * browser/components/dirprovider/DirectoryProvider.cpp: Load distribution search plugins from /etc//searchplugins. -- Mike Hommey Fri, 30 Mar 2012 19:22:56 +0200 iceweasel (11.0-3) experimental; urgency=low * debian/extra-stuff/addonsInfo.js: Remove debugging info from dump-addons-info output, and avoid failure on addons that don't have the getResourceURI method (like personas). * debian/duckduckgo.xml: Add t=debian to duckduckgo query url. * debian/iceweasel.install, debian/iceweasel.links.in, debian/iceweasel.preinst, debian/rules: Move search plugins under /etc/iceweasel. Closes: #632698. * debian/l10n/recommends: Recommend xul-ext-mozvoikko instead of myspell-fi for -l10n-fi. Closes: #635361. * memory/jemalloc/jemalloc.c: Don't hardcode page size on ia64. -- Mike Hommey Fri, 23 Mar 2012 13:22:46 +0100 iceweasel (11.0-2) experimental; urgency=low * toolkit/library/Makefile.in: Fixup bz#734335 backport. Should fix all FTBFSes. -- Mike Hommey Fri, 16 Mar 2012 08:35:43 +0100 iceweasel (11.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2012-{12-19}, also known as CVE-2012-0454, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0461, CVE-2012-0462, CVE-2012-0464. * debian/source.filter: Adjusted to upstream changes. * debian/rules: - Work around make-makefile brokenness. - Define MOZ_PHOENIX when building. Tab closing animation end fails because of some telemetry items that aren't defined in xulrunner, because they are enclosed in an ifdef MOZ_PHOENIX. * debian/l10n/*, debian/control: Refreshed. * debian/xulrunner-GRE_VERSION.install.in: update.locale is now in omni.ja. * debian/control*: - Bump build dependency on libnss3-dev and libnspr4-dev. - Remove forced version-dependency on libnss3-1d. * debian/dh/dh_xulrunner.in: Adjust to upstream changes. * debian/check_resources.overrides: Ignore Webapps.jsm import from apps.js. * toolkit/system/gnome/nsGSettingsService.cpp: Define G_VARIANT_TYPE_STRING_ARRAY when building against older glib. bz#710972. * netwerk/protocol/http/HttpChannelParent.*: Revert investigation patch for bz#621446, which triggers an ICE on gcc 4.4. * configure.in, toolkit/library/nsStaticXULComponents.cpp, tools/profiler/Makefile.in, tools/profiler/sampler.h: Only build SPS on supported platforms. bz#734335. -- Mike Hommey Wed, 14 Mar 2012 10:28:21 +0100 iceweasel (10.0.3esr-1) unstable; urgency=low * New upstream release. - Avoid crashing when there are no GL extensions reported by the GL implementation. bz#728656. Closes: #656611. * Fixes for mfsa2012-{12-19}, also known as CVE-2012-0454, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0461, CVE-2012-0462, CVE-2012-0464. * debian/control, debian/l10n/*, debian/rules: Modify the way we use isoquery to get a language name out of iso 639 codes. * debian/upstream.mk: - Better detect beta version given for download. - Allow to use with iceape and icedove. - Support download ESR releases. * debian/iceweasel-runner, debian/iceweasel.1, debian/iceweasel.README.Debian, debian/iceweasel.install, debian/iceweaselrc: Remove dsp wrapper glue. * debian/rules, debian/iceweasel.install, debian/iceweasel.links.in: Localize search plugins. * debian/upstream.mk, debian/repack.py, debian/l10n.filter: Filter l10n upstream tarballs such that they stay the same when there are no changes besides tags. * debian/rules: Don't sign NSS libraries, as this is done as part of libnss3 build process. * storage/src/mozStorageService.cpp: Don't crash an app using libxul because of the lack of je_malloc_usable_size_in_advance. bz#720682. Closes: #660487. * widget/src/xpwidgets/GfxInfoX11.*: - Block OpenGL 1 drivers explicitly to steer clear of crashes. bz#696636. - Block the Nouveau 3D driver with Mesa < 8.0.1. bz#729817. * browser/components/dirprovider/DirectoryProvider.cpp: Try getting general.useragent.locale as a complex value first. bz#515232. * xpcom/glue/standalone/nsGlueLinkingDlopen.cpp: Avoid confusing gdb by dependent libs being symbolic links. -- Mike Hommey Wed, 14 Mar 2012 08:57:15 +0100 iceweasel (10.0.2-1) unstable; urgency=low * New upstream release. Addresses CVE-2011-3026. * debian/import-tar.py: Allow to import multi-tarball sources. * debian/rules: Install js/*.h in /usr/include/mozjs/. Closes: #658315. * debian/xulrunner.mozconfig, debian/control*: Build against system python-ply. * debian/control*: Build conflict with liboss4-salsa-dev. * xpcom/typelib/xpidl/Makefile.in: Ship xpidllex.py and xpidlyacc.py. bz#723861. * config/autoconf.mk.in, configure.in, xpcom/idl-parser/Makefile.in, xpcom/typelib/xpidl/Makefile.in: Allow to build with system python ply library. bz#728229. * browser/app/profile/firefox.js: Don't auto-disable extensions in system directories. Closes: #656378 and friends. -- Mike Hommey Fri, 17 Feb 2012 18:40:48 +0100 iceweasel (10.0.1-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2012-10, also known as CVE-2012-0452. -- Mike Hommey Sat, 11 Feb 2012 08:26:28 +0100 iceweasel (10.0-3) unstable; urgency=low * debian/upstream.mk: Add rule to download compare-locales for a given release. * debian/rules: Build locales from build-browser only, and use compare-locales to merge them with en-US for non-existing strings. * browser/locales/Makefile.in, toolkit/locales/Makefile.in: Revert previous patch. * browser/makefiles.sh: Add toolkit l10n Makefiles to browser/makefiles.sh. bz#721737. -- Mike Hommey Fri, 10 Feb 2012 08:32:58 +0100 iceweasel (10.0-2) unstable; urgency=low * debian/control*: Bump libvpx-dev build dependency to 1.0.0. * configure.in: Fix FTBFS with libvpx 1.0.0. -- Mike Hommey Sun, 05 Feb 2012 11:29:51 +0100 iceweasel (10.0-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2012-{01-09}, also known as CVE-2012-0442, CVE-2012-0443, CVE-2011-3670, CVE-2012-0445, CVE-2011-3659, CVE-2012-0446, CVE-2012-0447, CVE-2012-0444, CVE-2012-0449, CVE-2012-0450. * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/.autoreg on upgrade. Closes: #648541. * debian/source.filter: The PNG test suite moved. * debian/xulrunner-GRE_VERSION.{links,install}.in: Hyphenation dictionaries moved inside omni.jar. * debian/control*: Bump libvpx-dev build dependency. * debian/xulrunner-GRE_VERSION.*.in: Omni.jar was renamed omni.ja. * debian/upstream.mk: Use a separate variable for download version. * debian/rules: Call configure directly for build-browser, instead of using dh_auto_configure. Closes: #656313. * debian/upstream.mk: Add rules to download l10n sources. * debian/rules, debian/control*, debian/l10n, debian/branding/locales/Makefile.in: Add rules to build l10n packages. * js/src/Makefile.in, js/src/vm/RegExpObject*, js/src/yarr/wtfbridge.h: Use YARR interpreter instead of PCRE on platforms where YARR JIT is not supported. bz#691898. * browser/locales/Makefile.in, toolkit/locales/Makefile.in: Don't build some toolkit l10n from browser/. * l10n-ru/browser/chrome/browser-region/region.properties: Place google and gmail before yandex. (imported from iceweasel-l10n) -- Mike Hommey Wed, 01 Feb 2012 14:13:16 +0100 iceweasel (9.0.1-1) unstable; urgency=low * New upstream release. * debian/control*: Force xulrunner to depend on libnss3-1d >= 3.13.1. It doesn't require symbols from versions that new, but it actually requires some new flags being supported. -- Mike Hommey Thu, 22 Dec 2011 09:00:09 +0100 iceweasel (9.0-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2011-{53-56,58}, also known as CVE-2011-3660, CVE-2011-3661, CVE-2011-3658, CVE-2011-3663, CVE-2011-3665. * debian/test.mk: Remove hashbang. * debian/control*: - Build dependency on libidl-dev is not required anymore. - Bump libsqlite3-dev build dependency. - Bump libnss3-dev build dependency. * debian/xulrunner-dev.install.in: Adapt to upstream changes. * debian/check_resources.*, debian/rules: Check that resources:// urls are appropriately used. * build/unix/gnu-ld-scripts/jemalloc-standalone-linkage-version-script: Revert previous patch, the file is not used anymore. * browser/devtools/highlighter/TreePanel.jsm: Use resource:// urls appropriately. bz#703633. * js/src/methodjit/MethodJIT.cpp: Don't require 16 bytes alignment for VMFrame on sparc. bz#698923. * ipc/chromium/src/base/dir_reader_posix.h: Fix GNU/non-Linux failure to build. * js/src/assembler/assembler/ARMAssembler.cpp: Fix ARMAssembler::getOp2RegScale on < ARMv5. bz#703531. * js/src/jscompartment.cpp: Fix build failure on platforms without YARR JIT. bz#703534. * js/src/methodjit/TrampolineSparc.s: Avoid R_SPARC_WDISP22 relocation in TrampolineSparc.s. bz#703842. * js/src/jsgc.cpp: Avoid invalid conversion from 'const size_t*' to 'const jsuword*' on s390. bz#703833. * gfx/angle/src/compiler/osinclude.h: Add support for GNU/kFreeBSD and GNU/Hurd. bz#711353. -- Mike Hommey Tue, 20 Dec 2011 20:05:33 +0100 iceweasel (8.0-3) unstable; urgency=low * debian/rules: Don't remove lines beginning with # in preprocessed files. Closes: #648143. -- Mike Hommey Wed, 09 Nov 2011 09:05:57 +0100 iceweasel (8.0-2) unstable; urgency=low * js/src/vm/String-inl.h: Add missing parts from bz#589735 for 8.0. -- Mike Hommey Tue, 08 Nov 2011 23:19:35 +0100 iceweasel (8.0-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2011-{47-52}, also known as CVE-2011-3648, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3650, CVE-2011-3649, CVE-2011-3653, CVE-2011-3655. * debian/*.in, debian/rules: Use @VARIABLE@ instead of ##VARIABLE## for preprocessing. * debian/rules: - Use Preprocessor.py instead of sed for preprocessing. - Application.ini tweaks for version aren't needed anymore. - Add some dependencies to regenerate debian/control. - Force MOZ_APP_BASE_VERSION to GRE_VERSION. * debian/iceweasel.install, debian/rules, debian/test.mk: Build iceweasel in build-browser/ instead of build-iceweasel/. * debian/import-tar.py: Add a tool that dumps a tar as a git fast-import stream. * debian/rules, debian/control.in, debian/xulrunner-GRE_VERSION.links.in: Rename SO_VERSION variable to JS_SO_VERSION and use the first digit of GRE_VERSION to generate it. * debian/noinstall.in: README.txt is not shipped anymore. * debian/rules: Disable methodjit on sparc because of bz#698911. * configure*: Disable dead symbol removal when failing to test for bz#670659. bz#690682. * js/src/jsscan.cpp: Properly handle EOF in TokenStream::getAtSourceMappingURL on platforms with unsigned chars. bz#686283. * js/src/assembler/assembler/ARMAssembler.h: LDRH/STRH/LDRSB/STRSB are supported on ARMv5-. bz#694533. * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_s390.cpp: Reimplement NS_InvokeByIndex in C on S390 Linux. This will fix FTBFS on S390. * config/config.mk, config/rules.mk, js/src/config/config.mk, js/src/config/rules.mk: (Statically) link jemalloc to all programs. This will solve FTBFS on ia64, and fits what is done in 9.0. * browser/devtools/webconsole/HUDService.jsm, browser/devtools/webconsole/test/browser/browser_webconsole_bug_651501_document_body_autocomplete.js, browser/devtools/webconsole/test/browser/head.js: HUDService uses some resource://gre/ urls that ought to be resource:///. bz#682217. Closes: #638772. * build/unix/gnu-ld-scripts/jemalloc-standalone-linkage-version-script: Export the _IO_stdin_used symbol. bz#699734. This will fix FTBFS on sparc. * testing/xpcshell/runxpcshelltests.py: Read xpcshell process' stdout one character at a time. -- Mike Hommey Tue, 08 Nov 2011 20:04:06 +0100 iceweasel (7.0.1-4) unstable; urgency=low * xpcom/base/nscore.h, xpcom/glue/nsID.h: Don't force nsID to align to 64-bit boundary ; instead, use 32-bits comparisons in nsID::Equals, effectively reverting bz#164580. Closes: #645371. -- Mike Hommey Sat, 15 Oct 2011 09:44:32 +0200 iceweasel (7.0.1-3) unstable; urgency=low * debian/branding/configure.sh: Set MOZ_APP_DISPLAYNAME in Iceweasel branding. Closes: #644801. * debian/xulrunner.mozconfig, debian/xulrunner-GRE_VERSION.install.in, debian/rules: Enable GIO instead of gnome-vfs and GConf. Partially fixes #410671. * ipc/chromium/src/build/build_config.h: Update supported architectures for IPC, as landed upstream. Closes: #644939. * xpcom/base/nscore.h, xpcom/glue/nsID.h: Force nsID to align to 64-bit boundary. bz#660335. Closes: #642762. -- Mike Hommey Fri, 14 Oct 2011 17:22:42 +0200 iceweasel (7.0.1-2) unstable; urgency=low * debian/repack.py: Improved in several ways. * debian/rules: Install vm/* headers under /usr/include/mozjs. Closes: #644086. -- Mike Hommey Tue, 04 Oct 2011 08:32:20 +0200 iceweasel (7.0.1-1) unstable; urgency=low * New upstream release. -- Mike Hommey Fri, 30 Sep 2011 08:32:09 +0200 iceweasel (7.0-1) unstable; urgency=low * New upstream release. * Fixes various security issues, which CVE ids are not published yet. * debian/branding/Makefile.in, debian/iceweasel.install: Remove document.png, as it is not used anymore. * debian/branding/content/Makefile.in, debian/branding/content/jar.mn: Stop jarring up a copy of mozicon128.png that aboutHome no longer uses. * debian/rules: Don't remove /usr/lib/xulrunner-7.0/libmozjs.so*, they're not installed there anymore. * debian/iceweasel.mozconfig: Add --disable-libjpeg-turbo to work around configure checking for yasm on APP build. * js/src/Makefile.in: Only add -DENABLE_JIT=1 to CXXFLAGS if any of trace/method/regex jit is enabled. bz#670719. Fixes FTBFSes on powerpc and s390. * js/src/jsregexpinlines.h, js/src/yarr/OSAllocatorPosix.cpp, js/src/yarr/wtfbridge.h: build fix for ENABLE_YARR_JIT=0. bz#665819. * xpcom/glue/pldhash.c: Work around recent ARM GNU ld bug with -fdata-sections and variables names starting with "stub" leading to crash. bz#675618. Also avoids elfhack crash during build. * js/src/assembler/wtf/Platform.h: Don't enable YARR JIT on MIPS, as the implementation is missing. bz#680642. * js/src/yarr/BumpPointerAllocator.h: Use a pool size of 16kB on ia64 for bump pointer allocator. bz#680917. -- Mike Hommey Wed, 28 Sep 2011 08:51:02 +0200 iceweasel (6.0.2-1) unstable; urgency=medium * New upstream release to strengthen the libnss3 response to the DigiNotargate. -- Mike Hommey Tue, 06 Sep 2011 08:32:55 +0200 iceweasel (6.0-4) unstable; urgency=low * js/src/jsstrinlines.h: Fix-up bz#589735 backport. Should fix ia64 FTBFS. -- Mike Hommey Sat, 27 Aug 2011 09:07:06 +0200 iceweasel (6.0-3) unstable; urgency=low * debian/libmozjs-dev.install: Add more missing headers to libmozjs-dev. * debian/rules, debian/xulrunner-GRE_VERSION.install.in: Install plugin-container on all architectures. Closes: #639289. * debian/extra-stuff/reportbug-helper-script: Avoid listing all debian packages in the reportbug helper when no addons are installed. * debian/duckduckgo.xml, debian/iceweasel.install: Add DuckDuckGo search plugin. Closes: #616115. * js/src/jsgcinlines.h, js/src/jsnum.cpp, js/src/jsstr.cpp, js/src/jsstr.h, js/src/jsstrinlines.h, js/src/jstracer.cpp, js/src/jstracer.h, js/src/tracejit/Writer.cpp: Allow static JS strings to be turned off; turn off on ia64. bz#589735. * memory/jemalloc/jemalloc.c: Allocate memory with an address with high 17 bits clear on ia64. bz#589735. This should finally make Iceweasel actually work on ia64. * js/src/jsval.h, js/src/jsvalue.h: Fix jsval_layout on 64-bit big-endian platforms. bz#674522. Closes: #638623. -- Mike Hommey Fri, 26 Aug 2011 09:48:52 +0200 iceweasel (6.0-2) unstable; urgency=low * debian/libmozjs-dev.install: Install mfbt/* files under /usr/include/mozjs/mozilla. Closes: #637984. -- Mike Hommey Sat, 20 Aug 2011 09:13:06 +0200 iceweasel (6.0-1) unstable; urgency=low * New upstream release. * Fixes for mfsa2011-29, including: CVE-2011-2989, CVE-2011-2991, CVE-2011-2992, CVE-2011-2985, CVE-2011-2993, CVE-2011-2988, CVE-2011-2987, CVE-2011-0084, CVE-2011-2990, CVE-2011-2986. * debian/control*: - Bump build dependency on nspr, nss and sqlite. - Build-depend on libjpeg-dev instead of libjpeg62-dev. Closes: #636452. - Remove xprint suggest. Closes: #626794. * debian/rules: - Official branding moved to browser/branding/official. - Don't set -std=gnu++0x ourselves, upstream build system now does it for us. - Remove libmozjs.so* from /usr/lib/xulrunner-6.0. - Link npapi_getinfo against libpthread for GNU/Hurd. * debian/installer/package-manifest.xulrunner, debian/xulrunner-dev.install.in: Install xpt.py from sdk instead of xpt_* from /usr/lib/xulrunner-6.0. * debian/xulrunner-GRE_VERSION.install.in, debian/xulrunner-GRE_VERSION.links.in: Add hyphenation dictionary. This is temporary until we use libreoffice.org's. * debian/iceweasel.desktop: Add german translation for the Iceweasel menu item. Thanks Ronny Standtke. Closes: #629924. * layout/build/Makefile.in, toolkit/library/Makefile.in: Unbreak build for GNU/Hurd and GNU/kFreeBSD (since they don't have libossaudio). bz#673460. * ipc/chromium/src/base/debug_util_posix.cc, ipc/chromium/src/base/third_party/nspr/prcpucfg.h, ipc/chromium/src/build/build_config.h: Allow ipc code to build on GNU/Hurd. Closes: #636750. * configure*: Revert "Allow to build against SQLite 3.7.3". -- Mike Hommey Mon, 15 Aug 2011 18:16:55 +0200 iceweasel (5.0-6) unstable; urgency=low * debian/rules: ia64 doesn't support stabs debugging information, so use a different workaround: use -O2 instead of -Os. -- Mike Hommey Sat, 30 Jul 2011 10:31:55 +0200 iceweasel (5.0-5) unstable; urgency=low * debian/rules: - Don't add -g to CFLAGS, the upstream build system does it. - Use -gstabs on ia64, to work around ICE. * xpcom/base/nsDebugImpl.cpp: Refresh with the patch from bz#643779 as landed updstream. Closes: #635957. -- Mike Hommey Sat, 30 Jul 2011 08:48:19 +0200 iceweasel (5.0-4) unstable; urgency=low * debian/rules: Don't create a versioned shlibs for libmozjs. * debian/xulrunner-dev.preinst.in: Add a preinst script to remove /usr/lib/xulrunner-devel-GRE_VERSION/sdk/bin before upgrading from versions <= 5.0-2. Closes: #634053. * debian/control*: - Use linux-any wildcard for libasound2-dev and libiw-dev Build-Depends instead of using a list of negated architectures. Closes: #634629. - Adjust some package descriptions. Closes: #633597. - Bump Standards-Version to 3.9.2.0. No changes required. * debian/extra-stuff/addonsInfo.js: Fix the addons info dumper to use the new Addons Manager API. Closes: #603412. * debian/xulrunner-GRE_VERSION.postinst.in, debian/xulrunner-GRE_VERSION.prerm.in: Remove the xulrunner-stub alternative. The reason why it was good to have in /usr/bin doesn't exist anymore. * debian/xulrunner-GRE_VERSION.postinst.in: Don't cleanup {compreg,xpti}.dat. They've not been generated for a while. * js/src/xpconnect/shell/xpcshell.cpp: Fixup for bz#671804. * configure*: Revert "Put the crmf library before the NSS libraries". -- Mike Hommey Fri, 22 Jul 2011 15:48:09 +0200 iceweasel (5.0-3) unstable; urgency=low * Upload to unstable. * debian/control*: Fix build dependency on libsqlite3-dev. * debian/rules: - Replace sdk/bin files also in /usr/lib/xulrunner-5.0 with symbolic links. - Use dist/include to find npapi.h when building npapi_getinfo. * debian/control*, debian/rules: Use ${binary:Version} for iceweasel dependency on xulrunner, now that they have the same version. * debian/test.mk: - Set the application directory for xpcshell tests. - Set plugin path for all tests. * debian/control*: Add a build dependency on ttf-dejima-mincho to avoid reftest failure due to the lack of japanese font. * debian/xulrunner-GRE_VERSION.lintian-overrides.in: Add a temporary lintian override for libtheora embedding. * js/src/Makefile.in: Fix namespace exporting. * toolkit/mozapps/installer/packager.mk: Install sdk/bin with make install. bz#639554. * config/autoconf.mk.in: Use the first two digits of the version number for the install directory. bz#445128. * xulrunner/installer/Makefile.in: Revert previous change for the version number here, it concerns something that isn't built anymore and will go away. * embedding/android/GeckoAppShell.java, ipc/glue/GeckoChildProcessHost.cpp, other-licenses/android/APKOpen.cpp, toolkit/xre/nsAppRunner.cpp, toolkit/xre/nsEmbedFunctions.cpp, xpcom/build/Omnijar.*, xpcom/build/nsXPComInit.cpp: Updated part 3 of bz#620931. * js/src/xpconnect/shell/xpcshell.cpp: Add a -a option to xpcshell to set an application directory. bz#620931 (part 6) * browser/installer/Makefile.in, browser/installer/precompile_cache.js: Make startup cache generation work better with new omni.jar handling. bz#620931 (part 7) * toolkit/components/places/tests/unit/test_database_replaceOnStartup.js: Don't modify in-tree default.sqlite. bz#666709, bz#668906. * storage/src/mozStorageService.cpp, storage/test/unit/test_storage_service.js: Add a safeguard to openUnsharedDatabase. bz#668906. * toolkit/mozapps/downloads/tests/unit/test_DownloadUtils.js: Fix with locales with a different decimal separator. bz#671533. * xpcom/build/nsXPComInit.cpp: Initialize NS_XPCOM_LIBRARY_FILE from NS_GRE_DIR. bz#671564. * testing/xpcshell/runxpcshelltests.py: Allow to pass an application directory to xpcshell tests. bz#671562. * modules/plugin/test/unit/head_plugins.js, netwerk/test/unit/test_socks.js, toolkit/mozapps/extensions/test/xpcshell/test_plugins.js: Fix some tests using CurProcD where GreD should be used. * xpcom/tests/unit/test_iniProcessor.js: Cleanup temporary files from test_iniProcessor.js. bz#671570. * modules/libpref/test/unit/test_libPrefs.js: Cleanup temporary files from test_libPrefs.js. bz#671576. Together with bz#671570 and bz#666709 above, Closes: #632890. * toolkit/mozapps/extensions/test/xpcshell/test_update.js: Don't hardcode en-US in test_update.js. bz#671631. * modules/libpref/src/nsPrefService.cpp: Always load $gre/defaults/pref prefs. bz#671798. * js/src/xpconnect/shell/xpcshell.cpp: Provide NS_APP_PREF_DEFAULTS_50_DIR and NS_APP_PREFS_DEFAULTS_DIR_LIST in xpcshell dir provider. bz#671804. -- Mike Hommey Fri, 15 Jul 2011 12:04:39 +0200 iceweasel (5.0-2) experimental; urgency=low * debian/rules: Fix configure permissions for source tarballs generated from mercurial. * debian/test.mk: Create a xulrunner symbolic link in build-iceweasel/dist/bin so that reftests work. * debian/watch: Always get the latest release. * js/src/nanojit/njconfig.cpp: Allow ARMv4T in nanojit. * ipc/chromium/src/base/platform_thread_posix.cc, ipc/chromium/src/base/third_party/nspr/prcpucfg.h, ipc/chromium/src/build/build_config.h: Allow ipc code to build on GNU/kfreebsd. Closes: #626314. -- Mike Hommey Fri, 01 Jul 2011 14:43:39 +0200 iceweasel (5.0-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2011-{09,19-22,25-28}, also known as CVE-2011-0061, CVE-2011-2374, CVE-2011-2375, CVE-2011-2373, CVE-2011-2372, CVE-2011-2371, CVE-2011-2366, CVE-2011-2367, CVE-2011-2368, CVE-2011-2369, CVE-2011-2370. * debian/xulrunner-GRE_VERSION.install.in: /etc/gre.d is not used anymore. * debian/branding/content/aboutDialog.css, debian/branding/content/jar.mn: Updated branding. * debian/rules: xulrunner and iceweasel now have the same version. * debian/dh/dh_xulrunner.in: Modify the strings we try to find in the xpcom standalone glue. * other-licenses/bsdiff/Makefile.in: Fix bsdiff build failure with system bzip2. bz#644692. * layout/base/nsDocumentViewer.cpp: Use an integer type in DocumentViewerImpl::SetMinFontSize, instead of float. bz#652139. * browser/base/content/aboutDialog.*, browser/branding/*/content/aboutDialog.css browser/branding/*/content/jar.mn, other-licenses/branding/firefox/content/aboutDialog.css, other-licenses/branding/firefox/content/jar.mn: Move some parts of aboutDialog.css into branding. bz#652306. * configure.*: Disable building embedded libjpeg-turbo when building with system libjpeg. bz#652399. -- Mike Hommey Mon, 20 Jun 2011 17:17:04 +0900 iceweasel (4.0.1-4) experimental; urgency=low * The 'I meant that to be in previous release but forgot' release. * xulrunner/installer/Makefile.in: Add -lmozalloc in link flags provided in libxul.pc. bz#662223. * memory/mozalloc/mozalloc.h, memory/mozalloc/Makefile.in, xpcom/xpcom-config.h.in: Define NS_ATTR_MALLOC and NS_WARN_UNUSED_RESULT in xpcom-config.h, and include it from mozalloc.h. bz#662224. -- Mike Hommey Mon, 20 Jun 2011 15:29:09 +0900 iceweasel (4.0.1-3) experimental; urgency=low * debian/installer/Makefile.in: Remove MOZ_IPC ifdef, it's not strictly required, and won't be defined anymore in 5.0. * debian/rules: - Use official branding as reference when comparing to ours. - Construct GRE_VERSION from the first two digits in GRE_MILESTONE. - Handle build id from the debian version number. - Handle UPSTREAM_RELEASE correctly for beta releases. - Set MOZ_UA_BUILDID on betas and releases. -- Mike Hommey Fri, 17 Jun 2011 11:39:56 +0900 iceweasel (4.0.1-2) experimental; urgency=low * xpcom/base/nsDebugImpl.h, xpcom/base/nsTraceRefcntImpl.h, xpcom/glue/nsEnumeratorUtils.cpp, xpcom/io/nsUnicharInputStream.h, intl/unicharutil/util/nsUnicharUtils.h, toolkit/xre/nsAppRunner.cpp, embedding/browser/gtk/src/EmbedPrivate.cpp: Add missing constructors according to 8.5 [dcl.init], para 9 in C++03, para 6 in C++0x, because gcc 4.6 enforces it. * ipc/chromium/src/chrome/common/ipc_message_utils.h: Fix for s390, where size_t is unsigned long. * debian/copyright: Updated to fit the replacement of the remove.nonfree script. Closes: #624587. -- Mike Hommey Sat, 30 Apr 2011 19:29:34 +0200 iceweasel (4.0.1-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2011-{12,17-18}, also known as CVE-2011-0079, CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0068, CVE-2011-1202. * debian/rules, toolkit/components/url-classifier/src/Makefile.in: Remove alpha specific thungs because it is unsure they still have any positive effect, and alpha has many other problems that would need fixing if porters care. * modules/libpr0n/encoders/png/nsPNGEncoder.cpp: Now that we use the bundled PNG library, revert patch to use png_set_filter to avoid using write filters. * browser/app/Makefile.in, browser/app/profile/firefox.js, browser/components/safebrowsing/Makefile.in, browser/components/safebrowsing/content/application.js: Use MOZ_OFFICIAL_BRANDING instead of MOZILLA_OFFICIAL to choose the shavar to use for safebrowsing. * modules/plugin/Makefile.in: Filter by toolkit instead of by OS to decide whether to go into modules/plugin/test. * xulrunner/app/xulrunner.js: Don't set extensions.dss.enabled at the XRE level. It looks like the addons manager bug this would circumventing has been fixed since 3.6. * modules/plugin/base/src/nsPluginHost.cpp: Simplify MOZILLA_DISABLE_PLUGINS environment variable handling. * modules/libpr0n/test/reftest/pngsuite-ancillary/reftest.list: Revert what was supposed to be a temporary patch. * browser/components/build/Makefile.in: Revert our patch to link against nspr, this was fixed upstream in a different location. * security/manager/ssl/public/Makefile.in, security/manager/ssl/public/nsIBadCertListener.idl, security/manager/ssl/src/nsNSSIOLayer.*: Embedding as it existed is going to go away in 5.0, don't fool ourselves in keeping that any longer. * ipc/chromium/src/build/build_config.h: Add mips, hppa, ia64, s390 and sparc defines. * configure.in, gfx/ycbcr/Makefile.in: Reverted patch to avoid building ARM neon code. * gfx/ycbcr/yuv_convert_arm.cpp: Allow to build on armv4t. * gfx/ycbcr/yuv_convert.cpp: Do runtime detection of NEON in ConvertYCbCrToRGB565. * xpcom/base/nsDebugImpl.cpp: Fix FTBFS in xpcom/base on armv4t differently. * js/src/nanojit/NativeARM.cpp: Force NativeARM.o to have arch armv4t in its .ARM.attributes. * js/src/jsnum.h, js/src/jsvalue.h: Don't use std::signbit, and replace JSDOUBLE_IS_* definitions with bitwise operations. bz#640494. * js/src/shell/jsworkers.cpp: Get rid of STL algorithm use. bz#640494. * js/src/configure.in: Update to landed version of bz#589744. * configure.in, js/src/configure.in: Updated to latest version of bz#626035. * debian/rules: Enable IPC on all architectures. -- Mike Hommey Fri, 29 Apr 2011 08:01:15 +0200 iceweasel (4.0-3) experimental; urgency=low * accessible/src/base/TextUpdater.cpp: Fix crash @nsAccessible::AsHyperText() bz#643906. Closes: #619637. * configure*, gfx/ycbcr/Makefile.in: Avoid building arm neon code. bz#547946. * js/src/xpconnect/src/xpcprivate.h, js/src/xpconnect/src/xpccallcontext.cpp: Ensure XPCCallContext string cache is aligned. bz#634594. * gfx/ots/include/opentype-sanitiser.h: strict alignment issues when displaying OpenType fonts. bz#643137. -- Mike Hommey Sun, 27 Mar 2011 14:23:44 +0200 iceweasel (4.0-2) experimental; urgency=low * debian/rules: Define __ARM_PCS when building on armel. Fixes FTBFS with gcc 4.5 not declaring either __ARM_PCS or __ARM_PCS_VFP. -- Mike Hommey Wed, 23 Mar 2011 15:45:17 +0100 iceweasel (4.0-1) experimental; urgency=low * New upstream release. It's actually the same as rc2. * debian/rules: Adjust version checking for version 4.0. * debian/control: Refreshed. * ipc/chromium/Makefile.in: Fix FTBFS in IPC on Linux PPC, part 2. * xpcom/base/nsDebugImpl.cpp: Fix FTBFS in xpcom/base on armv4t. bz#643779. -- Mike Hommey Tue, 22 Mar 2011 21:06:29 +0100 iceweasel (4.0~rc2-2) experimental; urgency=low * debian/rules: Actually disable methodjit on armel, instead of all other architectures. * ipc/chromium/src/build/build_config.h: Fix FTBFS in IPC on Linux PPC. bz#643112. -- Mike Hommey Sat, 19 Mar 2011 11:42:44 +0100 iceweasel (4.0~rc2-1) experimental; urgency=low * New upstream release candidate. * debian/rules: Modify gross hack on the version checks to make it work with RC2, which claims to be final. * debian/control*: Include our tee-enabled cairo NMU from mozilla.debian.net in build dependencies. * debian/rules: - Add IPC support for powerpc. - Disable methodjit on armel. * gfx/layers/basic/BasicImages.cpp: fix bad rendering of video with 16-bits displays. bz#640588. Closes: #617475. * configure*: Allow to build against SQLite 3.7.3 for backports. * js/src/Makefile.in: Avoid "The cacheFlush support is missing on this platform" error on alpha, ia64, mips and s390. -- Mike Hommey Sat, 19 Mar 2011 09:01:30 +0100 iceweasel (4.0~rc1-1) experimental; urgency=low * New upstream release candidate. - Long link URLs are cropped in the middle instead of at the end. Closes: #615853. * debian/rules: Gross hack on the version checks to make it work with RC, which claims to be final. * js/src/jsnum.h, js/src/jsvalue.h: Use std::signbit when using js headers in C++. Fixes FTBFS with -std=c++0x, which we use. -- Mike Hommey Thu, 10 Mar 2011 10:19:52 +0100 iceweasel (4.0~b12-1) experimental; urgency=low * New upstream beta release. - Properly build documents with overflow:hidden elements. Closes: #562996. - window.alert dialogs are not popups any more. Closes: #239105. - Upscaling of images uses bilinear filtering. Closes: #596774. - Various improvements to the :visited css support to mitigate history sniffing. Closes: #560108. - Properly render SVG files with flowRoot. Closes: #513885. - Fullscreen mode doesn't prevent proper search engine from being used. Closes: #514939. - Authentication dialogs are not really popups anymore, so focus problems with them are fixed. Closes: #609768. - Better focus handling with location bar vs. content. Closes: #611354. - Various fixes for use with cairo 1.10, which most notably fixes animated GIFs. Closes: #589576. * debian/rules: Handle beta versions in milestone check. * This new version makes use of APNG files in the GUI that can't easily be replaced with GIF versions, so we're switching back to the embedded libpng library. As a consequence, the APNG related patches were dropped. * debian/copyright: Updated, but there are most probably still things missing. * debian/rules, config/autoconf.mk.in: Bump base version to 2.0. * debian/rules: - Don't modify application.ini on the beta release. - Adjust dh_xulrunner test to match the removal of unixprint plugin. - Add new variables for packages lists, as required by toolkit/mozapps/installer/packager.mk. * debian/control*: - Add a build dependency on mesa-common-dev. - libmozjs4d doesn't break xulrunner-1.9.2. - Build depend on libvpx-dev. - Build depend on libnss3-dev >= 3.12.9~beta2. - Build depend on libcairo2-dev >= 1.10.2-2~ for tee surfaces. - Remove build-dep on libpng12-dev. * debian/xulrunner-GRE_VERSION.install.in, debian/xulrunner-GRE_VERSION.links.in: Adapt dh_install and dh_link data files to new files in built application. * debian/symbols.filter, debian/rules: Don't filter libmozjs symbols. * debian/libmozjsSO_VERSION.symbols.*, debian/rules: Don't provide a symbols file yet. * js/src/Makefile.in: Bump libmozjs version. * debian/xulrunner.mozconfig: - Use internal png library. Works-around: #486827. - Use system libvpx. - Build with shared js library. * debian/iceweasel.mozconfig: - Disable webm support to avoid failure to build against libxul. This doesn't remove webm support from underlying xulrunner. - Build iceweasel without omni.jar until I figure out what to do with the default profile. * debian/xulrunner-GRE_VERSION.prerm.in, debian/xulrunner-GRE_VERSION.postinst.in: Fit to new component registration. The new component registration doesn't create compreg.dat and xpti.dat anymore, and .autoreg is not used either. python-xpcom and other similarly integrated components won't register automatically until I either implement something to do so, or these components get integrated as extensions. * debian/branding: - Remove brandTrade entity, we don't need it anymore. - browserconfig.properties is now installed in the chrome. - branding doesn't use xpcnativewrappers=yes anymore. - Add icon16.png and icon128.png to branding. These are required for the new about:home. - Add missing contentaccessible=yes in content/jar.mn. - Modify for the new about dialog. - Use about:home as homepage. * debian/iceweasel.install, debian/iceweasel.links.in: Don't install browserconfig.properties from usr/lib/iceweasel, it's not shipped anymore. * debian/iceweasel.install: - Don't install .autoreg, it isn't used anymore. * debian/installer/Makefile.in: Define JAREXT when building package manifest. * debian/noinstall.in: LICENSE file is not installed anymore. * debian/iceweasel.install, debian/xulrunner-GRE_VERSION.install.in: Install chrome.manifest in GRE and APP directories. * debian/rules, debian/vendor.js: Set general.useragent.compatMode.firefox instead of general.useragent.extra.firefoxComment. * debian/rules, debian/iceweasel.install: Install vendor.js with dh_install instead of manually in debian/rules. * debian/watch: Updated. * debian/xulrunner-GRE_VERSION.install.in, debian/xulrunner-GRE_VERSION.links.in: Install omni.jar files for xulrunner. * debian/installer/Makefile.in, debian/installer/package-manifest.browser: Properly handle the various MOZ_CHROME_FILE_FORMATs in the package manifests. * debian/source.filter: Don't remove branding from source tarball, it's free as in speech. * debian/test.mk: - Don't skip but a few xpcshell tests. - xpcshell-tests now need a X server. - Remove the check-date-format-tofte.js test from its new location. - Remove the test_handlerService.js test from its new location. - dist/bin/distribution is not needed anymore. * js/src/tracejit/Writer.*: "Fix" tracejit to build against nanojit headers in dist/include/nanojit. * configure.in, configure: - Don't take toolkit from the libxul sdk, it's not provided in mozilla-config.h anymore. - Allow to build against nspr 4.8.6. * layout/style/jar.mn, netwerk/protocol/res/nsResProtocolHandler.cpp, browser/locales/Makefile.in, ipc/glue/GeckoChildProcessHost.cpp, js/src/xpconnect/loader/mozJSComponentLoader.cpp, modules/libjar/nsJAR.cpp, modules/libpref/src/nsPrefService.cpp, netwerk/protocol/res/nsResProtocolHandler.cpp, startupcache/StartupCache.cpp, toolkit/xre/nsAppRunner.cpp, toolkit/mozapps/installer/packager.mk, toolkit/xre/nsEmbedFunctions.cpp, toolkit/xre/nsXREDirProvider.cpp, xpcom/build/Makefile.in, xpcom/build/Omnijar.*, xpcom/build/nsXPComInit.cpp, xpcom/components/nsComponentManager.cpp, xulrunner/confvars.sh: Add support for omni.jar in xulrunner. bz#620931. * configure.in, configure, js/src/configure.in, js/src/configure: Don't force build flags upon ARM compilers. bz#626035. * js/src/configure.in: Fallback to perf measurement stub when perf_event_open syscall isn't supported. bz#589744. * config/rules.mk, js/src/config/rules.mk: Remove -ljs_static from test linking flags. part of bz#584474. * content/base/src/nsWebSocket.cpp: Use chrome://global url instead of chrome://browser for websockets errors. bz#636960. * toolkit/xre/nsAppRunner.cpp: Restore DESKTOP_STARTUP_ID if a restart is required. bz#607900. -- Mike Hommey Sat, 26 Feb 2011 11:13:10 +0100 iceweasel (3.6.13-3) UNRELEASED; urgency=low * debian/branding/locales/en-US/brand.*: Changed vendorShortName to Mozilla to fit upstream. * debian/branding/Makefile.in, debian/branding/aboutIce.*, debian/rules: Prepare aboutIce component to the XPCOM changes in Gecko 2.0. * debian/extra-stuff/Makefile.in, debian/extra-stuff/addonsInfo.*, debian/extra-stuff/packages-static.xulrunner: Prepare extra components to the XPCOM changes in Gecko 2.0. * debian/iceweasel.install, debian/rules: Install vendor.js with dh_install instead of manually in debian/rules. * debian/extra-stuff/Makefile.in, debian/extra-stuff/packages-static.xulrunner, debian/iceweasel.install, debian/installer/Makefile.in, debian/installer/package-manifest.*, debian/rules: Use packager.mk to install about:iceweasel files. * debian/iceweasel.desktop: Add x-scheme-handler/http* MimeTypes. Closes: #613109. * browser/components/nsBrowserGlue.js: Unbrand Browser Glue Service. * browser/locales/en-US/chrome/overrides/appstrings.properties, browser/locales/Makefile.in: Use MOZ_APP_DISPLAYNAME to fill appstrings.properties. * browser/branding/*/locales/en-US/brand.dtd, browser/base/content/credits.xhtml: Use &brandTrade; instead of ™. * browser/base/content/credits.xhtml, browser/base/Makefile.in: Use MOZ_APP_DISPLAYNAME to make credits.xhtml vary depending on branding. * browser/locales/en-US/searchplugins/answers.xml, browser/locales/en-US/searchplugins/google.xml, browser/locales/Makefile.in: Modify search plugins depending on MOZ_APP_NAME. * browser/app/Makefile.in, browser/app/application.ini, browser/confvars.sh, config/autoconf.mk.in, configure.in: Don't hardcode anything in application.ini files. bz#525882. * browser/components/safebrowsing/content/application.js, browser/app/profile/firefox.js: Determine which phishing shavar to use depending on MOZ_OFFICIAL. * debian/branding/configure.sh, debian/branding/locales/en-US/brand.dtd: Adjust Iceweasel branding to unbranding changes above. -- Mike Hommey Sat, 19 Feb 2011 13:47:22 +0100 iceweasel (3.6.13-2) experimental; urgency=low * debian/control: Refresh from debian/control.in. * debian/*.mozconfig: Add a comment on top of mozconfig files to avoid people using them. * debian/remove.nonfree, debian/repack.py, debian/source.filter, debian/watch: Update debian/watch and provide a script repacking upstream source tarballs. * debian/iceweasel.README.Debian: Fix for the default dsp wrapper behaviour. * debian/iceweasel.desktop: Add russian translation. Closes: #608876. Thanks Alexander Sashanov. * debian/control.in, debian/rules, debian/xulrunner-GRE_VERSION.links.in: Use /usr/share/myspell/dicts for dictionaries when building for lenny. Closes: #609111. * debian/extra-stuff/Makefile.in, debian/extra-stuff/debUpdateNotifier.*, debian/extra-stuff/filemonitor/, debian/extra-stuff/packages-static.xulrunner, debian/xulrunner-GRE_VERSION.install.in: Remove update notifier, it's not quite as helpful as it should be. * debian/control.*: - Relax libglib2.0-dev build dependency. 2.18.0 was only needed for filemonitor, which we just removed. - Add a minimum version for build dependency on libevent-dev, for event_base_loopbreak() and event_base_new(). * testing/xpcshell/runxpcshelltests.py: Add a 2 minutes timeout on xpcshell tests. -- Mike Hommey Sun, 09 Jan 2011 13:46:07 +0100 iceweasel (3.6.13-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2010-{74-84}, also known as CVE-2010-3776, CVE-2010-3777, CVE-2010-3769, CVE-2010-3771, CVE-2010-3772, CVE-2010-3768, CVE-2010-3775, CVE-2010-3766, CVE-2010-3767, CVE-2010-3773, CVE-2010-3774, CVE-2010-3770. * debian/copyright: Updated to include gfx/ots. * debian/libmozjsSO_VERSION.symbols.in: Add new symbols. -- Mike Hommey Fri, 10 Dec 2010 00:11:50 +0100 iceweasel (3.6.12-2) experimental; urgency=low * layout/base/tests/TestPoisonArea.cpp: Allow TestPoisonArea to work on more architectures. * layout/base/tests/Makefile.in: Revert previous hack to avoid building and running TestPoisonArea. -- Mike Hommey Sat, 30 Oct 2010 10:46:09 +0200 iceweasel (3.6.12-1) experimental; urgency=low * New upstream release. * Fix for mfsa2010-73, also known as CVE-2010-3765. -- Mike Hommey Thu, 28 Oct 2010 09:21:33 +0200 iceweasel (3.6.11-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2010-{64-69}, also known as CVE-2010-3176, CVE-2010-3175, CVE-2010-3179, CVE-2010-3180, CVE-2010-3183, CVE-2010-3177, CVE-2010-3178. * debian/control*: Bump build dependencies on libnspr4-dev, libnss3-dev, and libsqlite3-dev to fit what configure will be looking for. -- Mike Hommey Wed, 20 Oct 2010 02:15:38 +0200 iceweasel (3.6.10-1) experimental; urgency=low * New upstream release. * config/JarMaker.py: Use errno.ENOENT instead of "2" in JarMaker.py. bz#595459. Fixes FTBFS on Hurd. * debian/rules, debian/xulrunner-dev.install.in: Build npapi_getinfo in build-xulrunner/dist/bin, and use an RPATH. Some plugins depend on libxpcom.so, and dlopen() from npapi_getinfo fails unless libxpcom.so can be loaded too. Fixes FTBFS on hppa as a side effect. -- Mike Hommey Thu, 16 Sep 2010 09:15:51 +0200 iceweasel (3.6.9-1) experimental; urgency=low * New upstream release. * Fixes for mfsa2010-{49-51,53-57,59-63}, also known as CVE-2010-3169, CVE-2010-2765, CVE-2010-2767, CVE-2010-3166, CVE-2010-2760, CVE-2010-3168, CVE-2010-3167, CVE-2010-2766, CVE-2010-2762, CVE-2010-2763, CVE-2010-2768, CVE-2010-2769, CVE-2010-2764. * debian/README.Debian: Move to debian/iceweasel.README.Debian. * debian/branding/content/*.png.uu (removed), debian/branding/content/*-base.png, debian/source/include-binaries, debian/branding/content/Makefile.in: Replace .uu files with their binary counterpart, now that dpkg-dev supports binary files in the debian/ directory. * debian/control*: - Remove build dependency on sharutils. - Install libmozjs debug symbols together with the xulrunner ones. - Remove extra ~ in iceweasel version dependency on xulrunner, which was only required for 3.6.4~build2. * debian/rules: - Refactor file preprocessing. - Actually allow the build sequence to start from intermediate stamps. - Don't fail to build if the build-xulrunner directory exists. - Move .PHONY definitions for test targets to debian/test.mk. - Add some sanity checks on version numbers. - Use the new DEBIAN_RELEASE variable for dh_gencontrol. - Enhance the check-system-libs rule to check in the all autoconf.mk files. - Further split build and install process in several stamped steps. - Actually set CXX in default case, and re-export it. - Move stamps creation at the end, so that "touch" always happens at the end. - Separate dh_xulrunner check from dh_install rule for better debugging. * debian/test.mk: - Move tests HOME directory into build-xulrunner/dist instead of now nonexistent dist. - Don't automatically modify TESTS when TEST_PATH is set. - Force armel JIT to compile ARMv4T instructions during tests. - Define generic -skip rules for tests. - Put all tests requiring an application in a separate variable. - Use iceweasel for reftest/crashtest. * debian/reftest-app: Remove our custom reftest-app. * debian/extra-stuff/Makefile.in: Remove duplicated variables definitions. * debian/branding/content/jar.mn: Add missing aboutFooter.png to branding. * debian/rules, debian/noinstall.in: Move testsuite related header field removal to noinstall.in. * debian/rules, debian/branding/jar.mn, debian/branding/Makefile.in: Check the iceweasel branding installs all files provided by upstream unofficial branding. * debian/dh/dh_xulrunner.in: - Fix small formatting issue in dh_xulrunner manual page. - Remove debug output in dh_xulrunner. * debian/rules, debian/dh/dh_xulrunner_test, debian/dh/dh_xulrunner.in: Better check for the dh_xulrunner behaviour. * debian/rules, debian/dh/npapi_getinfo.c, debian/dh/dh_xulrunner.in, debian/xulrunner-dev.install.in: New dh_xulrunner feature: return plugins handled mime types in a substvar. * debian/xulrunner-dev.links.in: Install a symlink to nspr-config for the SDK. * debian/branding/firefox-branding.js: Unset startup.homepage_override_url and startup.homepage_welcome_url. In other words, don't display anything special after an upgrade or for the first time the browser is started. * debian/xulrunner-GRE_VERSION.postinst.in, debian/xulrunner-GRE_VERSION.prerm.in, debian/xulrunner-GRE_VERSION.manpages.in, debian/xulrunner-stub-GRE_VERSION.1.in: Add a /usr/bin/xulrunner-stub binary in the form of an alternative, and a corresponding manual page. * debian/smjs.1, debian/control*: Add a note that smjs is not recommended for production use. * gfx/qcms/iccread.c: Fix unaligned reads in qcms. bz#504766. Closes: #591512. * browser/components/privatebrowsing/src/nsPrivateBrowsingService.js: Align -private description in --help output. * js/src/nanojit/NativeARM.*, js/src/nanojit/avmplus.*, js/src/nanojit/njcpudetect.h: Fix ARMv4T JIT support, and use patches as landed in upstream nanojit. * profile/dirserviceprovider/src/nsProfileLock.*, toolkit/xre/nsSigHandlers.cpp: Support platforms without SA_SIGINFO. bz#593767. Closes: #595535. Thanks Samuel Thibault. * xulrunner/installer/*.pc.in: pkg-config files don't need to require the version of nspr xulrunner was built against. Closes: #595842. * testing/xpcshell/head.js, debian/test.mk: Revert previous temporary hacks to track down kfreebsd buildd issues. -- Mike Hommey Wed, 08 Sep 2010 09:05:03 +0200 iceweasel (3.6.8-2) experimental; urgency=low * New upstream release. [ iceweasel ] * debian/iceweasel.install, debian/rules: Build in a subdirectory instead of within the source directory. * debian/iceweasel.mozconfig, debian/rules: Move most configure options to a separate mozconfig file. * debian/iceweasel.install: Install blocklist.xml. * debian/noinstall, debian/rules: Remove some installed files from debian/tmp, and use dh_install --fail-missing. * debian/rules: Add --with-system-libxul configure option. * debian/rules: Rename CONFIGURE_OPTIONS to CONFIGURE_FLAGS * debian/control*: - Reformat. - Remove Eric Dorland from the Uploaders field. Given his limited time and lost interest, Eric agreed to formally retire from iceweasel maintenance. Thanks for all these years, Eric. * build/Makefile.in, build/automation-build.mk: Revert cleaning patches. [ xulrunner ] * debian/control*, debian/extra-stuff/packages-static.xulrunner, debian/libmozillainterfaces-java.*, debian/rules, debian/xulrunner-BASE_VERSION.install.in: Remove unsupported javaxpcom support. * debian/rules, debian/test.mk: Build in a subdirectory instead of within the source directory. * debian/mozconfig*, debian/rules: Move default-mozilla-five-home definition from mozconfig to debian/rules. * debian/mozconfig, debian/rules: Rename mozconfig to xulrunner.mozconfig. * debian/*: Rename BASE_VERSION to GRE_VERSION. * Makefile.in, build/Makefile.in, build/automation-build.mk, config/rules.mk, js/src/Makefile.in, js/src/config/rules.mk, js/src/xpconnect/src/Makefile.in, testing/testsuite-targets.mk, xpcom/tests/Makefile.in: Revert cleaning patches. * extensions/java/xpcom/Makefile.in, toolkit/toolkit-makefiles.sh: Revert javaxpcom patches. * memory/jemalloc/jemalloc.c: Properly disable ncpus in jemalloc, which the previous patch didn't do. [ merged packages ] * debian/control*, debian/rules: Merged iceweasel and xulrunner source packages. Binary packages are kept as they were before. * debian/copyright, debian/watch: Use Iceweasel's version. * debian/changelog: Keep Iceweasel changelog. Xulrunner's go in a separate debian/changelog.xulrunner file, for historical purpose. The file is not installed in binary packages. * debian/control*: Fix xulrunner-dev dependencies. As ${source:*Version} will return iceweasel version, ${binary:Version} is better to use. It turns out it is safe to use now xulrunner-dev is not Arch: all. * debian/extra-stuff/Makefile.in: - Fix to support subdirectory build. - Avoid duplicated entries in generated jar manifest. * debian/rules: - Set LDFLAGS for iceweasel the same way xulrunner does. - Export CFLAGS and CXXFLAGS directly from rules instead of setting them when calling configure. * debian/extra-stuff/Makefile.in, debian/noinstall*, debian/rules: Use debian/noinstall to avoid installing some xulrunner files, instead of filtering the package manifest. * debian/rules, debian/*.manpages*: Use .manpages files instead of calling dh_installman manually. Iceweasel was doing that, but not xulrunner. * Skip version 3.6.8-1, as xulrunner packages versions numbers would then be 1.9.2.8-1, which was already used. * debian/reftest-app/defaults/preferences/reftest-app.js: Add a default value for the dom.ipc.plugins.enabled pref to the reftest app. * testing/xpcshell/head.js: Add a 2 minutes timeout on xpcshell tests. * debian/test.mk: Add logging messages during xpcshell tests to track down kfreebsd buildd issues. -- Mike Hommey Fri, 20 Aug 2010 21:57:53 +0200 iceweasel (3.6.7-1) experimental; urgency=low * New upstream release. * Fixes mfsa-2009-45, also known as CVE-2010-1206. * debian/control: - Remove conflict with very old package. - Bump Standards-Version to 3.9.0.0. -- Mike Hommey Wed, 21 Jul 2010 00:21:17 +0200 iceweasel (3.6.4-1) experimental; urgency=low * New upstream release. -- Mike Hommey Wed, 23 Jun 2010 15:27:03 +0200 iceweasel (3.6.4~build2-1) experimental; urgency=low * debian/copyright, debian/remove.nonfree: Update to fit new upstream (pre)release. * debian/iceweasel-runner: Don't override MOZ_APP_LAUNCHER, which was already set. * debian/firefox, debian/iceweasel.install, debian/iceweasel.postrm, debian/iceweasel.preinst: Divert /usr/bin/firefox and put a wrapper script instead. The wrapper script runs the diverted firefox if it exists, and iceweasel otherwise. Closes: #576392. * debian/README.Debian: Add a note about safe browsing in README.Debian. Closes: #575039. * debian/rules: - Build with --std=gnu++0x. - Don't check for libiw, necko wifi is part of libxul already. * debian/control*: - Remove dependency on psmisc as we've not been using fuser for years. - Iceweasel 3.6.4~build2 needs to depend on xulrunner 1.9.2.4~build2. * debian/branding/Makefile.in, debian/branding/aboutIce.js, debian/branding/ice.*, debian/branding/jar.mn, debian/iceweasel.install: Add a about:iceweasel page similar to about:mozilla. Closes: #413725. * configure.in: Revert change to force not to use -fshort-wchar. -- Mike Hommey Mon, 03 May 2010 13:44:40 +0200 iceweasel (3.6.3-1) experimental; urgency=low * New upstream release. * debian/rules, debian/control: Bump GRE version to 1.9.2. * debian/branding/Makefile.in: document.png moved in upstream tarball. * debian/patches/*: Refresh patches and add some more: - More s/%APP%/firefox/ changes for 3.6. - Additional --with-libxul-sdk changes for 3.6. -- Mike Hommey Fri, 02 Apr 2010 21:44:36 +0200 iceweasel (3.5.9-2) unstable; urgency=low * debian/remove.nonfree: There are still some .cvsignore files in the upstream tarballs. * debian/rules, debian/iceweasel.links.in, debian/iceweasel.bug-script.in, debian/iceweasel.bug-control.in, debian/control.in, debian/control: Generate GRE version dependent information from GRE_VERSION set in debian/rules. * debian/rules, debian/control*: Have iceweasel 3.5.x depend on xulrunner 1.9.1.x at least. This will force upgrades of xulrunner when iceweasel is upgraded. -- Mike Hommey Fri, 02 Apr 2010 20:08:22 +0200 iceweasel (3.5.9-1) unstable; urgency=low * New upstream release. * config/autoconf.mk.in: Revert previous changes to install in an unversioned directory. * debian/rules: Pass an installdir variable to install into /usr/lib/iceweasel. * debian/control: - Suggest libkrb53 for backports. - Build-depend on xulrunner-dev << 1.9.2. * debian/iceweasel.prerm, debian/iceweasel.postinst: Remove old mozilla alternative. I think there is no reason to keep this anymore. * debian/iceweasel.links: Remove firefox and mozilla-firefox links. It will help make transition to Firefox easier if that ever happens. * debian/remove.nonfree: We now remove more non-free data. Also cleaned up outdated stuff. Closes: #567915 * debian/source/format, debian/patches/*: Switch to 3.0 (quilt) format, with patches. * browser/components/safebrowsing/content/application.js, browser/app/profile/firefox.js: Use googpub-phish-shavar instead of goog-phish-shavar for safe browsing. This is a first step for fixing safe browsing. Either the current setup will work if Google allows our client string to get this data, or we'll be allowed to say we're firefox to the safe browsing server. Closes: #561927. -- Mike Hommey Thu, 01 Apr 2010 16:23:51 +0200 iceweasel (3.5.8-1) unstable; urgency=low * New upstream release. * browser/components/nsBrowserContentHandler.js: Revert temporary hack to force homepage_override to be triggered. * extensions/reporter/resources/content/reporter/reporterOverlay.xul, browser/base/content/baseMenuOverlay.xul: Resurrect release notes menu item. Also resurrect the check for updates one, since it is #ifdef'ed on something we disable. * browser/components/safebrowsing/content/report-phishing-overlay.xul: Revert the change in report phishing menu item location. Now we resurrected the release notes item and restored the updateSeparator, this change is pointless. * browser/base/content/credits.xhtml: Correct old merge mistake. * browser/locales/en-US/searchplugins/google.xml: Fix Google suggestions in search box. Closes: #568004. * build/Makefile.in: Remove leaktest files in make clean. bz#541769. * build/Makefile.in, build/automation-build.mk, build/automation.py.in, build/pgo/Makefile.in, layout/tools/reftest/Makefile.in, testing/mochitest/Makefile.in: Don't remove build/automationutils.py on make clean. bz#525047. * build/automation-build.mk: Remove automation.py in make clean. bz#541768. * debian/control: - iceweasel provides gnome-www-browser: Closes: #568320. - Bump Standards-Version to 3.8.4.0. * debian/branding/firefox-branding.js: - Add a release notes URL. - Point to localized urls on mozilla.debian.net. * debian/rules: - Remove Debian revision from the User Agent string. - Don't set distribution-id, it's only used in toolkit, i.e. xulrunner. - Remove uneffective --disable-gtktest flag. * debian/iceweasel.install, debian/wikipedia-en.xml: Remove wikipedia-en.xml searchplugin. There is now a better search plugin (with suggestions) provided upstream. * debian/rules, debian/iceweasel.install, debian/debsearch.*: Refresh debsearch search plugin. * debian/iceweasel.1: Improve manual page for -P option. Closes: #568677. * debian/iceweasel-xremote-client: Don't need to set LD_LIBRARY_PATH. * debian/iceweasel.install, debian/rules: Don't install xpm files in chrome/icons/default. They are not provided there upstream anymore, there is no reason to do so. * debian/rules, debian/*.svg, debian/iceweasel.install, debian/*.png.uu, debian/branding: Move images generation and cleanup in debian/branding. * debian/rules: - Remove unused variables in debian/rules. - Remove binary-indep rules, as we don't build an arch: all package anymore. - Don't unnecessarily set LD_LIBRARY_PATH when building. - Remove old comments from dh-make templates. - Use browser/config/version.txt content as UPSTREAM_VERSION. - Use a variable for GRE version. - Use the GRE directory as hint for dh_shlibdeps. - Install the MPL license text in all packages. - Don't fix permissions that don't need to be fixed. * debian/README.Debian: Remove mostly irrelevant parts of README.Debian. * debian/compat, debian/rules: Switch to dh. * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/updates on upgrades. * debian/rules: - There is no bashism in debian/rules anymore. - Use make dependency to "generate" the MPL file. - Set LDFLAGS at configure time. * debian/vendor.js: Don't trigger the debAbout component. Now we have a release notes link in about:, the debAbout generated links are pointless, especially since they create problems in the target web pages (e.g. unstyled BTS). * debian/iceweasel-gnome-support.{prerm,postinst}, debian/iceweasel.{prerm,postinst}: Merge iceweasel-gnome-support maintainer scripts into iceweasel ones. -- Mike Hommey Wed, 17 Feb 2010 22:46:30 +0100 iceweasel (3.5.6-2) unstable; urgency=low * debian/iceweasel-runner: - Allow iceweasel-runner not to hardcode the iceweasel base directory. Closes: #507120. - Remove old compatibility stuff. * debian/iceweasel.desktop: Only put the name in the Name field of the freedesktop application file. Closes: #507961. * debian/iceweasel.dirs: - Make it clear that plugins should live in /usr/lib/mozilla/plugins/ by shipping the directory in the iceweasel package. Closes: #520676. - Likewise for extensions in /usr/{lib,share}/mozilla/extensions/$app-id. Closes: #564669. * debian/control: - Suggest ttf-lyx | latex-xft-fonts (latex-xft-fonts is kept for stable users). Closes: #539537. - Replace libkrb53 suggestion with libgssapi-krb5-2. - Remove the iceweasel-gnome-support package. - Rewrite the short description. Also slightly modify the long description. Closes: #400858. - Build conflict with libhildonmime-dev and libosso-dev. Closes: #544369 * debian/iceweasel.1: - Fix trivial typo in the manual page. Closes: #528789. - Synchronize manual page with iceweasel --help output, and add various other information. Closes: #362020, #520660, #556258. * debian/homepagereset.js, debian/iceweasel.install: Remove the homepagereset component. It was used to reset the homepage user settings if it were a very old value. Anyone using these old homepages should have had their homepage reset by now. * debian/control, debian/iceweasel.bug-presubj, debian/iceweasel.install, debian/rules: Use dh_bugfiles instead of installing reportbug-related files by hand. * debian/iceweasel.bug-script: Add reportbug script to list addons. This uses a new helper in xulrunner-1.9.1. Closes: #356647. * debian/iceweasel.bug-control: Request xulrunner-1.9.1 dependency list in bug reports. * debian/branding/Makefile.in, debian/branding/firefox-branding.js: Use http://mozilla.debian.net pages for homepage_override and welcome. * browser/components/nsBrowserContentHandler.js: Temporary hack to force homepage_override to be triggered. This hack is to be removed in next release. Its sole purpose is to get people to see the pages on http://mozilla.debian.net/ despite the upstream version not being bumped. * debian/iceweasel.prerm: When removing the package, cleanup files iceweasel creates if run as root. * debian/iceweasel.install, debian/iceweasel.prerm: Make .autoreg part of the package. * debian/iceweasel-restart-required.update-notifier, debian/iceweasel.install, debian/iceweasel.postinst: Remove update notification through update-notifier * browser/components/nsBrowserContentHandler.js, browser/components/shell/src/nsSetDefaultBrowser.js: Fix misalignments in --help command line. bz#458631. * browser/base/content/browser.css: Favicons in search bar dropdown not shown if menus_have_icons=false. bz#508221. Closes: #561902. -- Mike Hommey Wed, 03 Feb 2010 07:55:01 +0100 iceweasel (3.5.6-1) unstable; urgency=low * New upstream release. -- Mike Hommey Wed, 16 Dec 2009 11:08:01 +0100 iceweasel (3.5.5-1) unstable; urgency=low * New upstream release. * debian/remove.nonfree: Synchronize with Iceape 2.0. * debian/copyright: Update with missing information, and remove lcms licensing as it was dropped in 3.5. * debian/iceweasel-runner: Synchronize with Iceape 2.0's iceape-runner: - Remove obsolete (and commented) Xprint support. - Only handle --verbose, -V, -g and --debugger options. - Output less variables when running verbosely. * debian/README.Debian: Point to the proper file containing the app.update.enabled setting. * debian/rules: Properly modify {Min,Max}Version in application.ini. * debian/control, debian/iceweasel.preinst: Removed upgrade path from old firefox packages. * debian/rules: Add a "like Firefox/version" string to the UA. Closes: #399633. * debian/control: - Set the pkg-mozilla team as maintainer. - Bump Standards-Version to 3.8.3.0. * browser/components/sessionstore/src/nsSessionStore.js: Avoid wrong sessionstore data to keep windows out of user sight. Closes: #552426, #553453. -- Mike Hommey Thu, 12 Nov 2009 17:32:42 +0100 iceweasel (3.5.4-1) unstable; urgency=low * New upstream release. -- Mike Hommey Wed, 28 Oct 2009 16:36:06 +0100 iceweasel (3.5.3-2) unstable; urgency=low * debian/iceweasel-runner: Set the MOZ_APP_LAUNCHER in the runner script to register the proper name with XSMP. Closes: #437999. * debian/watch: Fix to fit new upstream tarball names. Thanks Yan Morin . Closes: #550482. -- Mike Hommey Sat, 10 Oct 2009 16:03:21 +0200 iceweasel (3.5.3-1) experimental; urgency=low * New upstream release. -- Mike Hommey Thu, 10 Sep 2009 22:04:25 +0200 iceweasel (3.5.2-1) experimental; urgency=low * New upstream release. -- Mike Hommey Thu, 20 Aug 2009 07:30:00 +0200 iceweasel (3.5.1-1) experimental; urgency=low * New upstream release. * debian/copyright: - Fix GPL and LGPL text location. - Update copyright information. * debian/control: - Add ${misc:Depends} in all binary packages dependencies. - Set iceweasel-dbg's section to debug. - Bumped Standards-Version to 3.8.2.0. * debian/rules: Removed call to deprecated dh_desktop. * debian/iceweasel.postinst: Remove call to update-desktop-database, which is not in /usr/sbin anyways, and is called automatically (was added by dh_desktop before, and run by desktop-file-utils triggers now). -- Mike Hommey Fri, 17 Jul 2009 20:49:41 +0200 iceweasel (3.5-1) experimental; urgency=low * New upstream release. * debian/control, debian/rules, debian/iceweasel.links: Build against and depend on xulrunner 1.9.1. * configure.in, configure: Don't check for libasound. * debian/branding/locales/en-US/brand.dtd: Add missing entity. * browser/components/build/Makefile.in: Link against nspr. -- Mike Hommey Wed, 08 Jul 2009 07:59:42 +0200 iceweasel (3.0.11-1) unstable; urgency=low * New upstream release. -- Mike Hommey Sat, 13 Jun 2009 20:33:30 +0200 iceweasel (3.0.9-1) unstable; urgency=high * New upstream release. * Fixes mfsa-2009-20, also known as CVE-2009-1310. -- Mike Hommey Wed, 22 Apr 2009 21:18:38 +0200 iceweasel (3.0.7-1) unstable; urgency=high * New upstream release. * Fixes mfsa-2009-11, also known as CVE-2009-0777. -- Mike Hommey Sun, 08 Mar 2009 11:23:28 +0100 iceweasel (3.0.6-1) unstable; urgency=low * New upstream release. * Fixes mfsa-2009-03, also known as CVE-2009-0355. -- Mike Hommey Wed, 04 Feb 2009 08:19:24 +0100 iceweasel (3.0.5-1) unstable; urgency=low * New upstream release. * Fixes mfsa-2008-{63,69}, also known as CVE-2008-5505 and CVE-2008-5513. * debian/vendor.js: Remove EULA override, since the EULA was removed upstream, and its replacement has been made hidden to unofficial builds. -- Mike Hommey Sat, 20 Dec 2008 13:40:23 +0100 iceweasel (3.0.4-1) unstable; urgency=low * New upstream release. (Closes: #505557) [ Mike Hommey ] * debian/iceweasel-gnome-support.postinst, debian/iceweasel-gnome-support.prerm: Handle gnome-www-browser alternative. Restored from 3.0~b5-3. Closes: #492286. * debian/branding/locales/browserconfig.properties: Change the homepage to about:. Closes: #499346 * browser/branding/unofficial/locales/browserconfig.properties: Revert previous change, this is not the installed file. * debian/homepagereset.js: Force homepage reset if it was previously set to the granparadiso homepage. * debian/iceweasel-restart-required.update-notifier: Added japanese translation. Thanks Hideki Yamane. Closes: #503595. * browser/components/shell/src/nsGNOMEShellService.cpp: Fix various problems in the handling of GNOME background color. Closes: #495897. [ Eric Dorland ] * debian/iceweasel.desktop: Just specify "iceweasel" as the icon, so it can pick the scalable one under certain circumstances. (Closes: #451943) -- Eric Dorland Sun, 23 Nov 2008 01:32:40 -0500 iceweasel (3.0.3-3) unstable; urgency=low * browser/app/profile/firefox.js: Replace %APP% with firefox in some places. Closes: #501540, #502450. * browser/branding/unofficial/locales/browserconfig.properties: Change the homepage to about:. Closes: #499346. * browser/app/profile/firefox.js, browser/locales/en-US/firefox-l10n.js: Remove general.useragent.locale prefs from firefox*.js. Closes: #495381. * browser/components/feeds/src/FeedConverter.js: Allow external web feed application to work without gnome libraries. Closes: #406380. * debian/presubj: Minor changes and add a note about MOZILLA_DISABLE_PLUGINS environment variable. * debian/control: Depend on a version of xulrunner-1.9 that handles the MOZILLA_DISABLE_PLUGINS environment variable. -- Mike Hommey Fri, 24 Oct 2008 08:16:02 +0200 iceweasel (3.0.3-2) unstable; urgency=low * debian/iceweasel-xremote-client, debian/iceweasel-runner: Use 'iceweasel' as default application id instead of 'firefox'. * debian/iceweasel.1: Update the manpage accordingly. * Thanks to Sven Hartge. Closes: #501304, #501363, #501394, #501445. -- Mike Hommey Wed, 08 Oct 2008 07:36:53 +0200 iceweasel (3.0.3-1) unstable; urgency=high * New upstream release. (Closes: #500374) * debian/presubj: Fix typo. Thanks Rémi Vanicat. (Closes: #444736) * browser/app/application.ini: Our name should be Iceweasel and not Firefox. This name here is used early in the startup, for things like the group leader window name. (Closes: #428836) * browser/app/application.ini: Set the profile path explicitely now that we have a different application name. * debian/iceweasel-runner: Add the -profile and -install-global-extension to the list of single arg flags for iceweasel. (Closes: #425874, #440455) * debian/iceweasel.desktop: Fixed Finnish desktop file translation. Thanks Timo Jyrinki. (Closes: #483941) -- Eric Dorland Mon, 06 Oct 2008 01:59:30 -0400 iceweasel (3.0.1-1) unstable; urgency=low * New upstream release. * debian/rules: - Install the 64x64 icon into the proper place. Closes: #479032. - Broaden version range for the GRE in application.ini. * browser/components/preferences/applications.js: Avoid spurious "Run" items in application handlers configuration pane. * browser/components/preferences/applicationManager.xul: Fix breakage of the application manager by change to applications.js in 3.0~rc2-2. * debian/iceweasel-runner: Don't set MOZILLA_NO_JEMALLOC when using aoss. * debian/control: - Depend on a version of xulrunner with a fixed jemalloc. - Updated Standards-Version to 3.8.0.1. No changes required. * debian/remove.nonfree: Don't remove files that don't exist anymore, and properly remove some files with spaces in their name. * debian/iceweasel.links: /usr/share/icons/hicolor/64x64/apps/iceweasel.png is not a link anymore. -- Mike Hommey Mon, 14 Jul 2008 22:51:39 +0200 iceweasel (3.0~rc2-2) unstable; urgency=low * debian/iceweasel-runner: - Fix startup with aoss as ICEWEASEL_DSP. Closes: #485623. - Use MOZILLA_NO_JEMALLOC instead of LD_PRELOAD to disable jemalloc. * browser/components/preferences/applications.js: Avoid failure to initialize the applications preferences pane when the shell service is not loaded, which happens when xulrunner-1.9-gnome-support is not installed. Closes: #485765. * browser/confvars.sh: Set MOZ_APP_NAME to iceweasel. This will make the shell service use the proper path when setting the default browser. Closes: #399632. * configure, configure.in: Force to not use -fshort-wchar. Closes: #474281. * debian/control: - Build depend on version of xulrunner-dev that doesn't use -fshort-wchar. - Depend on version of xulrunner-1.9 implementing MOZILLA_NO_JEMALLOC and lockPref in preferences. * debian/iceweasel.cfg: Removed. * debian/iceweasel.install: Don't install iceweasel.cfg. * debian/vendor.js: Moved the locked preference for app.update.enabled here, now that can be done here with newest xulrunner-1.9. Note that iceweasel.cfg was not taken into account due to general.config.filename mistakenly not being set. * debian/iceweasel.js: Fixed preferences location in /usr/lib/iceweasel and added a note about lockPref. * debian/rules, debian/iceweasel.install: Now that we don't have flat chrome, we can't use icons from chrome/browser/content. Change links to point to a proper location, and install missing 64x64 icon. Thanks Franklin PIAT. Closes: #486521. -- Mike Hommey Sat, 21 Jun 2008 15:57:49 +0200 iceweasel (3.0~rc2-1) unstable; urgency=low * New upstream release candidate. -- Mike Hommey Sat, 07 Jun 2008 12:46:43 +0200 iceweasel (3.0~rc1-1) experimental; urgency=low * configure.in, configure: Fix LIBXUL_SDK_DIR variable use. Closes: #479041. * debian/iceweasel-runner: Work around problems with aoss and libjemalloc by preloading the glibc. Closes: #475166. * debian/iceweasel.postinst: - Remove any compreg.dat and xpti.dat that would be left from earlier runs of iceweasel as root, causing possible random crashes with xpcom. Closes: #481020. - Touch .autoreg on install/upgrade, so that components registration is triggered for the components provided by iceweasel. * debian/control: - Build depend on xulrunner-dev 1.9~rc1 and stop build depending on xulrunner-1.9-common which was only required because of incompatible platform.ini in xulrunner-1.9-common 1.9~b5-1. - iceweasel depends on xulrunner >= 1.9~rc1. * debian/about_debian.js: Removed, as this component will be provided by xulrunner. * debian/iceweasel.install: Don't install about_debian.js. * debian/rules: Use proper flag to disable optimization. * debian/branding/branding.nsi, debian/branding/content/contents.rdf: Removed useless branding files. * debian/branding/locales/en-US/brand.dtd: Removed useless entity. * debian/vendor.js: - Add package name for debAbout.js component. - Avoid displaying useless EULA at iceweasel startup. * debian/rules: Install debian/vendor.js and append general.useragent.extra.firefoxComment there. * configure.in, configure: Don't build libjemalloc when building against libxul-sdk. * browser/base/content/baseMenuOverlay.xul, browser/components/safebrowsing/content/report-phishing-overlay.xul, extensions/reporter/resources/content/reporter/reporterOverlay.xul: Arrange menu overlays so that nothing ends up after "About Iceweasel". -- Mike Hommey Sat, 24 May 2008 22:48:48 +0200 iceweasel (3.0~b5-4) experimental; urgency=low [ Eric Dorland ] * debian/control: - Add Replaces on iceweasel-gnome-support for imgicon move. (Closes: #478084) - Fix GNOME spelling errors. - Remove binutils and dpkg-dev build dependencies that were workarounds for broken version that are no longer in Debian. * debian/rules: Add calls to dh_desktop. * debian/iceweasel.postinst: Fix inverted check for a running iceweasel. Thanks Andreas Beckmann. (Closes: #473756) * debian/iceweasel.desktop: Add trailing semicolons to Categories and Mimetype to comply the standard. Thanks Michael Biebl. (Closes: #468117) [ Mike Hommey ] * debian/control: - Replace a bunch of build dependencies with xulrunner-dev and xulrunner-1.9-common (a versioned dependency is required for this one because of an incompatible platform.ini in 1.9~b5-1). - iceweasel now depends on xulrunner-1.9 (we rely on xulrunner-stub from version 1.9~b5-4). - iceweasel-dbg depends on xulrunner-1.9-dbg. - iceweasel-gnome-support is transformed into a dummy package to install xulrunner-1.9-gnome-support. * debian/iceweasel-gnome-support.*: Removed. * debian/iceweasel.install, debian/iceweasel.links: - Don't install files that are provided by xulrunner-1.9, including the firefox binary, which is a copy of xulrunner-stub. - defaults/pref is now defaults/preferences. - Install application.ini in /usr/lib/iceweasel instead of /usr/share/iceweasel. Xulrunner following symlinks, it fails running iceweasel without the file being in /usr/lib/iceweasel. * debian/rules: - Build against xulrunner-1.9. - Don't install files in the iceweasel-gnome-support package and don't filter anything in the iceweasel package. - Don't set general.useragent.product and general.useragent.productSub, they have no effect anymore. - defaults/pref is now defaults/preferences. - Remove specific CFLAGS for alpha and ppc64, since we don't build from code that may require it. - Properly cleanup debian/branding with clean rule. * debian/iceweasel.links: - Install the xulrunner-stub as a /usr/lib/iceweasel/firefox-bin symlink. It will also allow smooth upgrade for those whose session manager stored firefox-bin as iceweasel main executable. - Help xulrunner-stub by pointing to xulrunner's home with a /usr/lib/iceweasel/xulrunner symlink to /usr/lib/xulrunner-1.9. * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/.autoreg on upgrade. * debian/iceweasel-xremote-client: Don't set MOZILLA_FIVE_HOME anymore. * toolkit/library/Makefile.in, xpcom/reflect/xptcall/src/md/unix/Makefile.in: Revert changes to these files, as they are not used for the build anymore. -- Mike Hommey Thu, 01 May 2008 18:56:40 +0200 iceweasel (3.0~b5-3) experimental; urgency=low * debian/README.Debian: Change the paragraph about pango, since this is now the only font backend and MOZ_DISABLE_PANGO is effectless. * debian/presubj: Remove the paragraph about MOZ_DISABLE_PANGO. * debian/iceweasel-runner: Don't export the MOZ_DISABLE_PANGO variable. * debian/rules: - Remove old unused stuff. - Use upstream optimization flags. - Arrange LDFLAGS so that -Wl,--as-needed appears before -lpthread. * debian/iceweasel-gnome-support.install: Remove the imgicon component from the iceweasel-gnome-support package. (Closes: #477661) * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fix FTBFS on hppa. (Closes: #473766) -- Mike Hommey Sat, 26 Apr 2008 09:35:27 +0200 iceweasel (3.0~b5-2) experimental; urgency=low [ Mike Hommey ] * allmakefiles.sh: Make the branding directory cleanup properly. * browser/build.mk, browser/installer/Makefile.in, toolkit/mozapps/installer/packager.mk: Cleanup the few remaining files in browser/installer when distcleaning. * configure.in, configure: Check less things during configure when using libxul-sdk. [ Eric Dorland ] * debian/rules: Install the libimgicon.so component in the regular iceweasel package and not iceweasel-gnome-support. It's needed to display the icons and doesn't actually depend on anything gnome specific. (Closes: #474728) * debian/rules: Suggest xfonts-mathml and ttf-mathematica4.1 for mathml support. (Closes: #445564) -- Eric Dorland Tue, 22 Apr 2008 01:26:06 -0400 iceweasel (3.0~b5-1) experimental; urgency=low * New upstream beta release. * debian/branding/locales/Makefile.in: Fix location of the branding directory. -- Eric Dorland Wed, 02 Apr 2008 22:58:08 -0400 iceweasel (3.0~b4-2) experimental; urgency=low * debian/branding/*, debian/rules, debian/iceweasel.install: Use the --with-branding flag, create a branding directory and generate all of our snazy icons inside of it. * debian/filter-globe.xsl: Remove, no longer needed. * debian/control: Fix build dependencies, add zip and libdbus-glib-1-dev, and tighten the cairo dependency. Thanks Michel Dänzer. (Closes: #472467) * debian/rules: Disable the crash reporter, Mozilla probably won't appreciate our reports. -- Eric Dorland Tue, 01 Apr 2008 01:42:10 -0400 iceweasel (3.0~b4-1) experimental; urgency=low * New upstream beta release. * debian/control: - Sort the Build-Depends by alphabetical order and add proper linebreaks. - Update Standards-Version to 3.7.3. - Point Vcs-* headers at new Git repo. * browser/base/content/baseMenuOverlay.xul, browser/base/content/baseMenuOverlay.xul, browser/base/content/credits.xhtml, browser/components/nsBrowserGlue.js, browser/locales/en-US/chrome/overrides/appstrings.properties, browser/locales/en-US/searchplugins/answers.xml, browser/locales/en-US/searchplugins/google.xml: Re-port a bunch of Firefox to Iceweasel renames. * debian/iceweasel-dom-inspector.install, debian/iceweasel-dom-inspector.links, debian/control, debian/rules: The dom-inspector has been removed from 3.0, so remove the package and conflict against the old one. -- Eric Dorland Sun, 23 Mar 2008 23:09:32 -0400 iceweasel (3.0~b3-1) experimental; urgency=low * New upstream beta release. * debian/rules: Remove the --enable-chrome-format=flat for now. -- Eric Dorland Tue, 04 Mar 2008 01:36:37 -0500 iceweasel (3.0~b2-1) UNRELEASED; urgency=low * New upstream beta release. * debian/remove.nonfree: Don't remove atk components from other-licenses. * debian/rules: - Don't build static, seems static building is incompatible with libxul. - Need to build with internal libpng, since the system on doesn't support APNG. - Don't use system nss, nspr and hunspell for the moment. - Don't install the nspr, nss, etc links for now. - Pass --disable-install-strip and drop --disable-strip-libs, which doesn't exist anymore. * toolkit/library/Makefile.in: Include -lXrender, the GTK libs don't seem to pull it in and we need it. * debian/iceweasel.install: - Apparently the unixprintplugin isn't there anymore, remove the line. - Collapse the chrome installation, the manifest files there are the only ones we want. * debian/iceweasel.install, debian/iceweasel.links: - Install and link to the new modules directory. - Install and link to new .ini files. -- Eric Dorland Mon, 21 Jan 2008 17:56:50 -0500 iceweasel (2.0.0.11-1) unstable; urgency=low * New upstream release, not actually different from 2.0.0.10-2. [ Eric Dorland ] * debian/iceweasel.desktop: Set the Category to Network;WebBrowser and remove invalid Applcation. * debian/rules: Don't unilaterally ignore make distclean errors. [ Mike Hommey ] * debian/shlibs.local: Not needed now that older versions of libnss are not longer in the archive. -- Eric Dorland Sat, 01 Dec 2007 20:40:54 -0500 iceweasel (2.0.0.10-2) unstable; urgency=low * content/canvas/src/nsCanvasRenderingContext2D.cpp: Apply patch from bz#391028 to fix bz#405584, a regression in Canvas.drawImage. -- Eric Dorland Tue, 27 Nov 2007 13:13:56 -0500 iceweasel (2.0.0.10-1) unstable; urgency=low * New upstream release. - Fix the following security issues: CVE-2007-5960, CVE-2007-5959, CVE-2007-5947. (Closes: #451624) [ Mike Hommey ] * layout/build/Makefile.in: Properly get cairo lib dependencies for arch where we build with a libgklayout.so, such as mips. [ Eric Dorland ] * debian/control: - Add Vcs-* headers. - Use binary:Version rather than Source-Version where appropriate. -- Eric Dorland Tue, 27 Nov 2007 03:13:22 -0500 iceweasel (2.0.0.9-2) unstable; urgency=low * configure, configure.in, content/canvas/src/Makefile.in, layout/svg/renderer/src/cairo/Makefile.in, config/static-config.mk, config/autoconf.mk.in: Properly get cairo lib dependencies and don't rely on GTK bringing them, which just don't happen anymore (see #343711). Patch adapted from bz#344818. * debian/rules: Add -l option to dh_shlibdeps call so that private libraries are properly found by newest dpkg-shlibdeps. Also removed useless call to dh_shlibdeps in build-indep target. * debian/control: Build depend on non broken versions of dpkg-dev. (Closes: #452312) -- Mike Hommey Fri, 23 Nov 2007 20:40:22 +0100 iceweasel (2.0.0.9-1) unstable; urgency=low * New upstream release. (Closes: #449195) -- Eric Dorland Sun, 04 Nov 2007 22:53:03 -0500 iceweasel (2.0.0.8-1) unstable; urgency=low * New upstream release. - Fixes the following security issues: CVE-2007-4841, CVE-2007-5338, CVE-2007-5337, CVE-2007-5334, CVE-2007-3511, CVE-2006-2894, CVE-2007-2292, CVE-2007-1095, CVE-2007-5339, CVE-2007-5340. (Closes: #445514, #438873) -- Eric Dorland Sat, 20 Oct 2007 02:04:01 -0400 iceweasel (2.0.0.7-2) unstable; urgency=low * gfx/src/gtk/gtk2drawing.c: Add patch from bz#389801 for gtk problems with gtk 2.12. (Closes: #444149) -- Eric Dorland Thu, 27 Sep 2007 22:26:44 -0400 iceweasel (2.0.0.7-1) unstable; urgency=low * The "pointlessly following upstream" release. * New upstream security release, fixes a Windows only vulnerability. * debian/iceweasel.menu: Drop the Web Browser menu hint in the face of the menu reorg. (Closes: #435106) * debian/debsearch.src: Fix for new packages.debian.org, thanks Hristo Hristov. (Closes: #440826) * debian/wikipedia-en.xml: Update to newer Wikipedia search engine plugin. (Closes: #443465) * debian/iceweasel.NEWS: Remove, it is now quite outdated. (Closes: #434526) * debian/control, debian/iceweasel.postinst: Add dependency on procps, and check if firefox is running before printing the message about restarting. (Closes: #435119) * configure.in, configure: Steal asac's patch to work around visibility issues in gcc 4.2. (Closes: #428282) -- Eric Dorland Mon, 24 Sep 2007 00:07:12 -0400 iceweasel (2.0.0.6-1) unstable; urgency=high * New security/stability upstream release (v2.0.0.6) * MFSA 2007-26 aka CVE-2007-3844 * MFSA 2007-27 aka CVE-2007-3845 * debian/remove.nonfree: Also remove DLLs we don't have source for. -- Mike Hommey Wed, 01 Aug 2007 08:30:37 +0200 iceweasel (2.0.0.5-2) unstable; urgency=high * configure, configure.in: Make sure we won't be bitten by upstream changing libjpeg, libpng or zlib internal version, which makes system library not used even though --with-system-* argument is given to configure. This time, it happened with libpng. * uriloader/exthandler/unix/nsGNOMERegistry.cpp: Remove an include that should have been removed earlier. -- Mike Hommey Sat, 21 Jul 2007 22:15:43 +0200 iceweasel (2.0.0.5-1) unstable; urgency=high [ Mike Hommey ] * New security/stability upstream release (v2.0.0.5) * MFSA 2007-18 aka CVE-2007-3734 (browser), CVE-2007-3735 (Javascript) * MFSA 2007-19 aka CVE-2007-3736 * MFSA 2007-20 aka CVE-2007-3089 * MFSA 2007-21 aka CVE-2007-3737 * MFSA 2007-22 aka CVE-2007-3285 * MFSA 2007-24 aka CVE-2007-3656 * MFSA 2007-25 aka CVE-2007-3738 * config/system-headers, config/Makefile.in: Add system wrapper for hunspell.hxx. (Partially fixes #428282) [ Eric Dorland ] * debian/iceweasel.menu: Change section for the new menu hierarchy. -- Mike Hommey Thu, 19 Jul 2007 23:30:11 +0200 iceweasel (2.0.0.4-1) unstable; urgency=low * New upstream release. (Closes: #427785) * Fixes mfsa-2007-{12-14}, mfsa-2007-{16-17}, also known as CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871. * uriloader/exthandler/unix/nsOSHelperAppService.cpp: Revert our changes that are deprecated by upstream changes. * uriloader/exthandler/unix/nsGNOMERegistry.h: Adapt so that our changes build correctly. * debian/iceweasel.desktop: Add Swedish translation. Thanks Daniel Nylander. (Closes: #420051) * security/manager/ssl/src/nsCertVerificationThread.cpp, security/manager/ssl/src/nsSSLThread.cpp: Avoid some cpu wake ups in PSM. bz#380558 * modules/libpref/src/init/all.js: Set layout.css.dpi to 0 instead of -1. Iceweasel will use system DPI and avoid using huge fonts on systems where DPI < 96. (Closes: #409074) * debian/control: + Build depend on libnspr4-dev and libnss3-dev. + Remove mozilla-firefox* and firefox* transition packages. * debian/mozilla-firefox*, debian/firefox*: Removed. * debian/rules: + Use system nspr and nss. + Don't shlibsign. + Install symlinks for nspr and nss libraries in /usr/lib/iceweasel. * shlibs.local: Force versioned dependencies on libnss because of our use of the libnssckbi.so file under /usr/lib/nss which appeared in version 3.11.5-1. * extensions/reporter/resources/content/reporter/reporterOverlay.xul: Put the "Report Broken Site" item before the about separator. (Closes: #416190) -- Mike Hommey Sat, 09 Jun 2007 08:26:05 +0200 iceweasel (2.0.0.3-2) unstable; urgency=low * debian/README.Debian: ICEWEASEL_DSP default is none, not auto. * debian/copyright: Updated part about removed files. * configure, configure.in, config/autoconf.mk.in, extensions/spellchecker/myspell/src/Makefile.in, extensions/spellchecker/myspell/src/mozMySpell.h: Modified to have system hunspell library used instead of myspell. (Closes: #400621) * debian/rules: Replaced --enable-system-myspell with --enable-system-hunspell. * debian/control: Don't build depend on libmyspell-dev but on correct version of libhunspell-dev. * configure, configure.in: Apply fix from bz#366844 to avoid bashisms and do better checks. -- Mike Hommey Fri, 23 Mar 2007 20:01:19 +0100 iceweasel (2.0.0.3-1) unstable; urgency=low * New upstream release. Fixes mfsa-2007-11. * Cleaned up the orig.tar.gz from non-free files. * debian/remove.nonfree: Added the script used to do the clean-up for documentation purpose. * uriloader/exthandler/unix/nsOSHelperAppService.cpp: Make MIME registry use system mime.types when it doesn't get extensions from the Gnome registry. This will make the helper configuration dialogs work better. * debian/control: + Build Conflict on graphicsmagick-imagemagick-compat to avoid bug #413954. + Bumped Standards-Version to 3.7.2.2. No changes. * debian/iceweasel.install: Don't install iceweasel.png in /usr/share/pixmaps. * debian/rules: Install several icons in the hicolor theme. * debian/iceweasel.links: + Change links for /usr/share/pixmaps/firefox.png and /usr/share/pixmaps/mozilla-firefox.png. + Link some icons in iceweasel directories into the appropriate hicolor directory. + Make /usr/share/pixmaps/iceweasel.png a link to the appropriate hicolor icon. (Closes: #414012) * browser/locales/en-US/searchplugins/answers.xml, browser/locales/en-US/searchplugins/google.xml: Remove firefox branding in search engines. Note the output=firefox is necessary for google suggestions. (Closes: #414933) -- Mike Hommey Wed, 21 Mar 2007 20:29:33 +0100 iceweasel (2.0.0.2+dfsg-3) unstable; urgency=low * debian/iceweasel-runner: Fix the previous fix, so that arguments are not doubled. (Closes: #413162) * debian/Options.png.uu, debian/iceweasel.png.uu, debian/iceweasel48.png.uu, debian/document.png.uu, debian/mozicon128.png.uu, debian/mozicon16.xpm, debian/mozicon50.xpm, debian/default.xpm, debian/iceweasel.xpm: Removed. * debian/iceweasel_icon.svg, debian/iceweasel_logo.svg: Added source SVG files for the logo and the icon, and changed the color of the globe. (Closes: #404882, #408108, #409035) * debian/filter-globe.xsl: Added XSLT stylesheet to filter the globe out of the icon. * debian/about.png.uu, debian/aboutCredits.png.uu: Removed the logo and icon from these, so that they can be used as a base to generate the final PNG images, combined with the proper icon and logo. * debian/control: Added build dependencies on librsvg-bin, xsltproc and imagemagick to generate all appropriate images from the SVG files. * debian/rules: Added rules to generate all the necessary images and clean up generated images. * debian/copyright: Added copyright for the svg files. * debian/homepagereset.js: Custom component to reset the browser homepage if it is set to the old localstart.html page from the mozilla-browser package, which doesn't exist any more. (Closes: #410841) * debian/iceweasel.install: Install the homepagereset component. * browser/base/content/browserconfig.properties: Set home page to about:. * toolkit/content/about.xhtml: Add links to about:bugs and about:README.Debian to the about: page. Also remove the non-link to upstream release notes. * debian/about_debian.js: Custom component to add support for about:README.Debian and about:bugs addresses. * debian/iceweasel.install: Install the about_debian component. * layout/base/nsPresContext.cpp, layout/base/nsPresContext.h: Fix for hang up when switching GTK theme. bz#352096. Thanks Alexander Sack. * debian/iceweasel.install, debian/iceweasel.links: Install the browserconfig.properties file. * debian/rules: Avoid compressing README.Debian for it to be seen in about:README.Debian. * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fixed test on OS_TEST so that hppa stops using the unsupported stubs. * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Update patch for Linux ppc to match those on iceape and xulrunner. * xpcom/typelib/xpidl/xpidl.c: Revert useless patch: xpidl is not installed anymore. * configure, configure.in: + Reverted remainings of an old patch for pango that was reverted in 2.0+dfsg-1. + Update patch for zip check to match that of xulrunner. * layout/generic/nsTextTransformer.h: Avoid freeze/crash when null characters are present in justified text by discarding NULL characters before displaying. bz#366902 I don't like to have the two backends do different things, so we just unconditionally apply the workaround. (Stolen from xulrunner) * xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_m68k.cpp, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_m68k.cpp: Better patch for m68k, from Modified by Roman Zippel. (Stolen from xulrunner) * modules/libjar/nsJAR.h, modules/libjar/nsJAR.cpp: Invalidate cache for a zip file that got modified. It will prevent corruption of the XUL FastLoad cache when upgrade is performed while an instance of the application is running. bz#368428. (Stolen from iceape and xulrunner) * browser/base/content/baseMenuOverlay.xul: Removed "Release Notes" and "Check for Updates" menu items from the Help menu. (Closes: #407508) * debian/control: Added build dependencies on autotools-dev. * debian/rules: Added rules to update config.guess and config.rules at configure time, and remove the changes at clean time. -- Mike Hommey Sun, 4 Mar 2007 22:29:59 +0100 iceweasel (2.0.0.2+dfsg-2) unstable; urgency=low [ Mike Hommey ] * debian/iceweasel-runner: Use of a dummy argument is useless now set -- is being used. Plus, it avoids an ill side effect of now using set --. (Closes: #412344, #412404, #412418, #412585, #412711, #412746, #412876) [ Eric Dorland ] * debian/iceweasel-runner: - Patch from Sam Pennyto fix firefox reference. Clean up wording a bit too. (Closes: #412475) - Don't lose $prev in some cases. Thanks Loic Grenie. -- Eric Dorland Fri, 2 Mar 2007 03:36:58 -0500 iceweasel (2.0.0.2+dfsg-1) unstable; urgency=high * New upstream release. Fixes security vulnerabilities: CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0995, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981. * browser/app/firefox-branding.js: Set app.releaseNotesURL to the correct url for release notes. (Closes: #411226) * debian/iceweasel-runner: Use set -- everywhere. Thanks Loic Grenie. -- Eric Dorland Sun, 25 Feb 2007 06:08:04 -0500 iceweasel (2.0.0.1+dfsg-4) unstable; urgency=low * debian/iceweasel.menu: Add a longtitle. * browser/app/nsBrowserApp.cpp, toolkit/xre/nsXULAppAPI.h, toolkit/xre/nsAppRunner.cpp: Add a new displayName field and set it to "Iceweasel". Use it in a number of places instead of name for display. (Closes: #411493) -- Eric Dorland Tue, 20 Feb 2007 18:33:58 -0500 iceweasel (2.0.0.1+dfsg-3) unstable; urgency=high * debian/README.Debian: Fix typo, thanks Joey "I See All!" Hess. (Closes: #407366) * debian/presubj: Fix embarrassing typos and wording. Thanks Ross Boylan. (Closes: #407726) * debian/iceweasel.1: Mention "aoss" as a dsp wrapper, and fix esd and arts references. Thanks Alain Kalker. (Closes: #407662) * intl/unicharutil/util/nsUnicharUtils.h: Patch from David Mosberger-Tang to fix unaligned access on ia64. * browser/app/nsBrowserApp.cpp: Fix another Firefox reference. Thanks Ben Stewart (Closes: #408883) * browser/app/firefox-branding.js: Set startup.homepage_override_url and startup.homepage_welcome_url to "" to really disable the upgrade page overrides. (Closes: #407533) * debian/control: Call iceweasel-gnome-support a component rather than an extension. Thanks Axel Beckert. (Closes: #409950) * gfx/src/gtk/nsFontMetricsPango.cpp: Patch from bz#335810 to preserve horizontal position in text input fields. (Closes: #409634, 406612) * netwerk/base/src/nsSimpleURI.cpp, netwerk/base/src/nsStandardURL.cpp, netwerk/base/src/nsURLHelper.cpp: Fix for security bug CVE-2007-0981 from bz#370445. (Closes: #411192) -- Eric Dorland Sun, 18 Feb 2007 20:56:27 -0500 iceweasel (2.0.0.1+dfsg-2) unstable; urgency=high [ Eric Dorland ] * debian/rules: Use chmod a-x instead of just -x. (Closes: #404548) * browser/locales/en-US/chrome/browser/credits.dtd, browser/base/content/credits.xhtml: Remove trademark symbol and fix the motto. (Closes: #404945) * debian/control: Remove recommends added into the previous version, libmyspell already has them. * security/nss/lib/freebl/unix_rand.c: #undef DO_NETSTAT instead of just setting it to 0, to really stop it from running netstat. (Closes: #405531) * browser/base/content/browserconfig.properties: Change the default start homepage to http://www.debian.org/. * browser/app/firefox-branding.js: Set "browser.startup.homepage_override.mstone" to "ignore" to prevent annoying Firefox branded firstrun and upgrade pages. (Closes: #404649) * debian/README.Debian: Document why we're now called Iceweasel. (Closes: #399814) * debian/copyright: Indicate that the debian directory is licensed like firefox, under the GPL/LGPL/MPL. (Closes: #406846) [ Mike Hommey ] * debian/iceweasel-runner: Removed bashisms. * debian/README.Debian: Updated information about ICEWEASEL_DSP setting and java plugin. Also replaced Firefox by Iceweasel where appropriate. * debian/iceweasel.links: Removed /usr/{lib|share}/firefox links. (Closes: #404733) -- Eric Dorland Tue, 16 Jan 2007 00:02:34 -0500 iceweasel (2.0.0.1+dfsg-1) unstable; urgency=high [ Eric Dorland ] * New upstream release. Fixes mfsa-2006-{68-73,74,75} also known as CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506, CVE-2006-6507. * directory/c-sdk/ldap/docs/draft-ietf-ldapext-ldap-c-api-05.txt, netwerk/protocol/ftp/doc/rfc959.txt: Removed from the orig.tar.gz because of freeness issues. (Closes: #400339, #393370) * debian/copyright: Update to list the files removed from the upstream tarball. * browser/locales/en-US/updater/updater.ini, browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in, browser/locales/en-US/chrome/overrides/appstrings.properties, browser/components/nsBrowserGlue.js, toolkit/locales/en-US/chrome/mozapps/extensions/extensions.properties: Rename Firefox to Iceweasel. (Closes: #399656, #400721) * browser/locales/en-US/chrome/browser/aboutDialog.dtd, browser/base/content/credits.xhtml: Remove references to Firefox trademarks. * debian/wikipedia-en.xml, debian/wikipedia.gif.uu, debian/wikipedia.src, debian/iceweasel.install, debian/rules: Add new style Wikipedia search plugin and remove old one. * debian/presubj: Fix references to Firefox. (Closes: #399817) * debian/control: - Clearify relationship to Firefox in the Iceweasel description. (Closes: #399678) - Add Recommends on some myspell dictionaries. (Closes: #400622) * debian/iceweasel-dom-inspector.links: Fix mistaken link to /usr/lib/firefox. (Closes: #399631) * browser/locales/en-US/chrome/browser/preferences/advanced.dtd: Fix accelerator key for "Iceweasel". (Closes: #400308) * debian/iceweasel.1: - Fix some incorrect references to Firefox. Thanks Chris Neugebauer. (Closes: #400708) - ICEWEASEL_DSP default is none, not auto. Thanks Rafal Rutkowski. * debian/debsearch.png.uu, debian/debsearch.gif.uu, debian/iceweasel.install, debian/rules: Install a .png version of the debsearch logo, with better transparency. Thanks Daniel Hess. (Closes: #400248) * debian/iceweasel-runner: Fix ICEWEASEL_DSP set from the environment. Thanks Rafal Rutkowski. (Closes: #404356) [ Mike Hommey ] * debian/watch: Updated for non experimental versions. * browser/base/branding/searchconfig.properties: Replaced firefox with iceweasel. * debian/firefox.prerm, debian/firefox.postinst: Removed. (Closes: #402407) * debian/firefox/preinst: Remove old generated files from firefox. * debian/iceweasel-gnome-support.postinst, debian/iceweasel.prerm, debian/iceweasel-gnome-support.prerm: Replaced firefox by iceweasel. * configure, configure.in: Fix OS_TARGET so that it is correctly set to Linux for things that expect this value instead of linux-gnu, such as the extensions manager (Closes: #401987) * debian/iceweasel.preinst: Applied patch from Peter Green to fix some issues with upgrades where doesn't /etc/firefox contain firefox's config files for some reason (Closes: #399670). Also replace FIREFOX with ICEWEASEL in /etc/iceweasel/iceweaselrc. [ Alexander Sack ] * debian/default.xpm, debian/mozicon16.xpm, debian/mozicon50.xpm, debian/iceweasel.png.uu, debian/about.png.uu, debian/mozicon128.png.uu, debian/document.png.uu, debian/iceweasel48.png.uu, debian/Options.png.uu debian/aboutCredits.png.uu: Added unicko iceweasel artwork. * debian/iceweasel.install: installing appropriate artwork files from above to /usr/share/iceweasel/chrome/icons/default and /usr/share/iceweasel/icons/. * debian/rules: uudecoding artwork files from above. Installing appropriate files in build tree in 'build-stamp' and cleaning them up in 'clean' -- Eric Dorland Mon, 25 Dec 2006 15:30:04 -0500 iceweasel (2.0+dfsg-1) unstable; urgency=low * New upstream release. This release dedicated to Mike Connor. [ Eric Dorland ] * Too many renames of firefox to iceweasel to count. * debian/iceweasel.desktop: Remove duplicate pt_BR entries and replace Firefox with Iceweasel. * debian/iceweaselrc: Rename FIREFOX_DSP to ICEWEASEL_DSP. * configure.in: MOZ_APP_DISPLAYNAME=Iceweasel. * config/autoconf.mk.in: Set mozappdir to /usr/lib/iceweasel. * debian/iceweasel.preinst: Copy /etc/firefox into /etc/iceweasel * modules/libpref/src/init/all.js: Use iceweasel.cfg instead of firefox.cfg. * iceweasel.png.uu: Generate iceweasel.png, not firefox.png. * browser/locales/en-US/chrome/branding/brand.properties, browser/locales/en-US/chrome/branding/brand.dtd: Switch Bon Echo to Iceweasel. [ Mike Hommey ] * gfx/src/gtk/mozilla-decoder.cpp, config/autoconf.mk.in: Revert changes for pangocairo support, since we solved the build problem by correctly detecting pangoxft instead. * debian/control: Suggest libkrb53 for kerberos authentication. * modules/libpr0n/build/Makefile.in: Add empty line at the end to avoid useless change to show up in the diff. * security/nss/lib/freebl/unix_rand.c: Stole patch from Ubuntu that adapted the previous changes to the new version of the upstream file. * modules/libpref/src/init/all.js: Stole patch from Ubuntu that changes some default fonts from serif to sans-serif. * debian/rules: + Set distribution id to 'org.debian'. + Force the build to have a "correct" build ID. * browser/components/feeds/src/FeedWriter.js: Patch from bz#343360 to make feed subscription and preview work properly. (Closes: #387639) -- Eric Dorland Mon, 13 Nov 2006 23:18:40 -0500 firefox (2.0~rc1+dfsg-1) experimental; urgency=low [ Eric Dorland ] * New upstream release candidate release. [ Mike Hommey ] * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Revert patch from version 1.5.0.6-5, the problem was configure.in changes not applied in configure, which was already done on this branch anyways. Adapted to not build the ppc_linux code for ppc64, though. * debian/watch: Updated watch file for new version scheme. * config/make-jars.pl: Applied patch from bz#336056 to allow ~ in the destination directory (which is required since we now have a ~ in the main firefox directory name). * gfx/src/ps/nsFontMetricsPS.cpp: Applied patch from Alexander Sack to fix crashes while printing. (Closes: #389724) -- Mike Hommey Sat, 7 Oct 2006 09:23:12 +0200 firefox (1.5.dfsg+1.5.0.7-1) unstable; urgency=high * New upstream release. Urgency high because it fixes security issues. * editor/libeditor/text/nsPlaintextEditor.cpp: Quite likely reverted the OverTheSpot patch, did not feel confident reapplying it with the upstream changes in this file. Please submit an updated patch to get it back. * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Slightly puzzling patch from Andreas Jochens to make firefox compile on ppc64 again. (Closes: #387423) -- Eric Dorland Mon, 18 Sep 2006 01:55:57 -0400 firefox (1.5.dfsg+1.5.0.6-5) unstable; urgency=high * Severity high because we fix an RC bug. * debian/control: Adjust mozilla-firefox-dom-inspector for binNMU safety as well. * debian/firefox.desktop: Patch from Yavor Doganov to add a Bulgarian translation. (Closes: #386988) * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fix slight mistake in Mike's previous patch that misrecognized ppc arches. Thanks Markus for the patch. (Closes: #386367) -- Eric Dorland Wed, 13 Sep 2006 01:45:20 -0400 firefox (1.5.dfsg+1.5.0.6-4) unstable; urgency=high [ Eric Dorland ] * Urgency still high, as we're still trying to get into testing. * debian/firefox.desktop: Patch from Nick Niktaris with Greek translation. (Closes: #384678) * debian/control: Add Suggests on mozplugger. (Closes: #384382) [ Mike Hommey ] * debian/control: Adjust dependencies for binNMU safety. * xpcom/reflect/xptcall/src/md/unix/Makefile.in, configure.in, configure: Use ${host_cpu} instead of uname -m so that firefox can safely build on s390x with a s390 target, and on amd64 with an x86 target. * uriloader/exthandler/unix/nsGNOMERegistry.cpp, uriloader/exthandler/unix/nsGNOMERegistry.h, uriloader/exthandler/unix/nsOSHelperAppService.cpp, uriloader/exthandler/unix/nsMIMEInfoUnix.cpp, uriloader/exthandler/unix/nsMIMEInfoUnix.h: Adapted patch from bz#273524 to make helper applications with parameters work. (Closes: #355511) * debian/watch: Updated. -- Eric Dorland Mon, 4 Sep 2006 23:25:44 -0400 firefox (1.99+2.0b2+dfsg-1) experimental; urgency=low * New upstream beta release. * extensions/inspector/build/src/Makefile.in, extensions/inspector/build/src/inspector.pkg, extensions/inspector/build/src/nsInspectorModule.cpp: Removed, the problem was lying in debian/rules. /me goes hiding under a rock. * layout/inspector/public/Makefile.in: Reverted previous changes. * debian/rules: Don't exclude inspector files when dh_installing the firefox package. We need the inspector.xpt file from the components directory. The files for the dom-inspector package are already excluded from the firefox.install file anyway. * debian/firefox-dom-inspector.install, debian/firefox-dom-inspector.links: Simplified. * debian/control: + Turn firefox-dom-inspector into an arch: all package, since the binary component has been merged into the firefox binary. + Adjust dependencies for binNMU safety. * xpcom/reflect/xptcall/src/md/unix/Makefile.in, configure.in, configure: Use ${host_cpu} instead of uname -m so that firefox can safely build on s390x with a s390 target, and on amd64 with an x86 target. * uriloader/exthandler/unix/nsGNOMERegistry.cpp, uriloader/exthandler/unix/nsGNOMERegistry.h, uriloader/exthandler/unix/nsOSHelperAppService.cpp, uriloader/exthandler/unix/nsMIMEInfoUnix.cpp, uriloader/exthandler/unix/nsMIMEInfoUnix.h: Adapted patch from bz#273524 to make helper applications with parameters work. (Closes: #355511) * debian/copyright: Adjusted with updated information for firefox 2.0, which is now properly tri-licensed \o/. (Closes: #330295) * debian/rules: Install the MPL file taken from the upstream LICENSE file. * debian/watch: Updated. -- Mike Hommey Fri, 1 Sep 2006 08:36:26 +0200 firefox (1.5.dfsg+1.5.0.6-3) unstable; urgency=low * browser/app/Makefile.in: Workaround to force link the xpcom library to the firefox binary despite -Wl,--as-needed in the LDFLAGS. (Closes: #378667) * debian/firefox.install: Don't install xpt_link, xpt_dump, xpidl, xpicleanup, xpcshell nor regxpcom. They are of no use to firefox users and are provided with xulrunner anyway. (Closes: #362190) -- Mike Hommey Sun, 20 Aug 2006 19:49:25 +0200 firefox (1.5.dfsg+1.5.0.6-2) unstable; urgency=low * debian/firefox.desktop: - Polish translation from Ian Jackson by way of an Ubuntu user. (Closes: #382079) - Patch from Ian Jackson to stop claiming dav:// URLs when firefox doesn't understand them. (Closes: #382080) * editor/libeditor/text/nsPlaintextEditor.cpp: Apply patch from bz#271815 to fix OverTheSpot mode used by many Asian language input modules. (Closes: #379935) -- Eric Dorland Tue, 15 Aug 2006 00:09:55 -0400 firefox (1.5.dfsg+1.5.0.6-1) unstable; urgency=low * New upstream release. -- Eric Dorland Thu, 3 Aug 2006 13:17:45 -0400 firefox (1.5.dfsg+1.5.0.5-1) unstable; urgency=high [ Eric Dorland ] * New upstream release. Urgency high because it fixes MFSA 2006-44 to MFSA 2006-56 excluiding MFSA-2006-49. (Closes: #380463) [ Mike Hommey ] * debian/firefox.prerm: Remove /usr/lib/firefox/.autoreg instead of /var/lib/firefox/.autoreg. * browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in: Removed very old and now useless changes. * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_alpha.cpp: Removed useless new line that showed up in the diff.gz. -- Eric Dorland Sun, 30 Jul 2006 17:08:38 -0400 firefox (1.99+2.0b1+dfsg-1) experimental; urgency=low * New upstream beta targetted at experimental: - Much better search plugins handling. They can be added and removed at will, and even better, system-wise search plugins can be ignored at the profile level. (Closes: #352195, #320957, #296425, #308005) * browser/components/shell/src/Makefile.in: Correctly install the setDefaultBrowser component. * config/rules.mk: Don't install extensions in the chrome. * debian/firefox.links: Link /usr/lib/firefox/dictionaries to /usr/share/myspell/dicts. * config/autoconf.mk.in, configure, configure.in: Add the --enable-system-myspell argument to configure to use the system myspell library. * extensions/spellcheck/myspell/src/Makefile.in: Use the system myspell library when asked to. * debian/rules: - Add --enable-system-myspell to configure call. - Do shlibsign libfreebl's (there can be several depending on the arch). * debian/control: Add libmyspell-dev to build dependencies. * browser/components/microsummaries/src/Makefile.in, config/Makefile.in: Add rules so that make clean cleans everything. * allmakefiles.sh: Removed references to nonexisting Makefiles in extensions/xmlextras/base. * configure, configure.in: Apply patches from bz#334866, bz#319012 and bz#335949 + fixups to workaround gcc visibility hidden bugs, especially #331460 (an instance of which is actually still present in C++, see gcc#26905). * extensions/inspector/build/src/Makefile.in, extensions/inspector/build/src/inspector.pkg, extensions/inspector/build/src/nsInspectorModule.cpp: Added missing files for the DOM Inspector component. * extensions/inspector/build/src/Makefile.in, layout/inspector/public/Makefile.in: Adapted so that the DOM Inspector component would build correctly and the xpt would be installed in the extensions directory. * extensions/reporter/Makefile.in: Install missing reporter's preference. -- Mike Hommey Fri, 21 Jul 2006 07:05:25 +0200 firefox (1.5.dfsg+1.5.0.4-3) unstable; urgency=low [ Eric Dorland ] * debian/control: - Fix silly typo of binutils. (Closes: #378582) - Standards-Version to 3.7.2.1. [ Mike Hommey ] * debian/rules: - Use a specific LD_LIBRARY_PATH at link time so that we don't need to link against indirect dependencies. (Closes: #378378) - Run shlibsign after the files are stripped so that it is accurate and FIPS mode can correctly work. - Removed old commented out OPTFLAGS that were kept in case gcc 4.0 did no better than gcc 3.x. - Removed old exported variables that are useless nowadays. - Removed dh_strip call in binary-indep. Who wants to strip arch-independant files ;) * debian/presubj: Added notes about plugins and crash reports. * security/manager/Makefile.in, security/nss/cmd/shlibsign/Makefile: Don't build nor install the .chk files but still build shlibsign. * debian/firefox.install: Don't install .chk files since we generate them after dh_strip. * security/nss/cmd/shlibsign/manifest.mn: Don't build in shlibsign/mangle. It doesn't build anyway. -- Eric Dorland Wed, 19 Jul 2006 23:56:22 -0400 firefox (1.5.dfsg+1.5.0.4-2) unstable; urgency=low [ Eric Dorland ] * netwerk/base/public/security-prefs.js: Disable SSLv2 by default. I thought the weak cipher warning took care of this. (Closes: #371153) * debian/firefox-runner: Simplify the dsp autodetection and add aoss to the roster. (Closes: #372848) * firefox-restart-required.update-notifier, firefox.postinst, firefox.install: Add update-notifier to indicate that firefox needs to be restarted on upgrade. Based on Ian Jackson's patch, but reworked a little. Also with a bad French translation. Translators, assemble! (Closes: #365865) * config/rules.mk, debian/control: Apply patch from Thiemo Seufer to remove mips -xgot hack and build depend on the appropriate binutils on mips and mipsel. (Closes: #374372) * debian/presubj, debian/README.Debian: Add a bit more information about disabling Pango, which often seems to be the source of problems. * debian/firefox-runner: - Print out MOZ_NO_REMOTE in verbose mode. - Fix some unreachable logic, Thanks Daniel Jacobowitz. [ Mike Hommey ] * debian/rules: - Fix for Gecko date extraction from client.mk. - Disabled strict aliasing from optimized builds. - Added -Wl,--as-needed to the LDFLAGS, so that we don't get indirect libraries linked. * config/static-config.mk: Add MOZ_XFT_LIBS to STATIC_EXTRA_LIBS. It used to get linked as a side effect of linking to indirect libraries, but should be linked directly since Xft symbols are used. * debian/firefox-restart-required.update-notifier: Fixed the french translation. ;) * content/html/content/src/nsGenericHTMLElement.cpp, content/html/content/src/nsHTMLInputElement.cpp, dom/src/base/nsGlobalWindow.cpp: Fixed crasher and potential crashers. Reported bz#343953. -- Eric Dorland Sun, 9 Jul 2006 02:37:28 -0400 firefox (1.5.dfsg+1.5.0.4-1) unstable; urgency=low * The "Post-DebConf Hangover" release. [ Eric Dorland ] * New upstream release. Fixes various security issues. MFSA 2006-31 to MFSA 2006-43, excluding MFSA 2006-40. * debian/control: - Standards-Version to 3.7.2.0. - Set priority of -dbg to extra and Section to devel. * gfx/src/gtk/nsFontMetricsPango.cpp, intl/lwbrk/src/nsJISx4501LineBreaker.cpp, intl/unicharutil/util/nsUnicharUtils.h, intl/unicharutil/util/nsUnicharUtils.cpp, layout/generic/nsTextFrame.cpp: Patch from Jurij Smakov (from bz#161826) to fix alignment issues on sparc64. (Closes: #354725) [ Mike Hommey ] * Applied distclean patch from xulrunner (in debian/patches/01_distclean.dpatch), except for the javaxpcom stuff we don't build anyway. * browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}, config/static-rules.mk: More cleaning for firefox. * nsprpub/configure: Apply change to nsprpub/configure.in. (Closes: #350616) * gfx/src/gtk/nsFontMetricsPango.cpp: Some more changes so that it actually builds without errors, and use PR_Malloc and PR_Free instead of malloc and free. -- Eric Dorland Fri, 2 Jun 2006 12:13:18 -0400 firefox (1.5.dfsg+1.5.0.3-2) unstable; urgency=low * debian/firefox.desktop: Add spanish translation, just in time for DebConf 6! Thanks Ian Jackson. (Closes: #365870) * debian/firefox-runner: Actually apply the patch from Morita Sho in #364566. I'm a moron. (Closes: #365956, #365960) * debian/control: Standards-Version to 3.7.1.0. Go policy team! -- Eric Dorland Thu, 4 May 2006 01:38:18 -0400 firefox (1.5.dfsg+1.5.0.3-1) unstable; urgency=critical * The "secure enough for ya!" release. * New upstream release. Contains security fixes, hence severity critical. - Fixes CVE-2006-1993 aka MFSA 2006-30. (Closes: #364810) [ Mike Hommey ] * security/manager/Makefile.in, debian/firefox.install: Build and install the .chk file again. That will make the FIPS mode work again. * debian/control: Bumped Standards-Version to 3.7.0.0. No changes. * debian/rules: Fix the navigator.ProductSub value for dumb scripts. Closes: #364640, #365099. We now use the date of the client.mk file, which is likely to be the closest value to the release date, instead of useless build date. Add the debian version after the firefox version string. * debian/rules: Use dpkg-architecture to find out the host and build that we want to pass to the configure script. (Closes: #365738) [ Eric Dorland ] * debian/firefox-runner: - Quote the APPLICATION_ID variable to handle profiles with a space in the name. Inspired by Morita Sho's patch. (Closes: #364566) - echo MOZ_DISABLE_PANGO on verbose. * debian/rules: It's baaaackkk. Reenable xprint. -- Eric Dorland Wed, 3 May 2006 00:32:49 -0400 firefox (1.5.dfsg+1.5.0.2-3) unstable; urgency=low * debian/rules, debian/control: Build the -dbg package again. * debian/firefox.1: Fix some incorrect references to mozilla. Thanks Loïc Minier. (Closes: #364101) * debian/firefox-runner: Patch from Mikhail Gusarov to be able to use Network Audio Server's dsp wrapper. (Closes: #363124) * debian/firefox.install: Fix screwed up path to firefox.xpm. (Closes: #364359) * debian/README.Debian: Document that firefox doesn't allow connections on certain ports. Thanks W. Borgert. (Closes: #362785) -- Eric Dorland Sun, 23 Apr 2006 22:41:15 -0400 firefox (1.5.dfsg+1.5.0.2-2) unstable; urgency=critical * The "ftp-master's aren't my friends today" release. * debian/rules, debian/control: Don't build the -dbg package for now, to get around NEW queue processing. -- Eric Dorland Thu, 20 Apr 2006 22:33:18 -0400 firefox (1.5.dfsg+1.5.0.2-1) unstable; urgency=critical [ Eric Dorland ] * New upstream release. Contains security fixes, hence severity critical. - Fixes the following vulnerabilites (Thanks Alexander Sack for compiling the list): CVE-2006-1724, CVE-2006-0884, CVE-2006-1730, CVE-2006-1729, CVE-2006-1728, CVE-2006-1727, CVE-2006-1045, CVE-2006-0748, CVE-2006-1726, CVE-2006-1725, CVE-2005-2353. (Closes: #362656) * debian/firefox-runner: Patch from Paul Collins to fix some lingering ProfileManager launch issues. (Closes: #356250) * browser/components/preferences/privacy.xul, browser/locales/en-US/chrome/browser/preferences/preferences.dtd: Patch from Ian Jackson to make the preferences window bigger for people with high rez displays. His changelog entry reads: * Make Preferences window not chop off various elements: - specify a width of 50em instead of 42em - do not specify a height - add another to the bottom of privacy.xul's prefpane. I have no idea why this is necessary :-(. Malone 36985. * configure.in, configure: Small typo in configure.in that wasn't setting TARGET_XPCOM_ABI properly and breaking binary extensions on some arches. (Closes: #359228) [ Mike Hommey ] * debian/rules: Disable elf-dynstr-gc, which is pretty useless nowadays. * security/coreconf/rules.mk: Fix perl code that got broken by newer make. Taken from bz#325148. * browser/app/Makefile.in: Apply patch from bz#314927 to install default.xpm in the correct place. * debian/rules, debian/firefox.dirs, debian/firefox.install: Updated to fit this change. * security/coreconf/rules.mk: Force use of the -g flag in the CFLAGS. -- Eric Dorland Sun, 16 Apr 2006 18:40:02 -0400 firefox (1.5.dfsg+1.5.0.1-5) unstable; urgency=low [ Mike Hommey ] * debian/rules: - Add -g to the build flags when building with DEB_BUILD_OPTIONS=nostrip. If we ask for nostrip, we want the debugging symbols, right? ;) - Changed the way we identificate ourselves in vendor.js. * layout/build/Makefile.in, layout/build/nsLayoutModule.cpp: Remove useless useragent setter at startup so that general.useragent.product and general.useragent.productSub set in our vendor.js preference file work at startup time. * security/coreconf/Linux.mk: - Patch from Martin Michlmayr for mips64 builds. - Don't use x86 as CPU_ARCH when building on an unsupported architecture. * security/manager/Makefile.in, security/nss/lib/ckfw/builtins/Makefile, security/nss/lib/manifest.mn: Don't build the stuff we don't need, and dynamically link libnssckbi to both libplc4 and libplds4 instead of linking statically. * debian/firefox.postinst, debian/firefox.prerm, debian/firefox-gnome-support.postinst, debian/firefox-gnome-support.prerm: Touch a .autoreg file at configure time, or removal of gnome-support and remove it with the package. This will trigger autoregistration of the components if the compreg.dat and xpti.dat files are older than the .autoreg file. We used to remove compatibility.ini for that reason, but stopped doing that because firefox was supposed to do that correctly, which actually only correctly works on new upstream versions, not new debian revisions, or installation of gnome-support. * xpfe/components/killAll/Makefile.in: Correctly install the killAll component. [ Eric Dorland ] * debian/control: - Set Section of firefox-gnome-support and mozilla-firefox-gnome-support to gnome. - Standards-Version to 3.6.2.2. - debhelper build-dep to >= 5.0. - Add firefox-dbg package. * debian/compat: Set to 5. * debian/rules: - Remove silly CVS tarball cleanup target. - Add arch-independant debhelper calls, and make other debhelper calls arch-dependent. - Add --dbg-package=firefox-dbg to dh_strip call. - Always build with the -g flag. (Based on a change Mike made) - Patch from Andreas Jochens to use -mminimal-toc when building on ppc64. (Closes: #361035) - Use --disable-strip, --disable-strip-libs in configure parameters. Thanks Ian Jackson. - Use .upstream instead of .orig to make it more clear and not confuse the clean target. Thanks Ian Jackson. (Closes: #362186) - Disable xprint support for now, while the Xorg 7 transition sorts itself out. Should be reenabled next release. * debian/firefox.xpm: Add more Debian compliant menu icon. * debian/firefox.install, debian/rules: Install new Debian compliant icon. * debian/firefox.desktop: Add StartupNotify=true for pretty waiting cursor. Thanks Sven Arvidsson. (Closes: #361527) * debian/firefox-dom-inspector.preinst, debian/firefox-dom-inspector.links, debian/firefox-dom-inspector.install: Install non-architecture specific bits of the inspector into /usr/share/firefox. * debian/firefoxrc: Disable the dsp wrapper by default. esddsp is just too buggy to allow this to continue. May reenable later if they clean up their act. Leaving the bugs open for now. * debian/firefox.NEWS: - Document the dsp wrapper changes. - Remove old mozilla-firefox entries. * debian/firefox.1: Fix typo of firefox, thanks Andrew Rendle. (Closes: #362413) * debian/firefox.install: We don't get .chk files anymore for some reason. -- Eric Dorland Fri, 14 Apr 2006 15:52:41 -0400 firefox (1.5.dfsg+1.5.0.1-4) unstable; urgency=low [ Mike Hommey ] * debian/firefox-runner, debian/firefox.1: Patch from Ian Jackson to make -P, -CreateProfile and -ProfileManager options correctly work again, and improve the manual page. (Closes: #356250) * debian/firefox.desktop: - Fix trivial syntax problems. (Closes: #356263) - Added Japanese and Korean translations. * debian/firefox.dirs: Removed remainings of the time when we had a file in /usr/sbin. (Closes: #356268) * debian/firefox-gnome-support.prerm, debian/firefox-gnome-support.postinst: Removed bashisms. (Closes: #349946) * debian/README.Debian: - Replaced the bug reporting information by an invitation to read /usr/share/bug/firefox/presubj. (Closes: #356269) - Changed the heading to "Firefox for Debian". [ Eric Dorland ] * debian/firefox-gnome-support.postinst, debian/firefox-gnome-support.prerm: Add forgotten #DEBHELPER# token. -- Eric Dorland Sun, 12 Mar 2006 21:34:14 -0500 firefox (1.5.dfsg+1.5.0.1-3) unstable; urgency=low [ Eric Dorland ] * debian/control: Use strict dependencies for the transition packages, no reason a transition package should be upgraded before the real package. * debian/README.Debian: Fix all references to /etc/mozilla-firefox/mozilla-firefoxrc. (Closes: #351956) * debian/firefox.desktop: Patch from Ian Jackson to add more translations and more inline with the GNOME HIG. (Closes: #351807) * widget/src/gtk2/nsWindow.cpp: Apply new ignore extended mouse buttons patch from Peter Colberg (Closes: #351972) * debian/firefox.1: Lower case first letter of -ContentLocale. * debian/firefox.1, debian/firefox-runner: Add -no-remote switch to turn on MOZ_NO_REMOTE. Use it for profile related commands as well. (Closes: #351717, #344849) * wikipedia.gif.uu, wikipedia.src, rules, firefox.install: Patch from Ian Jackson to add wikipedia search engine. (Closes: #354107) [ Mike Hommey ] * modules/libpref/src/init/all.js: Set default fonts for all languages to serif, sans-serif and monospace. It might solve a lot of fonts problems. * config/config.mk, config/make-jars.pl, configure.in, security/nss/lib/fortcrypt/swfort/pkcs11/config.mk, extensions/inspector/Makefile.in: Allow building without zip when building flat chrome. * configure: Ran autoconf accordingly to changes in configure.in. * debian/control: Removed build dependency on zip. * debian/rules: Build flat chrome. * debian/firefox.install: Changed wildcards accordingly. * config/rules.mk: + Don't build chromelist.txt files. + Fixed "jar" build so that inspector files don't get duplicated in the extension directory. -- Eric Dorland Sun, 26 Feb 2006 11:45:15 -0500 firefox (1.5.dfsg+1.5.0.1-2) unstable; urgency=low [ Mike Hommey ] * debian/firefox-runner: export MOZ_DISABLE_PANGO. (Closes: #351959) * debian/README.Debian: changed reference to the rc file in /etc. (Closes: #351956) [ Eric Dorland ] * debian/firefox.preinst: Fix {}'s bashism. Thanks Jeff King. (Closes: #351811) * modules/libpref/src/init/all.js: Make print.postscript.print_command space-safe. Thanks Ian Jackson. (Closes: #351809) * debian/firefox-runner: Don't completely override $MOZ_PLUGIN_PATH. Thanks Ian Jackson. (Closes: #351806) -- Eric Dorland Thu, 9 Feb 2006 01:23:35 -0500 firefox (1.5.dfsg+1.5.0.1-1) unstable; urgency=low * The "those Ubuntu guys are great after all" release. * New upstream release. (Closes: #351442) [ Mike Hommey ] * debian/presubj: Added indications to try to reproduce without extensions before actually filing a bug, and a hint to the safe mode. * debian/firefox.install: added the reporter chrome files. (Closes: #344888) * widget/src/gtk2/nsWindow.cpp: Revert additional stale patch for extended mouse buttons support. * debian/firefox.postinst, debian/firefox.prerm: unbashified. (Closes: #349946) * debian/control, debian/firefox-gnome-support.postinst, debian/firefox-gnome-support.prerm: Let the firefox-gnome-support package provide gnome-www-browser and handle a gnome-www-browser alternative. Thanks Loïc Minier. (Closes: #350788) * debian/firefox-runner: Enable Pango support by default. The MOZ_ENABLE_PANGO environment variable is now useless. (Closes: #338716) * debian/README.Debian: Change the paragraph about Pango to hint about the MOZ_DISABLE_PANGO variable. [ Eric Dorland ] * content/events/src/nsEventStateManager.cpp, modules/libpref/src/init/all.js, widget/public/nsGUIEvent.h: Apply patch from Ian Jackson to revert a stale patch for multiple mouse button support that was fixed in a different way in 1.5 (Closes: #348375) * debian/firefox.preinst: Check md5sum's of old conffiles before cp'ing them on upgrade. This won't stop all unnecessary conffile prompting in all situations (especially from really old versions), but should definitely should work for upgrading from testing or stable. (Closes: #345112) * debian/firefox.install: - Remove run-mozilla.sh. (Closes: #348902) - Reorganize things a bit. - Move profile into /etc/firefox here, instead of in the rules file. * debian/firefox.install, debian/firefox.preinst, debian/firefox.links, debian/firefox.dirs, debian/rules: Move chrome, defaults, greprefs into /usr/share/firefox for more FHS goodnesss. * debian/firefox.1: Document -new-tab and -new-window options, and remove deprecated -remote option. (Closes: #348699) * debian/firefox-runner: Apply patch to properly URL escape local files. Thanks Morita Sho. (Closes: #348451) * browser/app/profile/firefox.js: - Reallow 40-bit ciphers, since now firefox warns people who use them. (Closes: #349624) - Enable bidi UI elements for our bi-directional friends. (Closes: #348069) * debian/rules: Remove glob pattern from dh_install invocation. Thanks Ian Jackson. (Closes: #350571) * browser/base/content/aboutDialog.xul: Fix spurious scrollbar in the about dialog box. Thanks Ian Jackson. (Closes: #350608) * js/src/fdlibm/fdlibm.h: Patch to fix little endianess of mipsel. Thanks Ian Jackson and Thiemo Seufer. (Closes: #350621) * browser/base/content/search.xml: Patch from Ian Jackson to remove misleading Clear option from search box context menu. (Closes: #350611) * debian/watch: Fix regex to actually find the upstream tarballs. * modules/libpref/src/init/all.js: Cope better with printers with spaces in the name. Thanks Ian Jackson. * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Take patch from bz#235336 as suggested by Ian Jackson to allow password manager to work with sites that only have a password field, no username. -- Eric Dorland Mon, 6 Feb 2006 23:10:29 -0500 firefox (1.5.dfsg-4) unstable; urgency=low [ Eric Dorland ] * debian/control, debian/rules: - Remove Kerberos options, it is now loaded dynamically. - Use /usr/share/firefox now for finding default.xpm. * debian/firefox.install, debian/firefox.links, debian/firefox.preinst: Start moving some clearly non-arch specific things (/usr/lib/firefox/searchplugins, /usr/lib/firefox/icons, /usr/lib/firefox/res) out of /usr/lib/firefox and into /usr/share/firefox to make things more FHS friendly. Can't believe no one ever called me on this before. * toolkit/components/remote/nsGTKRemoteService.cpp, widget/src/xremoteclient/XRemoteClient.cpp: Apply patch from bz#312154 to fix remote interface on PPC (and probably other arches). (Closes: #343913) * xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_m68k.cpp: Patch from Zack Weinberg to fix FTBFS on m68k. (Closes: #343687) * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_arm.cpp: Patch from Antti P Miettinen to fix small optimization problem with newer gcc's (Closes: #344846) [ Mike Hommey ] * debian/firefox-runner: Cleaned up now useless variables. -- Eric Dorland Tue, 10 Jan 2006 10:11:34 -0500 firefox (1.5.dfsg-3) unstable; urgency=low * debian/control: - Need explicit build dependency on gtk >= 2.8. - Upgrade Standards-Version to 3.6.2.1. No changes. - Add compatibility packages for mozilla-firefox-dom-inspector and mozilla-firefox-gnome-support and make all the upgrade packages Architecture: all. (Closes: #343879, #344379) * debian/watch: Add watch file. * debian/about.png.uu: Add uuencoded version of previous about box graphic. * debian/rules: uudecode and install the about.png into the right location. * debian/firefox-runner: Add MOZ_PLUGIN_PATH to include plugins at the old location for now. (Closes: #344085, #341682) * widget/src/gtk2/nsWindow.cpp: Patch from bz#305970 to fix broken contextual menu on Save File As. (Closes: #344430) * config/mkdepend/imakemdep.h, security/nss/lib/pki1/pki1.h: Remove some patches that are now useless (suggested by Mike Hommey). * mailnews/extensions/palmsync/palm.html, browser/themes/pinstripe/browser/browser.css, gfx/src/mac/nsNativeThemeMac.h, directory/c-sdk/ldap/docs/draft-ietf-ldapext-ldap-c-api-05.txt, layout/html/tests/table/bugs/bug123862.html, layout/html/tests/table/bugs/bug119786.html, layout/html/tests/table/bugs/bug101759.html, layout/html/tests/table/bugs/bug14489.html, layout/html/tests/table/bugs/bug222846.html, layout/html/tests/block/bugs/155333-1.html, layout/html/tests/block/bugs/185411-2.html, layout/html/tests/block/bugs/13599.html, layout/html/tests/block/bugs/53960.html, layout/html/tests/block/bugs/155333-2.html, layout/html/tests/block/bugs/38157-a.html, layout/html/tests/block/bugs/38157-b.html, layout/html/tests/block/bugs/46918.html, layout/html/tests/block/printing/145305-11.html, layout/html/tests/block/printing/145305-21.html, layout/html/tests/block/printing/145305-13.html, layout/html/tests/block/printing/145305-17.html, layout/html/tests/block/printing/145305-19.html, layout/html/tests/block/printing/145305-4.html, layout/html/tests/block/printing/127145-1.html, layout/html/tests/block/printing/145305-3.html, layout/html/tests/block/printing/145305-7.html, layout/html/tests/block/printing/145305-9.html, layout/html/tests/frameset/core/r3.html, layout/html/tests/frameset/core/r4.html, layout/html/tests/frameset/core/blank2.html, xpinstall/packager/stage_mfcembed.pl, xpinstall/packager/stage_gre.pl, embedding/qa/testembed/Tests.cpp, embedding/qa/testembed/nsihttpchanneltests.cpp, embedding/qa/testembed/BrowserImpl.cpp, embedding/qa/testembed/Tests.h, embedding/qa/testembed/QaUtils.cpp, embedding/qa/testembed/resource.h, embedding/qa/testembed/DomWindow.cpp, embedding/qa/testembed/QaUtils.h, build/unix/abs2rel.pl, xpfe/bootstrap/icons/windows/readme.txt, security/nss/cmd/ssltap/ssltap-manual.html: Fix mess my subversion repository made of line endings. This should reduce the size of the diff.gz dramatically. -- Eric Dorland Sat, 24 Dec 2005 03:23:02 -0500 firefox (1.5.dfsg-2) unstable; urgency=low * browser/locales/en-US/chrome/branding/brand.dtd, browser/locales/en-US/chrome/branding/brand.properties: Change brand name from Deer Park to Firefox. About box graphic still needs to be fixed. *grumble* *grumble* (Closes: #343704) -- Eric Dorland Sat, 17 Dec 2005 13:45:14 -0500 firefox (1.5.dfsg-1) unstable; urgency=low * New upstream release. No actual code changes from RC3. Took the opportunity to completely empty the /other-licenses directory of the upstream tarball. * configure, configure.in: Change MOZ_APP_DISPLAYNAME to Firefox, so we can be called Firefox without using --enable-official-branding. *grumble* * config/autoconf.mk.in, gfx/src/gtk/mozilla-decoder.cpp, configure.in: Apply patch from bz#305185 to fix problems building against gtk+ 2.8. * debian/control: - Build-Depend on libfreetype6-dev since we do link against it directly. - Add mozilla-firefox package for easy transition. - Conflict against older mozilla-firefox packages. * debian/firefox-runner: - Fix typo. (Closes: #341113) - Check /usr/lib/mozilla-firefox/plugins for plugins too for the time being. (Closes: #341682) * debian/firefox-dom-inspector.preinst: Remove, not needed since the name change. * debian/firefox.preinst: - Remove old upgrade code. - Move old mozilla-firefox configs into place on install. * debian/mozilla-firefox.preinst: Move upgrade code in here. Remove mozilla-firefox alternative. * debian/mozilla-firefox.postrm: Remove /etc/mozilla-firefox on purge. * Some patches missed when merging from Mike Hommey: * browser/locales/en-US/searchplugins/answers.src: Change updateDays to 0. * config/mkdepend/imakemdep.h: Define for amd64. * configure, configure.in: Visibility patch for recent gcc's. (Closes: #341766) * modules/libpref/src/nsPrefService.cpp: Patch to load preferences from defaults/syspref. * content/events/src/nsEventStateManager.cpp: Extended mouse events patch. * gfx/idl/nsIFreeType2.idl, gfx/src/freetype/nsFreeType.cpp, gfx/src/freetype/nsFreeType.h, gfx/src/ps/nsFontMetricsPS.h, gfx/src/x11shared/nsFontFreeType.cpp, gfx/src/x11shared/nsFontFreeType.h, layout/svg/renderer/src/libart/nsSVGLibartGlyphMetricsFT.cpp: Patch to use new freetype API. -- Eric Dorland Fri, 16 Dec 2005 11:37:23 -0500 firefox (1.4.99+1.5rc3.dfsg-2) unstable; urgency=low * The "Grand Renaming" release. Thanks to Mike Hommey for sherperding the 1.5 series through experimental. Now it's my turn to muck it up. A transition packages will be in the next release. * debian/mozilla-firefox*: Rename to firefox*. * debian/firefox.install, debian/firefox-dom-inspector.install, debian/firefox-gnome-support.install, debian/firefox-runner, firefox-xremote-client, firefox.1, firefox.desktop, firefox.dirs, debian/firefox.js, debian/firefox.links, debian/firefox.manpages, debian/firefox.menu, debian/firefox.mime, debian/firefox.postinst, debian/firefox.prerm, debian/firefox.png.uu, debian/README.Debian, debian/control, debian/rules: Search/Replace mozilla-firefox -> firefox where appropriate. * debian/firefox.links: Link old icon name to new. * debian/README.Debian: Fix path to .mozilla/firefox/rc. (Closes: #335433) * config/autoconf.mk.in: Set mozappdir to /usr/lib/firefox. -- Eric Dorland Sun, 27 Nov 2005 20:03:02 -0500 mozilla-firefox (1.4.99+1.5rc3.dfsg-1) experimental; urgency=low * New upstream 1.5 preview release. Release Candidate 3. * debian/mozilla-firefox-runner: Removed the ping stuff, it's now done by firefox itself. -- Mike Hommey Fri, 18 Nov 2005 07:24:05 +0100 mozilla-firefox (1.4.99+1.5rc2.dfsg-1) experimental; urgency=low * New upstream 1.5 preview release. Release Candidate 2. * xpcom/typelib/xpidl/xpidl.c: Fix crash when no file is given on the command line (Closes: #323639). Also fix the error message about extra arguments given showing before the crash. * configure.in, configure: Work around dash's bug #337294 so that we can build fine when sh is dash (Closes: #211010, #256384). * debian/mozilla-firefox-runner: - Removed the code to detect the JVM and set LD_ASSUME_KERNEL=2.2.5 for b0rked 1.3 JVMs: it's been a long time they've not been ABI compatible. - Removed setting of MOZILLA_FIVE_HOME. We already have a default one built-in. - Removed /usr/lib/mozilla/plugins from EXTENT_LD_LIB_PATH, since we never get the plugins from there. - Removed cleanup of the profile. It is correctly done by firefox, now. -- Mike Hommey Fri, 11 Nov 2005 08:07:05 +0100 mozilla-firefox (1.4.99+1.5rc1.dfsg-1) experimental; urgency=low * New upstream 1.5 preview release. Release Candidate 1. * debian/mozilla-firefox.install: Don't install /usr/lib/mozilla-firefox/extensions/reporter@mozilla.org, it got moved in the chrome. -- Mike Hommey Tue, 1 Nov 2005 22:01:15 +0100 mozilla-firefox (1.4.99+1.5beta2.dfsg-1) experimental; urgency=low * build/unix/run-mozilla.sh, netwerk/base/src/nsStandardURL.cpp: Reverted debian changes: they got applied upstream. * configure: Applied configure.in changes by hand. * debian/rules: Disabled both the installer and the updater, we don't need them. -- Mike Hommey Fri, 7 Oct 2005 15:06:05 +0200 mozilla-firefox (1.4.99+1.5beta1.dfsg-5) experimental; urgency=low * debian/control: Bumped Standards-Version to 3.6.2. * nsprpub/configure.in: Reverted changed. * configure.in: Use -fvisibility=hidden in all cases. There is another bug in gcc that makes it generate position dependent code when using the system wrappers. * configure, nsprpub/configure: Applied configure.in changes with autoconf2.13. * debian/rules: Put back the /usr/share/pixmaps/mozilla-firefox.xpm file. -- Mike Hommey Mon, 3 Oct 2005 18:46:50 +0200 mozilla-firefox (1.4.99+1.5beta1.dfsg-4) experimental; urgency=low * xpcom/typelib/xpt/src/Makefile.in: Reverted changes. * configure.in, nsprpub/configure.in: Added a detection of the gcc bug about visibility for builtins, and use -fvisibility=hidden instead of the system wrappers in case the bug is found. * configure, nsprpub/configure: Applied configure.in changes with autoconf2.13. (Really closes: #329642) -- Mike Hommey Tue, 27 Sep 2005 20:16:34 +0200 mozilla-firefox (1.4.99+1.5beta1.dfsg-3) experimental; urgency=low * Sync with unstable branch. * xpcom/typelib/xpt/src/Makefile.in: disable visibility stuff for ppc, as a workaround for FTBFS. (Closes: #329642) -- Mike Hommey Mon, 26 Sep 2005 18:35:11 +0200 mozilla-firefox (1.0.7-1) unstable; urgency=high * New upstream release. Contains fixes for various security issues. * debian/mozilla-firefox-runner: Remove /usr/lib from LD_LIBRARY_PATH. (Closes: #321789) -- Eric Dorland Thu, 22 Sep 2005 01:23:10 -0400 mozilla-firefox (1.4.99+1.5beta1.dfsg-2) experimental; urgency=low * debian/rules: enabled support for canvas. -- Mike Hommey Tue, 20 Sep 2005 07:56:01 +0200 mozilla-firefox (1.4.99+1.5beta1.dfsg-1) experimental; urgency=low * Cleaned-up source tarball from trademarked content and CVS directories. * debian/mozilla-firefox-small.xpm, debian/mozilla-firefox.xpm: Removed. * debian/mozilla-firefox.dirs, debian/rules: + Create /usr/lib/mozilla-firefox/chrome/icons/default and move default.xpm in it. (Closes: #327828) + Stop using our own xpm icons, upstream provide them, now. * debian/rules: changed the build system a bit. * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_parisc_linux.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_parisc_linux.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s: Somewhat these files disappeared. Put them back. (Closes: #328074) -- Mike Hommey Tue, 13 Sep 2005 18:25:48 +0200 mozilla-firefox (1.4.99+1.5beta1-2) experimental; urgency=critical * Sync with unstable branch. * netwerk/base/src/nsStandardURL.cpp: Apply the patch for the 1.8 branch from bz#307259 to fix CAN-2005-2871. (Closes: #327452) * debian/mozilla-firefox-gnome-support.install, debian/rules: Move out imgicon module in mozilla-firefox-gnome-support. (Closes: #327451) -- Mike Hommey Sun, 11 Sep 2005 10:45:34 +0200 mozilla-firefox (1.0.6-5) unstable; urgency=critical * xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp: Fix for previous arm fix. Thanks Steve. (Closes: #325535) * netwerk/base/src/nsStandardURL.cpp: Patch from bz#307259 to fix CAN-2005-2871, a buffer overflow vulnerability in IDN processing. (Closes: #327452) -- Eric Dorland Sat, 10 Sep 2005 23:03:26 -0400 mozilla-firefox (1.4.99+1.5beta1-1) experimental; urgency=low * New upstream beta release. + Find toolbar doesn't show up when in text fields. Closes: #280852. + Better use of GTK2 themes. The most common case was highlighted menu item text appearing in white on a white background. Closes: #223696, #257430, #258181, #266334, #278559, #289326, #297320, #310098. + Download manager correctly closes. Closes: #259015, #269975. + Doesn't crash with the http://ln.hixie.ch/resources/style/orange stylesheet. Closes: #277987. + Locale extensions can properly be disabled. Closes: #279749 (to check). + Doesn't crash on http://einsteinmg.dyndns.org/cgi-bin/remangle.cgi?=0x27b9b660 anymore. Closes: #294372. + Downloads don't freeze when a modal window opens. Closes: #211332. + Use GTK stock images. Closes: #281660. * Sync with unstable branch changes. * browser/app/profile/firefox.js, debian/firefox.js: + Removed outdated extensions.update.autoUpdateEnabled and extensions.update.autoUpdate; + Removed general.useragent.locale. + Allow extensions updates. It works correctly with system-wide installed ones, now. * netwerk/protocol/http/src/nsHttpConnectionMgr.cpp, nsprpub/pr/include/md/_linux.cfg, widget/src/gtk2/mozdrawingarea.c, widget/src/gtk2/nsDragService.cpp: Reversed changes, since they got applied upstream. * xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp: correctly set __attribute__. Closes: #325535. * debian/rules: + set --enable-extensions=default instead of a full list. We will get the default set of extensions provided by upstream, and won't need to check if they changed. + set --enable-pango. + set --enable-system-cairo. * debian/control: added build dependency on libgnomeui-dev and libcairo2-dev. * debian/mozilla-firefox.install, debian/rules: don't install files in /usr/lib/mozilla-firefox/chrome/icons/ anymore. * debian/mozilla-firefox-runner: Force MOZ_DISABLE_PANGO to 1 if MOZ_ENABLE_PANGO is not set. * debian/README.Debian: + Removed the note about IDN, it is now enabled by default, with correct whitelist set. + Added a note about MOZ_ENABLE_PANGO. + Changed notes about application update, extensions, and packaged extensions. * modules/libpref/src/init/all.js: + Set general.config.obscure_value to 0, we don't care about the config file not to be "obscured". + Set general.config.filename to firefox.cfg. * debian/firefox.cfg: Create configuration to lock some properties. * debian/mozilla-firefox.install: Install this firefox.cfg in /usr/lib/mozilla-firefox -- Mike Hommey Fri, 9 Sep 2005 17:40:40 +0200 mozilla-firefox (1.0.6-4) unstable; urgency=low * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_alpha.cpp, xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp, xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_alpha.cpp: Patch from Steve Langasek to fix unused vs. used gcc attribute on alpha and arm. (Closes: #325535) * browser/app/profile/firefox.js: Revert patch to remove the "I'm feeling lucky" search. Some like it, some hate it, so upstream behaviour wins. If you still feel strongly about it, make your case upstream. * gfx/src/gtk/nsFontMetricsXft.cpp: Apply patch from bz#252033 to work around a bug in XRender that might be causing #319349. -- Eric Dorland Tue, 6 Sep 2005 02:10:07 -0400 mozilla-firefox (1.0.99+deerpark-alpha2-2) experimental; urgency=low * Sync with unstable branch changes, except the controversial "I'm feeling lucky" change. I prefer waiting for the controversy to get to a conclusion. * debian/rules, debian/control: Remove build dependency on libmng-dev and the --with-system-mng option to configure, the MNG support has been removed upstream. * debian/rules: Explicitely set the svg-renderer as cairo. It will use an old cairo version bundled with firefox, but there's no other solution for the moment. We have to wait for upstream 0.9.x and greater support (hoped for 1.5). -- Mike Hommey Sun, 4 Sep 2005 09:01:54 +0200 mozilla-firefox (1.0.6-3) unstable; urgency=low * debian/rules, nsprpub/pr/include/md/_linux.cfg, security/coreconf/Linux.mk: Apply patch from Andreas Jochens to allow ppc64 builds. (Closes: #322617) * debian/mozilla-firefox.prerm: Move -depth option to find to suppress warnings. Thanks Mike Hommey. * debian/presubj: Have bugzilla bug URL point to a page where you can enter a bug. * browser/app/profile/firefox.js: removed the "I'm feeling lucky" from the keyword.URL, so now if you enter search terms in the address bar you will be presented with search results and not taken to the first result. Thanks Torok Edwin. (Closes: #321823) -- Eric Dorland Mon, 22 Aug 2005 01:20:28 -0400 mozilla-firefox (1.0.6-2) unstable; urgency=medium * modules/libpr0n/src/imgLoader.cpp, modules/libpr0n/src/imgLoader.h: Apply ported patch from Serge Belyshev from bz#293307 to fix problem with gcc-4.0 on amd64. (Closes: #319336) * debian/rules: Remove silly --enable-freetype configure line. Thanks Antony Gelberg. (Closes: #319886) -- Eric Dorland Sat, 30 Jul 2005 02:11:03 -0400 mozilla-firefox (1.0.6-1) unstable; urgency=low * New upstream release. (Closes: #318672) * debian/rules: Remove hack to use gcc 3.4 on amd64, since now we're all on gcc 4.0. (Closes: #318684) * debian/control: - Remove gcc 3.4 build depends on amd64 - Explicitly build depend on libxinerama-dev. * gfx/src/gtk/nsScreenGtk.cpp: Patch from Loic Minier to fix gdk_property_get warnings. * widget/src/gtk2/mozdrawingarea.c: Patch from Loic Minier to fix crashes under GTK 2.7. (Closes: #318903) -- Eric Dorland Wed, 20 Jul 2005 02:57:44 -0400 mozilla-firefox (1.0.99+deerpark-alpha2-1) experimental; urgency=low * New upstream alpha release. Be aware that you WILL have troubles with debian packages for firefox extensions. * Reverted patches that got incorporated upstream. * content/events/src/nsEventStateManager.cpp: Some changes to the previous patch to fit changes in API. * debian/update-mozilla-firefox-chrome, debian/update-mozilla-firefox-chrome.8, debian/mozilla-firefox-dom-inspector.post(inst|rm), debian/mozilla-firefox-gnome-support.post(inst|rm), debian/theme/*, debian/inspector/*: Removed. * debian/mozilla-firefox.postinst: Removed call to update-mozilla-firefox-chrome. * debian/mozilla-firefox-dom-inspector.install: Only install files from /usr/lib/mozilla-firefox/extensions/inspector@mozilla.org * debian/mozilla-firefox.dirs: Don't create /var/lib/mozilla-firefox/*, /usr/lib/mozilla-firefox/extensions nor /usr/lib/mozilla-firefox/plugins. * debian/mozilla-firefox.install: - Don't install regxpchrome, chrome/pipnss.jar and chrome/help.jar which don't exist anymore. - Install manifest files in addition to jar files in chrome. - Install classic.jar in the normal chrome directory (awaiting EM modifications so that it can actually go back in the extensions directory). - Don't install debian/theme/00classic and debian/theme/Uninstall, which got removed. - Get the theme in the correct directory (it's not in defaults/profile/extensions anymore). - Install the reporter extension. - Selectively install subdirectories of /usr/lib/mozilla-firefox/defaults, since some of them are useless. - Install the unixprint plugin. * debian/mozilla-firefox.manpages: Removed manual page for update-mozilla-firefox-chrome. * debian/mozilla-firefox.links: Removed all links in /var/lib/mozilla-firefox/. * debian/rules: - Enable freetype in the build, we'll see if deerpark is any better than 1.0.x. - Commented out OPTFLAGS set for some architectures. We will see if gcc 4.0 is doing any better. - Enabled SVG support. (Closes: #215990) - Enabled some more extensions to fit extensions provided by upstream. - Added needed --enable-application=browser to the ./configure call. - Don't install update-mozilla-firefox-chrome. - Don't create installed-chrome.txt. - Don't remove installed-extensions.txt, it doesn't exist anyway. - Don't move classic theme's install.rdf, it's already at the correct place. - Remove unneeded removals of preferences files which are not there anymore. * debian/mozilla-firefox.preinst: Clean-up old generated files (those in /var/lib/mozilla-firefox and /usr/lib/mozilla-firefox/extensions/*/uninstall/Uninstall. (Note that for the latter, some packages do provide them, but they were overwritten by update-mozilla-firefox-chrome. They have actually no use, and it is safe to remove them. Extensions packages will eventually remove them anyway) * debian/mozilla-firefox.prerm: Put -depth option of find before -type d. -- Mike Hommey Sat, 16 Jul 2005 10:18:40 +0200 mozilla-firefox (1.0.5-1) unstable; urgency=high * New upstream release, fixes security issues. (Closes: #318061) * debian/rules: Disable freetype in the build for the time being. This *might* break printing in some cases. * gfx/idl/nsIFreeType2.idl, gfx/src/freetype/nsFreeType.cpp, gfx/src/freetype/nsFreeType.h, gfx/src/ps/nsFontMetricsPS.cpp, gfx/src/ps/nsFontMetricsPS.h, gfx/src/x11shared/nsFontFreeType.cpp, gfx/src/x11shared/nsFontFreeType.h, layout/svg/renderer/src/libart/nsSVGLibartGlyphMetricsFT.cpp: Patch from bz#234035 to try to get building with the new freetype. (Closes: #314243) -- Eric Dorland Sat, 16 Jul 2005 00:43:54 -0400 mozilla-firefox (1.0.4-3) unstable; urgency=low * debian/mozilla-firefox.desktop: Add Czech translation from Jan Outrata. (Closes: #311376) * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp, xpcom/reflect/xptcall/public/xptcstubsdecl.inc: Revert patch from David Mosberger for 7+ args on ia64 that was added 1.0.3-2. * xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf32.cpp, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf32.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp, xpcom/reflect/xptcall/public/genstubs.pl: Better patch from bz#291378 which has been accepted upstream for ia64 7+ args fix. * xpcom/reflect/xptcall/public/xptcstubsdecl.inc: Call genstubs.pl to regenerate this file. * dom/src/base/nsGlobalWindow.cpp, embedding/components/windowwatcher/src/nsWindowWatcher.cpp: Fix injection spoofing, patch from bz#296850. Fixes CAN-2004-0718. -- Eric Dorland Thu, 9 Jun 2005 23:54:41 -0400 mozilla-firefox (1.0.4-2) unstable; urgency=critical * debian/control: Build-depend on libxft-dev not libxft2-dev to appease finicky sparc buildd. -- Eric Dorland Mon, 16 May 2005 21:17:57 -0400 mozilla-firefox (1.0.4-1) unstable; urgency=critical * New upstream release. Fixes CAN-2005-1477 and CAN-2005-1476. (Closes: #308620) * debian/update-mozilla-firefox-chrome.8: Patch from A Costa to fix the spelling of maintenace. (Closes: #305968) * debian/mozilla-firefox.desktop: Patch from Steinar H. Gunderson to add a Norwegian translation. (Closes: #305983) -- Eric Dorland Thu, 12 May 2005 22:59:47 -0400 mozilla-firefox (1.0.3-2) unstable; urgency=high * browser/app/profile/firefox.js: Disable SSLv2 and 40-bit ciphers by default. * debian/mozilla-firefox.NEWS: Explain the SSL change. * extensions/transformiix/source/base/Double.cpp: Patch from David Mosberger-Tang (fixed up by me) to fix unaligned access on ia64 (and perhaps other platforms). (Closes: #303518) * xpcom/reflect/xptcall/public/xptcstubsdecl.inc, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp: Another patch from David Mosberger-Tang to fix extension loading on ia64. (Closes: #303515) -- Eric Dorland Thu, 21 Apr 2005 01:25:02 -0400 mozilla-firefox (1.0.3-1) unstable; urgency=low * New upstream release, fixes various security issues, so urgency high. * js/src/fdlibm/fdlibm.h: Fix from David Mosberger to define ia64 as little-endian arch (also added for mipsel). (Closes: #303438) -- Eric Dorland Sun, 17 Apr 2005 23:13:01 -0400 mozilla-firefox (1.0.2-3) unstable; urgency=high * gfx/src/freetype/nsFreeType.cpp, netwerk/protocol/http/src/nsHttpConnectionMgr.cpp, security/nss/lib/pki1/oiddata.h, security/nss/lib/pki1/pki1.h, widget/src/gtk2/nsDragService.cpp: Fixes for gcc-4.0, bz#289238. (Closes: #301485) * js/src/jsstr.c: Fix for JS memory access security bug, patch from bz#288688. (Closes: #302775) -- Eric Dorland Wed, 6 Apr 2005 01:36:11 -0400 mozilla-firefox (1.0.2-2) unstable; urgency=high * Last upload should of been marked urgency=high because of the security fixes. * debian/mozilla-firefox.postinst: Fix ridiculous typos. (Closes: #300685) * debian/mozilla-firefox-runner: Use pgrep to detect esd and arts instead. Thanks Craig Small for the advice. (Closes: #302086) -- Eric Dorland Fri, 1 Apr 2005 01:18:18 -0500 mozilla-firefox (1.0.2-1) unstable; urgency=low * New upstream release. Fixes CAN-2005-0399, CAN-2005-0401, CAN-2005-0402. (Closes: #301243) * debian/control: Update suggest for xprint rename. (Closes: #300976) * xpcom/reflect/xptcall/src/md/unix/{Makefile.in, xptcinvoke_asm_parisc_linux.s, xptcstubs_asm_parisc_linux.s}: Apply patch from Ivar (Contributed by Randolph Chung) to fix Firefox on hppa. (Closes: #286038) -- Eric Dorland Fri, 25 Mar 2005 02:30:10 -0500 mozilla-firefox (1.0.1-3) unstable; urgency=low * widget/src/gtk2/nsGtkKeyUtils.cpp: Patch from bz#108170 to fix broken keymap for Germans. (Closes: #299781) * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: avoid crashing when extension's install.rdf is broken. (Closes: #298796) (MH) * debian/mozilla-firefox.prerm: Remove /usr/lib/mozilla-firefox/defaults/profile/extensions/Extensions.rdf on uninstall. (Closes: #298636) * debian/mozilla-firefox.postinst: Add little echo to tell people to restart firefox after upgrades. * debian/presubj: Add a note there about restarting firefox before submitting bugs. * debian/mozilla-firefox-runner: Properly quote $@ expansion. (Closes: #300195) * browser/locales/en-US/searchplugins/ {yahoo.src,google.src,eBay.src,dictionary.src,creativecommons.src, amazondotcom.src}: Set updateCheckDays to 0, which avoids duplicated search entries in the menu. (Closes: #299006, #299813) -- Eric Dorland Sun, 20 Mar 2005 17:08:12 -0500 mozilla-firefox (1.0.1-2) unstable; urgency=high * Changes by Mike Hommey: * Urgency: high due to RC bug fix. * debian/update-mozilla-firefox-chrome: Re-initialize Extensions.rdf inside the script instead of relying on mozilla-firefox's default behaviour, which just fails when defaults/profile/extensions/ \ Extensions.rdf doesn't exist (and it seems some people like to remove files in /etc). (Closes: #294175) * Changes by Eric Dorland: * debian/mozilla-firefox.menu: Capitalize "browsers". Thanks Gerfried Fuchs. * debian/mozilla-firefox-runner: Fix from Marc Horowitz to fix sound device detection. (Closes: #297088) * toolkit/content/widgets/tabbrowser.xml: Apply patch from bz#283063, to fix a memory leak when closing tabs. (Closes: #296749) * xpfe/global/resources/content/bindings/browser.xml, xpfe/global/resources/content/bindings/tabbrowser.xml, toolkit/content/widgets/browser.xml, toolkit/content/widgets/tabbrowser.xml: Apply patches from bz#131456 to fix various tab related memory leaks. (Closes: #280586) * netwerk/protocol/http/src/nsHttpHandler.cpp: Patch from bz#265536 to differentiate between AMD64 and i386. (Closes: #282592) -- Eric Dorland Sat, 5 Mar 2005 18:46:09 -0500 mozilla-firefox (1.0.1-1) unstable; urgency=high * New upstream release. (Closes: #296851) - This release fixes the Secunia window injection bug, CAN-2004-1156. (Closes: #293664) * Changes by Mike Hommey: * debian/rules: Some clean-up. * debian/control: Changed my maintainer address. * debian/README.Debian: Add a note about automatic updates for extensions. (Closes: #296761) * Changes by Eric Dorland: * browser/app/profile/firefox.js: Remove disable IDN pref, it's the default now anyway. -- Eric Dorland Tue, 1 Mar 2005 02:03:48 -0500 mozilla-firefox (1.0+dfsg.1-6) unstable; urgency=high * The "And I thought IE had security bugs!" release. * toolkit/content/widgets/tabbrowser.xml, xpfe/global/resources/content/bindings/tabbrowser.xml: Fix "Firetabbing" vulnerability from bugzilla#280056, fixes CAN-2005-0231. (Closes: #294415) * modules/plugin/base/src/nsPluginHostImpl.cpp: Fix "Fireflashing" vulnerability from bugzilla#280664, fixes CAN-2005-0232. (Also Closes: #294415) * build/unix/run-mozilla.sh: Patch from Javier Fernández-Sanguino Peña to fix insecure temp file usage in run-mozilla.sh. (Closes: #294127) * netwerk/base/src/nsStandardURL.cpp, netwerk/base/src/nsStandardURL.h: Patch from bugzilla#261934 to make the network.enableIDN preference work and again. * browser/app/profile/firefox.js: Disable IDN by default. This doesn't close #293975, but drops its severity. * debian/README.Debian: Add warning and describe how to enable IDN. -- Eric Dorland Wed, 9 Feb 2005 22:56:17 -0500 mozilla-firefox (1.0+dfsg.1-5) unstable; urgency=low * debian/mozilla-firefox.desktop: Don't translate "Mozilla Firefox" into French. * browser/app/profile/firefox.js: Set mozilla.widget.raise-on-setfocus to false to prevent unecessary window raising. (Closes: #292049) * debian/rules: Don't compile statically on mips and mipsel, since it's broken for now. -- Eric Dorland Sun, 6 Feb 2005 15:02:36 -0500 mozilla-firefox (1.0+dfsg.1-4) unstable; urgency=low * debian/mozilla-firefox.desktop: Add French translations from Jerome Warnier. I will accept more, but closing this bug. (Closes: #292506) * debian/README.Debian: Update the Emacs keybindings instructions. (Closes: #291691) * debian/mozilla-firefox.1: - Remove -splash from the manpage, it has never worked. (Closes: #287088) - Add units to -height and -width description. (Closes: #285142) -- Eric Dorland Wed, 2 Feb 2005 01:42:53 -0500 mozilla-firefox (1.0+dfsg.1-3) experimental; urgency=low * debian/mozilla-firefox.desktop: Add %u to the exec line so that apps know it can handle URLs. (Closes: #290132) * debian/README.Debian: - Improve button reversal instructions. Thanks Christian Mayrhuber - Fix reference to ~/.firefox. * debian/rules: Enable static building. This will build firefox as one large binary (mostly) and should speed a few things up, especially program load time. I'd like to hear about any speedup (or slow down) you exprience. Porters, please build this for your arch to make sure this doesn't break anything. -- Eric Dorland Thu, 20 Jan 2005 01:40:34 -0500 mozilla-firefox (1.0+dfsg.1-2) unstable; urgency=medium * debian/mozilla-firefox-gnome-support.postrm, debian/mozilla-firefox-dom-inspector.postrm: Don't die if update-mozilla-firefox-chrome dies. (Closes: #287355) -- Eric Dorland Sun, 9 Jan 2005 23:51:10 -0500 mozilla-firefox (1.0+dfsg.1-1) unstable; urgency=low * Not a new upstream release. * other-licenses/branding/firefox, other-licenses/7zstub/firefox: Remove these from the .orig.tar.gz, since they are not DFSG-free. We're not using the files anyway, so out they go. (Not sure the 7zstub stuff is non-free, but it's Windows only so no harm) * debian/rules: - Remove explicit low-optimization on alpha, since Falk Hueffner claims it works. - Move entire defaults/profile directory into /etc/mozilla-firefox, rather than just the bookmarks.html. (Closes: #285538) * debian/mozilla-firefox.links: Link entire defaults/profile now. * debian/mozilla-firefox.preinst: Add upgrade code to remove old defaults/profile to make way for new symlink. * debian/mozilla-firefox.dirs: Just create etc/mozilla-firefox. -- Eric Dorland Sun, 19 Dec 2004 01:31:44 -0500 mozilla-firefox (1.0-5) unstable; urgency=medium * Changes by Mike Hommey: * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Make the extensions upgrade work again. (Closes: #282143) * debian/rules: Better DEB_BUILD_OPTIONS handling, better debugging build (DEB_BUILD_OPTIONS="nostrip debug") * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, toolkit/mozapps/extensions/content/extensions.js: Allow users to disable globally installed extensions. * Changes by Eric Dorland: * debian/rules: Remove explicit low-optimization on sparc. Apparently there was an issue for a number of arches that required lower optimization settings, but it is now resolved. So porters, please check -O2 on arm, alpha, powerpc and ia64 and let me know if it's safe. Thanks David S. Miller. (Closes: #284533) -- Eric Dorland Tue, 7 Dec 2004 01:06:48 -0500 mozilla-firefox (1.0-4) unstable; urgency=medium * debian/control: Make mozilla-firefox-gnome-support and xprt-xprintorg Suggests, no Recommends after a look at policy. (Closes: #282432) * debian/README.Debian: - Refer to .mozilla/firefox, not .firefox. - Explain how to reenable emacs style keybindings. (Closes: #282321) -- Eric Dorland Sat, 27 Nov 2004 20:40:10 -0500 mozilla-firefox (1.0-3) unstable; urgency=low * Changes by Mike Hommey * The "becoming more and more an iceweasel" release. * debian/firefox.js: + Enable firefox's internal locale autodetection. + Disable default browser question at startup. (Closes: #280752) * debian/mozilla-firefox-runner: Removed our locale autodetection. That means now locales installed in user profiles are automatically used, and that there is no need for /var/lib/mozilla-firefox/locales.d anymore. * debian/mozilla-firefox.dirs: Removed creation of /var/lib/mozilla-firefox/locales.d. * debian/rules: Removed creation of the locale file in /var/lib/mozilla-firefox/locales.d. * debian/presubj: Put some more recent information. * htmlparser/src/nsParser.cpp: Applied patch from bz#57717 so that empty html files don't get when viewing source. * browser/base/content/aboutDialog.css: increase the User Agent element height as in bz#238137 (but up to MacOSX's height) to show the full User Agent string. * xpcom/io/nsAppDirectoryServiceDefs.h, xpcom/io/nsAppFileLocationProvider.cpp, xpfe/components/search/src/nsInternetSearchService.cpp: Applied patch from bz#123315 so that Internet search services in user profiles are supported. (Closes: #219053) * debian/mozilla-firefox-runner: + Remove compatibility.ini only if it is older than /usr/lib/mozilla-firefox/components.ini. That way, we only rebuild it after an update-mozilla-firefox-chrome. + Detect if we're being run through sudo without the -H option, in which case we force setting of $HOME. (Closes: #218156) * browser/app/profile/firefox.js: Sync'ed with debian/firefox.js. * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: + Removed some error messages that get there because firefox is trying to write in the /usr/lib/mozilla-firefox directory as a user. They are useless and lead users to think something is going wrong while it's the (stupid but) normal way firefox works. + Avoid creation of directories when attempting to read files, that throwed uncaught exceptions breaking some stuff in several different ways when extensions don't follow the new scheme for extensions. + Avoid copying stuff from /usr/lib/mozilla-firefox/defaults/profile/extensions/ to /usr/lib/mozilla-firefox/extensions/, that's the *very* old way of installing extensions, which, since the old scheme has been thrown away, won't work anyway, if any extension provides files out there. + CheckForMismatches: Avoid to disable already disabled global extensions, and don't propose to upgrade the locked extensions. That fixes a never-ending loop occuring when running firefox for the first time in a user account, while some global extensions are expired. (Closes: #278722, #281537) * debian/mozilla-firefox.prerm, debian/mozilla-firefox.preinst: Moved removal of links to /usr/lib/mozilla-firefox/defaults/profile/extensions/ sitting in /usr/lib/mozilla-firefox/extensions/, if any remaining, from prerm to preinst. We remove them once and for all, they won't be created by us anymore. * debian/update-mozilla-firefox-chrome: + Removed support for extensions in /usr/lib/mozilla-firefox/defaults/profile/extensions/. + Removed some clean-up that had been introduced to help the Extensions Manager not to die, and which, actually, did not work out quite so well. Anyways, with the changes this time, the EM is supposed to support much more problems than ever before (as usual ;) ) so we don't need that anymore. + Avoid stupid mv error messages when firefox-bin -register fails (which is not supposed to happen, but you're never too careful) * debian/update-mozilla-firefox-chrome, debian/mozilla-firefox.preinst: Move removal of some very old stuff to preinst, to do it once and for all instead of doing it every time we run update-mozilla-firefox-chrome. * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Applied patch from bz#124561 to get a prompt for username/password in case anonymous login fails. * debian/mozilla-firefox-runner: + Added check for more arguments so that the url in the command line get detected more accurately. + When a file name is given on the command line, prepend "file://" and change spaces into %20. (Closes: #281800) * Changes by Eric Dorland * debian/mozilla-firefox.prerm: Patch from Philipp Weis to fix order of find arguments. (Closes: #280852) * debian/mozilla-firefox.desktop: Support new mime type handler in Gnome 2.8. (Closes: #281274) (MH: I added some more myme-types) * debian/mozilla-firefox.postinst: Run update-desktop-database if it exists. * widget/src/gtk/nsWidget.cpp: We don't use gtk anymore, might as well revert these patches. Thanks Stephane Despret. -- Eric Dorland Thu, 18 Nov 2004 22:16:28 -0500 mozilla-firefox (1.0-2) unstable; urgency=low * Changes by Mike Hommey * The "don't do too much on the same day, it's bad for health" release. * debian/firefox.js: Re-activated the extensions update service, and removed the update url. * browser/app/profile/firefox.js: Sync'ed with debian/firefox.js. * debian/mozilla-firefox-dom-inspector.preinst: Removed old inspector.js file. * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, toolkit/mozapps/extensions/content/extensions.js: Disabled possibility to update locked extensions and themes. Locked extensions being the ones installed by the packaging system, they should be updated through that. * toolkit/mozapps/update/src/nsUpdateService.js.in: Disabled application update functionnality. Firefox should be updated through the packaging system. * browser/components/prefwindow/content/pref-advanced.xul: Removed the preferences panel item to activate application update, since it is totally disabled. * debian/mozilla-firefox-runner: Remove compatibility.ini instead of compreg.dat. (Eric: This will cause a rebuild of the compreg.dat) * Changes by Eric Dorland: * debian/mozilla-firefox.NEWS: Fix typos. * README.Debian: - Add note about application update being completely disabled. - Fix path to XUL.mfsal -- Eric Dorland Wed, 10 Nov 2004 22:56:22 -0500 mozilla-firefox (1.0-1) unstable; urgency=medium * New upstream release (Closes: #280449) * Changes by Mike Hommey: * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply new patch #164795 from bz#266835 + some tweaks as previously. This might lead to encoding problems with the password, but it is supposed to be ASCII anyway. * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Reworked the previous patches so that the Extensions Manager shows extensions that have been disabled due to version mismatch, and added a workaround so that components registration works correctly. * debian/update-mozilla-firefox-chrome: Removed part that is useless due to last changes in the Extensions Manager. * Make the inspector a real extension again: - debian/inspector/00dom-inspector: File for /var/lib/mozilla-firefox/extensions.d. - debian/inspector/Uninstall: Uninstall file needed in extension directory. - debian/inspector/install.rdf: install.rdf taken from older versions, and adapted to newer versions, adding registered chrome. - debian/mozilla-firefox-dom-inspector.dirs: Removed. Everything will be created by dh_install. - debian/mozilla-firefox-dom-inspector.install: install debian/inspector.rdf and most inspector files in the right place in /usr/lib/mozilla-firefox/extensions/{641d8d09-7dda-4850-8228-ac0ab65e2ac9} and /var/lib/mozilla-firefox * Make the classic theme a real extension, even though it's still in the main package: - debian/theme/00classic: File for /var/lib/mozilla-firefox/extensions.d. - debian/theme/Uninstall: Uninstall file needed in extension directory. - debian/mozilla-firefox.install: Install all files in the right place in /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd} - debian/mozilla-firefox.dirs: Removed creation of /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/chrome, it will be done by dh_install. - browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in: Added chrome to be registered. * Removed support for /var/lib/mozilla-firefox/chrome.d: - debian/mozilla-firefox.dirs: Removed creation of the directory. - debian/rules: Removed creation of files there, and put the installed-chrome.txt, excluding inspector and classic theme stuff, directly in /usr/lib/mozilla-firefox/chrome. - debian/update-mozilla-firefox-chrome: Removed all /var/lib/mozilla-firefox/chrome.d related stuff. - debian/mozilla-firefox.links: Removed installed-chrome.txt link. - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: disable extensions that fail to install chrome. * debian/mozilla-firefox-runner: Remove user profile compreg.dat at launch time. * Moved some files in /var/lib/mozilla-firefox: - debian/mozilla-firefox.links: Add a symlink for Extensions.rdf and components.ini, from /usr to /var. - debian/mozilla-firefox.prerm: Don't remove files we don't provide and remove files at their new locations. - debian/mozilla-firefox.preinst: Remove /var/lib/mozilla-firefox/installed-chrome.txt. - debian/update-mozilla-firefox-chrome: Create links for Extensions.rdf and components.ini after register call, and remove components.ini before. * Clean-up in files generated by update-mozilla-firefox-chrome: - debian/mozilla-firefox.links: Put all the links generated by update-mozilla-firefox-chrome into the package. - debian/mozilla-firefox.prerm: Remove all /var files generated in the remove target, and changed the way we clean-up /var/lib/mozilla-firefox. * debian/mozilla-firefox.install: Removed chromelist.txt. * Add support for extensions preferences: - debian/update-mozilla-firefox-chrome: Handle /usr/lib/mozilla-firefox/defaults.ini file. - debian/mozilla-firefox.links: Add a symlink to /var for defaults.ini. - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Added defaults registration in -register command. - mozilla-firefox-dom-inspector.install: Move inspector.js into the appropriate extension specific directory. * Move preferences back into /usr: - debian/rules: Don't move the prefs into /etc/mozilla-firefox/pref, and put the vendor thing into /usr as well, and remove firefox-l10.js file. - debian/mozilla-firefox.preinst: remove old prefs in /etc and old symlink /usr/lib/mozilla-firefox/defaults/pref. - debian/firefox.js: new Debian default preferences file. - debian/mozilla-firefox.install: install firefox.js in /etc/mozilla-firefox/pref. - debian/mozilla-firefox.links: rename /usr/lib/mozilla-firefox/defaults/pref symlink to /usr/lib/mozilla-firefox/defaults/syspref. - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Added a hook so that defaults/syspref gets registered in defaults.ini after all other extensions preferences. * debian/mozilla-firefox.preinst: only clean-up stuff if we are upgrading from a version known to still have the files. Added some more clean-up. * debian/mozilla-firefox.install: Removed useless init.d. * modules/libpref/src/init/all.js: Fixed all chrome URLs which refered to mozilla stuff. * debian/update-mozilla-firefox-chrome: Remove some more files before running firefox-bin -register. * Changes by Eric Dorland: * debian/mozilla-firefox.NEWS: Add warning about broken extension and locale packages with this release. * debian/mozilla-firefox-runner: Comment out warning about xprint, xprint isn't necessarily needed for printing since postscript was reenabled. (Closes: #279858) -- Eric Dorland Wed, 10 Nov 2004 00:33:44 -0500 mozilla-firefox (0.99+1.0RC1-4) unstable; urgency=low * debian/mozilla-firefox-runner: - Fixed to run properly with dash. (Closes: #279549). - Fixed indentation. - Added a basic debugger support. * debian/mozilla-firefox.1: Added information about debugger options. * debian/rules: Added a debug option to DEB_BUILD_OPTIONS. If you want to build a fully gdb'able package, use DEB_BUILD_OPTIONS="noopt nostrip debug" * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply new patch from bz#266835. - Further change this patch to use Append rather than AppendLiteral, which doesn't seem to exist. (ED) -- Mike Hommey Thu, 4 Nov 2004 22:01:51 +0900 mozilla-firefox (0.99+1.0RC1-3) unstable; urgency=low * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply patch from bz#266835 to fix anonymous user password issue. (Closes: #226784) * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: (MH) - Fully apply previous patches, which for some reason left a spurious code line which made the extensions manager not like expired extensions anymore. (Closes: #279140) - Enhanced extensions manager so that the behaviour described in https://bugzilla.mozilla.org/show_bug.cgi?id=247846#c14 *actually* works. Extensions packagers are invited to move their chrome files accordingly, and remove /var/lib/mozilla-firefox/chrome.d files so that extensions chrome don't get registered when they are forced-disable due to version mismatch or some other reason. * debian/mozilla-firefox-runner: - Fix some thinkos. (MH) - Fix for loading files from the command line. (Closes: #279018) (MH) - Removed setting --display from $DISPLAY, let it get it from the environment, but pass --display if it is set. (Mike, I'm worried this will screw up some session managers, let me know what you think, we can revert it) - Removed FIREFOX_OPEN_IN stuff, so that firefox now obeys to "open links from other applications in" setting. (Closes: #279073) (MH) - Enhanced command line parsing, and drop empty arguments. (Closes: #279138) (MH) - No need for a find to look for XUL.mfasl, we already have its location from the path list taken from profiles.ini. (MH) - Better detection of dsp wrapper, when FIREFOX_DSP=auto. (Closes: #254611) (MH) - Correctly open local files even when firefox was not previously running. (Closes: #279018) (MH) * debian/mozilla-firefox.1: (MH) - Removed references to FIREFOX_OPEN_IN. - Added the -safe-mode option. * debian/mozilla-firefoxrc: Removed FIREFOX_OPEN_IN. (MH) -- Eric Dorland Tue, 2 Nov 2004 00:46:28 -0500 mozilla-firefox (0.99+1.0RC1-2) unstable; urgency=medium * browser/app/profile/firefox.js: Disable browser update checking by default. * debian/mozilla-firefox-runner: Apply patch from Aurelien Jarno to fix variable name typo. (Closes: #278844) -- Eric Dorland Fri, 29 Oct 2004 23:50:59 -0400 mozilla-firefox (0.99+1.0RC1-1) unstable; urgency=medium * New upstream release. * layout/xul/base/src/nsImageBoxFrame.{cpp,h}: Remove some conflicts from a previous patch. -- Eric Dorland Thu, 28 Oct 2004 23:33:46 -0400 mozilla-firefox (0.10.1+1.0PR-5) unstable; urgency=low * debian/rules: (MH) - Use upstream extensions set. This will eventually get a correct help menu and fix some yet undiscovered UI issues. (Closes: #257946) - Added support for DEB_BUILD_OPTIONS=noopt. - Changed OPTFLAGS assignment. - Remove whitespace characters in version number for UserAgent branding. - Install mozilla-firefox-runner into /usr/lib/mozilla-firefox/firefox (Closes: #278477) * debian/mozilla-firefox.links: (MH) - Link /usr/bin/firefox and /usr/bin/mozilla-firefox to /usr/lib/mozilla-firefox/firefox. - Removed obsolete profile/US links. * debian/mozilla-firefox.dirs: Create /etc/mozilla/profile instead of /etc/mozilla/profile/US. (MH) * toolkit/xre/nsAppRunner.cpp: Fix crash in nsCmdLineService::Initialize when argc is changed by gtk (when treating gtk specific arguments) (MH) * debian/mozilla-firefox-runner (Changes by MH): - Removed workaround for bug #122990. First, xmlterm is not an activated extension, and secondly, if it still requires the TERM environment variable, it is the user's duty to set it to whatever he wants, not firefox's start script's. - Removed the ulimit -c setting. First, it is set by default to 0 on a newly installed debian, and secondly, it is user's choice to set it or not if he needs to get core files. - Removed unused shell variables. - Removed unsetting AUDIODEV variable. If it still crashes, it does belong to some other code than firefox. The AUDIODEV environment variable is used nowhere in firefox code: http://lxr.mozilla.org/aviarybranch/search?string=AUDIODEV Note that there is a "A crash which occurred when AUDIODEV doesn't contain "/" was fixed." log message in esound version 0.2.33 changes and that the bug may have belonged there. - Replaced ${HOME}/.mozilla-firefoxrc file by a ${HOME}/.mozilla/firefox/rc file. The former is still supported, though, but will bring a warning message. If both are present, only the latter is taken into account. - Changed the way system and user FIREFOX_DSP and FIREFOX_OPEN_IN variables are handled. First, use system values defined in /etc/mozilla-firefox/mozilla-firefoxrc, then override with ${HOME}/.mozilla/firefox/rc and then with runtime environment variables. - Don't die when DISPLAY is not set. Display can be passed by --display option, and if not set and needed (some options don't require it), firefox will complain. - Some shell code simplifications by using some coreutils. - Added better command line parsing. - Added verbosity mode. - Removed setting of FONTCONFIG_PATH, /usr/lib/mozilla-firefox/res/Xft doesn't exist - Factorized localization detection. * debian/mozilla-firefox.1 (MH): - Made some clean-up between dashes and hyphens. - Removed obsolete options and added new ones. - Added informations about some debian specific stuff. * debian/update-mozilla-firefox-chrome: Changed the way we move files to /var/lib/mozilla-firefox. It will avoid creating files with a * in their name whenever registration failed. (MH) * debian/README.Debian: Update java instructions, tell them to just use java-package. -- Eric Dorland Thu, 28 Oct 2004 21:30:40 -0400 mozilla-firefox (0.10.1+1.0PR-4) unstable; urgency=medium * This release mostly courtesy Mike Hommey. * layout/src/xul/base/src/nsImageBoxFrame.*: Backported patch from bz#255372. (Closes: #278046) * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Force locking globally installed extensions, that will prevent extensions packages files to be unexpectedly removed by firefox. * debian/control: Add Mike Hommey as an Uploader. * debian/mozilla-firefox.install: Removed content-packs.jar which is mozilla-browser specific. * debian/mozilla-firefox.dirs: - Remove leading /'s. - Create /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd} /chrome directory so that preview is shown in the Themes Manager. Yes, this is stupid, but it is the way firefox wants it (and it's not even created by make install, nor in the official binary tarball. It is only created at run time, but you know what ? under *nix, a normal user can't create that directory) (Closes: #276404) * debian/rules: Add a /etc/mozilla-firefox/pref/vendor.js file adding the debian package version to the UserAgent. (Closes: #268654) * debian/README.Debian: Update java instructions. I'd love some more definitive pointers. (Closes: #277983) -- Eric Dorland Tue, 26 Oct 2004 00:11:48 -0400 mozilla-firefox (0.10.1+1.0PR-3) experimental; urgency=low * debian/control: - Rename the mozilla-firefox-gnome-vfs package mozilla-firefox-gnome-support since it does more than vfs. No need for Replaces or anything, since it never actually made it to the archive. - Remove strict build dependencies on g++ and binutils, since the fixed versions have hit sarge. - Remove hppa build depends, since gcc has also been fixed there. - Build-depend on libgnome2-dev and libgconf2-dev to build in more gnome support. - Have mozilla-firefox recommend it's gnome support. * debian/rules: - Remove hppa CC redefinitions. - Exclude *gnome* not just *gnomevfs*. - dh_install for gnome-support. * debian/mozilla-firefox-gnome-vfs.*: Rename to mozilla-firefox-gnome-support.*. * debian/mozilla-firefox-gnome-support.install: Grab *gnome*, not just *gnomevfs*. -- Eric Dorland Thu, 21 Oct 2004 23:04:53 -0400 mozilla-firefox (0.10.1+1.0PR-2) experimental; urgency=low * debian/mozilla-firefox-runner: - Patch from Sam Morris to handle cleanup of directories with unusual names. - Fix return value check, patch from rgselk. (Closes: #269690) * debian/mozilla-firefox.1: List full path to firefox-bin. (Closes: #275563) * debian/rules: - --with-gssapi=/usr, enable Negotiate extension. (Closes: #274258) - Enable gnomevfs support, * debian/control: - Build-depend on libkrb5-dev. - Build-depend on libgnomevfs2-dev. - New gnomevfs package, based on work by Mike Hommey. (Closes: #262062) * debian/mozilla-firefox-gnome-vfs.post{inst,rm}: Added, same as corresponding files from mozilla-firefox-dom-inspector. * debian/mozilla-firefox-gnome-vfs.install: Install gnomevfs components. * browser/app/profile/firefox.js: Set network.negotiate-auth.trusted-uris to https:// to enable the negotiate extension over secure links. * config/rules.mk: Tweak patch from Thiemo Seufer to include svg_doc in non-optimization. (Closes: #273353) -- Eric Dorland Sun, 17 Oct 2004 21:25:08 -0400 mozilla-firefox (0.10.1+1.0PR-1) experimental; urgency=critical * New upstream release, fixes security issue bz#259708. (Closes: #274493) -- Eric Dorland Sun, 3 Oct 2004 03:32:43 -0400 mozilla-firefox (0.10+1.0PR-1) experimental; urgency=low * New upstream release. (Closes: #273700, #267003) * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, netwerk/dns/src/nsIDNService.cpp, modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp, gfx/src/windows/nsImageWin.cpp, gfx/src/shared/gfxImageFrame.cpp, browser/app/profile/firefox.js: Resolve conflicts between my tree and upstream. * browser/app/Makefile.in: Fix $(DESTDIR) variable. * accessible/src/atk/nsAccessibleWrap.cpp, accessible/src/atk/nsAccessibleWrap.h: Apply patch from bugzilla for alpha fix that's more likely to make it into CVS. * debian/update-mozilla-firefox-chrome: Patch from Mike Hommey to make update-mozilla-firefox-chrome more verbose on -v. * debian/rules: - Remove typeaheadfind for new find toolbar to work. (Mike Hommey) (Closes: #267170) - Changes to reflect new upstream files. * debian/control: - Remove build-depend on libcairo-dev. - Build depend on libxt-dev, seems to be necessary now. (Closes: #274311) * debian/docs: Removed, as browser/README.html disappeared. (Mike Hommey) * debian/mozilla-firefox.dirs: - Changes to reflect new upstream files. - Removed obsolete libnullplugin.so. * debian/mozilla-firefox.install: - Remove .jar's that aren't there anymore. - Removed obsolete libnullplugin.so. * debian/mozilla-firefox-dom-inspector.dirs, debian/mozilla-firefox-dom-inspector.install, debian/rules: Upstream doesn't consider DOM Inspector as a real extension, and do not provide the appropriate files to make it appear in the extensions manager. Removed all the extension related stuff in the package. (Mike Hommey) * other-licenses/libart_lgpl: Removed, was for SVG, no longer needed. * modules/plugin/samples/default/unix/*: Reverted debian specific changes, we don't want them in the diff since libnullplugin won't get installed. -- Eric Dorland Fri, 1 Oct 2004 18:50:46 -0400 mozilla-firefox (0.9.3-6) unstable; urgency=high * gfx/src/gtk/fontEncoding.properties: Uncomment symbol fonts. (Closes: #272927) * debian/control: Build-depend on binutils (>= 2.15-4) but only on mips and mipsel. (Closes: #273353) * configure.in, configure, rules.mk: Patch from Thiemo Seufer to increase stability and performance on mips. (Closes: #272159) * debian/mozilla-firefox-runner: Detect failure of ping() better. (Closes: #267393) * layout/html/document/src/html.css: Testing fix for xprint problems. -- Eric Dorland Mon, 27 Sep 2004 17:07:37 -0400 mozilla-firefox (0.9.3-5) unstable; urgency=high * debian/update-mozilla-firefox-chrome: Apply another patch form Mike Hommey to fix a few more issues in the script. (Closes: #271480) * Fixes to Secunia security bugs, ported from bugzilla: (Closes: #271888) - browser/base/content/browser.js, xpfe/communicator/resources/content/contentAreaDD.js: Fix for drag and drop exploit, bz#250862. - caps/include/nsScriptSecurityManager.h, caps/src/caps.properties, caps/src/nsScriptSecurityManager.cpp: Fix for enablePrivilege exploit, bz#253942. - gfx/src/shared/gfxImageFrame.cpp, gfx/src/windows/nsImageWin.cpp, modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp: Fix for various overflows in the BMP code, bz#255067. - netwerk/dns/src/nsIDNService.cpp: Fix for bug in non-ASCII characters in domain names, bz#256316 - content/xbl/src/nsXBLPrototypeHandler.cpp: Clipboard injection fix, bz#257523. -- Eric Dorland Thu, 16 Sep 2004 20:06:47 -0400 mozilla-firefox (0.9.3-4) unstable; urgency=high * Urgency high, go into testing dammit! * Apply patch from Mike Hommey as -3.1, which wasn't actually released. See below. (Closes: #271480) * debian/rules: Patch from Matthew Mueller to fix underquoted argument. (Closes: #271432) * debian/control: Build depend on binutils (>= 2.15-3) with fixed mips support. We still need a fixed gcc. -- Eric Dorland Mon, 13 Sep 2004 20:41:27 -0400 mozilla-firefox (0.9.3-3.1) unstable; urgency=low * debian/rules: removed /usr/lib/mozilla-firefox/defaults/profile/extensions/installed-extensions.txt * debian/update-mozilla-firefox-chrome: + Added a "verbose" mode. + Added warning messages (only shown in verbose mode) about some extensions specific issues. This is intended to be useful for extensions maintainers. + Check if the installed-extensions.txt file disappears, which tells if the mozilla-firefox -register went ok. * debian/update-mozilla-firefox-chrome.8: + Fixed typos. + Added reference to the -v option for the verbose mode. * debian/mozilla-firefox-runner: enhanced the profile directory check. It didn't work if the path indicated in the profiles.ini was not absolute. -- Mike Hommey Mon, 13 Sep 2004 20:31:21 +0900 mozilla-firefox (0.9.3-3) unstable; urgency=high * Acknowlege NMU from Mike Hommey. He did a fantastic job in porting a large amount of fixes from upstream CVS. I owe him several large beverages of his choice. (Closes: #259046, #259836) * Port all of Mike's changes to my local CVS. * debian/mozilla-firefox-runner: - Pass command-line arguments to get_locale so they can actually be used. (Closes: #240058) - Apply patch from Mike Hommey to use the profiles.ini to find the path to the profile to clean XUL.mfasl. (Closes: #267326) * debian/update-mozilla-firefox-chrome: Patch from Mike Hommey to fix some bashisms introduced by his NMU. * xpcom/reflect/xptcall/src/md/unix/Makefile.in, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_mips.s, xpcom/reflect/xptcall/src/md/unix/xptcinvoke_mips.cpp, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4, xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s: Patch from Thiemo Seufer to fix mips. This requires patches to gcc and binutils to work and fully close #270621. -- Eric Dorland Wed, 8 Sep 2004 21:13:35 -0400 mozilla-firefox (0.9.3-2.2) unstable; urgency=high * The "never edit the diff file unless you're sure nothing will be missing" release. * debian/mozilla-firefox.prerm: restore the uncut version. * debian/control, debian/rules: Use gcc-3.2 to build on hppa, because of toolchain bug #254549. -- Mike Hommey Mon, 23 Aug 2004 19:45:54 +0900 mozilla-firefox (0.9.3-2.1) unstable; urgency=high * Non Maintainer Upload for RC Fixes. * Applied changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in and toolkit/mozapps/extensions/locale/extensions.properties to solve some issues with extensions management. (taken from CVS) * Applied other changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in, toolkit/mozapps/extensions/public/nsIExtensionManager.idl and mozilla/toolkit/xre/nsAppRunner.cpp to be able to use -register instead of -list-global-items for extensions/components/chrome registration through update-mozilla-firefox-chrome, thus not needing Xvfb anymore (-register option doesn't require a X server). (taken from CVS) * Applied some more changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in in order to avoir overlayinfo deletion during extensions registration process. (taken from CVS) * Final changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in to avoid registering out of date extensions so that firefox doesn't enter a loop at startup when no profile was found, and to only write in the installed-extensions-processed.txt file the list of actually installed extensions. Note that for packaged extensions installing their files directly into the chrome or components directories, that only means they won't appear in the Extensions Manager. They will still be available in the GUI. * All these fixes improve the Extensions Manager. Closes: #259046. * accessible/src/atk/nsAccessibleWrap.cpp, accessible/src/atk/nsAccessibleWrap.h: fixed 32-bit abuse of gobject (Steve Langasek). Closes: #259836. * debian/control: Removed dependency upon xvfb. * debian/update-mozilla-firefox-chrome: + Removed use of Xvfb. + Removed creation of a root default profile, but kept the fake home hack to avoid creation of a .mozilla directory in root's home. + Changed extensions handling so that the overall process is cleaner. Extensions packages will have to move extensions {uid} directories to /usr/lib/mozilla-firefox/extensions/, while the current location is still supported for compatibility purpose (but is strongly not recommended). + Removed use of regxpcom and regchrome, since what they both do is done by firefox-bin -register. * debian/rules: force GnomeVFS support to be disabled. (Josselin Mouette) * debian/README.Debian: + Added a note about potential problems with packaged "old" extensions. + Added a note about how to manually disable packaged extensions in user profile. + Removed some old notes that don't apply anymore. * debian/mozilla-firefox-dom-inspector.install, debian/rules: Move extensions files to /usr/lib/mozilla-firefox/extensions/ instead of /usr/lib/mozilla-firefox/defaults/profile/extensions/. * debian/mozilla-firefox.links: Move installed-extensions.txt symlink from /usr/lib/mozilla-firefox/defaults/profile/extensions/ to /usr/lib/mozilla-firefox/extensions/. * debian/mozilla-firefox.prerm: More cleanup on removal of package. -- Mike Hommey Sun, 22 Aug 2004 21:43:47 +0900 mozilla-firefox (0.9.3-2) unstable; urgency=low * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4: Comment out NARGSAVE, like I did in 0.9.1-7, should fully fix #262571. * debian/mozilla-firefox.preinst: Remove brace expansion bashism. (Closes: #264200) * debian/control: Depend on debianutils (>= 1.16) since we use mktemp -d. (Closes: #263958) * debian/mozilla-firefox-runner: Make -contentLocale COUNTRY, not lang-COUNTRY. (Closes: #263940) -- Eric Dorland Sun, 8 Aug 2004 23:41:02 -0400 mozilla-firefox (0.9.3-1) unstable; urgency=low * New upstream release. (Closes: #263193) * debian/update-mozilla-firefox-chrome.8: Add manpage from Mark Suter for update-mozilla-firefox-chrome.8. (Closes: #263149) * debian/mozilla-firefox.manpages: Add update-mozilla-firefox-chrome.8. * debian/control: Add build-deps on gcc-3.4 for amd64. (Closes: #262679) -- Eric Dorland Wed, 4 Aug 2004 20:21:22 -0400 mozilla-firefox (0.9.1-7) unstable; urgency=low * debian/mozilla-firefox-runner: - Reintroduce check for command-line arguments (I broke this last release). (Closes: #262692, #262462, #262537, #262588, #262727) - Allow overriding of -contentLocale and -UILocale. (Closes: #240058) * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_mips.s: Comment out NARGSAVE reassignment, it is defined elsewhere. (Closes: #262571) * debian/rules: Force amd64 to build with gcc 3.4. (Closes: #262679) -- Eric Dorland Mon, 2 Aug 2004 10:16:46 -0400 mozilla-firefox (0.9.1-6) unstable; urgency=low * widget/src/gtk2/keysym2ucs.c: Patch from Eugeniy Meshcheryakov to allow mozilla firefox to enter a ghe with upturn. (Closes: #261543) * debian/mozilla-firefox-runner: - Remove some mail and composer cruft. - Add warning if DISPLAY is not set. (Closes: #261465) -- Eric Dorland Thu, 29 Jul 2004 22:49:59 -0400 mozilla-firefox (0.9.1-5) unstable; urgency=low * debian/control: Goodbye mozilla-firebird transition package. * debian/mozilla-firefox-runner: Add -a firefox flag when running firefox-bin. (Closes: #259237) * debian/mozilla-firefox.desktop: Add GenericName field. * debian/update-mozilla-firefox-chrome: Fix quoting problem with {*}. (Closes: #257243) * debian/rules: - Re-enable postscript printing support, since the security issues turned out to be bogus. (Closes: #257628) - Disable SVG support, it's still too broken to be usable. (Closes: #259544) -- Eric Dorland Sun, 18 Jul 2004 20:09:14 -0400 mozilla-firefox (0.9.1-4) unstable; urgency=low * The "Let's try unstable" release. There are still issues, but there are issues with 0.8 as well, so no more point in waiting. * debian/update-mozilla-firefox-chrome: - Copy over empty Extensions.rdf file on update. (Closes: #257243) - Increase sleep to 15 seconds, hopefully this will work on most people's machines. * My apologies to Mike Hommey for mispelling his name in last release. -- Eric Dorland Sun, 11 Jul 2004 23:51:24 -0400 mozilla-firefox (0.9.1-3) experimental; urgency=low * Ok, I was wrong, we're still in experimental. I think we need to fix a few more issues before getting this in unstable, like #257258, and make sure the hacky extensions mechanism is more bullet-proof. * debian/rules: --disable-installer, since we don't use it. * debian/update-mozilla-firefox-chrome: - Wait 8 seconds instead of 5 for the hack, might help some people reporting problems. - Remove ${LIBDIR}/extensions/{*}. I may move that to /var/lib/mozilla-firefox eventually, but let's leave it for now. * debian/mozilla-firefox.png.uu: Make a nicer png icon, based on the about box graphic. * debian/mozilla-firefox.preinst: Remove old config files in /etc/mozilla-firefox/pref. (Closes: #257711, 257557) * browser/app/profile: firefox.js: Revert change to app.version, apparently it breaks extensions. (Closes: #257941) -- Eric Dorland Wed, 7 Jul 2004 21:26:55 -0400 mozilla-firefox (0.9.1-2) experimental; urgency=low * The "Mike Homey, lord of the bugs" release. Thanks to Mike for being a huge help with bug triage. That's right, help with bugs and your name could have a prestigious place in the changelog. * I'd like my next release to be to unstable, so let me know about profile transition bugs, etc. * debian/control: Build-depend on libcairo1-dev. * debian/rules: Enable svg support using cairo renderer. (Closes: #215990) * debian/mozilla-firefox-xremote-client: Add -a firefox switch to make the remote client find firefox only. Thanks Jonathan Black. (Closes: #256967) * debian/mozilla-firefox.desktop: Make comment Gnome HIG compliant. (Closes: #257592) * browser/app/profile/firefox.js: - app.version = 0.9.1. - Disable app updates by default. We're debian, we handle updates. * debian/update-mozilla-firefox-chrome: - Remove installed-extensions-processed.txt before regenerating. (Closes: #257243) - Take some, but not all advice from Alexandru Fomin. Improve Xvfb and extension registration hacks. -- Eric Dorland Sun, 4 Jul 2004 16:58:17 -0400 mozilla-firefox (0.9.1-1) experimental; urgency=low * New upstream release. * config/autoconf.mk.in: Alright, /usr/lib/firefox-0.9 was a bad idea, use /usr/lib/mozilla-firefox. Change all the instances /usr/lib/firefox-0.9 back to /usr/lib/mozilla-firefox. I feel silly. (Closes: #256991) * debian/mozilla-firefox-runner: Actually check for the existence of the .mozilla/firefox directory before trying to clean it. * debian/update-mozilla-firefox-runner: - Call firefox-bin, not firefox you silly goose. - Use mozilla-firefox tempfile, not mozilla-browser. - The horrible hackiness continues: For my previous hack to work, I need to preseed a profile directory in the home directory I create. Now things should work. (Closes: #256812) -- Eric Dorland Thu, 1 Jul 2004 17:16:29 -0400 mozilla-firefox (0.9-1) experimental; urgency=low * New upstream release. There may be regressions from 0.8. (Closes: #254522) * widget/src/gtk/nsGtkMozRemoteHelper.cpp, widget/src/gtk2/nsGtkMozRemoteHelper.cpp, widget/src/xremoteclient/XRemoteClient.cpp: Fix previously applied to fix -remote behaviour undone. Mozilla now includes the program name in the properties to distinguish between various Mozilla apps. * xpcom/reflect/xptcall/src/md/unix/Makefile.in: remove extra endif. * dom/public/idl/core/nsIDOMNSDocument.idl: Reintroduce referrer attribute that got lost somehow. * content/events/src/nsEventStateManager.cpp: Fix a strange broken function call to GetContainer. * debian/rules: - Follow upstream and --enable-single-profile and --disable-profilesharing. - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - --user-app-dir=.mozilla to jive with new location. - Remove dom-inspector extension dir from the regular package. * debian/control: Depend on xvfb for insane hack below. * debian/mozilla-firefox.install: - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - Remove ipc dir, mozipcd. - Add init.d, greprefs dirs. * debian/mozilla-firefox.dirs: - Add /var/lib/mozilla-firefox/extensions{,.d} * debian/mozilla-firefox-dom-inspector.dirs: Add /var/lib/mozilla-firefox/extensions.d. * debian/mozilla-firefox-dom-inspector.install: - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - Install dom-inspector extension dir. * debian/mozilla-firefox.links: - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - Link /usr/lib/mozilla-firefox to /usr/lib/firefox-0.9. - Link installed-extensions.txt to our place in /var/lib/mozilla-firefox. * debian/mozilla-firefox-runner: - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - Fix xprintorg typo. (Closes: #255706) - Search .mozilla/firefox for XUL.mfasl files. * debian/mozilla-firefox-xremote-client: Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. * debian/update-mozilla-firefox-chrome: - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. - Capture return values from reg* commands on error, stolen from mozilla source. - Remove returns from check_running. - Pull in snippets from /var/lib/mozilla-firefox/extensions.d to generate installed-extensions.txt for new extensions mechanism. - An insane hack, but necessary because of upstream: Launch a Xvfb to run firefox to generate the necessary extension metadata. I've been told this will not be necessary in the next version. -- Eric Dorland Mon, 28 Jun 2004 23:40:59 -0400 mozilla-firefox (0.8-12) unstable; urgency=low * The "Last Chance Before 0.9" release. * debian/mozilla-firefox-runner: Fix unescaped \n, thanks Olly Betts. (Closes: #252436) * debian/update-mozilla-firefox-chrome: Watch out for empty LD_LIBRARY_PATH. Thanks George Cristian Birzan. (Closes: #254142) * debian/README.Debian: Restructure and update a bit. * debian/presubj: Add bug information from README.Debian for reportbug. * debian/mozilla-firefox.install: Install the presubj. -- Eric Dorland Mon, 14 Jun 2004 19:39:27 -0400 mozilla-firefox (0.8-11) unstable; urgency=low * Apply amd64 fix from #249211. * debian/README.Debian: Shamelessly stole the java plugin installation instructions from the mozilla package. (Closes: #243513) * nsCommonWidget.cpp, nsCommonWidget.h, nsWindow.cpp: Apply patch (with some hand massaging) from upstream bugzilla bug #209342 to fix initial window placement. (Closes: #235209, 241519) * nsprpub/pr/src/misc/prnetdb.c: Apply patch from Miquel van Smoorenburg to prevent unless reverse DNS lookups. (Closes: #251978) * debian/mozilla-firefox-runner: Apply patch from Jasper Spaans to fix remote xprint printing. (Closes: #252072) -- Eric Dorland Tue, 1 Jun 2004 23:12:36 -0400 mozilla-firefox (0.8-10) unstable; urgency=low * debian/mozilla-firefox.install: Don't install uuencoded file. (Closes: #251441) * debian/mozilla-firefox-runner: unset AUDIODEV which can cause crashes. Thanks Christopher Armstrong. (Closes: #236231) * update-mozilla-firefox-chrome: Port security fix from #249613 to handle insecure tempfile creation. * debian/rules: Following the advice of #247585 I'm disabling postscript printing. Perhaps this will alleviate some of the other printing problems. -- Eric Dorland Sun, 30 May 2004 01:47:52 -0400 mozilla-firefox (0.8-9) unstable; urgency=low * debian/control: - Suggest latex-xft-fonts for MathML fonts. Thanks Michael JasonSmith. (Closes: #216925) - Build depend on libx11-dev & libxp-dev instead of xlibs-dev to reflect new X packages. * widget/src/gtk2/nsWindow.cpp: Apply patch from Peter Colberg to ignore unused mouse buttons. (Closes: #244305) * debian/README.Debian: Document the fact that the loopback interface has to be up and unfiltered for things to work right. -- Eric Dorland Wed, 5 May 2004 23:30:42 -0400 mozilla-firefox (0.8-8) unstable; urgency=low * security/nss/lib/freebl/unix_rand.c: Remove code that called netstat to gain so entropy. It's pretty useless on a Linux system. Thanks Wichert. (Closes: #241200) * debian/README.Debian: Add note about changing the button order in the dialog boxes. (Closes: #240261) * debian/control: Add dummy package for mozilla-firebird to smooth upgrades. (Closes: #235577) -- Eric Dorland Sat, 3 Apr 2004 16:19:34 -0500 mozilla-firefox (0.8-7) unstable; urgency=low * debian/mozilla-firefox-runner: - Cleanup XUL.mfasl whenever firefox is run with no command-line. (Closes: #238717) - Add patch from Laurent Buffler to add config to allow new tabs to be opened instead of new windows. (Closes: #239323) * debian/mozilla-firefoxrc: Put the new FIREFOX_OPEN_IN variable in there and document it's use. -- Eric Dorland Sat, 27 Mar 2004 17:21:51 -0500 mozilla-firefox (0.8-6) unstable; urgency=low * debian/control: Build-depend on g++-3.3 (>= 3.3.3-4) to work around broken 3.3.3-3 release. (Closes: #238318, #238241, #238441, #238523, #238534) * debian/rules: Install new small-firefox icon. * debian/mozilla-firefox{.png, .xpm, -small.xpm}: Use the new DFSG-free icons, the old pretty ones are trademarked and not DSFG-free. I know, it's stupid. Complain to the Mozilla Foundation, not me. (Closes: #234869) -- Eric Dorland Sun, 21 Mar 2004 22:09:16 -0500 mozilla-firefox (0.8-5) unstable; urgency=low * Rebuild with g++-3.3 3.3.3-2 to work around broken g++. (Closes: #238318) -- Eric Dorland Wed, 17 Mar 2004 21:38:58 -0500 mozilla-firefox (0.8-4) unstable; urgency=low * debian/README.Debian: - Tell people not to remove their ~/.firefox directory. Just move it out of the way. (Closes: #235594) - Add notes about the sound dsp. (Closes: #236678) * debian/mozilla-firefox-runner: - Don't redirect stderr. (Closes: #236160) - Add get_locale code from Aurelien Jarno (Closes: #235521) - Fix dsp auto-detection code. (Closes: #236678) * debian/rules: Add default locale file. * debian/mozilla-firefox.dirs: Add locales dir. * browser/app/profile/all.js, content/events/src/nsEventStateManager.cpp, modules/libpref/src/init/all.js, widget/public/nsGUIEvent.h, widget/src/gtk/nsWidget.cpp: Reapply extended mouse events patch from Derek Upham. (Closes: #235385, #230876) * browser/base/content/browser-sets.inc: Make ESC stop animations again. (Closes: #235474) -- Eric Dorland Tue, 16 Mar 2004 00:31:19 -0500 mozilla-firefox (0.8-3) unstable; urgency=low * debian/mozilla.firefox.menu: Change the case of mozilla-Firefox. (Closes: #234982, #234755) * debian/NEWS.Debian: Move to debian/mozilla-firefox.NEWS so that it actually gets installed. (Closes: #234700) * debian/update-mozilla-firefox-chrome: Setup dummy home directory to capture silly .firefox directory. (Closes: #234855) * debian/mozilla-firefox.png.uu, debian/mozilla-firefox.xpm: Use the new, pretty mozilla-firefox icons. (Closes: #234869) * debian/rules: Install the pretty icon in the right places. -- Eric Dorland Thu, 26 Feb 2004 21:10:27 -0500 mozilla-firefox (0.8-2) unstable; urgency=low * The "what he taketh, he giveth back" release. * debian/rules: - Disable the wallet extension, this really closes: #222447. - Remove some more cruft left over from the patch system. - Reinstall the dom-inspector. * debian/control: Add the dom-inspector back, now that it is supported upstream. * debian/mozilla-firefox-dom-inspector.{install,dirs,postinst,postrm}: Bring these files back. * docshell/base/nsWebShell.cpp: Only do keyword lookup on when DNS entries don't exist. (Closes: #233916, #218033, #211524) -- Eric Dorland Mon, 23 Feb 2004 21:48:03 -0500 mozilla-firefox (0.8-1) unstable; urgency=low * The "Let's Change Our Name Every Other Day" release. * New upstream release, mozilla-firebird has been renamed to mozilla-firefox. Let's hope it lasts. (Closes: #231903, #222447) * debian/mozilla-firebird.*: Renamed to debian/mozilla-firefox.*. * debian/README.Debian: Update for firefox, remove blurb about the inspector. * debian/NEWS.Debian: Explain how to move your configs over. I may make this automatic if enough people complain, but I'm loathe to muck around in pople's home directories. * debian/control: - Rename the package. - Tweak description to list Firefox's previous aliases. - Remove conflicts on mozilla-firebird-dom-inspector. * debian/rules: - s/firebird/firefox/g, s/MozillaFirebird/firebird/g. - Comment out some old inspector code. - Remove unused patch subsystem. - Disable gtktest. We don't need no stinking tests. - Remove disable plaintext editor line, not sure why it's there. - Disable LDAP support. We don't use it. - Remove executable bit on *.so files. - Remove useless preference files. - Exclude the inspector files. - Don't remove installed-chrome, we don't install it anymore. - user-app-dir = .firefox. (Closes: #212301) - export MOZILLA_OFFICIAL for the build ID. (Closes: #231133) * debian/mozilla-firefox-runner: - s/firebird/firefox/g. - Remove composer and editor functions. - Use .firefox directory. * debian/mozilla-firefox.install: - s/firebird/firefox/g, s/MozillaFirebird/firefox/g. - Don't install timebombgen. - Install icons directory. - Don't install installed-chrome.txt, we just remove it anyway. * debian/mozilla-firefox.desktop, debian/mozilla-firefox.dirs, debian/mozilla-firefox.manpages, debian/mozilla-firefox.links, debian/mozilla-firefox.menu, debian/mozilla-firefox.mime, debian/mozilla-firefoxrc, debian/mozilla-firefox.postinst, debian/mozilla-firefox.prerm, debian/update-mozilla-firefox-chrome, debian/mozilla-firefox.1, debian/mozilla-firefox-xremote-client: s/firebird/firefox/g, s/MozillaFirebird/firefox/g. * debian/mozilla-firefox.links: Link mozilla-firefox.1 to firefox.1. * debian/mozilla-firefox.preinst: Remove, at least with the rename I can erase some of my previous blunders. * debian/mozilla-firefox.{png.uu,xpm}: Use the package icon. * browser/app/nsBrowserApp.cpp: Change package name to Firefox, so now the ~/.firefox is used. (Closes: #196550) * browser/app/profile/all.js: Merge in autoscroll fixes. * browser/base/content/browser-sets.inc: Merge in upstream stop button fix. * modules/plugin/samples/default/unix/nullplugin.c: Merge in removal of commented code. * nsprpub/pr/include/md/_linux.cfg, nsprpub/pr/include/md/_linux.h, security/coreconf/Linux.mk: Merge in hppa build fixes from upstream. * config/autoconf.mk.in: Install into /usr/lib/mozilla-firefox now. * content/base/src/nsDocumentViewer.cpp: Remove redundant stop patch since it has been merged upstream. * content/events/src/nsEventStateManager.cpp, modules/libpref/src/init/all.js, widget/src/gtk/nsWidget.cpp: Revert back to upstream version. There was a patch here to add support for extended mouse buttons, but I'm removing it since I don't trust that it works in the new version correctly. Send me another patch if you want this functionality back. * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Revert this back to upstream, I'm not sure which patches I applied to this file, likely something to try and fix the double password prompt. * widget/src/xremoteclient/XRemoteClient.cpp, widget/src/xremoteclient/XRemoteClient.h: Revert to upstream version, I believe it does the right thing now, but the patch I used does not apppear to have been used. Restore the properties to _FIREFOX_* though. * widget/src/gtk/nsGtkMozRemoteHelper.cpp, widget/src/gtk2/nsGtkMozRemoteHelper.cpp: Change the _FIREBIRD_* to _FIREFOX_* here as well. * content/base/src/nsDocument.cpp: Comment out nsDocument::GetDomConfig, needed to get things to compile. -- Eric Dorland Sun, 15 Feb 2004 21:28:45 -0500 mozilla-firebird (0.7-7) unstable; urgency=low * debian/mozilla-firebird-runner: Open a new window when loading a regular file. (Closes: #228853) -- Eric Dorland Thu, 29 Jan 2004 22:12:30 -0500 mozilla-firebird (0.7-6) unstable; urgency=medium * The "Indian-giver-christmas" release. * Urgency medium since we're closing some critical bugs that need to get in before a freeze. * Completely remove mozilla-firebird-dom-browser. No one stepped up to help fix it's brokeness in 0.7 and I don't use it or particularly care about it. So it is no more. If someone steps up to take responsibility I might put it back, but otherwise it may RIP. (Closes: #222085) * debian/mozilla-firebird-runner: Remove XUL.mfasl uncoditionally now. There is a corner case where this file is corrupted on upgrade when firebird was running. This is a total hack, and not an elegant solution, but at least it fixes the problem. (Closes: #224779, #224323) * debian/control: Conflict against old mozilla-firebird-dom-inspector since it doesn't work anymore. -- Eric Dorland Thu, 25 Dec 2003 15:54:21 -0500 mozilla-firebird (0.7-5) unstable; urgency=low * browser/base/content/browser-sets.inc: Patch to make ESC stop actually work. (Closes: #223382) * debian/rules: Turn down optimizations on sparc. (Closes: #223760) -- Eric Dorland Sun, 14 Dec 2003 23:01:59 -0500 mozilla-firebird (0.7-4) unstable; urgency=low * The "All of Takuo's hard work really pays off" release. * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Patch from upstream bugzilla (#220214) to fix double password prompt problem. (Closes: #222696) * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4: Stolen patch from mozilla package to make mozilla-firebird build on mips. (Closes: #222743) * content/base/src/nsDocumentViewer.cpp: Port yet another patch to allow the ESC key to stop animated gifs. (Closes: #223382) -- Eric Dorland Mon, 8 Dec 2003 23:59:16 -0500 mozilla-firebird (0.7-3) unstable; urgency=low * debian/control: Add dependency on psmisc since we use fuser. Thanks Daniel Schröter. * widget/src/xremoteclient/XRemoteClient.{cpp,h}: Apply patch from bugzilla to fix -remote behaviour on modern WMs. Thanks Nikolai Prokoschenko. (Closes: #197632) * nsprpub/pr/src/misc/prdtoa.c: Apply fix from mozilla package (#215067) to fix building on arm. This is a partial fix to #222743. * debian/patches: Remove these. Put everything in CVS. -- Eric Dorland Fri, 5 Dec 2003 20:03:46 -0500 mozilla-firebird (0.7-2) unstable; urgency=low * Apply excellent patch from Alexander Sack to fix the issues with mozilla running and firebird not starting. (Closes: #216264) * browser/app/profile/all.js: Set the default of "general.autoScroll" to false because it annoyes me. (Closes: #221661) -- Eric Dorland Wed, 19 Nov 2003 20:59:55 -0500 mozilla-firebird (0.7-1) unstable; urgency=low * New upstream release. (Closes: #216019) * debian/patches/dom-inspector.diff: Remove, and apply directly into my CVS. * debian/patches/pref.diff: Removed, doesn't seem applicable anymore. * debian/rules: export MOZ_FIREBIRD=1. * debian/control: - Change Chimera to Camino. (Closes: #220821) - Fix typos in descriptions. (Closes: #218202) - Add build-deps on m4. (Closes: #219681) -- Eric Dorland Wed, 12 Nov 2003 23:01:35 -0500 mozilla-firebird (0.6.1-8) unstable; urgency=low * Apply patch to make forward and back buttons work on mice. (Closes: #211606) * debian/rules: Use -O optimization on alpha, so it will build again. (Closes: #213603) -- Eric Dorland Fri, 3 Oct 2003 00:07:44 -0400 mozilla-firebird (0.6.1-7) unstable; urgency=low * Rebuild with the latest and greatest from unstable. This seems to fix the problems with bookmarks people were having, at least for me. No idea why. Please reopen if this doesn't fix it for you. (Closes: #209339, #211706, #211286, #211146, #212011) -- Eric Dorland Mon, 22 Sep 2003 00:00:08 -0400 mozilla-firebird (0.6.1-6) unstable; urgency=low * Patch from Eric Wong to make plugin requests less annoying. (Closes: #196609) * debian/rules: Stop building libart. * debian/mozilla-firebird.links: Fix path to bookmarks file. (Partial fix to #211286) -- Eric Dorland Wed, 17 Sep 2003 20:22:56 -0400 mozilla-firebird (0.6.1-5) unstable; urgency=low * The "sorry Chris Gray" release. * debian/rules: disable SVG. This was causing drag and drop to lock up X and possibly fixes #208630. (Closes: #209371) * debian/mozilla-firebird-runner: Remove XUL.mfasl if we have upgraded, since it can cause problems. (Closes: #200073, #202130, #207351) -- Eric Dorland Sat, 13 Sep 2003 20:15:37 -0400 mozilla-firebird (0.6.1-4) unstable; urgency=low * The "pleasing Chris Gray" release. * other-licenses/libart_gpl: Add this library for svg. * debian/rules: - Enable svg. - Move bookmarks.html file into /etc. (Closes: #207398) * debian/mozilla-firebird.links: Add links back to files moved to /etc. * security/coreconf/Linux2.6.mk: Add this as a copy of Linux2.5.mk to get mozilla-firebird to build on 2.6. (Closes: #207821) -- Eric Dorland Sun, 31 Aug 2003 04:40:30 -0400 mozilla-firebird (0.6.1-3) unstable; urgency=low * debian/mozilla-firebird.prerm: Remove mozilla alternative on remove. (Closes: #205310) * debian/debsearch.{gif.uu,src}: Debian search plugin graciously contributed by Fergus McKenzie-Kay . * debian/rules: - uudecode and clean up debsearch.gif.uu. - Steal platform specific optimization code from mozilla package. Thanks Brian Nelson. (Closes: #206309) * debian/mozilla-firebird.install: Install the above files. * debian/control: Update Standards-Version to 3.6.1. -- Eric Dorland Sun, 24 Aug 2003 19:09:11 -0400 mozilla-firebird (0.6.1-2) unstable; urgency=low * The "Stop Pestering Me Already!" release. * debian/control: Only recommend xprt-xprintorg, don't require it. (Closes: #204176) -- Eric Dorland Sun, 10 Aug 2003 20:00:11 -0400 mozilla-firebird (0.6.1-1) unstable; urgency=low * New upstream release. (Closes: #203518, #201203) * debian/control: - Standards-Version to 3.6.0. - Don't provide www-browser anymore. (Closes: #201035) - Depend on xprt-xprintorg so printing will work. (Closes: #202418) * debian/mozilla-firebird.preinst: Remove www-browser alternative. * debian/mozilla-firebird.postinst: Don't install www-browser alternative. * debian/mozilla-firebird.prerm: Don't remove www-browser alternative anymore. * debian/README.Debian: Added note about configuration breaking on upgrade. (Closes: #202130) * debian/patches/classic.diff: Removed. Not sure what it's point was. * debian/rules: Add --disable-pedantic to the configure options. -- Eric Dorland Sun, 3 Aug 2003 14:58:12 -0400 mozilla-firebird (0.6-8) unstable; urgency=low * debian/patches/alpha-build-fix.diff: Steal patch from mozilla to allow building on alpha. (Closes: #198638) * debian/patches/hppa-build-fix.diff: Steal patch from mozilla to allow building on hppa, clean it up so it applies cleanly. (Closes: #199068) * debian/mozilla-firebird.png.uu: Added uuencoded nice png icon. * debian/rules: Add code to decode and clean up the new icon file. * debian/mozilla-firebird.install: Install new icon. * debian/mozilla-firebird.desktop: Use the new icon. -- Eric Dorland Fri, 27 Jun 2003 23:21:56 -0400 mozilla-firebird (0.6-7) unstable; urgency=low * debian/mozilla-firebird.1: Stole the mozilla manpage for my own nefarious purposes. (Closes: #196638) * debian/mozilla-firebird.postrm: Add slave links to the mozilla-firebird manpage. (Closes: #197145) * debian/mozilla-firebird-xremote-client: Set up the environment properly so it returns correct information. (Closes: #197632) * debian/mozilla-firebird.xpm: Added icon from http://iconpacks.mozdev.org/phoenix/iconshots/flame48true.png to have a nice menu icon. (Closes: #197565) * Updated the README.Debian with some helpful bug reporting tips. * debian/rules: Replaced dh_installmanpages with dh_installman. -- Eric Dorland Sun, 22 Jun 2003 15:15:37 -0400 mozilla-firebird (0.6-6) unstable; urgency=low * debian/mozilla-firebird.postinst: Add priority 0 alternative on mozilla. (Closes: #196444) * debian/control: Add build-depends on libxrender-dev, libmng-dev, libpng12-dev, libjpeg62-dev. * debian/rules: - Build with system jpeg, mng and png libs. - Exclude inspector files from mozilla-firebird. (Closes: #196432, #196509) -- Eric Dorland Sat, 7 Jun 2003 15:19:23 -0400 mozilla-firebird (0.6-5) unstable; urgency=low * The "Mike Hommey is my homey" release. * Thanks to Mike Hommey for his excellent work on this version (it's 99% his), which I've shamelessly stolen. * Added a README.Debian file. * Added a separate mozilla-firebird-dom-inspector package. * debian/patches/dom-inspector.diff: - add DOM Inspector to Tools menu. (note: DOM Inspector is still not very well integrated with Firebird) - remove modern skin references. * debian/patches/xpinstall.diff: remove unneeded chrome registrations from xpinstall/packager/unix/browser.jst. * debian/patches/classic.diff: remove themes/classic/global/win/preview.gif from jar file and modify preview image reference in rdf file to Preview.png. * debian/patches/pref.diff: remove preview image constraints in browser/components/prefwindow/skin/pref.css file to avoid deformation of preview image in classic theme. * debian/mozilla-firebird.preinst: added #DEBHELPER#. * debian/mozilla-firebird.install: - Don't install the modern.jar and embed-sample.jar files. - Remove files related to dom-inspector. * debian/rules: - enabling xinerama support. - disabling build of chatzilla and venkman. - moved /var/lib/mozilla-firebird/chrome.d/99default to /var/lib/mozilla-firebird/chrome.d/00all - remove references to embed-sample.jar in /var/lib/mozilla-firebird/chrome.d/00all - Add some comments. - Change == to =, for more strict /bin/sh's. * debian/control: Build-Depend on libidl-dev (>= 0.8.0) because the configure script requires at least this version. * debian/copyright: Make this a real debian copyright file. -- Eric Dorland Thu, 5 Jun 2003 01:00:32 -0400 mozilla-firebird (0.6-4) unstable; urgency=low * debian/rules: Change -O2 to -O for building on powerpc. * debian/mozilla-firebird.preinst: Delete /usr/lib/mozilla-firebird/defaults/pref on upgrade to facilitate transition to prefs in /etc. Thanks to all who reported this. -- Eric Dorland Tue, 27 May 2003 21:45:06 -0400 mozilla-firebird (0.6-3) unstable; urgency=low * First attempt at a debian upload. (Closes: #163270) * debian/rules: + Small fix to Mike Hommey's chrome patch. + Suggestion from Bernhard R. Link to install /usr/lib/mozilla-firebird/defaults/pref to /etc/mozilla-firebird/pref + Add dh_installmime call. * debian/mozilla-firebird.mime: Install mime type handlers for firebird. * debian/mozilla-firebird.links: Link /usr/lib/mozilla-firebird/defaults/pref to /etc/mozilla-firebird/pref * debian/mozilla-firebird.install: Don't install the inspector.jar. -- Eric Dorland Mon, 26 May 2003 00:28:40 -0400 mozilla-firebird (0.6-2) unstable; urgency=low * debian/rules: + Add --with-user-appdir=.mozilla-firebird, since it still defaults to .phoenix. + Don't use the ${prefix} variable, use /usr, since ${prefix} doesn't seem to work. + Use --without-system-nspr. * debian/mozilla-firebird.install: + Be picky about what chrome files we install, since there's quite a few we don't need, and a bunch of empty dirs. * Excellent patch from Mike Hommey to add a update-mozilla-firebird-chrome script. -- Eric Dorland Sat, 24 May 2003 13:00:44 -0400 mozilla-firebird (0.6-1) unstable; urgency=low * New upstream release. * Renamed to mozilla-firebird. * Changed phoenix to mozilla-firebird where appropriate. * debian/mozilla-firebird.links: Add link mozilla-firebird to MozillaFirebird. * debian/control: + Standars-Version to 3.5.10.0. + Build-depend on gtk2 libs now. + Build-depend on libidl-dev. + Add Provides x-www-browser. * debian/rules: + Enable building with the gtk2 libs. + Make mozilla-firebird-xremote-client executable in install target. * debian/mozilla-firebird.desktop: Added gnome menu entry. * debian/mozilla-firebird.{prerm,postinst}: Add alternatives to www-browser and x-www-browser. -- Eric Dorland Mon, 19 May 2003 20:43:39 -0400 phoenix (0.5-4) unstable; urgency=low * debian/control: Depend on fontconfig. * debian/rules: Add source-tarball-from-cvs to build a orig tarball from a checked out cvs tree. Now I can provide source package. And there was much rejoicing. -- Eric Dorland Fri, 17 Jan 2003 21:06:47 -0500 phoenix (0.5-3) unstable; urgency=low * debian/phoenix-xremote-client: Added to send remote commands to phoenix. Just a wrapper that calls phoenix-bin -remote. * debian/phoenix-runner: + Use phoenix-xremote-client. + Replace MOZILLA_DSP with PHOENIX_DSP. * debian/phoenixrc: phoenix-runner uses this file to determine what dsp to start. * debian/phoenix.install: + Install phoenix-xremote-client, and don't install mozilla-xremote-client. + Install phoenixrc. -- Eric Dorland Mon, 23 Dec 2002 02:52:21 -0500 phoenix (0.5-2) unstable; urgency=low * debian/control: + Add Provides: www-browser. + Build-depend on libxft2-dev, libnspr-dev. * debian/rules: + Use xft and the system nspr. + Install phoenix-runner. * debian/phoenix-runner: Stolen from the mozilla package to run phoenix. -- Eric Dorland Sat, 21 Dec 2002 02:03:11 -0500 phoenix (0.5-1) unstable; urgency=low * New upstream release. * debian/phoenix.install: Fix paths to phoenix libs. * debian/control: + Standards-Version to 3.5.8 + Improve build-deps. * debian/rules: + Have configure options here, no more .mozconfig. + Steal some patch code from Colin. * debian/patches/mozappdir.diff: Change the mozappdir. -- Eric Dorland Mon, 9 Dec 2002 02:43:13 -0500 phoenix (0.4-3) unstable; urgency=low * debian/phoenix.menu: Add menu entry. * Rebuild to fix libstdc++ dependency. * .mozonfig: Disable more tests. -- Eric Dorland Wed, 20 Nov 2002 19:13:18 -0500 phoenix (0.4-2) unstable; urgency=low * debian/control: + Add build-depends. + Fix section and description. * .mozconfig: + Use system zlib. -- Eric Dorland Wed, 13 Nov 2002 19:03:52 -0500 phoenix (0.4-1) unstable; urgency=low * Initial release. -- Eric Dorland Mon, 11 Nov 2002 23:09:41 -0500