diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:34:35 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:34:35 +0000 |
commit | 63de81373e18709bf3cf805a9aea810d7105be62 (patch) | |
tree | 381c798425ec7b9d4634609f0ac776a4b3e7e309 /debian/changelog | |
parent | Adding upstream version 115.7.0esr. (diff) | |
download | firefox-esr-63de81373e18709bf3cf805a9aea810d7105be62.tar.xz firefox-esr-63de81373e18709bf3cf805a9aea810d7105be62.zip |
Adding debian version 115.7.0esr-1~deb12u1.debian/115.7.0esr-1_deb12u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 9569 |
1 files changed, 9569 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000000..bf1646cd7b --- /dev/null +++ b/debian/changelog @@ -0,0 +1,9569 @@ +firefox-esr (115.7.0esr-1~deb12u1) bookworm-security; urgency=medium + + * New upstream release. + * Fixes for mfsa2024-02, also known as: + CVE-2024-0741, CVE-2024-0742, CVE-2024-0746, CVE-2024-0747, + CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753, + CVE-2024-0755. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Jan 2024 05:44:58 +0900 + +firefox-esr (115.6.0esr-1~deb12u1) bookworm-security; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-54, also known as: + CVE-2023-6856, CVE-2023-6865, CVE-2023-6857, CVE-2023-6858, + CVE-2023-6859, CVE-2023-6860, CVE-2023-6867, CVE-2023-6861, + CVE-2023-6862, CVE-2023-6863, CVE-2023-6864. + + * intl/locale/rust/oxilangtag-ffi/src/lib.rs: Allow to build with + rustc < 1.65. + + -- Mike Hommey <glandium@debian.org> Wed, 20 Dec 2023 08:49:25 +0900 + +firefox-esr (115.5.0esr-1~deb12u1) bookworm-security; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-50, also known as: + CVE-2023-6204, CVE-2023-6205, CVE-2023-6206, CVE-2023-6207, + CVE-2023-6208, CVE-2023-6209, CVE-2023-6212. + + -- Mike Hommey <glandium@debian.org> Wed, 22 Nov 2023 05:32:16 +0900 + +firefox-esr (115.4.0esr-1~deb12u1) bookworm-security; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-46, also known as: + CVE-2023-5721, CVE-2023-5732, CVE-2023-5724, CVE-2023-5725, + CVE-2023-5728, CVE-2023-5730. + + -- Mike Hommey <glandium@debian.org> Wed, 25 Oct 2023 06:21:28 +0900 + +firefox-esr (115.3.0esr-1~deb12u1) bookworm-security; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-42, also known as: + CVE-2023-5169, CVE-2023-5171, CVE-2023-5176. + + * debian/control*, debian/rules: Work around bug 1052002 by force-using + clang-14. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Sep 2023 05:43:46 +0900 + +firefox-esr (115.2.1esr-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2023-40, also known as CVE-2023-4863. + + * debian/upstream.mk, debian/repack.py: Get l10n sources from zip archives. + Thanks David Turner for the initial implementation. + + -- Mike Hommey <glandium@debian.org> Wed, 13 Sep 2023 06:30:23 +0900 + +firefox-esr (115.2.0esr-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-36, also known as: + CVE-2023-4573, CVE-2023-4574, CVE-2023-4575, CVE-2023-4577, + CVE-2023-4051, CVE-2023-4578, CVE-2023-4053, CVE-2023-4580, + CVE-2023-4581, CVE-2023-4583, CVE-2023-4584, CVE-2023-4585. + + * debian/watch: Refresh. + + -- Mike Hommey <glandium@debian.org> Wed, 30 Aug 2023 06:03:46 +0900 + +firefox-esr (115.1.0esr-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-31, also known as: + CVE-2023-4045, CVE-2023-4046, CVE-2023-4047, CVE-2023-4048, + CVE-2023-4049, CVE-2023-4050, CVE-2023-4055, CVE-2023-4056, + CVE-2023-4057. + + -- Mike Hommey <glandium@debian.org> Wed, 02 Aug 2023 06:15:06 +0900 + +firefox-esr (115.0.2esr-1) unstable; urgency=medium + + * New upstream release. + + * security/nss/lib/freebl/unix_rand.c, + security/nss/cmd/shlibsign/shlibsign.c: Unapply changes for Hurd, as + there is no rustc there. + + -- Mike Hommey <glandium@debian.org> Fri, 14 Jul 2023 13:40:53 +0900 + +firefox (115.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-26, also known as CVE-2023-3600. + + * debian/control*, debian/compat: Bump debhelper compat level to 12. + * debian/rules: + - Stop compressing debug info at link time. + - Use dh_missing. + - Disable dwz for libxul. + - Disable debug symbols on riscv64, because linking takes so long that + buildds kill the build after 420 minutes of "inactivity". + - Remove libgtk2 exclusion in dh_shlibdeps call. The dependency is long + gone. + - Stop cleaning up configure. It is unnecessary nowadays. + - Rely on dh_update_autotools_config instead of manual grunt work. + - Stop overriding dh_clean. + * debian/browser.mozconfig.in, debian/control.in, debian/rules, + debian/upstream.mk: Remove support for stretch. + * debian/symbols.apt.conf, debian/symbols.mk, debian/symbols.sources.list: + Remove symbol dumping scripts. They haven't been used to upload symbols + for a long time, and Mozilla now pulls the symbols rather than us + uploading them. + + * build/unix/elfhack/elf.cpp, build/unix/elfhack/elfhack.cpp, + build/unix/elfhack/elfxx.h: More properly handle files > 4GB in elfhack. + bz#1840931. + * media/libaom/moz.build: After all, we did need that patch. bz#1842933. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Jul 2023 09:16:06 +0900 + +firefox (115.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/patches: Consolidate patches in two categories instead of four. + Also remove some unuseful patches: + + xpcom/reflect/xptcall/md/unix/moz.build, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_sh.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_sh.cpp: Remove xptcall + support for SH4. We don't have rustc on SH4 anyways. + + media/libaom/moz.build: libaom neon flags are better set as of bz#1791482 + and shouldn't require a patch. + + * gfx/skia/moz.build: Work around GCC ICE on ppc64el. + + -- Mike Hommey <glandium@debian.org> Tue, 11 Jul 2023 06:39:31 +0900 + +firefox (115.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-22, also known as: + CVE-2023-3482, CVE-2023-37201, CVE-2023-37202, CVE-2023-37203, + CVE-2023-37204, CVE-2023-37205, CVE-2023-37206, CVE-2023-37207, + CVE-2023-37208, CVE-2023-37209, CVE-2023-37210, CVE-2023-37211, + CVE-2023-37212. + + * debian/rules, media/ffvpx/config_unix64.h: Work around + https://sourceware.org/bugzilla/show_bug.cgi?id=30578. Closes: #1040328. + + * gfx/skia/moz.build: Undefine the mips builtin macro on mips in skia. + bz#1841197. + + -- Mike Hommey <glandium@debian.org> Wed, 05 Jul 2023 06:46:25 +0900 + +firefox (114.0.2-1) unstable; urgency=medium + + * New upstream release. + + * debian/upstream.mk: Unstable is trixie. + * debian/rules: Use in-tree NSS on bookworm. + + -- Mike Hommey <glandium@debian.org> Thu, 22 Jun 2023 13:54:23 +0900 + +firefox (114.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-20, also known as: + CVE-2023-34414, CVE-2023-34415, CVE-2023-34416, CVE-2023-34417. + + * debian/browser.install.in: Install gfxtest and vaapitest. + + -- Mike Hommey <glandium@debian.org> Wed, 07 Jun 2023 05:52:21 +0900 + +firefox (113.0.2-1) unstable; urgency=medium + + * New upstream release. + + * dom/base/nsTextFragment.cpp, dom/base/nsTextFragmentGeneric.h, + dom/base/nsTextFragmentGenericFwd.h: Isolate SSE2 requirements to + SSE-compiled file. bz#1827566. + + -- Mike Hommey <glandium@debian.org> Sat, 27 May 2023 05:00:29 +0900 + +firefox (113.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-16, also known as: + CVE-2023-32205, CVE-2023-32206, CVE-2023-32207, CVE-2023-32208, + CVE-2023-32209, CVE-2023-32210, CVE-2023-32211, CVE-2023-32212, + CVE-2023-32213, CVE-2023-32215, CVE-2023-32216. + + * debian/control, debian/l10n/browser-l10n.control: Refresh locales. + + -- Mike Hommey <glandium@debian.org> Wed, 10 May 2023 06:47:20 +0900 + +firefox (112.0.1-1) unstable; urgency=medium + + * New upstream release. + + * gfx/thebes/gfxFont.cpp, gfx/thebes/gfxFontEntry.cpp: Don't attempt + to use font extents if we didn't get a valid 'head' table, or if + it's not an sfnt resource. bz#1827950. Closes: #1034363. + + -- Mike Hommey <glandium@debian.org> Thu, 20 Apr 2023 06:12:33 +0900 + +firefox (112.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-13, also known as: + CVE-2023-29533, CVE-2023-29535, CVE-2023-29536, CVE-2023-29537, + CVE-2023-29538, CVE-2023-29539, CVE-2023-29540, CVE-2023-29541, + CVE-2023-29543, CVE-2023-29544, CVE-2023-29547, CVE-2023-29548, + CVE-2023-29549, CVE-2023-29550, CVE-2023-29551. + + * debian/control*: Bump nss build dependency. + * debian/control: Add libavcodec60 recommendation. + + * security/manager/ssl/builtins/build.rs, + security/manager/ssl/builtins/src/certdata.rs: Revert upstream change to + preserve compatibility with rustc 1.63. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Apr 2023 09:53:55 +0900 + +firefox (111.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 25 Mar 2023 05:21:58 +0900 + +firefox (111.0-3) unstable; urgency=medium + + * dom/media/webaudio/AudioNodeEngine*: Forward declare arch-specific xsimd + specialization. bz#1822901. + + -- Mike Hommey <glandium@debian.org> Tue, 21 Mar 2023 09:28:00 +0900 + +firefox (111.0-2) unstable; urgency=medium + + * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON + flags from skia build. Thanks Emanuele Rocca. + * dom/media/webaudio/AudioNodeEngineGeneric.h: Use fully specified xsimd::batch + type. bz#1821363. + * third_party/libwebrtc/moz.build: Add now removed desktop_capture_generic_gn + directory. + + -- Mike Hommey <glandium@debian.org> Tue, 21 Mar 2023 06:18:07 +0900 + +firefox (111.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-09, also known as: + CVE-2023-25750, CVE-2023-25751, CVE-2023-28160, CVE-2023-28164, + CVE-2023-28161, CVE-2023-28162, CVE-2023-25752, CVE-2023-28176, + CVE-2023-28177. + + * debian/control*: Bump nss build dependency. + * debian/control, debian/l10n/browser-l10n.control: Refresh locales. + * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now. + It doesn't work at the moment. + + -- Mike Hommey <glandium@debian.org> Wed, 15 Mar 2023 07:56:18 +0900 + +firefox (110.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*: Build depend on the rustc version we have in unstable. + Closes: #1031357. + + * Cargo.lock, python/mozboot/mozboot/util.py, + servo/components/selectors/context.rs, + servo/components/selectors/parser.rs, + servo/components/style/gecko/selector_parser.rs, + servo/components/style/properties/gecko.mako.rs, + servo/components/style/style_resolver.rs, + servo/components/style/stylesheets/container_rule.rs, + servo/components/style/stylist.rs, + third_party/rust/cstr/.cargo-checksum.json, + third_party/rust/cstr/Cargo.toml, + third_party/rust/cstr/README.md, + third_party/rust/cstr/src/lib.rs: Relax minimum supported rust version + to 1.63. + * js/src/irregexp/moz.build: Suppress false positive error for GCC. + bz#1810584. + + -- Mike Hommey <glandium@debian.org> Wed, 01 Mar 2023 08:35:30 +0900 + +firefox (110.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-05, also known as: + CVE-2023-25728, CVE-2023-25730, CVE-2023-0767, CVE-2023-25735, + CVE-2023-25737, CVE-2023-25739, CVE-2023-25729, CVE-2023-25732, + CVE-2023-25731, CVE-2023-25733, CVE-2023-25736, CVE-2023-25741, + CVE-2023-25742, CVE-2023-25744, CVE-2023-25745. + + * debian/control*: Bump nss, rustc and cargo build dependencies. + + * third_party/wasm2c/src/common.h, + third_party/wasm2c/src/prebuilt/wasm2c.include.c, + third_party/wasm2c/src/wasm2c.c.tmpl: Use compiler macros to detect big + endian. + + -- Mike Hommey <glandium@debian.org> Wed, 15 Feb 2023 09:14:45 +0900 + +firefox (109.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2023-01, also known as: + CVE-2022-23597, CVE-2023-23598, CVE-2023-23601, CVE-2023-23602, + CVE-2023-23603, CVE-2023-23604, CVE-2023-23605, CVE-2023-23606. + + * debian/control*: + - Bump nss build dependency. + - Bump cargo dependency back to what it's supposed to be. + * debian/browser.mozconfig.in, debian/control*: Enable wasm sandboxing + on bookworm. + + * build/moz.configure/compilers-util.configure, + toolkit/moz.configure: Add more configure checks for the wasm toolchain + setup. bz#1747145. + toolkit/moz.configure: Allow to build without a wasi sysroot. bz#1810627 + * build/moz.configure/rust.configure: Revert the relaxing of the cargo + dependency now that we have the right version in unstable. + + -- Mike Hommey <glandium@debian.org> Wed, 18 Jan 2023 06:27:19 +0900 + +firefox (108.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Tue, 10 Jan 2023 08:00:05 +0900 + +firefox (108.0-2) unstable; urgency=medium + + * security/manager/ssl/tests/unit/tlsserver/cmd/moz.build, + security/manager/ssl/tests/unit/tlsserver/lib/moz.build, + security/moz.build: Pseudo-revert bz#1754746 and bz#1799121. + Closes: #1026072. + * .cargo/config.in, Cargo.lock, Cargo.toml, third_party/rust/uniffi*, + third_party/rust/weedle2*: Make uniffi-bindgen more deterministic + across platforms. + + -- Mike Hommey <glandium@debian.org> Thu, 15 Dec 2022 17:42:19 +0900 + +firefox (108.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-51, also known as: + CVE-2022-46871, CVE-2022-46872, CVE-2022-46873, CVE-2022-46874, + CVE-2022-46877, CVE-2022-46878, CVE-2022-46879. + + * debian/control*: Bump rustc and nss build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Dec 2022 07:56:15 +0900 + +firefox (107.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 03 Dec 2022 05:49:43 +0900 + +firefox (107.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-47, also known as: + CVE-2022-45403, CVE-2022-45404, CVE-2022-45405, CVE-2022-45406, + CVE-2022-45407, CVE-2022-45408, CVE-2022-45409, CVE-2022-45410, + CVE-2022-45411, CVE-2022-45412, CVE-2022-40674, CVE-2022-45415, + CVE-2022-45416, CVE-2022-45417, CVE-2022-45418, CVE-2022-45419, + CVE-2022-45420, CVE-2022-45421. + + * debian/rules: + - Use internal libevent on buster. + - Invoke python with PYTHONDONTWRITEBYTECODE instead of -B. + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 16 Nov 2022 08:10:27 +0900 + +firefox (106.0.5-1) unstable; urgency=medium + + * New upstream release. + + * media/ffvpx/config_unix_aarch64.h: Don't build libav with sysctl on + Unix AArch64. bz#1791275. + + -- Mike Hommey <glandium@debian.org> Mon, 07 Nov 2022 06:06:42 +0900 + +firefox (106.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-44, also known as: + CVE-2022-42927, CVE-2022-42928, CVE-2022-42929, CVE-2022-42930, + CVE-2022-42931, CVE-2022-42932. + + * debian/control*: Bump nss and libvpx build dependencies. + * debian/rules: Build with vendored libvpx on bullseye. + + * mozglue/misc/SIMD.cpp, mozglue/misc/SIMD_avx2.cpp: Restrict SIMD_avx2 to + AMD64. bz#1792158. + * modules/fdlibm/src/math_private.h: Do not define unused float_t type in + fdlibm. bz#1789560. + * js/src/jit/GenerateAtomicOperations.py: Add missing includes to + AtomicOperationsGenerated.h. bz#1792159. + * third_party/libwebrtc/build/config/compiler/BUILD.gn, + third_party/libwebrtc/**/moz.build: Fix webrtc FTBFS from missing sse2 + flags. bz#1795993. + + -- Mike Hommey <glandium@debian.org> Wed, 19 Oct 2022 05:59:30 +0900 + +firefox (105.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 28 Sep 2022 07:40:44 +0900 + +firefox (105.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-40, also known as: + CVE-2022-40959, CVE-2022-40960, CVE-2022-40958, CVE-2022-40956, + CVE-2022-40957, CVE-2022-40962. + + * debian/control*: Bump rustc and nss build dependencies. + + * python/mozbuild/mozbuild/nodeutil.py: Relax nodejs minimum version. + + -- Mike Hommey <glandium@debian.org> Wed, 21 Sep 2022 07:22:10 +0900 + +firefox (104.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Tue, 13 Sep 2022 09:08:49 +0900 + +firefox (104.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-33, also known as: + CVE-2022-38472, CVE-2022-38473, CVE-2022-38475, CVE-2022-38477, + CVE-2022-38478. + + * debian/rules, debian/control: Fix libavcodec recommends. Closes: #1017782. + * debian/control*: Bump nss and nodejs build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Aug 2022 07:17:28 +0900 + +firefox (103.0.2-2) unstable; urgency=medium + + * debian/rules: Remove old and now unnecessary workarounds. + + * intl/icu/source/common/unicode/std_string.h, + intl/icu/source/common/utypeinfo.h, + intl/icu/source/io/unicode/ustream.h: Remove workaround for old libstdc++ + problem, which now causes problems with GCC 12 on arm. + * third_party/libwebrtc/moz.build: Add missing webrtc directory for ppc64el + (bz#1775202). + + -- Mike Hommey <glandium@debian.org> Mon, 15 Aug 2022 15:46:49 +0900 + +firefox (103.0.2-1) unstable; urgency=medium + + * New upstream release. + * debian/rules: + - Use thinLTO for rust on armhf, to stay in the memory budget with an + armhf toolchain. + - Use MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=none instead of + MACH_USE_SYSTEM_PYTHON=1. + * debian/rules, debian/watch, debian/watch.in: Generate debian/watch and + fix it. + + * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, + js/src/jit/mips-shared/SharedICHelpers-mips-shared-inl.h, + js/src/jit/mips-shared/SharedICHelpers-mips-shared.h, + js/src/jit/mips64/Assembler-mips64.h, + js/src/jit/mips64/MacroAssembler-mips64.cpp, + js/src/jit/mips64/Simulator-mips64.cpp, + js/src/jit/mips64/Trampoline-mips64.cpp, + js/src/jit/shared/Lowering-shared-inl.h, + js/src/wasm/WasmFrameIter.cpp: Fix FTBFS on mips64. bz#1776825. + * third_party/libwebrtc/moz.build: Work around bz#1775202 to fix FTBFS on + ppc64el. + * config/makefiles/rust.mk: Allow to override rust LTO flag. + + -- Mike Hommey <glandium@debian.org> Sun, 14 Aug 2022 15:28:01 +0900 + +firefox (103.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-28, also known as: + CVE-2022-36319, CVE-2022-36318, CVE-2022-36315, CVE-2022-36316, + CVE-2022-36320, CVE-2022-2505. + + * debian/control*: Bump cbindgen and nss build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Jul 2022 10:07:35 +0900 + +firefox (102.0.1-3) unstable; urgency=medium + + * debian/rules: Fix the logic of the aarch64 test. + + -- Mike Hommey <glandium@debian.org> Thu, 14 Jul 2022 11:31:47 +0900 + +firefox (102.0.1-2) unstable; urgency=medium + + * debian/rules: Tentatively improve detection of known failing cases on + armhf. + + -- Mike Hommey <glandium@debian.org> Thu, 14 Jul 2022 09:32:47 +0900 + +firefox (102.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/rules: Tentatively improve detection of known failing cases on + armhf and mipsel. + + -- Mike Hommey <glandium@debian.org> Thu, 14 Jul 2022 06:17:52 +0900 + +firefox (102.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-24, also known as: + CVE-2022-34479, CVE-2022-34470, CVE-2022-34468, CVE-2022-34482, + CVE-2022-34483, CVE-2022-34476, CVE-2022-34481, CVE-2022-34474, + CVE-2022-34471, CVE-2022-34472, CVE-2022-2200, CVE-2022-34480, + CVE-2022-34477, CVE-2022-34475, CVE-2022-34473, CVE-2022-34484, + CVE-2022-34485. + + * build/moz.configure/bindgen.configure, + gfx/webrender_bindings/webrender_ffi.h: Work around build failure with + newer cbindgen. bz#1773259 + + -- Mike Hommey <glandium@debian.org> Wed, 29 Jun 2022 07:41:32 +0900 + +firefox (101.0.1-1) unstable; urgency=medium + + * New upstream release. + + * build/moz.configure/rust.configure, debian/control*: Allow to build with + cargo in unstable. + + -- Mike Hommey <glandium@debian.org> Fri, 10 Jun 2022 06:24:01 +0900 + +firefox (101.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-20, also known as: + CVE-2022-31736, CVE-2022-31737, CVE-2022-31738, CVE-2022-31740, + CVE-2022-31741, CVE-2022-31742, CVE-2022-31743, CVE-2022-31744, + CVE-2022-31745, CVE-2022-1919, CVE-2022-31747, CVE-2022-31748. + + * debian/rules: Fail the build early when building for armhf on armhf + (only works on arm64), and when building for mipsel on mipsel. + * debian/control*: Bump rustc, cargo, cbindgen and nss build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 01 Jun 2022 06:07:37 +0900 + +firefox (100.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-19, also known as CVE-2022-1802 and CVE-2022-1529. + + -- Mike Hommey <glandium@debian.org> Sat, 21 May 2022 07:32:04 +0900 + +firefox (100.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-16, also known as: + CVE-2022-29914, CVE-2022-29909, CVE-2022-29916, CVE-2022-29911, + CVE-2022-29912, CVE-2022-29915, CVE-2022-29917, CVE-2022-29918. + + -- Mike Hommey <glandium@debian.org> Wed, 04 May 2022 08:48:41 +0900 + +firefox (99.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-13, also known as: + CVE-2022-1097, CVE-2022-28281, CVE-2022-28282, CVE-2022-28283, + CVE-2022-28284, CVE-2022-28285, CVE-2022-28286, CVE-2022-28287, + CVE-2022-24713, CVE-2022-28289, CVE-2022-28288. + + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 06 Apr 2022 09:04:22 +0900 + +firefox (98.0-2) unstable; urgency=medium + + * debian/rules: Install crash reporter files on arm64. + + * js/src/jit/GenerateAtomicOperations.py: Work around a GCC issue with + generated atomics. bz#1756347. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Mar 2022 09:09:43 +0900 + +firefox (98.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-10, also known as: + CVE-2022-26383, CVE-2022-26384, CVE-2022-26387, CVE-2022-26381, + CVE-2022-26382, CVE-2022-26385, CVE-2022-0843. + * Fixes for mfsa2022-09, also known as: CVE-2022-26485, CVE-2022-26486. + + * debian/control*: + - Bump nss build dependency. + - Downgrade rust dependency to 1.56, and cargo to 0.57. + + * Cargo.lock, config/makefiles/rust.mk, python/mozboot/mozboot/util.py, + servo/components/style/Cargo.toml, servo/components/style/build.rs, + servo/components/style/lib.rs, + servo/components/style/stylesheets/page_rule.rs, + servo/components/style/stylist.rs, + third_party/rust/audioipc2-client/.cargo-checksum.json, + third_party/rust/audioipc2-client/Cargo.toml, + third_party/rust/audioipc2-client/build.rs, + third_party/rust/audioipc2-client/src/lib.rs, + third_party/rust/wgpu-hal/.cargo-checksum.json, + third_party/rust/wgpu-hal/src/gles/egl.rs: Relax minimum supported Rust + version to 1.56.0. + + -- Mike Hommey <glandium@debian.org> Wed, 09 Mar 2022 07:09:27 +0900 + +firefox (97.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-04, also known as: + CVE-2022-22754, CVE-2022-22755, CVE-2022-22756, CVE-2022-22759, + CVE-2022-22760, CVE-2022-22761, CVE-2022-22764, CVE-2022-0511. + + * debian/control*: Bump nss, rustc and cargo build dependencies. + * debian/browser.install.in: Install libipcclientcerts.so. + + -- Mike Hommey <glandium@debian.org> Wed, 09 Feb 2022 07:53:42 +0900 + +firefox (96.0.3-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Mon, 31 Jan 2022 06:21:31 +0900 + +firefox (96.0.1-1) unstable; urgency=medium + + * New upstream release. + + * modules/libpref/init/StaticPrefList.yaml: Disable cookie sameSite + schemeful. bz#1750264. + * dom/media/webrtc/third_party_build/gn-configs/x64_*_arm_linux.json, + dom/media/webrtc/third_party_build/gn-configs/x64_*_ppc64_linux.json, + third_party/libwebrtc/**/moz.build: Add webrtc configs for arm and + ppc64 linux. bz#1738845. + + -- Mike Hommey <glandium@debian.org> Sat, 15 Jan 2022 07:41:14 +0900 + +firefox (96.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2022-01, also known as: + CVE-2022-22743, CVE-2022-22742, CVE-2022-22741, CVE-2022-22740, + CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, + CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751, + CVE-2022-22752. + + * debian/rules: + - Adjust preprocessor command to upstream changes. + - Set an objdir when using the preprocessor, and clean that up. + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Jan 2022 08:03:30 +0900 + +firefox (95.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/control.in: Build against rustc-mozilla/cargo-mozilla on relevant + older releases. + + * modules/fdlibm/src/math_private.h: Fix FTBFS on i386. bz#1729459. + + -- Mike Hommey <glandium@debian.org> Fri, 17 Dec 2021 07:05:23 +0900 + +firefox (95.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-52, also known as: + CVE-2021-43536, CVE-2021-43537, CVE-2021-43538, CVE-2021-43539, + CVE-2021-43540, CVE-2021-43541, CVE-2021-43542, CVE-2021-43543, + CVE-2021-43544, CVE-2021-43545, CVE-2021-43546, MOZ-2021-0009. + + * debian/browser.mozconfig.in: Explicitly disable wasm sandboxing. We don't + have the necessary tools yet. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Dec 2021 06:38:07 +0900 + +firefox (94.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Nov 2021 06:57:55 +0900 + +firefox (94.0-2) unstable; urgency=medium + + * debian/firefox.in: Use `command -v` instead of `which`. Does not affect + this package, though. + + * .cargo/config.in, Cargo.lock, Cargo.toml, + third_party/rust/cc/.cargo-checksum.json, + third_party/rust/cc/Cargo.toml, third_party/rust/cc/src/lib.rs, + third_party/rust/cc/src/windows_registry.rs: Update cc crate to + b2f6b146b75299c444e05bbde50d03705c7c4b6e, aka 1.0.71 + GCC-11 fix for + armhf. bz#1739040. + * .cargo/config.in, Cargo.lock, + third_party/rust/cubeb-pulse/.cargo-checksum.json, + third_party/rust/cubeb-pulse/src/backend/stream.rs, + toolkit/library/rust/shared/Cargo.toml: Upgrade cubeb-pulse to fix a race + condition that can lead to shutdown deadlock. bz#1735905. + (suspected to) Closes: #998108. + + -- Mike Hommey <glandium@debian.org> Thu, 11 Nov 2021 16:32:50 +0900 + +firefox (94.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-48, also known as: + CVE-2021-38503, CVE-2021-38504, CVE-2021-38506, CVE-2021-38507, + CVE-2021-38508, MOZ-2021-0004, CVE-2021-38509, MOZ-2021-0005, + MOZ-2021-0006, MOZ-2021-0007. + (MOZ-* pending CVE assignment) + + * debian/control*: Bump nss, rustc and cargo build dependencies. + + * Cargo.toml, Cargo.lock, third_party/rust/naga/.cargo-checksum.json, + third_party/rust/naga/Cargo.toml, + third_party/rust/wgpu-core/.cargo-checksum.json, + third_party/rust/wgpu-core/Cargo.toml, build/moz.configure/rust.configure: + Remove workaround to build with an old cargo, now that Debian has a recent + version. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Nov 2021 08:20:50 +0900 + +firefox (93.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-43, also known as: + CVE-2021-38496, CVE-2021-38497, CVE-2021-38498, CVE-2021-32810, + CVE-2021-38500, CVE-2021-38501, CVE-2021-38499. + + * debian/control*: Bump nss build dependency. + * debian/rules: Set MOZBUILD_STATE_PATH. + + * Cargo.toml, Cargo.lock, third_party/rust/naga/.cargo-checksum.json, + third_party/rust/naga/Cargo.toml, + third_party/rust/wgpu-core/.cargo-checksum.json, + third_party/rust/wgpu-core/Cargo.toml: Work around the lack of resolver + feature in unstable's cargo. + + -- Mike Hommey <glandium@debian.org> Wed, 06 Oct 2021 06:53:13 +0900 + +firefox (92.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-38, also known as: + CVE-2021-38491, CVE-2021-38493, CVE-2021-38494. + + * debian/rules: Build against embedded nspr and nss on bullseye. + * debian/upstream.mk: Add bookworm and trixie. + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Sep 2021 07:57:38 +0900 + +firefox (91.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-37, also known as CVE-2021-29991. + + * debian/import-tar.py, debian/repack.py: Fixed for python 3.9. + + -- Mike Hommey <glandium@debian.org> Wed, 18 Aug 2021 10:28:35 +0900 + +firefox (91.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-33, also known as: + CVE-2021-29986, CVE-2021-29981, CVE-2021-29988, CVE-2021-29984, + CVE-2021-29980, CVE-2021-29987, CVE-2021-29985, CVE-2021-29982, + CVE-2021-29989, CVE-2021-29990. + + * debian/control*: Bump nspr, nss and rustc build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 11 Aug 2021 07:18:22 +0900 + +firefox (90.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-28, also known as: + CVE-2021-29970, CVE-2021-29971, CVE-2021-29972, CVE-2021-29974, + CVE-2021-29975, CVE-2021-29976, CVE-2021-29977. + + * debian/control*: + - Bump nss build dependency. + - Remove libgtk2 build dependency. + * debian/browser.install.in: Don't install gtk2/libmozgtk.so. + + * widget/gtk/mozgtk/moz.build: Remove old workaround for bug #844357, which + was fixed in binutils a long time ago. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Jul 2021 06:07:27 +0900 + +firefox (89.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Thu, 24 Jun 2021 07:57:24 +0900 + +firefox (89.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Fri, 18 Jun 2021 06:03:11 +0900 + +firefox (89.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-23, also known as: + CVE-2021-29960, CVE-2021-29961, CVE-2021-29959, CVE-2021-29967, + CVE-2021-29966. + + * debian/control*: Bump nss and cbindgen build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 02 Jun 2021 05:36:18 +0900 + +firefox (88.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-20, also known as CVE-2021-29952. + + -- Mike Hommey <glandium@debian.org> Thu, 06 May 2021 07:01:54 +0900 + +firefox (88.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-16, also known as: + CVE-2021-23994, CVE-2021-23995, CVE-2021-23996, CVE-2021-23997, + CVE-2021-23998, CVE-2021-23999, CVE-2021-24000, CVE-2021-24001, + CVE-2021-24002, CVE-2021-29945, CVE-2021-29944, CVE-2021-29946, + CVE-2021-29947. + + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Tue, 20 Apr 2021 07:54:02 +0900 + +firefox (87.0-2) unstable; urgency=medium + + * js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, + js/src/jit/mips-shared/MacroAssembler-mips-shared*, + js/src/jit/mips*/MacroAssembler-mips*: Add missing JIT functions. + * js/src/jit/mips64/MacroAssembler-mips64.cpp: Fix register conflict + in ma_addPtrTestOverflow. bz#1685662. + * gfx/wr/swgl/src/blend.h, gfx/wr/swgl/src/gl.cc: Don't use always_inline + on large SWGL functions. bz#1700520. + + -- Mike Hommey <glandium@debian.org> Wed, 31 Mar 2021 10:12:40 +0900 + +firefox (87.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-10, also known as: + CVE-2021-23981, CVE-2021-23982, CVE-2021-23983, CVE-2021-23984, + CVE-2021-23985, CVE-2021-23986, CVE-2021-23987, CVE-2021-23988. + + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Mar 2021 06:06:10 +0900 + +firefox (86.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Fri, 12 Mar 2021 10:30:34 +0900 + +firefox (86.0-2) unstable; urgency=medium + + * gfx/qcms/src/iccread.rs: Fix startup crash with malformed ICC profiles. + bz#1694670. + + -- Mike Hommey <glandium@debian.org> Tue, 09 Mar 2021 07:24:46 +0900 + +firefox (86.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-07, also known as: + CVE-2021-23969, CVE-2021-23970, CVE-2021-23968, CVE-2021-23974, + CVE-2021-23971, CVE-2021-23972, CVE-2021-23975, CVE-2021-23973, + CVE-2021-23978, CVE-2021-23979. + + * debian/control*: Bump nss and cbindgen build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Feb 2021 06:57:42 +0900 + +firefox (85.0.1-1) unstable; urgency=medium + + * New upstream release. + + * build/moz.configure/rust.configure, debian/control*: Allow to build with + cargo in unstable. + + -- Mike Hommey <glandium@debian.org> Sat, 06 Feb 2021 07:54:04 +0900 + +firefox (85.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-03, also known as: + CVE-2021-23953, CVE-2021-23954, CVE-2021-23955, CVE-2021-23956, + CVE-2021-23958, CVE-2021-23960, CVE-2021-23961, CVE-2021-23962, + CVE-2021-23963, CVE-2021-23964, CVE-2021-23965. + + * debian/control*: Bump rustc, cargo and nss build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Jan 2021 09:06:28 +0900 + +firefox (84.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2021-01, also known as CVE-2020-16044. + + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Thu, 07 Jan 2021 07:27:55 +0900 + +firefox (84.0-3) unstable; urgency=medium + + * debian/browser.install.in: s/aarch64/arm64/, facepalm. + + -- Mike Hommey <glandium@debian.org> Fri, 18 Dec 2020 10:09:12 +0900 + +firefox (84.0-2) unstable; urgency=medium + + * debian/browser.install.in: Install libmozsandbox.so on aarch64 and arm*. + + -- Mike Hommey <glandium@debian.org> Fri, 18 Dec 2020 05:59:54 +0900 + +firefox (84.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-54, also known as: + CVE-2020-16042, CVE-2020-26971, CVE-2020-26972, CVE-2020-26973, + CVE-2020-26974, CVE-2020-26976, CVE-2020-26978, CVE-2020-26979, + CVE-2020-35111, CVE-2020-35113, CVE-2020-35114. + + * debian/control*: Bump nss build dependency. + + * build/moz.configure/rust.configure, debian/control*: Revert changes from + 79.0-1 allowing to build with cargo in unstable as of 2020-07-29 because + we have the right version now. + * intl/icu_sources_data.py: Revert changes from 72.0-1 to avoid building + ICU in parallel because we don't build ICU using this script anymore. + + -- Mike Hommey <glandium@debian.org> Wed, 16 Dec 2020 06:30:02 +0900 + +firefox (83.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-50, also known as: + CVE-2020-26951, CVE-2020-26952, CVE-2020-16012, CVE-2020-26953, + CVE-2020-26956, CVE-2020-26958, CVE-2020-26959, CVE-2020-26960, + CVE-2020-26961, CVE-2020-26962, CVE-2020-26963, CVE-2020-26965, + CVE-2020-26967, CVE-2020-26968, CVE-2020-26969. + + * debian/control*: Bump nss and cbindgen build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 18 Nov 2020 07:06:09 +0900 + +firefox (82.0.3-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-49, also known as CVE-2020-26950. + + -- Mike Hommey <glandium@debian.org> Tue, 10 Nov 2020 07:32:32 +0900 + +firefox (82.0.2-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*: Remove autoconf2.13 build dependency. + + * config/external/icu/data/moz.build: Use the right data file for ICU on + big endians. bz#1673769. + + -- Mike Hommey <glandium@debian.org> Fri, 30 Oct 2020 06:03:59 +0900 + +firefox (82.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-45, also known as: + CVE-2020-15969, CVE-2020-15254, CVE-2020-15680, CVE-2020-15681, + CVE-2020-15682, CVE-2020-15683, CVE-2020-15684. + + [Emilio Pozuelo Monfort] + * debian/browser.bug-presubj.in, debian/control.in, debian/rules, + debian/symbols.mk, debian/upstream.mk: Remove support for jessie. + * debian/control.in, debian/rules: stretch: build with LLVM 7, 4.0 doesn't + support -std=gnu++17. + * debian/rules: + - stretch: build with GCC 7 from gcc-mozilla. + - Call python with -B when regenerating the control files, so as to not + generate bytecode files. + - Call debian/l10n/gen with C.UTF-8 as the locale, otherwise it fails + in stretch when opening the iso-codes files. + - stretch: don't set NASM on !x86. + + [Mike Hommey] + * debian/control*: Bump nss build dependency. + + * build/unix/elfhack/elf.cpp, build/unix/elfhack/elfxx.h: Fix elfhack + for files > 2GiB and < 4GiB. bz#1495733. + + -- Mike Hommey <glandium@debian.org> Wed, 21 Oct 2020 11:53:39 +0900 + +firefox (81.0-2) unstable; urgency=medium + + * dom/media/AsyncLogger.h: Fix AsyncLogger::TracePayload's mName + size calculation. bz#1667007. + + -- Mike Hommey <glandium@debian.org> Thu, 24 Sep 2020 16:22:35 +0900 + +firefox (81.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-42, also known as: + CVE-2020-15675, CVE-2020-15677, CVE-2020-15676, CVE-2020-15678, + CVE-2020-15673, CVE-2020-15674. + + * debian/control*: Bump nss build dependency. + * debian/rules: Change l10n build integration: + - it is not necessary to override LOCALE_MERGEDIR anymore + - it is not necessary to call compare-locales manually + - set MACH_USE_SYSTEM_PYTHON=1 + + * js/src/jit/none/MacroAssembler-none.h: Bump CodeAlignment to 8. + bz#1666646. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Sep 2020 07:56:45 +0900 + +firefox (80.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Thu, 03 Sep 2020 09:36:06 +0900 + +firefox (80.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-36, also known as: + CVE-2020-15664, CVE-2020-12401, CVE-2020-6829, CVE-2020-12400, + CVE-2020-15665, CVE-2020-15666, CVE-2020-15667, CVE-2020-15668, + CVE-2020-15670. + + * debian/control*: Bump nss build dependency. + + -- Mike Hommey <glandium@debian.org> Wed, 26 Aug 2020 07:24:49 +0900 + +firefox (79.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-30, also known as: + CVE-2020-15652, CVE-2020-6514, CVE-2020-15655, CVE-2020-15653, + CVE-2020-6463, CVE-2020-15656, CVE-2020-15658, CVE-2020-15654, + CVE-2020-15659. + + * debian/control*: Bump cbindgen, rustc, cargo, nss and python3 build + dependencies. + * debian/rules: Add -Cembed-bitcode=yes to rust command lines when + using rustc >= 1.45.0. + + * build/moz.configure/rust.configure, debian/control*: Allow to build with + cargo in unstable as of 2020-07-29. + + -- Mike Hommey <glandium@debian.org> Wed, 29 Jul 2020 13:45:30 +0900 + +firefox (78.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2020-28. + + -- Mike Hommey <glandium@debian.org> Fri, 10 Jul 2020 09:37:04 +0900 + +firefox (78.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/rules: + - Replace --disable-ion with --disable-jit. + - Don't generated the ICU data file for big-endian manually. + + * js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, + js/src/jit/mips64/MacroAssembler-mips64-inl.h: Add branchTestSymbol + and fallibleUnboxPtr. bz#1642265. + * config/external/icu/data/*icudata*, config/external/icu/data/moz.build, + js/moz.configure: Unify the includion of the ICU data file. bz#1650299. + * config/external/icu/common/moz.build, + config/external/icu/common/sources.mozbuild, + config/external/icu/data/convert_icudata.py, + config/external/icu/data/moz.build, + config/external/icu/defs.mozbuild, + config/external/icu/i18n/moz.build, + config/external/icu/i18n/sources.mozbuild, + config/external/icu/icupkg/moz.build, + config/external/icu/icupkg/sources.mozbuild, + config/external/icu/moz.build, + config/external/icu/toolutil/moz.build, + config/external/icu/toolutil/sources.mozbuild, + config/recurse.mk, + intl/icu_sources_data.py: Automatically convert the little-endian ICU data + file for big-endian builds. + + -- Mike Hommey <glandium@debian.org> Fri, 03 Jul 2020 17:07:38 +0900 + +firefox (78.0-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2020-24, also known as: + CVE-2020-12415, CVE-2020-12416, CVE-2020-12417, CVE-2020-12418, + CVE-2020-12419, CVE-2020-12420, CVE-2020-12421, CVE-2020-12422, + CVE-2020-12424, CVE-2020-12425, CVE-2020-12426. + + * debian/control*: Bump nss build dependency. + * debian/control*, debian/rules: Remove build dependency on python2.7. + * debian/browser.mozconfig.in: Remove obsolete configure options. + + * build/virtualenv_packages.txt: Don't install enum and enum34 virtualenv + packages in python3 virtualenvs. bz#1632429. + + -- Mike Hommey <glandium@debian.org> Wed, 01 Jul 2020 10:14:06 +0900 + +firefox (77.0-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2020-20, also known as: + CVE-2020-12399, CVE-2020-12405, CVE-2020-12406, CVE-2020-12407, + CVE-2020-12408, CVE-2020-12409, CVE-2020-12410, CVE-2020-12411. + + * debian/l10n/gen, debian/l10n_revs.py, debian/latest_nightly.py, + debian/rules, debian/symbols.mk: Convert to python 3. + * debian/control*: Bump nss and cbindgen build dependencies. + * debian/rules: + - Revert PKCS11 API change from 76.0.1-1 because the new API is + now explicitly used by upstream code. + - Stop passing -fno-schedule-insns2 -fno-lifetime-dse and + -fno-delete-null-pointer-checks to GCC. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Jun 2020 07:53:04 +0900 + +firefox (76.0.1-2) unstable; urgency=medium + + * debian/browser.mozconfig.in: Allow addon sideload. Closes: #960084. + * debian/control*: Bump nasm build dependency to 2.14. + + -- Mike Hommey <glandium@debian.org> Fri, 15 May 2020 09:10:36 +0900 + +firefox (76.0.1-1) unstable; urgency=medium + + * New upstream release + + * debian/rules: Force using old PKCS11 API when building against newer + NSS releases. Closes: #960012. + + -- Mike Hommey <glandium@debian.org> Wed, 13 May 2020 09:09:57 +0900 + +firefox (76.0-2) unstable; urgency=medium + + * Cargo.lock, third_party/rust/typenum/*: Upgrade typename to 1.12.0. + bz#1635671. Fixes FTBFS on i386. + + -- Mike Hommey <glandium@debian.org> Wed, 06 May 2020 14:27:30 +0900 + +firefox (76.0-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2020-16, also known as: + CVE-2020-12387, CVE-2020-6831, CVE-2020-12390, CVE-2020-12391, + CVE-2020-12392, CVE-2020-12394, CVE-2020-12395, CVE-2020-12396. + + * debian/control*: Bump nss build dependency. + * debian/browser.install.in: Don't install blocklist.xml, it's not there + anymore. + + * config/recurse.mk: Don't depend on in-tree NSS/NSPR when building against + system NSS/NSPR. bz#1634926. + + -- Mike Hommey <glandium@debian.org> Wed, 06 May 2020 05:41:56 +0900 + +firefox (75.0-2) unstable; urgency=medium + + * build/moz.configure/util.configure: In configure, pass extra compiler + flags after source path. Fixes FTBFS with --with-system-libvpx with + gcc-9 >= 9-20190125-2. + + -- Mike Hommey <glandium@debian.org> Sun, 19 Apr 2020 09:03:28 +0900 + +firefox (75.0-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2020-12, also known as: + CVE-2020-6821, CVE-2020-6822, CVE-2020-6823, CVE-2020-6824, + CVE-2020-6825, CVE-2020-6826. + + * debian/control*: Bump nss, rustc, cargo, cbindgen and nodejs build + dependencies. + * debian/control*, debian/rules: Build against libvpx >= 1.8. We used + to build-conflicts with that version, but that's not necessary now + that upstream needs that version. + * debian/browser.install.in: Don't install .chk files, they aren't + produced anymore. + * debian/browser.install.in, debian/browser.mozconfig.in, debian/control*, + debian/rules: Don't build against system sqlite. This is not supported + anymore. + + * python/mozbuild/mozbuild/nodeutil.py: Allow to build with older + versions of nodejs 10. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Apr 2020 09:41:38 +0900 + +firefox (74.0.1-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. + + -- Mike Hommey <glandium@debian.org> Sat, 04 Apr 2020 06:42:37 +0900 + +firefox (74.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-08, also known as: + CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6808, + CVE-2020-6809, CVE-2020-6810, CVE-2020-6811, CVE-2019-20503, + CVE-2020-6812, CVE-2020-6813, CVE-2020-6814, CVE-2020-6815. + + * debian/rules: + - Use the -o flag to redirect preprocessor output rather than shell + redirection to work around bz#1621465. + - Remove obj-*/.mozbuild on clean. + * debian/control*: Bump nspr, nss, sqlite and cbindgen build dependencies. + + * config/mozunit/mozunit/mozunit.py, + python/mozbuild/mozbuild/action/langpack_manifest.py, + python/mozbuild/mozbuild/jar.py, python/mozbuild/mozbuild/preprocessor.py, + python/mozbuild/mozbuild/test/backend/test_build.py: Use io.open() rather + than open() in mozbuild/preprocessor.py. bz#1613263. + * dom/canvas/ClientWebGLContext.h, dom/canvas/WebGLContext.h: Fix build + errors with -Werror=format-security with GCC. + + -- Mike Hommey <glandium@debian.org> Wed, 11 Mar 2020 12:15:37 +0900 + +firefox (73.0.1-1) unstable; urgency=medium + + * New upstream release. + + * gfx/2d/SwizzleNEON.cpp: Fix NEON compile error with gcc and RGB unpacking. + bz#1610814. + + -- Mike Hommey <glandium@debian.org> Thu, 20 Feb 2020 09:07:58 +0900 + +firefox (73.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-05, also known as: + CVE-2020-6796, CVE-2020-6798, CVE-2020-6800, CVE-2020-6801. + + * debian/control*: Bump nss, rustc, cargo and cbindgen build dependencies. + * debian/browser.install.in: Do not install now removed chrome.manifest + and libnssdbm3.* files. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Feb 2020 06:57:23 +0900 + +firefox (72.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 22 Jan 2020 12:06:25 +0900 + +firefox (72.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2020-03, also known as CVE-2019-17026. + + -- Mike Hommey <glandium@debian.org> Thu, 09 Jan 2020 06:46:44 +0900 + +firefox (72.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2020-01, also known as: + CVE-2019-17016, CVE-2019-17017, CVE-2019-17020, CVE-2019-17022, + CVE-2019-17023, CVE-2019-17024, CVE-2019-17025. + + * debian/rules: + - Don't build with --compress-debug-sections on jessie. + - Use sourcestamp.txt for MOZ_BUILD_DATE. + - Avoid running dh_update_autotools_config. We're dealing with this + manually and we don't want config.* files being touched under + third_party/rust. + * debian/control*: + - Bump nspr, nss and sqlite build dependencies. + - Add missing dependency on libdrm-dev. + * debian/browser.mozconfig.in: Explicitly build with wayland support + enabled. + + * intl/icu_sources_data.py: Don't build ICU in parallel. + * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around older + GCC ICE on arm. + (Thanks Emilio Pozuelo Monfort) + + -- Mike Hommey <glandium@debian.org> Wed, 08 Jan 2020 08:54:04 +0900 + +firefox (71.0-2) unstable; urgency=medium + + * dom/indexedDB/ActorsParent.cpp: Work around lack of support for + http://eel.is/c++draft/class.temporary#6.7 in compilers. bz#1601707 + Closes: #946249, #946547. + * layout/generic/WritingModes.h, servo/ports/geckolib/cbindgen.toml: + Fix build with newer cbindgen. bz#1602358. + + -- Mike Hommey <glandium@debian.org> Thu, 12 Dec 2019 09:38:33 +0900 + +firefox (71.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-36, also known as: + CVE-2019-11756, CVE-2019-17008, CVE-2019-11745, CVE-2019-17014, + CVE-2019-17010, CVE-2019-17005, CVE-2019-17011, CVE-2019-17012, + CVE-2019-17013. + + * debian/l10n/gen: Add support for ca-valencia. + * debian/control*: Bump nspr, nss, rustc and cargo build dependencies. + * debian/rules, debian/control.in: + - Build with nodejs-mozilla on jessie and stretch. + - Build with nasm-mozilla on jessie and stretch. + - Don't build with system libvpx on stretch. + (Thanks Emilio Pozuelo Monfort) + + -- Mike Hommey <glandium@debian.org> Wed, 04 Dec 2019 10:09:38 +0900 + +firefox (70.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 09 Nov 2019 07:53:49 +0900 + +firefox (70.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-34, also known as: + CVE-2018-6156, CVE-2019-15903, CVE-2019-11757, CVE-2019-11759, + CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, + CVE-2019-11765, CVE-2019-17000, CVE-2019-17001, CVE-2019-17002, + CVE-2019-11764. + + * debian/control*: Bump nss, sqlite, rustc, cargo, and cbindgen build + dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Oct 2019 07:30:42 +0900 + +firefox (69.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Tue, 08 Oct 2019 08:06:31 +0900 + +firefox (69.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2019-31, also known as CVE-2019-11754. + + * debian/control*: + - Bump nss, rustc, cargo and cbindgen build dependencies. Closes: #939412. + - Remove build dependency versions where Debian has had the right version + since Jessie. + * debian/source/lintian-overrides: Adjust DotZlib.chm path. + + -- Mike Hommey <glandium@debian.org> Tue, 24 Sep 2019 06:39:36 +0900 + +firefox (69.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-25, also known as: + CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11752, + CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, + CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, + CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, + CVE-2019-11740. + + * debian/upstream.mk: Read source repo and revision from json when + getting upstream info. Instead of the .txt file that doesn't exist + as of 69. + * debian/control*: + - Remove unused build dependency against python-ply. + - Remove python-minimal build dependency. All supported versions + of Debian have a new enough version. + - Remove build dependency against libjsoncpp-dev. + * debian/l10n/gen, debian/latest_nightly.py, debian/rules, + debian/symbols.mk, debian/upstream.mk, debian/watch: Use explicit + python2.7 instead of python. + * debian/rules: Use `mach python --no-virtualenv` to invoke the + preprocessor. + + * config/system-headers, + toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, + toolkit/crashreporter/minidump-analyzer/moz.build: Revert hack to + build against libjsoncpp. It was fine when it was only used by + the crash reporter, but that's not the case anymore, and it breaks + the build. Also, the bundled version is newer than what is available + in Debian. + + -- Mike Hommey <glandium@debian.org> Wed, 04 Sep 2019 13:48:54 +0900 + +firefox (68.0.2-3) unstable; urgency=medium + + * debian/control.in: Take source package name from preprocessing. + + * build/moz.configure/old.configure: Avoid race condition creating + old-configure. bz#1574761. + * dom/media/systemservices/CamerasChild.cpp, + dom/media/systemservices/CamerasParent.cpp, + dom/media/systemservices/VideoEngine.cpp, + dom/media/webrtc/MediaEngineRemoteVideoSource.cpp: Don't use + __PRETTY_FUNCTION__ or __FUNCTION__ as format strings. bz#1531309. + Closes: #925680. + + -- Mike Hommey <glandium@debian.org> Sun, 18 Aug 2019 20:47:26 +0900 + +firefox (68.0.2-2) unstable; urgency=medium + + * debian/rules: Fix MOZ_APP_REMOTINGNAME. Upstream build system changes + made the config.status editing trick stop working. Export the variable for + configure to pick it instead. Closes: #932256 + + -- Mike Hommey <glandium@debian.org> Sun, 18 Aug 2019 08:41:43 +0900 + +firefox (68.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-24, also known as CVE-2019-11733. + + * debian/control*, debian/rules: Don't build against system vpx >= 1.8.0. + It has API changes that cause FTBFS. + + -- Mike Hommey <glandium@debian.org> Thu, 15 Aug 2019 08:06:59 +0900 + +firefox (68.0.1-2) unstable; urgency=medium + + * debian/rules: Work around https://github.com/rust-lang/cargo/issues/7147. + + -- Mike Hommey <glandium@debian.org> Fri, 19 Jul 2019 10:51:09 +0900 + +firefox (68.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/rules: + - Hook stamps/dh_install-l10n to override_dh_install-indep rather than + binary-indep. + - Pass make job server down through dh_auto_build. + * debian/rules, debian/dh: Wrap dh to ensure debian/rules is invoked with + parallelism. + + -- Mike Hommey <glandium@debian.org> Fri, 19 Jul 2019 07:53:19 +0900 + +firefox (68.0-3) unstable; urgency=medium + + * debian/browser.README.Debian.in: Fix a reference to iceweasel in + README.Debian. Thanks Edward Betts. + * debian/rules: + - Only exclude "-g" from dpkg-buildflags output. All the other flags + that used to be excluded either already match upstream or add + reproducibility. + - Don't unexpectedly reset LDFLAGS. + - [firefox-esr] Remove iceweasel transitional packages on bullseye. + - Disable dh_strip_nondeterminism. Upstream build system already avoids + non-determinism it would strip, so there is no need for it further + modifying files. + - Avoid arch:all builds building arch:any stuff. + - Move AUTOCONF_DIRS cleanup after dh_clean. + - Add rust flags to improve reproducibility. + - Only touch or remove configure when it wasn't there to begin with. + - Call configure using its full path. + - Factor common configure arguments. + - Build langpacks with --disable-compile-environment, and pass less + configure arguments. + - Build each langpack from a separate build directory. This means time + wasted running configure more times, but all locales can now be built + in parallel. + * debian/symbols.mk, debian/symbols.apt.conf, debian/symbols.sources.list: + Miscellaneous changes to symbols download script. + * debian/make.mk: Exclude symbols.mk variables from dump output. + * debian/browser.mozconfig.in: Remove redundant --prefix=/usr. + * debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: + Remove packaging scripts compatibility with Wheezy. + + * moz.configure: Only add confvars.sh as a dependency to config.status + when it exists. bz#1560340. + + -- Mike Hommey <glandium@debian.org> Sun, 14 Jul 2019 15:20:45 +0900 + +firefox (68.0-2) unstable; urgency=medium + + * debian/rules, debian/upstream.mk: Account for next Debian release. + * debian/rules, debian/control: Build against system sqlite again. + + * gfx/skia/skia/third_party/skcms/src/Transform_inl.h: Work around GCC ICE + on mips*, i386 and s390x. Closes: #931757 + * python/mozbuild/mozbuild/action/langpack_manifest.py: Use build id as + langpack version for reproducibility. bz#1565504. + + -- Mike Hommey <glandium@debian.org> Fri, 12 Jul 2019 20:37:51 +0900 + +firefox (68.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-21, also known as: + CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, + CVE-2019-11714, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, + CVE-2019-11718, CVE-2019-11720, CVE-2019-11721, CVE-2019-11730, + CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, + CVE-2019-11728, CVE-2019-11710, CVE-2019-11709. + + * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build + dependencies. Remove Build-Conflicts with nss 3.44-1, since we now + build-depend on a more recent version. + * debian/rules, debian/control: Don't build against system sqlite, as + Debian doesn't have the required version yet. + * [firefox-esr] debian/l10n/browser-l10n.control*, debian/l10n/gen: + Don't generate iceweasel l10n transition packages for locales that + were never offered with iceweasel. + * debian/control, debian/l10n/browser-l10n.control.in: Add transition + dependencies for Bengali l10n. There is now only one Bengali l10n + package instead of two. + * debian/rules: Disable JIT at build time on mips because it fails to build. + + * build/gyp.mozbuild: Revert patch that disables libyuv assembly on + mips64. It apparently compiles, now. + + -- Mike Hommey <glandium@debian.org> Wed, 10 Jul 2019 08:22:05 +0900 + +firefox (67.0.4-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-19, also known as CVE-2019-11708. + + -- Mike Hommey <glandium@debian.org> Thu, 20 Jun 2019 11:05:27 -0700 + +firefox (67.0.3-2) unstable; urgency=medium + + * python/mozbuild/mozbuild/action/node.py: Attempt to work around make issue + happening on arch: all buildd. + + -- Mike Hommey <glandium@debian.org> Wed, 19 Jun 2019 13:16:37 -0700 + +firefox (67.0.3-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-18, also known as CVE-2019-11707. + + -- Mike Hommey <glandium@debian.org> Tue, 18 Jun 2019 11:35:40 -0700 + +firefox (67.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Jun 2019 06:01:15 +0900 + +firefox (67.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 05 Jun 2019 07:14:08 +0900 + +firefox (67.0-4) unstable; urgency=medium + + * debian/rules: Work around FTBFS on mips* by disabling webrtc + Build fails because of missing configurations for mips*. + * debian/control*: Build-Conflicts with libnss3-dev 2:3.44-1. + Closes: #929846. + + * js/src/jit/mips32/MacroAssembler-mips32-inl.h: Fix FTBFS on mips/mipsel. + bz#1556197. + + -- Mike Hommey <glandium@debian.org> Sun, 02 Jun 2019 13:13:13 +0900 + +firefox (67.0-3) unstable; urgency=medium + + * media/webrtc/trunk/webrtc/system_wrappers/source/cpu_features.cc: Remove + WebRtc_GetCPUFeaturesARM from cpu_features.cc. It is already in + cpu_features_linux.c (and is not in cpu_features.cc in webrtc upstream). + Fixes FTBFS on armhf. bz#1523162. + + -- Mike Hommey <glandium@debian.org> Sat, 01 Jun 2019 13:44:05 +0900 + +firefox (67.0-2) unstable; urgency=medium + + * debian/extra-stuff/addonsInfo.jsm: + - Avoid running -dumps-addons-info without a running Firefox counting as a + crash. + - Support addons in resource:// locations in -dump-addons-info + + * js/src/wasm/WasmSignalHandlers.cpp: Include struct definitions for + user_vfp and user_vfp_exc. Fixes FTBFS on armhf. bz#1526653. + * js/src/jit/mips*/MacroAssembler-mips*-inl.h, + js/src/jit/mips*/Trampoline-mips*.cpp: Fix functions: branchTestBigInt, + negPtr, generateVMWrapper on MIPS. bz#1544631. + * toolkit/modules/sessionstore/PrivacyFilter.jsm: Update and harden form + data filtering for privacy to account for no data being passed in. + bz#1553413. + + -- Mike Hommey <glandium@debian.org> Sat, 01 Jun 2019 09:18:27 +0900 + +firefox (67.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-13, also known as: + CVE-2019-9816, CVE-2019-9817, CVE-2019-9819, CVE-2019-9820, + CVE-2019-9821, CVE-2019-11691, CVE-2019-11692, CVE-2019-11693, + CVE-2019-7317, CVE-2019-11695, CVE-2019-11696, CVE-2019-11697, + CVE-2019-11698, CVE-2019-11699, CVE-2019-11701, CVE-2019-9814, + CVE-2019-9800. + * Upload to experimental because the required cbindgen is not available in + unstable. + + * debian/control*: Bump nspr, sqlite, rustc, cargo and cbindgen build + dependencies. + * debian/extra-stuff/addonsInfo.*, debian/extra-stuff/moz.build, + debian/installer/package-manifest.browser, debian/rules: + Modernize addonsInfo per bz#1431533, bz#1432992, bz#1514594, bz#1524688, + etc. + + -- Mike Hommey <glandium@debian.org> Wed, 22 May 2019 09:28:01 +0900 + +firefox (66.0.5-1) unstable; urgency=medium + + * New upstream release. + - Additional fixes for addon signature validation. + + -- Mike Hommey <glandium@debian.org> Wed, 08 May 2019 08:07:21 +0900 + +firefox (66.0.4-1) unstable; urgency=medium + + * New upstream release. + - Fixes issues with addon signature validation. Closes: #928417. + Note: this didn't affect addons installed via Debian packages. + + -- Mike Hommey <glandium@debian.org> Sun, 05 May 2019 22:52:24 +0900 + +firefox (66.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-09, also known as: + CVE-2019-9810, CVE-2019-9813. + + * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build + dependencies. + + -- Mike Hommey <glandium@debian.org> Sun, 24 Mar 2019 08:17:24 +0900 + +firefox (66.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-07, also known as: + CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, + CVE-2019-9795, CVE-2019-9796, CVE-2019-9797, CVE-2019-9799, + CVE-2019-9802, CVE-2019-9803, CVE-2019-9805, CVE-2019-9806, + CVE-2019-9807, CVE-2019-9809, CVE-2019-9808, CVE-2019-9789, + CVE-2019-9788. + + * debian/browser.mozconfig.in: Adjust to the upstream change wrt Google + API key configure options. + * debian/control*: Add nasm build dependency on amd64 and i386. + + -- Mike Hommey <glandium@debian.org> Wed, 20 Mar 2019 18:35:38 +0900 + +firefox (65.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-04, also known as: + CVE-2018-18356, CVE-2019-5795, CVE-2018-18511. + + * debian/rules, debian/upstream.mk: Manually set the update channel. + Closes: #921381, #921121, #921654. + * debian/rules: Build with -mfp32 on mips and mipsel. This should fix the + FTBFS. + + -- Mike Hommey <glandium@debian.org> Thu, 14 Feb 2019 19:33:05 +0900 + +firefox (65.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2019-01, also known as: + CVE-2018-18500, CVE-2018-18503, CVE-2018-18504, CVE-2018-18505, + CVE-2018-18506, CVE-2018-18502, CVE-2018-18501. + + * debian/control*: Bump nss, sqlite, rustc, cargo and cbindgen build + dependencies. + * debian/browser.install.in: Install libmozwayland.so. + + -- Mike Hommey <glandium@debian.org> Wed, 30 Jan 2019 11:04:24 +0900 + +firefox (64.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-29, also known as: + CVE-2018-12407, CVE-2018-17466, CVE-2018-18492, CVE-2018-18493, + CVE-2018-18494, CVE-2018-18495, CVE-2018-18496, CVE-2018-18497, + CVE-2018-18498, CVE-2018-12406, CVE-2018-12405. + + * debian/rules, debian/browser.install.in: Properly copy the watermark + to /usr/share/icons/hicolor/symbolic/apps. + * debian/rules: Disable debug symbols on 32-bits architectures, that + requires too much memory. + * debian/browser.mozconfig.in: + - Remove --enable-pie option, it's the default, now. + - Remove --disable-nodejs now that it's required. + * debian/control*: + - Bump rustc, cargo, cbindgen, nss and sqlite dependencies. + - Add nodejs build dependency. + * debian/browser-symbolic.svg.in: Import the watermark used for the + symbolic icon in the debian/ directory. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Dec 2018 09:26:47 +0900 + +firefox (63.0.3-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*: Build depend on unversioned clang/llvm. + Closes: #912802. + * debian/rules: Use embedded libevent in backports. Closes: #910397. + * debian/rules: Use GNU gold linker on i386 because BFD ld fails to link + libxul.so (memory exhausted). + + * build/unix/elfhack/test.c: Try to ensure the bss section of the + elfhack testcase stays large enough. bz#1505608. + * memory/build/mozjemalloc.cpp: Fix run sizes for size classes >= 16KB + on systems with large pages. bz#1507035. Closes: #911898. + * media/libaom/moz.build: Use NEON_FLAGS instead of VPX_ASFLAGS for + libaom neon code. + * gfx/cairo/libpixman/src/pixman-vmx.c: Protect #include <config.h> in + pixman-vmx.c like in other pixman-*.c files + + -- Mike Hommey <glandium@debian.org> Mon, 26 Nov 2018 10:17:08 +0900 + +firefox (63.0.1-1) unstable; urgency=medium + + * New upstream release. + * debian/google.key: Use new Google API key, courtesy of Francois Marier. + + -- Mike Hommey <glandium@debian.org> Fri, 02 Nov 2018 10:50:57 +0900 + +firefox (63.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-26, also known as: + CVE-2018-12392, CVE-2018-12393, CVE-2018-12395, CVE-2018-12396, + CVE-2018-12397, CVE-2018-12398, CVE-2018-12399, CVE-2018-12401, + CVE-2018-12402, CVE-2018-12403, CVE-2018-12388, CVE-2018-12390. + + * debian/control*: + - Bump nss dependency. + - Add build dependency on cbindgen. + * debian/browser.mozconfig.in: Disable nodejs until it's actually necessary. + * debian/rules: Add -Wl,--compress-debug-sections=zlib to LDFLAGS to work + around elfhack failing with unstripped binaries larger than 2GiB. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Oct 2018 08:32:15 +0900 + +firefox (62.0.3-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-24, also known as: + CVE-2018-12386, CVE-2018-12387. + + * debian/extra-stuff/addonsInfo.js: Fixes to work with recent versions + of Firefox. Closes: #909056. + * debian/control*, debian/browser.mozconfig.in: Build ALSA support. + Closes: #864987, #900062, #908349 + + -- Mike Hommey <glandium@debian.org> Wed, 03 Oct 2018 16:21:53 +0900 + +firefox (62.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-22, also known as CVE-2018-12385. + * Ignore locale change events for the search service on shutdown. + bz#1489820. Closes: #908932. + + * debian/control*: + - Remove the sqlite and nss dependencies when not building against the + system libraries. + - Enforce nss, nspr and sqlite dependencies to the same versions as + build dependencies. There are subtle non-ABI differences between + versions that Firefox might be relying on (be it features, behavior + changes/fixes, etc.) and can cause subtle problems when older + versions are used. Closes: #908225, #908520. + - Add a suggestion for pulseaudio. + * debian/rules, debian/control: Add libavcodec-extra* packages to the list + of recommends. Closes: #909130 + + * js/src/jit/BaselineJIT.h: Disable baseline JIT when SSE2 is not supported + at runtime. bz#1492064. Closes: #908396, #908449. + * gfx/2d/Swizzle.cpp: Use Swizzle fallback when SSE2 is not supported. + bz#1492065. Closes: #877445. + + -- Mike Hommey <glandium@debian.org> Sat, 22 Sep 2018 09:02:25 +0900 + +firefox (62.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-20, also known as: + CVE-2018-12377, CVE-2018-12378, CVE-2018-12383, CVE-2018-12375, + CVE-2018-12376. + + * debian/control*: + - Bump nss and sqlite build dependencies. + - Build depend on llvm/clang 6.0 for buster. Closes: #906175. + * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove + build dependency on libbz2-dev. It's not used anymore. + * debian/noinstall.in: Remove the dictionaries directory, not part + of the packaged Firefox anymore. + * debian/l10n/gen: Use iso-codes json data instead of XML when present. + Closes: #907611. + + * widget/gtk/nsAppShell.cpp: Use remoting name for call to + gdk_set_program_class. Closes: #907574. + + -- Mike Hommey <glandium@debian.org> Thu, 06 Sep 2018 07:42:45 +0900 + +firefox (61.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Thu, 19 Jul 2018 06:54:40 +0900 + +firefox (61.0-2) unstable; urgency=medium + + * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove + build dependency on system libhunspell. Using system hunspell lacks + features required by Firefox. Next version of Firefox doesn't allow + to build against system hunspell anyways. Closes: #900469. + * debian/browser.links.in, debian/rules, debian/vendor.js: Use the + spellchecker.dictionary_path pref to set the hunspell directory. + * debian/browser.mozconfig.in: Allow unsigned addons in app and system + scopes. + * debian/rules: Work around the effect the above has on the + --{enable,with}-system-* check. + * debian/control*: Remove old conflicts. Thanks Sylvestre Ledru. + Closes: #882956. + * debian/l10n/recommends, debian/l10n/browser-l10n.control, + debian/control: Update dictionary recommendations, following these rules: + - Transitional myspell packages are not listed except when stable + doesn't have the corresponding hunspell package. + - Both hunspell and myspell packages are listed if they are different. + Closes: #813832, #825843 + * debian/copyright, debian/rules: Refer to /usr/share/common-licenses/MPL* + instead of installing our own copy. Closes: #704303. + * debian/make.mk: Use the same code as dump target for the dump-% target. + * debian/control*, debian/rules: Add Recommends on all supported libavcodec + libraries for h264 playback. Closes: #901600. + + * toolkit/modules/AppConstants.jsm, toolkit/modules/moz.build, + toolkit/moz.configure, toolkit/mozapps/extensions/internal/XPIInstall.jsm, + toolkit/mozapps/extensions/content/extensions.js, + toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Change how addon + signature requirement relaxation is done. Closes: #899390. + + -- Mike Hommey <glandium@debian.org> Sun, 08 Jul 2018 10:39:03 +0900 + +firefox (61.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-15, also known as: + CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12358, + CVE-2018-12362, CVE-2018-5156, CVE-2018-12363, CVE-2018-12364, + CVE-2018-12365, CVE-2018-12371, CVE-2018-12366, CVE-2018-12367, + CVE-2018-12369, CVE-2018-12370, CVE-2018-5186, CVE-2018-5187, + CVE-2018-5188. + + * debian/control*: + - Bump nss and sqlite build dependencies. + - Add a build dependency on python3. + * debian/browser.install.in: Adjust to upstream changes. + * debian/vendor.js: Relax the addon signature requirements. + + * toolkit/mozapps/extensions/content/extensions.js, + toolkit/mozapps/extensions/internal/XPIDatabase.jsm: Allow to relax the + addon signature requirements. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Jun 2018 10:25:44 +0900 + +firefox (60.0.2-2) unstable; urgency=medium + + * build/unix/elfhack/elfhack.cpp, build/unix/elfhack/inject.c, + build/unix/elfhack/test.c: Use run-time page size when changing mapping + permissions in elfhack injected code. bz#1470701. Closes: #902231. + + -- Mike Hommey <glandium@debian.org> Sun, 24 Jun 2018 09:23:16 +0900 + +firefox (60.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-14, also known as CVE-2018-6126. + + * debian/upstream.mk: Use the same logic for betas as for releases to find + the source. + * debian/browser.NEWS.in: Adjust to show the ESR version. + + -- Mike Hommey <glandium@debian.org> Fri, 08 Jun 2018 18:25:04 +0900 + +firefox (60.0.1-5) unstable; urgency=medium + + * gfx/skia/moz.build: Revert change from 60.0.1-4. + * dom/media/webaudio/blink/DenormalDisabler.h: Avoid using vmrs/vmsr on + armel. + * mfbt/LinuxSignal.h, mfbt/moz.build, + tools/profiler/core/platform-linux-android.cpp: Remove + MOZ_SIGNAL_TRAMPOLINE. bz#1463035. + * build/autoconf/arch.m4: Add -mfloat-abi=softfp to NEON_FLAGS when it makes + sense. bz#1463036. + * xpcom/string/moz.build: Use HAVE_ARM_NEON instead of BUILD_ARM_NEON for + nsUTF8UtilsNEON.cpp. bz#1463036. + + -- Mike Hommey <glandium@debian.org> Tue, 22 May 2018 08:01:55 +0900 + +firefox (60.0.1-4) unstable; urgency=medium + + * gfx/skia/moz.build: Don't build skia neon on armel. + + -- Mike Hommey <glandium@debian.org> Mon, 21 May 2018 07:58:43 +0900 + +firefox (60.0.1-3) unstable; urgency=medium + + * debian/browser.links.in: Remove /usr/lib/*/browser/icons symlink, leftover + after the removal of /usr/share/*/browser/icons. Closes: #893323. + + * media/webrtc/trunk/moz.build: Only build webrtc neon on aarch64. + + -- Mike Hommey <glandium@debian.org> Sun, 20 May 2018 10:12:15 +0900 + +firefox (60.0.1-2) unstable; urgency=medium + + * third_party/rust/libc/.cargo-checksum.json, + third_party/rust/libc/src/unix/notbsd/linux/mod.rs, + third_party/rust/libc/src/unix/notbsd/linux/musl/mod.rs, + third_party/rust/libc/src/unix/notbsd/linux/other/mod.rs, + third_party/rust/libc/src/unix/notbsd/linux/s390x.rs: Apply upstream patch + to add struct ucred for Linux on MIPS. + * gfx/skia/skia/src/jumper/SkJumper_stages.cpp: Fix Skia build on arm64 + linux with GCC. bz#1462868. + * intl/icu_sources_data.py: Add --disable-layoutex when running ICU + configure. bz#1462859. + * media/webrtc/trunk/gtest/moz.build: Link chromium_atomics to webrtc tests. + bz#1462873. + + -- Mike Hommey <glandium@debian.org> Sat, 19 May 2018 13:07:39 +0900 + +firefox (60.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*: Remove mozplugger suggestion. Closes: #888396. + * debian/browser.install.in, debian/browser.mozconfig.in, debian/control.in, + debian/rules: Remove the option to build against gtk+2, it is not + supported anymore. + * debian/control*, debian/rules: Avoid hard dependency on libgtk2.0-0. + Closes: #885144. + + * media/webrtc/trunk/moz.build: Attempt to fix building webrtc on non-x86. + * js/src/jit/mips-shared/LIR-mips-shared.h, js/src/jit/mips32/LIR-mips32.h, + js/src/jit/mips64/LIR-mips64.h: Fix FTBFS on mips*. bz#1444303. + + -- Mike Hommey <glandium@debian.org> Sat, 19 May 2018 07:25:23 +0900 + +firefox (60.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-11, also known as + CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, + CVE-2018-5159, CVE-2018-5160, CVE-2018-5152, CVE-2018-5153, + CVE-2018-5163, CVE-2018-5164, CVE-2018-5166, CVE-2018-5167, + CVE-2018-5168, CVE-2018-5169, CVE-2018-5172, CVE-2018-5173, + CVE-2018-5175, CVE-2018-5176, CVE-2018-5177, CVE-2018-5165, + CVE-2018-5180, CVE-2018-5181, CVE-2018-5182, CVE-2018-5151, + CVE-2018-5150. + + * debian/control*: + - Bump nspr, nss, sqlite, rustc and cargo build dependencies. + - Update Maintainer and Vcs fields, moving off alioth. + * debian/browser.js.in, debian/vendor.js: Use the new syntax for + locked and sticky prefs. + * debian/browser.NEWS.in: Add a NEWS about the deprecation of lockPref. + * debian/rules: Automatically find the ICU data file name. + * debian/browser.mozconfig.in: Revert workaround for bz#1341234. + * debian/browser.install.in, debian/rules: Don't install the ICU data + file, it's linked as a data section in libxul. + + * modules/libpref/parser/src/lib.rs: Adapt to upstream changes to + keep supporting lockPref() for transition purposes, now that upstream + has locked prefs out of the box. + + -- Mike Hommey <glandium@debian.org> Thu, 10 May 2018 09:36:46 +0900 + +firefox (59.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-10, also known as CVE-2018-5148. + + -- Mike Hommey <glandium@debian.org> Tue, 27 Mar 2018 08:29:16 +0900 + +firefox (59.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-08, also known as CVE-2018-5146, CVE-2018-5147. + + -- Mike Hommey <glandium@debian.org> Sat, 17 Mar 2018 13:48:08 +0900 + +firefox (59.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-06, also known as: + CVE-2018-5127, CVE-2018-5128, CVE-2018-5129, CVE-2018-5130, + CVE-2018-5131, CVE-2018-5132, CVE-2018-5133, CVE-2018-5134, + CVE-2018-5135, CVE-2018-5136, CVE-2018-5137, CVE-2018-5140, + CVE-2018-5141, CVE-2018-5142, CVE-2018-5143, CVE-2018-5126, + CVE-2018-5125. + + * debian/upstream.mk: + - Change how we find the source tarball for releases. + - Stop using milestone.py, it went away in this version. + * debian/control*: Bump nspr, nss, sqlite, rustc and cargo build + dependencies. + * debian/rules: Update ICU_DATA_FILE version. + * debian/browser.install.in, debian/browser.links.in, debian/rules: Take all + icons from chrome/icons/default/ now they are all there. + * debian/browser.install.in, debian/rules: Install watermark icon through + dh_install. + * debian/browser.js.in: Use the new intl.locale.requested instead of + intl.locale.matchOS. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Mar 2018 08:30:34 +0900 + +firefox (58.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2018-05. + + * debian/upstream.mk, debian/l10n_revs.py: Use l10n-changesets.json from the + source tree to find the l10n changesets. + * debian/usptream.mk: Stop using milestone.py, it goes away in version 59. + + * intl/icu/source/i18n/digitlst.cpp: Apply part of + http://bugs.icu-project.org/trac/changeset/40603 to fix FTBFS with glibc + 2.26 on big endian platforms. Closes: #888638. + + -- Mike Hommey <glandium@debian.org> Tue, 30 Jan 2018 07:43:28 +0900 + +firefox (58.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-02, also known as: + CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, + CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, + CVE-2018-5100, CVE-2018-5101, CVE-2018-5102, CVE-2018-5103, + CVE-2018-5104, CVE-2018-5105, CVE-2018-5106, CVE-2018-5107, + CVE-2018-5108, CVE-2018-5109, CVE-2018-5111, CVE-2018-5112, + CVE-2018-5113, CVE-2018-5114, CVE-2018-5115, CVE-2018-5116, + CVE-2018-5117, CVE-2018-5118, CVE-2018-5119, CVE-2018-5122, + CVE-2018-5090, CVE-2018-5089. + + * debian/rules: + - Don't disable necko-wifi on kfreebsd/hurd. This used to be necessary + because that was using libiw, which was linux-only, but libiw is not + used anymore. + - Refresh configure files manually. + - Remove --with-default-mozilla-five-home, it's gone. + - Adapt to compare-locales changes. + - Define MOZ_FFVPX on arm and aarch64. + * debian/browser.install.in, debian/rules, debian/test.mk: Use + DEB_HOST_ARCH* instead of DEB_BUILD_ARCH*. + * debian/control*: + - Bump rustc, cargo and nss build dependencies. + - Add a dependency on libnss3 3.34 for the firefox package. + * debian/noinstall.in: Remove run-mozilla.sh from there, it's not installed + anymore. + + -- Mike Hommey <glandium@debian.org> Wed, 24 Jan 2018 08:16:43 +0900 + +firefox (57.0.4-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2018-01, mitigating "Spectre" side-channel attack. + + * debian/control*: Remove build dependencies on unused -dev packages. + * debian/rules: Clean l10n build directory. + * debian/installer/Makefile.in, + debian/installer/package-manifest.browser, debian/rules, moz.build: + Let upstream packaging step preprocess our package manifest, instead + of preprocessing it manually first. + + -- Mike Hommey <glandium@debian.org> Fri, 05 Jan 2018 15:55:05 +0900 + +firefox (57.0.3-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 30 Dec 2017 12:06:22 +0900 + +firefox (57.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-27, also known as: + * CVE-2017-7843, CVE-2017-7844. + + * debian/rules: Don't pass unused variables during make install. + * debian/installer/Makefile.in: Small path correctness fixup. + + -- Mike Hommey <glandium@debian.org> Fri, 01 Dec 2017 14:35:58 +0900 + +firefox (57.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-24, also known as: + CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, + CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7836, + CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, + CVE-2017-7842, CVE-2017-7827, CVE-2017-7826. + + * debian/control*: Bump nss, sqlite, rustc and cargo build dependencies. + * debian/rules: + - Always remove configure/old-configure during clean. + - Use a new file as source for the symbolic icon. Closes: #867729. + - Disable tests until they're fixed. The script to run tests uses old + entry points that weren't updated to deal with the sandbox in Firefox, + causing the tests to fail in a way that takes days to go through the + entire suites. Closes: #877565. + * debian/import-tar.py: Make python 3.6 happy. + + * old-configure*: Allow to build against nspr 4.16. + + -- Mike Hommey <glandium@debian.org> Wed, 15 Nov 2017 09:20:05 +0900 + +firefox (56.0-2) unstable; urgency=medium + + * debian/browser.mozconfig.in: Pass NSPR directory to bindgen to workaround + bz#1341234. + + -- Mike Hommey <glandium@debian.org> Fri, 29 Sep 2017 13:28:38 +0900 + +firefox (56.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-21, also known as: + CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, + CVE-2017-7812, CVE-2017-7814, CVE-2017-7813, CVE-2017-7815, + CVE-2017-7816, CVE-2017-7821, CVE-2017-7823, CVE-2017-7822, + CVE-2017-7820, CVE-2017-7811, CVE-2017-7810. + + * debian/control*: + - Bump nspr, nss, rustc and cargo build dependencies. + - Build depend on llvm-4.0-dev, libclang-4.0-dev and clang-4.0. + * debian/rules: Update ICU_DATA_FILE version. + * debian/browser.mozconfig.in, debian/google.key: Add the Google API key + from the chromium package for safebrowsing. Thanks Francois Marier. + + -- Mike Hommey <glandium@debian.org> Fri, 29 Sep 2017 07:51:07 +0900 + +firefox (55.0.3-1) unstable; urgency=medium + + * New upstream release. + + * debian/source/lintian-overrides: Add a lintian override for dotzlib.chm. + + -- Mike Hommey <glandium@debian.org> Sat, 09 Sep 2017 20:24:43 +0900 + +firefox (55.0.2-1) unstable; urgency=medium + + * New upstream release. + + * js/src/jit/ExecutableAllocator.h, js/src/jit/none/MacroAssembler-none.h: + Fix Spidermonkey build with no jit backend. bz#1376268. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Aug 2017 09:41:36 +0900 + +firefox (55.0-2) unstable; urgency=medium + + * ipc/chromium/src/base/message_pump_libevent.cc, + ipc/chromium/src/third_party/libevent/linux/event2/event-config.h: + Fix FTBFS on i386. bz#1388981. + * dom/base/nsWrapperCache.h: Fix FTBFS on powerpc64el. bz#1376277. + * media/libcubeb/cubeb-pulse-rs/src/backend/context.rs: Fix cubeb-pulse-rs + FTBFS on arm64. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Aug 2017 14:29:21 +0900 + +firefox (55.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-18, also known as: + CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, CVE-2017-7809, + CVE-2017-7784, CVE-2017-7802, CVE-2017-7785, CVE-2017-7786, + CVE-2017-7806, CVE-2017-7753, CVE-2017-7787, CVE-2017-7807, + CVE-2017-7792, CVE-2017-7791, CVE-2017-7808, CVE-2017-7781, + CVE-2017-7794, CVE-2017-7803, CVE-2017-7799, CVE-2017-7783, + CVE-2017-7788, CVE-2017-7789, CVE-2017-7797, CVE-2017-7780, + CVE-2017-7779. + + * debian/control*: Bump nspr, nss and sqlite build dependencies. + * debian/rules: + - Preserve Cargo.toml.orig files ; cargo doesn't like that dh_clean + removes them. + - Copy the MPL-2.0 license from nsprpub instead of b2g, the latter being + gone. + * debian/browser.js.in: Default to no suggestions in the urlbar. This still + brings a panel asking the user whether they want to opt-in on first use. + * debian/upstream.mk: Set DIST differently for experimental. + + * media/webrtc/trunk/gtest/moz.build: Make webrtc-gtest build work with + system jpeg and libvpx. bz#1373988. + * media/mtransport/third_party/nICEr/nicer.gyp, + media/mtransport/third_party/nrappkit/nrappkit.gyp: Disable + -Wformat-security where -Wformat is disabled. bz#1388681. Closes: #871386. + ('ppc64le', 'Linux'): 'powerpc64le-unknown-linux-gnu', + * build/moz.configure/rust.configure: Add ppc64el target for rust code + (second attempt). Closes: #864822. + + -- Mike Hommey <glandium@debian.org> Wed, 09 Aug 2017 20:21:59 +0900 + +firefox (54.0-2) unstable; urgency=medium + + * debian/upstream.mk: Consider testing/unstable as buster, which implies + build depending on system nspr, nss, sqlite and hunspell again. + * debian/rules: Really make overrides with USE_SYSTEM_* set to nothing work. + + * build/moz.configure/rust.configure: Add ppc64el target for rust code. + Closes: #864822. + + -- Mike Hommey <glandium@debian.org> Sat, 17 Jun 2017 07:20:23 +0900 + +firefox (54.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-15, also known as: + CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, + CVE-2017-7752, CVE-2017-7754, CVE-2017-7756, CVE-2017-7757, + CVE-2017-7778, CVE-2017-7758, CVE-2017-7762, CVE-2017-7764, + CVE-2017-5471, CVE-2017-5470. + * Targetting unstable because the required rustc version is available there, + and the freeze is almost over, meaning new versions of rustc will receive + updates, allowing to build newer versions of Firefox. + + * debian/rules, debian/control.in: Switch to GCC 4.8 on wheezy. + * debian/rules: Don't remove debian/control on clean. Thanks to + Emilio Pozuelo Monfort for those two changes for wheezy LTS support. + * debian/control.in, debian/rules, debian/symbols.mk, debian/upstream.mk: + Rename the BACKPORT variable to DIST, and set it to "stretch" for + unstable/testing targetted builds. + * debian/rules: Normalize the system libraries used depending on the Debian + version. + * debian/control*: + - Bump nspr and build dependencies. + - Bump rustc and cargo build dependencies. + * debian/rules: + - Allow to override USE_SYSTEM_* variables from the environment. + - Remove rules to create mozilla-nspr.pc. It hasn't been shipped since + 45.0-1. + * debian/browser.install.in: Add the pingsender executable. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Jun 2017 10:56:14 +0900 + +firefox (53.0.is.53.0-1) experimental; urgency=medium + + * The "oops, uploaded to unstable instead of experimental" release. + + -- Mike Hommey <glandium@debian.org> Thu, 20 Apr 2017 05:25:25 +0900 + +firefox (53.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-10, also known as: + CVE-2017-5433, CVE-2017-5435, CVE-2017-5436, CVE-2017-5459, + CVE-2017-5466, CVE-2017-5434, CVE-2017-5432, CVE-2017-5460, + CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, + CVE-2017-5442, CVE-2017-5464, CVE-2017-5443, CVE-2017-5444, + CVE-2017-5446, CVE-2017-5447, CVE-2017-5465, CVE-2017-5448, + CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5469, + CVE-2017-5445, CVE-2017-5449, CVE-2017-5451, CVE-2017-5467, + CVE-2017-5453, CVE-2017-5458, CVE-2017-5468, CVE-2017-5430, + CVE-2017-5429. + + * debian/control*: + - Bump nss and hunspell build dependencies. + * debian/browser-dev*, debian/control*, debian/noinstall.in, + debian/rules: Remove the -dev packages, there is no SDK provided + for Firefox anymore. + * debian/browser.install.in: Install manifest.json instead of clearkey.info. + * debian/rules: + - No system hunspell for backports. + - Build against system nspr/nss, experimental has the right versions. + * debian/browser.mozconfig.in, debian/control*, debian/rules: Always enable + rust, and bump the rustc dependency. As of version 54, it is not possible + to disable rust code anymore. While this is still version 53, there is not + much to win by keeping --disable-rust builds on Debian architectures + without rustc for 6 more weeks. + + -- Mike Hommey <glandium@debian.org> Wed, 19 Apr 2017 14:50:13 +0900 + +firefox (52.0.2-1) unstable; urgency=medium + + * New upstream release. + * debian/browser.mozconfig.in, debian/mls.key: Enable geolocation using + Mozilla's Location Service. Closes: #726230. + + * browser/app/profile/firefox.js: Use the Mozilla Location Service when + the Google Key is not there. + + -- Mike Hommey <glandium@debian.org> Sun, 02 Apr 2017 06:45:39 +0900 + +firefox (52.0.1-1) unstable; urgency=medium + + * New upstream release. + * Fix for mfsa2017-08, also known as CVE-2017-5428. + + * debian/browser.lintian-overrides.in: Add a lintian override for NSPR and + NSS. + * debian/control*: Build depend on libjsoncpp-dev. + + * config/system-headers, + toolkit/crashreporter/jsoncpp/src/lib_json/moz.build, + toolkit/crashreporter/minidump-analyzer/moz.build: Build against system + libjsoncpp. + + -- Mike Hommey <glandium@debian.org> Sat, 18 Mar 2017 08:49:59 +0900 + +firefox (52.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-05, also known as: + CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, + CVE-2017-5404, CVE-2017-5406, CVE-2017-5407, CVE-2017-5410, + CVE-2017-5408, CVE-2017-5412, CVE-2017-5413, CVE-2017-5414, + CVE-2017-5415, CVE-2017-5416, CVE-2017-5417, CVE-2017-5426, + CVE-2017-5427, CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, + CVE-2017-5405, CVE-2017-5421, CVE-2017-5422, CVE-2017-5399, + CVE-2017-5398. + + * debian/control*: Bump nss and sqlite build dependencies. + * debian/rules: + - Update ICU_DATA_FILE version. + - Don't build against system sqlite until we have the right version in + Debian. + * debian/browser.install.in: + - Install chrome.manifest, libmozsandbox.so and minidump-analyzer. + - Remove browser/components. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Mar 2017 10:24:05 +0900 + +firefox (51.0.1-3) unstable; urgency=medium + + * js/src/jit/mips-shared/Assembler-mips-shared.h, + js/src/jit/mips-shared/CodeGenerator-mips-shared.cpp, + js/src/jit/mips-shared/CodeGenerator-mips-shared.h, + js/src/jit/mips-shared/MacroAssembler-mips-shared-inl.h, + js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp, + js/src/jit/mips-shared/MacroAssembler-mips-shared.h, + js/src/jit/mips32/MacroAssembler-mips32-inl.h, + js/src/jit/mips32/MacroAssembler-mips32.cpp, + js/src/jit/mips32/MacroAssembler-mips32.h, + js/src/jit/mips64/MacroAssembler-mips64-inl.h, + js/src/jit/mips64/MacroAssembler-mips64.cpp, + js/src/jit/mips64/MacroAssembler-mips64.h: Apply patch from + bz#1303688 hopefully fixing the FTBFS on mips*. + + -- Mike Hommey <glandium@debian.org> Thu, 23 Feb 2017 16:34:17 +0900 + +firefox (51.0.1-2) unstable; urgency=medium + + * debian/symbols.mk: + - Better handle downloading symbols from packages with epochs. + - Don't filter file names when getting symbols. + - Add experimental buildd apt source for symbols download. + - Avoid apt-get download being re-run when the file is already there. + - Adjust DBGTYPE depending on package version, not whether it's a + backport. + - Only dump symbols for files of type application/x-sharedlib. + This covers binary executables too because they are PIE and + undistinguishable from shared libraries as a consequence. + * debian/rules: + - Add -fno-schedule-insns2 back. Closes: #854258. + - Build with -fno-schedule-insns on armel and armhf when building with + GCC6. Closes: #854640. + - Hack to disable --gc-sections when building NSS, working around bug + #844357 again. Should fix FTBFS on mips*. + * debian/browser.desktop.in, debian/rules: Followup for the StartupWMClass + changes in 51.0.1-1: Use the same name in desktop file and + application.ini RemotingName. Closes: #854397. + + -- Mike Hommey <glandium@debian.org> Sat, 18 Feb 2017 08:17:22 +0900 + +firefox (51.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/browser.desktop.in: + - Use the application name as StartupWMClass in the desktop file. + Along the change to nsAppRunner.cpp, this prevents e.g. GNOME Shell + from making Firefox appear as Firefox ESR when both are used. + - Remove Encoding key from desktop file. Closes: #812493 + * debian/rules: Remove -fno-schedule-insns2 and add -fno-lifetime-dse + when building with GCC6. + * debian/rules, debian/control*: Build with GCC6 on arm*. + Closes: #852009. AFAIK, that will lead to FTBFS on at least armhf, + but let's already see how it goes. + * debian/upstream.mk: Use pkg-info.mk to figure out source name and version. + Closes: #850720. + * debian/control*: + - Remove build dependency and suggest on libgnome*. It hasn't actually + been used for a long time. Closes: #850265. + - Bump Standards-Version to 3.9.8. No changes required. + - Bump libvpx build dependency. + * debian/rules: Resize the symbolic icon. + * Move the -l10n-all package to the metapackages section. Closes: #824784. + * debian/browser.postrm.in, debian/browser.preinst.in, debian/rules: Don't + install preinst and postrm at all for the firefox package. + * debian/symbols.apt.conf, debian/symbols.mk, debian/symbols.sources.list: + Add scripts to create symbols archive to upload to Mozilla crash servers. + * debian/browser-dev.links.in, debian/browser.install.in, + debian/browser.mozconfig.in, debian/control*, debian/make.mk, debian/rules: + Add more granularity as to what system libraries are used + and only disable NSPR/NSS until we have the right versions in Debian. + + * gfx/2d/BorrowedContext.h, gfx/layers/composite/LayerManagerComposite.*, + gfx/layers/moz.build: Fix --disable-skia builds. bz#1319374. + * gfx/skia/moz.build: Build Skia NEON code on arm64. + * toolkit/xre/nsAppRunner.cpp: Set program name from the remoting name. + * config/recurse.mk: Work around race condition between building NSPR and + NSS. bz#1115944, bz#1315882. + + -- Mike Hommey <glandium@debian.org> Sun, 05 Feb 2017 15:52:36 +0900 + +firefox (51.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2017-01, also known as: + CVE-2017-5375, CVE-2017-5376, CVE-2017-5377, CVE-2017-5378, + CVE-2017-5379, CVE-2017-5380, CVE-2017-5390, CVE-2017-5389, + CVE-2017-5396, CVE-2017-5381, CVE-2017-5382, CVE-2017-5383, + CVE-2017-5384, CVE-2017-5385, CVE-2017-5386, CVE-2017-5391, + CVE-2017-5393, CVE-2017-5387, CVE-2017-5388, CVE-2017-5374, + CVE-2017-5373. + + * debian/upstream.mk: Don't rely on FIREFOX_*_RELEASE tags to pull some + files to determine all source urls. + * debian/browser.bug-presubj.in: Add a note about submitting crash reports + upstream and pasting the url to Debian bug reports. + * debian/rules, debian/control*: Adjust rust build configure to new + upstream. It requires rustc >= 1.10 and cargo, the latter of which is + not available on arm64. Also depend on cargo >= 0.13, that doesn't access + the network with the Cargo.toml files in the source. Note rust code is + still not enabled unless building a beta release. + * debian/control*: Bump nspr, nss and sqlite build dependencies. + * debian/rules, debian/control: Use more embedded libraries until the + required versions of NSPR and NSS can be in unstable. + + * build/moz.configure/rust.configure: Force use the i686 rust target. + * gfx/skia/skia/include/core/SkPreConfig.h: Generically set + SK_CPU_[BL]ENDIAN based on __BYTE_ORDER__ when available. bz#1319389. + + -- Mike Hommey <glandium@debian.org> Wed, 25 Jan 2017 11:27:12 +0900 + +firefox (50.1.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2016-95, also known as: + CVE-2016-9894, CVE-2016-9899, CVE-2016-9895, CVE-2016-9896, + CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9904, + CVE-2016-9901, CVE-2016-9902, CVE-2016-9903, CVE-2016-9080, + CVE-2016-9893. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Dec 2016 06:15:10 +0900 + +firefox (50.0.2-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2016-{91-92}, also known as: + CVE-2016-9078, CVE-2016-9079. + + * widget/gtk/mozgtk/mozgtk.c: work around race in system Cairo's XShm usage. + bz#1271100. + + -- Mike Hommey <glandium@debian.org> Thu, 01 Dec 2016 08:32:08 +0900 + +firefox (50.0-3) unstable; urgency=medium + + * media/libjpeg/simd/jsimd_mips.c: Pull libjpeg-turbo upstream fix for FTBFS + on mips. + * widget/gtk/mozgtk/gtk3/moz.build: Work around Debian bug #844357. + + -- Mike Hommey <glandium@debian.org> Mon, 21 Nov 2016 08:16:53 +0900 + +firefox (50.0-2) unstable; urgency=medium + + * debian/rules: Use mach to run icu_source_data.py. This should fix FTBFS + on big endian platforms. + + * js/src/jit/mips64/CodeGenerator-mips64.cpp: Fix + CodeGenerator::visitAsmSelectI64. bz#1290811. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Nov 2016 06:16:41 +0900 + +firefox (50.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2016-{87,89} also known as: + CVE-2016-5287, CVE-2016-5288, CVE-2016-5296, CVE-2016-5292, + CVE-2016-5297, CVE-2016-9064, CVE-2016-9066, CVE-2016-9067, + CVE-2016-9068, CVE-2016-9075, CVE-2016-9077, CVE-2016-5291, + CVE-2016-9070, CVE-2016-9073, CVE-2016-9076, CVE-2016-9063, + CVE-2016-9071, CVE-2016-5289, CVE-2016-5290. + + * debian/rules: Only generate configure files on nightlies, and use + client.mk to generate them instead of using autoconf manually (which, + while compatible, is wrong nowadays). + * debian/control*: + - Remove outdated alternative build dependencies. + - Bump sqlite and nss build dependency. + - Add build dependency on libx11-xcb-dev. + * debian/browser.mozconfig.in, debian/control*, debian/rules: Enable rust on + non-release/ESR. + * debian/browser.install.in: Add the EmojiOneMozilla font. + + -- Mike Hommey <glandium@debian.org> Wed, 16 Nov 2016 09:04:23 +0900 + +firefox (49.0-5) unstable; urgency=medium + + * debian/rules: + - Don't install crashreporter files on arm64, where it's not built. Should + fix FTBFS on arm64. + - Ship a symbolic icon from the silhouette icon from branding. + Closes: #832297. + - Remove old workaround for GCC 4.5 on armel. + - Remove old workarounds for ia64. + - Remove GENSYMBOLS_FLAGS, which hasn't been used for 5 years. + - Remove CMP_AWK, which hasn't been used since xulrunner packages were + removed. + - Remove dh_builddeb override forcing xz compression, which is the default + since dpkg 1.15.6. + - Remove old workaround for ppc64. + - Disable both baseline JIT and ion on mips via prefs. + * debian/rules, debian/control: Re-enable Gtk+3 to see how it goes. + Closes: #832301. + + * security/sandbox/linux/SandboxFilter.cpp: Allow media plugins to call + madvise with MADV_FREE. bz#1303813. Closes: #838911. + * js/src/jit/AtomicOperations.h: Fix crashes in AtomicOperations-none on + s390x. Should fix FTBFS on s390x. + + -- Mike Hommey <glandium@debian.org> Sat, 29 Oct 2016 19:54:35 +0900 + +firefox (49.0-4) unstable; urgency=medium + + * debian/rules, dbeian/browser.install.in: Always install GMP clearkey. + Should fix FTBFSes on non-x86/x86-64, this time. + * debian/browser.js.in: Unset media.gmp-manager.url.override. + Closes: #838902. + * debian/compat, debian/control*: Bump debhelper compat and dependency to 9. + * debian/rules, debian/control*: Generate debug symbols debs when not + backporting. + * debian/browser.install.in, browser.mozconfig.in, debian/rules: Don't + disable the crash reporter. + + -- Mike Hommey <glandium@debian.org> Sun, 02 Oct 2016 13:28:11 +0900 + +firefox (49.0-3) unstable; urgency=medium + + * debian/browser.desktop.in: Use the full path to the real Firefox + executable in the .desktop file. Closes: #832298 + + * toolkit/moz.configure: Ensure we don't enable Widevine unintentionally. + bz#1299694. Should fix FTBFSes on non-x86/x86-64. + + -- Mike Hommey <glandium@debian.org> Sun, 25 Sep 2016 17:34:05 +0900 + +firefox (49.0-2) unstable; urgency=medium + + * debian/rules, debian/control*: Only force GCC 5 on arm when building for + stretch+. + * debian/browser.mozconfig.in, debian/browser.install.in, debian/rules: + Do not disable EME. Closes: #838478. + * debian/rules, debian/browser.install.in: Build and use big-endian ICU data + on big-endian architectures. Fixes FTBFS on big-endian architectures. + + * build/autoconf/icu.m4: Allow to override ICU_DATA_FILE from the + environment. + * js/src/jit/mips-shared/MacroAssembler-mips-shared.cpp: OdinMonkey: MIPS: + Fix nop-jump patching code. bz#1277478. Fixes FTBFS on mips*el. + * media/libjpeg/moz.build: Fix CPU_ARCH test for libjpeg on mips. Fixes + FTBFS on mips. + + -- Mike Hommey <glandium@debian.org> Sun, 25 Sep 2016 09:47:54 +0900 + +firefox (49.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa-2016-85, also known as: + CVE-2016-2827, CVE-2016-5270, CVE-2016-5271, CVE-2016-5272, + CVE-2016-5273, CVE-2016-5276, CVE-2016-5274, CVE-2016-5277, + CVE-2016-5275, CVE-2016-5278, CVE-2016-5279, CVE-2016-5280, + CVE-2016-5281, CVE-2016-5282, CVE-2016-5283, CVE-2016-5284, + CVE-2016-5256, CVE-2016-5257. + + * debian/control*, debian/rules: Compile with GCC 5 on testing/unstable + on arm* because of crashes when building with GCC 6. (FTBFS) + * debian/control*: Force build against libnss3-dev >= 2:3.26-2~, which fixed + its symbols file. Closes: #833719. + + * build/gyp.mozbuild: Disable libyuv assembly on mips64. (FTBFS) + + -- Mike Hommey <glandium@debian.org> Wed, 21 Sep 2016 10:30:16 +0900 + +firefox (48.0-2) unstable; urgency=medium + + * debian/rules: Build with -fno-schedule-insns2 and + -fno-delete-null-pointer-checks with GCC >= 6 because it miscompiles + Firefox. Closes: #836533. + + -- Mike Hommey <glandium@debian.org> Mon, 05 Sep 2016 07:25:54 +0900 + +firefox (48.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa-2016-{62-68,70-81,83-84}, also known as: + CVE-2016-2836, CVE-2016-2835, CVE-2016-2830, CVE-2016-2838, + CVE-2016-2839, CVE-2016-5251, CVE-2016-5252, CVE-2016-0718, + CVE-2016-5254, CVE-2016-5255, CVE-2016-5258, CVE-2016-5259, + CVE-2016-5260, CVE-2016-5261, CVE-2016-5262, CVE-2016-2837, + CVE-2016-5263, CVE-2016-5264, CVE-2016-5265, CVE-2016-5266, + CVE-2016-5268, CVE-2016-5250. + + * debian/control*: Bump nss and sqlite build dependencies. + * debian/rules: Remove --build from configure invocation. + * debian/browser.mozconfig.in: s/NATIVE/SYSTEM/. The variables set for + --enable-system flags have changed upstream. + * debian/browser.install.in, debian/browser.links.in: Don't install webapprt + files, they are gone. + * debian/browser.install.in: + - Install ICU data file. + - libfreebl3 changed name. + - Take mozicon128.png from dist/firefox instead of dist/bin. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Aug 2016 09:45:22 +0900 + +firefox (47.0.1-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 29 Jun 2016 19:25:53 +0900 + +firefox (47.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa-2016-{49-52,54,56-60}, also known as: + CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, + CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, + CVE-2016-2831, CVE-2016-2832, CVE-2016-2833. + + * debian/rules: Read default toolkit from old-configure.in, but still keep + Gtk+3 disabled. + * debian/upstream.mk: Use l10n_changesets.txt from last candidate build for + L10N_REV. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Jun 2016 10:00:04 +0900 + +firefox (46.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*: Remove build dependencies that were only required for the + iceweasel branding. + * debian/control*, debian/browser.mozconfig.in: Remove configure flags and + build dependencies related to gnomevfs. They have been ignored for close + to a year. + * debian/browser.mozconfig.in: + - Remove configure flags explicitly enabling gio, it has been enabled by + default for more than 3 years. + - Remove --enable-svg, the option has been ignored for more than 5 years. + - Remove --enable-mathml, the option has been ignored for more than 4 + years. + - Remove --enable-pango, the option has been ignored for 2 years. + - Remove --disable-pedantic, the option has been ignored for 3 years. + - Remove --disable-long-long-warning, the option has been ignored for + almost 5 years. + - Remove --disable-gnomeui, it is the default. + - Remove --disable-mochitest, the option has been ignored for more than 7 + years. + - Remove --disable-debug, it is the default. + - Remove --enable-canvas, the option has been ignored for more than 6 + years. + - Remove --disable-installer, the option has been ignored for close to 4 + years. + - Remove --disable-javaxpcom, the option has been ignored for close to 5 + years. + - Remove --disable-elf-dynstr-gc, the option has been ignored for more + than 2 years. + - Remove --enable-url-classifier, it is the default. + - Remove --with-user-appdir=.mozilla, it is the default. + - Remove --enable-single-profile, the option has been ignored for more + than 7 years. + - Remove --disable-profilesharing, the option has been ignored for more + than 7 years. + * debian/rules: Use the mach compare-locales command for l10n. + * debian/upstream.mk, debian/watch: Remove "mozilla.org" from path in + archive.mozilla.org urls. + * debian/upstream.mk: Don't use get a separate source tarball for + compare-locales. There is a copy in-tree that we now use. + * debian/browser.desktop.in, debian/control*, debian/rules: Allow to + distinguish between firefox and firefox-esr. Closes: #821952. + * debian/control, debian/rules: Disable Gtk+3 for now. Closes: #822807. + + -- Mike Hommey <glandium@debian.org> Sun, 08 May 2016 09:11:06 +0900 + +firefox (46.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2016-{39,42,44-48}, also known as: + CVE-2016-2807, CVE-2016-2806, CVE-2016-2804, CVE-2016-2811, + CVE-2016-2812, CVE-2016-2814, CVE-2016-2816, CVE-2016-2817, + CVE-2016-2808, CVE-2016-2820. + + * debian/browser.install.in: Add ffmpeg vp9 libraries. + * debian/browser.lintian-overrides.in: Add a lintian override for + libmozavutil.so, which is not exactly libavutil. + * debian/control*: Bump nss and sqlite3 build dependencies. + * debian/browser.mozconfig.in, debian/control*, debian/rules: Remove + gstreamer dependencies and such, gstreamer support was removed upstream. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Apr 2016 09:04:38 +0900 + +firefox (45.0.2-1) unstable; urgency=medium + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 13 Apr 2016 10:07:02 +0900 + +firefox (45.0.1-1) unstable; urgency=medium + + * New upstream release. + - Disables Graphite font shaping library. + + * debian/browser.js.in: Don't mention the pref subdirectory in + /etc/firefox*/firefox*.js. Also reword the comment there, and remove some + parts of it. Closes: #818322. + * debian/control*: + - Bump libvpx build dependency to 1.4.0. Closes: #818454. + - Switch Vcs-* fields to https urls. + - Point Vcs-* urls to the right branch. + * debian/rules: Add --exclude=.mkdir.done to TAR_CREATE_FLAGS. + + * debian/control*, debian/firefox.in, debian/iceweasel.*, + debian/l10n/browser-l10n.control.in, debian/rules: Synchronize with the + firefox-esr source package. + + * ipc/chromium/moz.build, ipc/chromium/src/build/build_config.h, + ipc/chromium/src/base/atomicops.h, + ipc/chromium/src/base/atomicops_internals_arm64_gcc.h: Add aarch64 support + for atomic operations. bz#1250403. + * ipc/chromium/atomics/moz.build, ipc/chromium/moz.build, + media/webrtc/signaling/test/common.build: Link chromium mutex-based + atomics implementation to webrtc signaling tests. bz#1257888. This should + fix the powerpc FTBFSes. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Mar 2016 02:51:43 +0900 + +firefox (45.0-1) unstable; urgency=medium + + * New upstream non-ESR release. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Mar 2016 13:43:34 +0900 + +firefox-esr (45.0esr-1) unstable; urgency=medium + + * Farewell, Iceweasel. + * New upstream release. + * Fixes for mfsa2016-{16-34,37}, also known as: + CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, + CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, + CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, + CVE-2016-1964, CVE-2016-1965, CVE-2016-1967, CVE-2016-1968, + CVE-2016-1966, CVE-2016-1970, CVE-2016-1971, CVE-2016-1975, + CVE-2016-1976, CVE-2016-1973, CVE-2016-1974, CVE-2016-1977, + CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, + CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, + CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, + CVE-2016-2802. + + * debian/rules, debian/browser.install.in: Remove xpm icon. It was only + shipped for the menu file, which is not there anymore. + * debian/control*, debian/changelog: Rename the source package to + firefox-esr. + * debian/browser.install.in, debian/control*, debian/rules, + debian/upstream.mk, debian/vendor.js*: Remove the OFFICIAL_NAME variable + and adjust packaging code accordingly. Now all cases will be using the + official name, although in some cases the package name might be different. + * debian/rules: Remove epoch from l10n package names. + * debian/branding, debian/installer/package-manifest.browser, debian/rules, + debian/source/include-binaries: Remove debian/branding. + * debian/browser.postinst.in, debian/browser.prerm.in: Do not remove + compreg.dat, xpti.dat and .autoreg. Those files have not been created for + a long time, so no Debian "firefox" package will have created them. + * debian/browser.install.in, debian/browser.links.in, debian/rules: Remove + the default profile. It's going away for good in version 46 anyways, and + hasn't been provided upstream for a very long time. + * browser-dev.install.in, debian/libxul.pc.in, debian/mozilla-nspr.pc.in, + debian/mozilla-plugin.pc.in, debian/rules: Remove pkg-config files. They + don't exist upstream, and are obviously unused in Debian since libxul.pc + has been broken since version 40.0. + * debian/control*, debian/l10n/browser-l10n.control.in, debian/rules: Add + transitional packages when building firefox-esr. + * debian/upstream.mk: Remove -esr suffix from PRODUCT_NAME when downloading. + * debian/copyright: Update debian/copyright with some missing files. + * debian/browser.NEWS.in, debian/browser.README.Debian.in, + debian/firefox-esr.NEWS: Rearrange README and NEWS files. Removed outdated + information, moved the NTLM info from NEWS to README and added a NEWS file + for the transition off iceweasel. + * debian/browser.install.in, debian/browser.links.in: Move debsearch + searchplugin to usr/share/firefox{-esr,}/distribution/searchplugins. + * debian/browser.install.in, debian/browser.links.in: Move preferences from + /etc/firefox{-esr,}/pref to /etc/firefox{-esr,}. + * debian/control*: Bump nspr and nss build dependencies. + * debian/browser.mozconfig.in: Add --with-app-name option for firefox-esr. + * debian/browser.install.in: + - Don't install libmozgnome.so and corresponding manifests, it's gone. + - The default theme is now an XPI. + - Install features addons. + * debian/browser.preinst.in: Remove iceweasel diversion of /usr/bin/firefox. + * debian/rules, debian/removed_conffiles*: Remove all iceweasel conffiles. + * debian/source/lintian-overrides: + - Remove source package name so that the same file can be used for both + firefox and firefox-esr. + - Fix some existing lintian overrides to actually work. + - Add lintian overrides for new false positives. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Mar 2016 08:43:16 +0900 + +iceweasel (44.0.2-1) unstable; urgency=medium + + * New upstream release + * Fixes for mfsa2016-13, also known as CVE-2016-1949. + + * debian/control*: + - Bump sqlite3 build dependency. + - Bump Standards-Version. No changes required. + * debian/copyright: + - Rename all BSD-n licenses to BSD-n-clause. + - Remove commas separating lines in Files and Copyright. + - Fixup some lintian warnings. + * debian/source/lintian-overrides: Add lintian overrides for various + "errors" in the source package. See associated comments. + * debian/rules: Avoid tar creating hard links with -h for symlinks pointing + to the same file. + * debian/browser.menu.in: Remove menu file. + + -- Mike Hommey <glandium@debian.org> Sun, 14 Feb 2016 18:25:51 +0900 + +iceweasel (44.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2016-{01-04,06,09-11}, also known as: + CVE-2016-1930, CVE-2016-1931, CVE-2016-1933, CVE-2016-1935, + CVE-2016-1939, CVE-2016-1937, CVE-2016-1942, CVE-2016-1943, + CVE-2016-1944, CVE-2016-1945, CVE-2016-1946, CVE-2016-1947. + + * js/src/jit/mips-shared/Architecture-mips-shared.h, + js/src/jit/mips-shared/Assembler-mips-shared.*, + js/src/jit/mips32/Architecture-mips32.*, + js/src/jit/mips32/Assembler-mips32.*, + js/src/jit/mips64/Architecture-mips64.*, + js/src/jit/mips64/Assembler-mips64.*: Fix build failure on mipsel. + bz#1213146. + + -- Mike Hommey <glandium@debian.org> Wed, 27 Jan 2016 11:12:44 +0900 + +iceweasel (43.0.4-1) unstable; urgency=medium + + * New upstream release. + + * debian/removed_conffiles: Add profile/bookmarks.html to the list of + removed conffiles. Closes: #809309. + * debian/removed_conffiles*, debian/rules: Add @browser@rc to the list of + removed conffiles. Closes: #809386. + + -- Mike Hommey <glandium@debian.org> Fri, 08 Jan 2016 08:03:06 +0900 + +iceweasel (43.0.2-1) unstable; urgency=medium + + * New upstream release. + + * debian/latest_nightly.py, debian/upstream.mk: Ensure aurora/nightly + versions match the requested one for `debian/rules download`. + + * toolkit/mozapps/extensions/internal/XPIProvider.jsm: Simplify change + allowing unsigned addons in /usr/{lib,share}/mozilla/extensions. + * browser/components/migration/MigrationUtils.jsm, + browser/components/nsBrowserGlue.js, browser/installer/package-manifest.in, + browser/locales/Makefile.in: Move bookmarks.html to a chrome localized + location. bz#1235107. + * js/src/jit/mips-shared/Lowering-mips-shared.*, + js/src/jit/mips32/Lowering-mips32.h: Move LIRGeneratorMIPS::visitRandom to + architecture-specific: bz#1206591. + + -- Mike Hommey <glandium@debian.org> Mon, 28 Dec 2015 16:45:41 +0900 + +iceweasel (43.0.1-1) experimental; urgency=medium + + * New upstream release. + + * toolkit/mozapps/extensions/content/extensions.js, + toolkit/mozapps/extensions/internal/XPIProvider.jsm: Allow unsigned + addons in /usr/{lib,share}/mozilla/extensions when upgrading as well, + and avoid message about them not being verified in about:addons. + Closes: #808228. + * security/nss/lib/ckfw/builtins/certdata.txt: Remove the SPI Inc. and + CAcert.org CA certificates for backports. The former was removed in + NSS 3.21-1 and the latter in 3.16-1, and remained here largely + overlooked. + * media/webrtc/trunk/build/build_config.h: Add aarch64 macros. bz#1219566. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Dec 2015 12:15:56 +0900 + +iceweasel (43.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{134-149}, also known as: + CVE-2015-7201, CVE-2015-7202, CVE-2015-7204, CVE-2015-7207, + CVE-2015-7208, CVE-2015-7210, CVE-2015-7212, CVE-2015-7215, + CVE-2015-7211, CVE-2015-7218, CVE-2015-7219, CVE-2015-7216, + CVE-2015-7217, CVE-2015-7203, CVE-2015-7220, CVE-2015-7221, + CVE-2015-7205, CVE-2015-7213, CVE-2015-7222, CVE-2015-7223, + CVE-2015-7214. + + * debian/control*: Bump nss build dependency. + * debian/rules: + - Follow upstream default for Gtk+2 vs. Gtk+3 automatically. + - Only extract defaults/{preferences,profile} from browser/omni.ja. + * debian/browser.install.in: Don't install libdbusservice.so, it's gone. + + * toolkit/mozapps/extensions/internal/XPIProvider.jsm: Allow unsigned + addons in /usr/{lib,share}/mozilla/extensions. Closes: #800150. + + -- Mike Hommey <glandium@debian.org> Wed, 16 Dec 2015 10:56:36 +0900 + +iceweasel (42.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{116-118,121-123,127-132}, also known as: + CVE-2015-4513, CVE-2015-4514, CVE-2015-4515, CVE-2015-4518, + CVE-2015-7187, CVE-2015-7188, CVE-2015-7189, CVE-2015-7193, + CVE-2015-7194, CVE-2015-7195, CVE-2015-7196, CVE-2015-7198, + CVE-2015-7199, CVE-2015-7200, CVE-2015-7197. + + * debian/control*: Bump nspr, nss and sqlite build dependencies. + * debian/browser.install.in: + - Adapt to location change for the Gtk+2 wrapper library. + - Install liblgpllibs.so. + * debian/branding/content/Makefile.in: identity-icons-brand*.png were + replaced by a svg. + + -- Mike Hommey <glandium@debian.org> Wed, 04 Nov 2015 09:08:45 +0900 + +iceweasel (41.0.2-1) experimental; urgency=medium + + * New upstream release. + * Fix for mfsa2015-115, also known as CVE-2015-7184. + + -- Mike Hommey <glandium@debian.org> Fri, 16 Oct 2015 08:30:41 +0900 + +iceweasel (41.0.1-1) experimental; urgency=medium + + * New upstream release. + + * debian/watch: Update watch file to use https://archive.mozilla.org/ and xz + archives. + + * toolkit/library/moz.build: Link libxul against libatomic when necessary. + bz#1178266. + + -- Mike Hommey <glandium@debian.org> Mon, 05 Oct 2015 09:38:16 +0900 + +iceweasel (41.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{96,98,102-112}, also known as: + CVE-2015-4500, CVE-2015-4501, CVE-2015-4504, CVE-2015-4507, + CVE-2015-4508, CVE-2015-4510, CVE-2015-4511, CVE-2015-4509, + CVE-2015-4512, CVE-2015-4502, CVE-2015-4516, CVE-2015-4519, + CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, + CVE-2015-7175, CVE-2015-7177. + + * debian/control*: Bump sqlite build dependency. + + * config/system-headers: Add a system header wrapper for + <freetype/ftfntfmt.h>. bz#1194520. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Sep 2015 11:34:28 +0900 + +iceweasel (40.0.3-3) experimental; urgency=medium + + * debian/browser.js.in: Disable Health Report upload. + + * build/autoconf/toolchain.m4: Fixup for libatomic detection. + * browser/components/preferences/applications.js, + uriloader/exthandler/nsHandlerService.js: Revert patch from 3.0.1-1 + that doesn't seem useful anymore. + * browser/confvars.sh: Stop not building Health Report. + * l10n-ru/browser/chrome/browser-region/region.properties: Revert reordering + of mailto handlers. + * toolkit/components/search/nsSearchService.js: Revert change from 12.0-1 that + handled the transition to /etc/<appname>/searchplugins more gracefully + because that's not doing anything useful anymore. + + -- Mike Hommey <glandium@debian.org> Mon, 31 Aug 2015 11:32:14 +0900 + +iceweasel (40.0.3-2) experimental; urgency=medium + + * debian/rules, debian/removed_conffiles, debian/browser.postinst.in, + debian/browser.postrm.in, debian/browser.preinst.in: Remove past conffiles. + Closes: #795353. + + * build/autoconf/toolchain.m4, mfbt/moz.build: Link against libatomic + when necessary to fix FTBFS on powerpc and mips. + + -- Mike Hommey <glandium@debian.org> Sun, 30 Aug 2015 20:08:08 +0900 + +iceweasel (40.0.3-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{94-95}, also known as: + CVE-2015-4497, CVE-2015-4498. + + * debian/import-tar.py, debian/repack.py, debian/upstream.mk: + Adjust debian/upstream.mk, debian/repack.py and debian/import-tar.py + to cope with xz source tarballs. + * debian/control*: Suggest Latin Modern Math instead of MathJax TeX fonts + for MathML rendering, and remove suggestion for Asana Math. Thanks + Frédéric Wang. Closes: #792012. + * debian/rules, debian/upstream.mk: Don't set LESS_SYSTEM_LIBS when + building a backport for stretch. Closes: #795331. + * debian/copyright: Fix typo in MPL 1.1 license version number. + Closes: #755802. + * debian/upstream.mk: Avoid latest_nightly.py being run every time + debian/rules is invoked for aurora builds. + * debian/rules, debian/control.in: Force build with GCC 4.7 when + backporting to wheezy. + + * media/libvpx/moz.build: Build libvpx neon code without -mthumb and + -mfloat-abi=softfp. Closes: #795337. + * configure.in: Build libvpx neon code with -mfloat-abi=softfp on armel. + * media/libjpeg/simd/jsimd_mips_dspr2.S: Fix build error in MIPS SIMD + when compiling with -mfpxx. + + -- Mike Hommey <glandium@debian.org> Fri, 28 Aug 2015 18:49:49 +0900 + +iceweasel (40.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{79-83,86-88,90-92}, also known as: + CVE-2015-4473, CVE-2015-4474, CVE-2015-4475, CVE-2015-4477, + CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4493, + CVE-2015-4483, CVE-2015-4484, CVE-2015-4491, CVE-2015-4487, + CVE-2015-4488, CVE-2015-4489, CVE-2015-4490, CVE-2015-4492. + + * debian/latest_nightly.py, debian/upstream.mk: Modify latest_nightly.py to + work without ftp now that it's gone. + * debian/upstream.mk: Switch to HTTPS for all hg.mozilla.org urls. + * debian/rules, debian/browser.install.in: Don't copy searchplugins to + /etc/iceweasel. They now are in chrome://. + * debian/browser.install.in: Don't install libmozalloc.so, it doesn't exist + anymore. + + * toolkit/components/search/nsSearchService.js: Revert change from 32.0.3-1 + that bumped the search engine max icon size to 35kB because it's not + needed anymore. + + -- Mike Hommey <glandium@debian.org> Wed, 12 Aug 2015 09:21:06 +0900 + +iceweasel (39.0.3-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-78, also known as CVE-2015-4495. + + * debian/source.filter: Remove the source tarball filtering of search plugin + icons. See 20150715221703.GD19084@glandium.org. + + -- Mike Hommey <glandium@debian.org> Fri, 07 Aug 2015 08:52:52 +0900 + +iceweasel (39.0-1) experimental; urgency=medium + + * New upstream release. + + * debian/branding/content/Makefile.in: Re-revert to non-ESR branding. + + -- Mike Hommey <glandium@debian.org> Fri, 03 Jul 2015 19:07:36 +0900 + +iceweasel (38.1.0esr-2) unstable; urgency=medium + + * debian/control*: Bump NSS build dependency. + + -- Mike Hommey <glandium@debian.org> Fri, 03 Jul 2015 15:26:43 +0900 + +iceweasel (38.1.0esr-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{59-67,69}, also known as: + CVE-2015-2724, CVE-2015-2725, CVE-2015-2727, CVE-2015-2728, + CVE-2015-2729, CVE-2015-2731, CVE-2015-2730, CVE-2015-2722, + CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, + CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740, + CVE-2015-2741, CVE-2015-2743. + + * debian/rules: Use the right --target, --host and --build arguments to + configure for the Mozilla build system, which uses different meanings. + * debian/branding/firefox-branding.js: Add devtools.selfxss.count pref + to the iceweasel branding to match unofficial branding. Closes: #787975. + * debian/browser.js.in: Use a sticky pref for browser.newtabpage.enhanced. + * debian/branding/content/Makefile.in: Revert branding changes for SVG + wordmark, not used on ESR + + * modules/libpref/prefapi.*, modules/libpref/prefread.*, + modules/libpref/test/unit/data/testPrefSticky*.js, + modules/libpref/test/unit/test_stickyprefs.js, + modules/libpref/test/unit/xpcshell.ini: support 'sticky' preferences, + meaning a user value is retained even when it matches the default. + bz#1098343. + * browser/app/profile/firefox.js, browser/base/content/newtab/intro.js, + browser/base/content/newtab/page.js, + browser/modules/DirectoryLinksProvider.jsm: Update patch from bz#1094324 + to fit what landed upstream in newer versions. + + -- Mike Hommey <glandium@debian.org> Fri, 03 Jul 2015 08:57:25 +0900 + +iceweasel (38.0.1-5) unstable; urgency=medium + + * debian/rules: Force a timezone when extracting defaults/* files from + omni.ja archives. + + -- Mike Hommey <glandium@debian.org> Wed, 27 May 2015 07:36:04 +0900 + +iceweasel (38.0.1-4) unstable; urgency=medium + + * python/mozbuild/mozpack/files.py: Fixup to keep file type. + * toolkit/content/Makefile.in, toolkit/content/buildconfig.html: Remove build + machine name from about:buildconfig. bz#1168316. + + -- Mike Hommey <glandium@debian.org> Tue, 26 May 2015 21:39:38 +0900 + +iceweasel (38.0.1-3) unstable; urgency=medium + + * debian/upstream.mk: Force a timezone when setting MOZ_BUILD_DATE. + + * python/mozbuild/mozpack/files.py: Normalize file mode in jars. + bz#1168231. + + -- Mike Hommey <glandium@debian.org> Tue, 26 May 2015 08:13:55 +0900 + +iceweasel (38.0.1-2) unstable; urgency=medium + + * debian/upstream.mk: Set MOZ_BUILD_DATE to the date of the last + debian/changelog entry for non-Aurora builds. + * debian/branding/content/Makefile.in: Add a dummy conversion for about.png + to remove timestamps. + * debian/browser.js.in: Default to classic view for about:newtab. + * debian/copyright: Update copyright file to some degree. + * debian/control*: Bump Standards-Version to 3.9.6.0. + - debian/rules: Add build-arch and build-indep targets to debian/rules. + * debian/control*: Switch Vcs-* urls to anonscm.debian.org. + + * ipc/testshell/XPCShellEnvironment.cpp, js/src/shell/js.cpp, + js/xpconnect/src/XPCShellImpl.cpp: Remove build() function from js and + xpc shells. bz#1166243. + * toolkit/locales/l10n.mk. Use dozip.py for langpacks. bz#1166538. + * browser/app/profile/firefox.js, browser/base/content/newtab/intro.js + browser/modules/DirectoryLinksProvider.jsm: Set browser.newtabpage.enhanced + default in prefs. bz#1094324. + + -- Mike Hommey <glandium@debian.org> Mon, 25 May 2015 13:25:40 +0900 + +iceweasel (38.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/vendor.js.in: Disable auto-installing webide related addons. + Closes: #785595. + * debian/rules: Disable jit on mips. Only mipsel is supported by the jit + code currently. + + * configure.in, media/libjpeg/moz.build: Fixup libjpeg-turbo assembly + cleanup. + * security/manager/ssl/src/SSLServerCertVerification.cpp: Add a NULL-check + for extensions on the end entity certificate when gathering EKU telemetry. + Closes: #782772. + + -- Mike Hommey <glandium@debian.org> Tue, 19 May 2015 13:56:45 +0900 + +iceweasel (38.0-2) unstable; urgency=medium + + * debian/repack.py: Fix to support filter patterns excluding a top-level + directory. + + * configure.in: Cleanup how libjpeg-turbo assembly build variables are set. + bz#1165654. This should fix FTBFSes on arm64 and mips*. + * memory/mozjemalloc/jemalloc.c: Make powerpc not use static page sizes. + Closes: #763900. + + -- Mike Hommey <glandium@debian.org> Sun, 17 May 2015 10:48:06 +0900 + +iceweasel (38.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{46,48-51,53-56}, also know as: + CVE-2015-2708, CVE-2015-2709, CVE-2015-2710, CVE-2015-2711, + CVE-2015-2712, CVE-2015-2713, CVE-2015-2715, CVE-2015-2716, + CVE-2015-2717, CVE-2015-2718. + + * debian/branding/Makefile.in, debian/branding/moz.build: Adapt build rules + to upstream changes + * debian/branding/locales/en-US/brand.*: Add brandShorterName to Iceweasel + branding. + * debian/branding/content/Makefile.in: Add silhouette-40.svg from the + unofficial branding to iceweasel branding + * debian/control*: Bump nss and sqlite build dependencies. + * debian/control.in, debian/upstream.mk: Change backport rules. + - Set LESS_SYSTEM_LIBS on wheezy and jessie. + - Only use gstreamer 0.10 on wheezy. + + -- Mike Hommey <glandium@debian.org> Wed, 13 May 2015 09:59:33 +0900 + +iceweasel (37.0.2-1) experimental; urgency=medium + + * New upstream release. + * Fix for mfsa2015-45, also known as CVE-2015-2706. + + -- Mike Hommey <glandium@debian.org> Tue, 21 Apr 2015 07:44:32 +0900 + +iceweasel (37.0.1-1) experimental; urgency=medium + + * New upstream release. + * Fix for mfsa2015-44, also known as CVE-2015-0799. + + * debian/browser.js.in: Change the pref used to disable openh264. + Closes: #769716. + + -- Mike Hommey <glandium@debian.org> Sat, 04 Apr 2015 10:29:21 +0900 + +iceweasel (37.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{30-34,36-40,42}, also known as: + CVE-2015-0815, CVE-2015-0814, CVE-2015-0813, CVE-2015-0812, + CVE-2015-0816, CVE-2015-0811, CVE-2015-0808, CVE-2015-0807, + CVE-2015-0805, CVE-2015-0806, CVE-2015-0803, CVE-2015-0804, + CVE-2015-0801, CVE-2015-0802. + + -- Mike Hommey <glandium@debian.org> Wed, 01 Apr 2015 08:47:45 +0900 + +iceweasel (36.0.4-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{28-29}, also known as: + CVE-2015-0818, CVE-2015-0817. + + -- Mike Hommey <glandium@debian.org> Sun, 22 Mar 2015 10:30:14 +0900 + +iceweasel (36.0.1-2) experimental; urgency=medium + + * debian/browser.mozconfig.in: Don't build with --disable-eme, reverting the + change from 36.0-1. + + -- Mike Hommey <glandium@debian.org> Mon, 09 Mar 2015 11:04:37 +0900 + +iceweasel (36.0.1-1) experimental; urgency=medium + + * New upstream release. + + * gfx/layers/basic/BasicCompositor.cpp, + gfx/layers/basic/BasicLayerManager.cpp: Reintroduce pixman code path + removed in bz#1097776 for --disable-skia builds. bz#1136958. + + -- Mike Hommey <glandium@debian.org> Mon, 09 Mar 2015 08:45:03 +0900 + +iceweasel (36.0-2) experimental; urgency=medium + + * debian/browser.mozconfig.in: Force enable skia, to possibly fix FTBFS + on non-x86/amd64/arm architectures. + + * gfx/skia/moz.build: Remove duplicate SkDiscardableMemory_none.cpp. + bz#1136958. + + -- Mike Hommey <glandium@debian.org> Thu, 26 Feb 2015 18:12:45 +0900 + +iceweasel (36.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{11,13-17,19-27}, also known as: + CVE-2015-0836, CVE-2015-0835, CVE-2015-0832, CVE-2015-0830, + CVE-2015-0834, CVE-2015-0831, CVE-2015-0829, CVE-2015-0827, + CVE-2015-0826, CVE-2015-0825, CVE-2015-0824, CVE-2015-0823, + CVE-2015-0822, CVE-2015-0821, CVE-2015-0819, CVE-2015-0820. + + * debian/control*: Bump nss and sqlite build dependencies. + * debian/branding/Makefile.in, debian/branding/moz.build, + debian/extra-stuff/Makefile.in, debian/extra-stuff/moz.build: Update and + cleanup. + * debian/browser.install.in: Remove mozilla-xremote-client, it was removed + upstream. + * debian/browser.install.in, debian/rules: Remove libmozsandbox.so, it's + not a shared library anymore. + * debian/browser.mozconfig.in: Build with --disable-eme for now, + + -- Mike Hommey <glandium@debian.org> Wed, 25 Feb 2015 16:16:40 +0900 + +iceweasel (35.0.1-1) experimental; urgency=medium + + * New upstream release. + + * debian/browser.install.in, debian/rules: Only install libmozsandbox.so on + i386 and amd64. + * debian/control: Recommend gstreamer packages for video playing capabilities. + Closes: #737092. Also change the gstreamer build dependencies not to use + alternatives. + + -- Mike Hommey <glandium@debian.org> Fri, 30 Jan 2015 10:31:28 +0900 + +iceweasel (35.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2015-{01-06,08-09}, also known as: + CVE-2014-8634, CVE-2014-8635, CVE-2014-8637, CVE-2014-8637, + CVE-2014-8639, CVE-2014-8640, CVE-2014-8641, CVE-2014-8642, + CVE-2014-8636. + + * debian/browser.mozconfig.in: Build with --enable-pie instead of our own + patch to the build system. + + * moz.build: Fix how debian/extra-stuff is added to upstream build system + directory traversal after upstream changes. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Jan 2015 11:46:37 +0900 + +iceweasel (34.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{83-89,91}, also known as: + CVE-2014-1587, CVE-2014-1588, CVE-2014-1589, CVE-2014-1590, + CVE-2014-1591, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594, + CVE-2014-8631, CVE-2014-8632. + + * debian/branding/firefox-branding.js: Set browser.aboutHomeSnippets.updateUrl + to "data:text/html,", which resets previously downloaded snippets after a + day. + * debian/browser.js.in: Avoid openh264 being downloaded and disable it if it + is already there. Closes: #769716. + * debian/control*: Bump nss and sqlite build dependencies. + * debian/rules: Remove --disable-compile-environment for l10n builds because + of bz#1063880. + * debian/browser.install.in: Add sandbox library. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Dec 2014 01:11:24 -0800 + +iceweasel (33.1-1) experimental; urgency=medium + + * New upstream release. + + * debian/changelog: Add missing entries for 27.0.1-1. + * debian/rules: Don't force to build with GCC 4.9 on armhf anymore. + * debian/browser.mozconfig.in: Don't build with --enable-unified-compilation. + It may be causing build problems on architectures with limited resources. + * debian/browser.install.in, debian/browser.postinst.in, + debian/browser.postrm.in, debian/browser.preinst.in, debian/duckduckgo.xml: + Remove duckduckgo search engine, since upstream now has it included. + * debian/branding/firefox-branding.js: + - Set browser.startup.homepage_override.mstone to "ignore". + - Set browser.aboutHomeSnippets.updateUrl to nothing. Closes: #721689. + + * Import patches from the nss source package that are relevant to building + iceweasel against the in-tree nss source, for backports: + - security/nss/lib/freebl/unix_rand.c, + security/nss/cmd/shlibsign/shlibsign.c: Fix FTBFS on Hurd because of + MAXPATHLEN + - security/nss/coreconf/Linux.mk, + security/nss/coreconf/arch.mk, security/nss/coreconf/config.mk, + security/nss/lib/freebl/unix_rand.c, security/nss/lib/softoken/softoken.h, + security/nss/lib/ssl/sslmutex.*: GNU/kFreeBSD support. + - security/nss/lib/ckfw/builtins/certdata.txt: Adds the SPI Inc. and + CAcert.org CA certificates. + Those patches were applied on the esr24 branch, but were forgotten on the + release branch at the time. + * media/libcubeb/tests/moz.build: Work around binutils assertion on mips. + + -- Mike Hommey <glandium@debian.org> Tue, 11 Nov 2014 12:08:34 +0900 + +iceweasel (33.0-2) experimental; urgency=medium + + * debian/control*, debian/rules: Do not build depend on gstreamer 1.0 when + building a backport. + + * netwerk/base/public/security-prefs.js, + security/manager/ssl/src/nsNSSComponent.cpp: Disable SSLv3 to address + CVE-2014-3566. bz#1076983. + + -- Mike Hommey <glandium@debian.org> Sat, 18 Oct 2014 10:45:27 +0900 + +iceweasel (33.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{74-76,78-82}, also known as: + CVE-2014-1574, CVE-2014-1575, CVE-2014-1576, CVE-2014-1577, + CVE-2014-1580, CVE-2014-1581, CVE-2014-1582, CVE-2014-1584, + CVE-2014-1585, CVE-2014-1586, CVE-2014-1583. + + * debian/control*: Bump nss and sqlite build dependencies. + * debian/browser.install.in, debian/control.in, debian/rules, + debian/upstream.mk, debian/vendor.js.in: Change how official branding is + handled. + * debian/rules: Disable tests on stable-security. + * debian/browser.install.in, debian/browser.mozconfig.in, debian/control.in, + debian/rules: Allow to build against Gtk+3 by setting the GTK3 environment + variable while building. + + -- Mike Hommey <glandium@debian.org> Wed, 15 Oct 2014 09:40:22 +0900 + +iceweasel (32.0.3-1) experimental; urgency=medium + + * New upstream release. + + * toolkit/components/search/nsSearchService.js: Bump search engine max icon + size to 35kB. Closes: #749084. + * build/autoconf/compiler-opts.m4, config/rules.mk: Build target programs as + position independent executable when supported by gcc/clang. bz#857628. + + -- Mike Hommey <glandium@debian.org> Thu, 25 Sep 2014 15:27:37 +0900 + +iceweasel (32.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{67-70,72}, also known as: + CVE-2014-1562, CVE-2014-1553, CVE-2014-1554, CVE-2014-1563, + CVE-2014-1564, CVE-2014-1565, CVE-2014-1567. + + * debian/browser.bug-script.in, debian/browser.install.in, + debian/extra-stuff/Makefile.in, debian/extra-stuff/reportbug-helper-script, + debian/installer/package-manifest.browser: Fix bug script. + * debian/browser.install.in, debian/rules, debian/upstream.mk: Install + libreplace_malloc.so when building a nightly. + * debian/control*: Bump nss and sqlite build dependencies. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Sep 2014 15:08:17 +0900 + +iceweasel (31.0-3) unstable; urgency=high + + * The "this time it's going to build on armel" release. + + * debian/rules, debian/control*: Update configure with autoconf2.13 every + time. + + * configure.in: Use integers for audio when on Android, or when using ARM + on other OSes, and disable webm encoding. bz#1047791. + + -- Mike Hommey <glandium@debian.org> Sun, 03 Aug 2014 09:52:28 +0900 + +iceweasel (31.0-2) unstable; urgency=high + + * Urgency set to high to have a faster transition after armel FTBFS is + fixed (which is the only thing that prevented the transition). + * debian/control*: Remove forced gcc-4.9 build dependency for armhf. + + * media/libopus/moz.build: Disable some libopus ARM features on < ARMv6. + bz#1025689. + + -- Mike Hommey <glandium@debian.org> Sat, 02 Aug 2014 09:28:53 +0900 + +iceweasel (31.0-1) unstable; urgency=medium + + * New upstream release. + - Fixes crashes in WbGL when building with GCC 4.9. Closes: #751569. + * Fixes for mfsa2014-{56-58,60-62,64-66}, also known as: + CVE-2014-1547, CVE-2014-1548, CVE-2014-1549, CVE-2014-1550, + CVE-2014-1561, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557, + CVE-2014-1558, CVE-2014-1559, CVE-2014-1560, CVE-2014-1552. + + * debian/browser.lintian-overrides.in: Add lintian override for embedded + srtp. + * debian/browser.NEWS.in: Add a NEWS file to note the deprecation of + NTLMv1 authentication. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Jul 2014 08:00:15 +0900 + +iceweasel (30.0-2) unstable; urgency=medium + + * debian/browser-dev.install.in, debian/control*, debian/libxul.pc.in, + debian/mozilla-nspr.pc.in, debian/mozilla-plugin.pc.in, debian/rules: + Add a few pkg-config files to the iceweasel-dev package. Closes: #751268. + + * gfx/skia/trunk/src/opts/SkBlitRow_opts_arm.cpp: Re-apply patch from + bz#901208 that upstream dropped when updating skia. + + -- Mike Hommey <glandium@debian.org> Sat, 14 Jun 2014 09:30:39 +0900 + +iceweasel (30.0-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{48-49,51-54}, almost known as: + CVE-2014-1533, CVE-2014-1534, CVE-2014-1536, CVE-2014-1537, + CVE-2014-1538, CVE-2014-1540, CVE-2014-1541, CVE-2014-1542, + CVE-2014-1543. + + * debian/control*: Bump sqlite3 and nspr build dependencies. + * debian/rules: Don't check autoconf.mk and emptyvars.mk in js/src/config, + that's not used anymore. + * debian/browser-dev.install.in, debian/browser-dev.links.in, + debian/browser.install.in, debian/browser.links.in, + debian/browser.lintian-overrides.in, debian/browser.mozconfig.in + debian/control*, debian/extra-stuff/Makefile.in, + debian/installer/package-manifest.browser, debian/noinstall.in, + debian/rules, debian/test.mk: Stop building xulrunner packages. + * debian/installer/package-manifest.xulrunner, debian/dh/*, + debian/xulrunner*: Removed. + * debian/browser.lintian-overrides.in: Add lintian override for embedded + libpng with APNG support. + * debian/rules: Make xpcshell executable in the SDK. + * debian/copyright: Point to /usr/share/common-licenses/Apache-2.0 instead + of including the whole license. Also fix a couple typos. + + * browser/components/migration/content/migration.js, + browser/components/migration/content/migration.xul, + browser/components/migration/src/BrowserProfileMigrators.manifest, + browser/components/migration/src/FirefoxProfileMigrator.js, + browser/components/migration/src/MigrationUtils.jsm, + browser/components/migration/src/ProfileMigrator.js, + browser/locales/en-US/chrome/browser/migration/migration.dtd, + browser/locales/en-US/chrome/browser/migration/migration.properties, + l10n-*/browser/chrome/browser/migration/migration.properties, + toolkit/content/resetProfile.js, toolkit/modules/ResetProfile.jsm, + toolkit/profile/nsIProfileMigrator.idl, toolkit/xre/nsAppRunner.cpp: + Revert previous "Reset Firefox" changes. + * toolkit/modules/ResetProfile.jsm, toolkit/xre/nsAppRunner.cpp: Use + "firefox" instead of MOZ_APP_NAME for profile reset. + * xulrunner/moz.build, xulrunner/installer/*.pc.in, xulrunner/confvars.sh, + xulrunner/app/xulrunner.js, netwerk/test/unit/test_socks.js, + webapprt/gtk2/webapprt.cpp, configure.in, + xpcom/glue/standalone/nsXPCOMGlue.cpp: Revert changes that are + irrelevant now that Iceweasel is not a xulrunner application. + * browser/app/profile/firefox.js, browser/locales/en-US/firefox-l10n.js: + Revert changes to general.useragent.locale. They are actually not required. + + -- Mike Hommey <glandium@debian.org> Sat, 07 Jun 2014 10:27:46 +0900 + +iceweasel (29.0.1-2) unstable; urgency=medium + + * debian/rules: + - Don't pull MOZ_UA_BUILDID from official branding, it's not there anymore + and not useful anyways since bz#728773. + - Properly create all stamp files. + * debian/control*: xulrunner-dev conflicts with libmozjs-dev. Closes: #747761 + * debian/rules, debian/control*: Use GCC 4.9 on armhf to work around bug + #748422. + + * js/xpconnect/src/XPCWrappedJSClass.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_ppc_*.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_sparc_*.cpp: Fixup ppc and + sparc xpconnect + + -- Mike Hommey <glandium@debian.org> Sat, 24 May 2014 08:11:59 +0900 + +iceweasel (29.0.1-1) unstable; urgency=medium + + * New upstream release. + + * debian/control*, debian/rules: Don't separate out the libdbusservice + component for dh_shlibdeps. libxul.so has had the same dependencies for + a while anyways. + * debian/rules: Replace occurrences of /usr/lib/$($(PRODUCT)) with + $(LIB_DIR). + * debian/xulrunner-dev.links.in: Install nspr-config in the sdk, not the + application directory. Also don't install it when building with bundled + nspr. + * debian/browser.mozconfig*, debian/rules: Move --with-system-nspr/nss flags + to browser.mozconfig. + * debian/rules: Use browser.mozconfig to build l10n. + * debian/control*, debian/rules, debian/xulrunner.mozconfig.in: Build against + gstreamer 1.0 when possible. + + * js/src/jit/BaselineIC.cpp, js/src/jit/arm/MacroAssembler-arm.cpp, + js/src/jit/arm/MacroAssembler-arm.h: Fix mis-refactoring, and add some + asserts to let debug users know that float32 can be broken. bz#957504. + * Pass JSVAL as a pointer to the structure on ppc. bz#961488. + * configure.in, content/media/gstreamer/GStreamerAllocator.*, + content/media/gstreamer/GStreamerFormatHelper.cpp, + content/media/gstreamer/GStreamerFunctionList.h, + content/media/gstreamer/GStreamerLoader.*, + content/media/gstreamer/GStreamerReader*, + content/media/gstreamer/moz.build, content/media/test/manifest.js: Add + support for GStreamer 1.0. bz#806917. + + -- Mike Hommey <glandium@debian.org> Sun, 11 May 2014 15:53:14 +0900 + +iceweasel (29.0-2) experimental; urgency=medium + + * debian/rules: Don't use find to get the list of autoconf.mk and + emptyvars.mk files. This should fix the FTBFSes on i386 and armhf. + * debian/branding/content/Makefile.in, debian/branding/content/jar.mn, + debian/branding/locales/Makefile.in, debian/branding/locales/jar.mn: + Add missing icons to branding. Closes: #747049. + * debian/browser.links.in: Remove dangling /usr/lib/iceweasel/browser/modules. + Closes: #746529. + + * gfx/src/nsDeviceContext.cpp: Backout bz#991767 for causing bz#1003707. + Closes: #746598. + + -- Mike Hommey <glandium@debian.org> Wed, 07 May 2014 10:30:20 +0900 + +iceweasel (29.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{34,36-39,41-44,46-47}, almost known as: + CVE-2014-1518, CVE-2014-1519, CVE-2014-1522, CVE-2014-1523, + CVE-2014-1525, CVE-2014-1528, CVE-2014-1529, CVE-2014-1530, + CVE-2014-1531, CVE-2014-1532, CVE-2014-1526. + + * debian/control*: Bump nspr and sqlite3 build dependencies. + * debian/rules: Adjust AUTOCONF_DIRS. + * debian/branding/moz.build, debian/branding/content/moz.build, + debian/branding/locales/moz.build: Add now necessary definition for jar.mn. + * debian/branding/configure.sh: Set MOZ_APP_NAME. + * debian/browser.install.in, debian/browser.mozconfig, debian/rules: + Use omnijar chrome format for browser. + * debian/control*: Build depend on iso-codes. + + * config/makefiles/target_binaries.mk, config/rules.mk, js/src/Makefile.in: + Revert changes to add sonames, since the last library this was used for + is mozjs, and it was removed in 28.0-1. + + -- Mike Hommey <glandium@debian.org> Mon, 28 Apr 2014 23:21:57 -0700 + +iceweasel (28.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{15,17-20,22-23,26-32}, also known as + CVE-2014-1493, CVE-2014-1494, CVE-2014-1497, CVE-2014-1498, + CVE-2014-1499, CVE-2014-1500, CVE-2014-1502, CVE-2014-1504, + CVE-2014-1508, CVE-2014-1509, CVE-2014-1505, CVE-2014-1510, + CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514. + + * debian/branding/content/Makefile.in, debian/branding/content/jar.mn, + debian/branding/content/wordmark.xsl: Adapt Iceweasel branding to upstream + changes. Closes: #739797. + * debian/extra-stuff/Makefile.in, debian/installer/Makefile.in, + debian/rules: Fix various places to use the new location of the upstream + preprocessor. + * debian/control*: + - Bump nspr, sqlite and vpx build dependencies. + - Add build dependency on libpulse-dev. + * debian/branding/content/Makefile.in: Fix iceweasel branding build after + bz#934361. + * moz.build, debian/rules, debian/extra-stuff/moz.build: Add + debian/extra-stuff to upstream build system directory traversal. + * moz.build: Make upstream build system create debian/installer/Makefile. + * debian/rules: Remove rules to create Makefiles, they don't work anymore. + * debian/rules: Fix dh_xulrunner npapi check to fit upstream changes. + * debian/xulrunner.mozconfig.in, debian/control*: Use in-tree libvpx for + backports. + * debian/latest_nightly.py: Use ftplib instead of ftputil. + * debian/noinstall.in, debian/xulrunner-dev.install.in: Install + mozilla-nspr.pc and mozilla-nss.pc when building backports. Closes: #739490. + * debian/control*, debian/libmozjs*, debian/noinstall.in, debian/rules, + debian/smjs.1, debian/spidermonkey-bin*, + debian/xulrunner-GRE_VERSION.links.in, debian/xulrunner-dev.install.in, + debian/xulrunner.mozconfig.in: Stop building spidermonkey packages. + * debian/xulrunner.mozconfig.in: Enable unified compilation for faster builds, + smaller debug info and possibly less memory usage when linking. + + * modules/libpref/src/moz.build, modules/libpref/src/Makefile.in: Fixup + MOZ_OFFICIAL_BRANDING use for phishing shavar after upstream build system + changes. + * xulrunner/installer/mozilla-ns*.pc.in: Fix includedir in mozilla-nspr.pc + and mozilla-nss.pc. bz#985200. + + -- Mike Hommey <glandium@debian.org> Wed, 19 Mar 2014 13:18:08 +0900 + +iceweasel (27.0.1-1) experimental; urgency=medium + + * New upstream release. + + * debian/copyright, debian/rules: Update copyright info. Closes: #735297. + * debian/source.filter: + - Remove build/pgo/blueprint/valid.png from the source archive. + Closes: #736592 + - Remove minified jquery from source archive. Closes: #736725. + * debian/control*: Bump nspr and nss build dependencies. + * debian/rules: Work around build failure following the removal of valid.png. + + -- Mike Hommey <glandium@debian.org> Sat, 22 Feb 2014 12:15:46 +0900 + +iceweasel (27.0-2) experimental; urgency=medium + + * debian/installer/package-manifest.browser: Install files from the right + location to fix about:iceweasel. + * debian/rules: Add missing branding flag to l10n configure. Closes: #737824. + + * xpcom/base/nsMemoryReporterManager.cpp: Fix FTBFS on kFreeBSD. + + -- Mike Hommey <glandium@debian.org> Sat, 08 Feb 2014 08:24:19 +0900 + +iceweasel (27.0-1) experimental; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{01-05,07-11,13}, also known as + CVE-2014-1477, CVE-2014-1478, CVE-2014-1479, CVE-2014-1480, + CVE-2014-1482, CVE-2014-1483, CVE-2014-1485, CVE-2014-1486, + CVE-2014-1487, CVE-2014-1489, CVE-2014-1488, CVE-2014-1481. + + * debian/upstream.mk: Only use one digit of the GRE_MILESTONE for + GRE_VERSION. + * debian/control*: Bump sqlite3 and nss build dependencies. + * debian/rules: Use a separate build directory for l10n, without + --with-libxul-sdk. + * debian/copyright: Updated. + + * config/makefiles/target_libs.mk, js/src/config/makefiles/target_libs.mk: + Fixup soname rules for upstream changes. + * moz.build, widget/gonk/libdisplay/moz.build, xpcom/ds/moz.build, + xpcom/reflect/xptcall/src/md/unix/moz.build: Fix + --disable-compile-environment a little. bz#862770. + + -- Mike Hommey <glandium@debian.org> Wed, 05 Feb 2014 20:06:49 +0900 + +iceweasel (26.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{104-116}, also known as + CVE-2013-5609, CVE-2013-5610, CVE-2013-5611, CVE-2013-5612, + CVE-2013-5614, CVE-2013-5616, CVE-2013-5618, CVE-2013-5619, + CVE-2013-6671, CVE-2013-6672, CVE-2013-6673, CVE-2013-5613, + CVE-2013-5615, CVE-2013-6629, CVE-2013-6630. + + * debian/*.mozconfig: Add --enable-release configure flag. + * debian/control*: Bump nspr build dependency. + * debian/*.mozconfig: Don't build --with-system-ply, the option is gone. + * debian/noinstall.in: Don't install usr/lib/xulrunner-devel-*/sdk/bin/ply. + * debian/control*, debian/noinstall.in, debian/rules, debian/upstream.mk, + debian/xulrunner-GRE_VERSION.install.in, debian/xulrunner.mozconfig: + Don't build against system nspr, nss and sqlite3 when building backports. + * debian/control*, debian/xulrunner.mozconfig.in: Build with the in-tree + cairo. I think it's time to admit that there are too many issues with + system cairo. + * debian/rules: Ensure debian/control is updated when running debian/rules + clean. + + * toolkit/content/resetProfile.js, toolkit/modules/ResetProfile.jsm: + Fixup "Reset Firefox" after bad merge. + * configure*: Fixup NSPR_CFLAGS when building with libxul-sdk and in-tree + nspr. + + -- Mike Hommey <glandium@debian.org> Sun, 15 Dec 2013 16:45:37 +0900 + +iceweasel (25.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{93-102}, also known as + CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, + CVE-2013-5604, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, + CVE-2013-5598, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, + CVE-2013-5602, CVE-2013-5603. + + * debian/rules: Don't try to disable methodjit, since it's long gone. + * debian/upstream.mk: Adjust version mangling to handle the version scheme + change without changing package names. + + -- Mike Hommey <glandium@debian.org> Sat, 02 Nov 2013 10:38:15 +0900 + +iceweasel (24.0-2) unstable; urgency=low + + * debian/control*: Build-depend on fonts-freefont-ttf instead of + fonts-freefont, which doesn't exist. Closes: #714056. Interestingly, + experimental was happy with that, but unstable isn't. + + -- Mike Hommey <glandium@debian.org> Thu, 19 Sep 2013 07:03:08 +0900 + +iceweasel (24.0-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{76-82,85,88-92}, also known as + CVE-2013-1718, CVE-2013-1719, CVE-2013-1720, CVE-2013-1721, + CVE-2013-1722, CVE-2013-1723, CVE-2013-1724, CVE-2013-1725, + CVE-2013-1728, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, + CVE-2013-1736, CVE-2013-1737, CVE-2013-1738. + + * debian/control*: + - Bump sqlite build dependency. + - Add build dependencies on gstreamer. Closes: #682917. + - Build depend on fonts-freefont and fonts-dejima-mincho. Closes: #714056. + - Use strict dependencies between binary packages. Closes: #720467. + - Add Suggests for MathML-friendly fonts. Closes: #697277. + + -- Mike Hommey <glandium@debian.org> Wed, 18 Sep 2013 09:10:25 +0900 + +iceweasel (23.0.1-1) unstable; urgency=low + + * New upstream release. + * debian/rules: + - Don't use --no-keep-memory on ia64. Somehow, it makes ld fail to relax + some relocations. + - Don't use --as-needed on ia64. Somehow, it makes ld crash on some files. + + * ipc/chromium/chromium-config.mk: Add missing piece of the upstream patch + for bz#901414. Fixes FTBFS on kFreeBSD. + * js/public/Value.h: Remove uintptr_t word payload union member on 64BE, it + grows jsval_layout size and is unused. bz#618485. Fixes FTBFS on s390x. + * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fixups landed upstream. Fixes + FTBFS on armel. + + -- Mike Hommey <glandium@debian.org> Wed, 21 Aug 2013 22:07:49 +0900 + +iceweasel (23.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{63-65,67-70,72-73,75}, also known as + CVE-2013-1701, CVE-2013-1702, CVE-2013-1704, CVE-2013-1705, + CVE-2013-1708, CVE-2013-1709, CVE-2013-1710, CVE-2013-1711, + CVE-2013-1713, CVE-2013-1714, CVE-2013-1717. + + * debian/control*: Bump nss build dependency. + * debian/rules: + - Avoid installing libmozjs.a. + - Install mozjs.pc as mozilla-js.pc. + - Reduce memory usage of the linker at the expense of processing time. + This should help on lower-end architectures like arm and mips, which + spend an immense amount of time swapping. + * debian/dh/dh_xulrunner.in: Change one of the searched strings to detect + the xulrunner stub. This avoids an error in detection when gcc inlines + strings in the code for strcpy. + + * build/unix/elfhack/elfhack.cpp: Support R_ARM_JUMP24 and R_ARM_CALL + relocations. bz#892366. Fixes FTBFS on armel. + * build/unix/elfhack/elfhack.cpp, build/unix/elfhack/inject.c: Turn BL into + BLX when doing thumb call relocations and the target is ARM. bz#898998. + Fixes FTBFS on armhf. + * xpcom/glue/nsIClassInfoImpl.h: Properly align statically allocated + classinfo objects. bz#898916. Fixes FTBFS on armel. + * js/public/HeapAPI.h, js/src/gc/Memory.*, js/src/gc/Nursery.cpp, + js/src/ion/AsmJS.*, js/src/ion/AsmJSModule.h, js/src/jsapi.cpp, + js/src/jscntxt.h, js/src/jsgc.cpp, js/src/jstypedarray.cpp: Use the + runtime page size to control arena decommit. bz#840242. Fixes FTBFS on + sparc and runtime issues on mips and likely other architectures. + * js/src/configure*: Disable Yarr JIT on sparc and mips. bz#900821. + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_*: Change SharedStub + definition in tier-3 xptcstubs to better fit reality and make the compiler + happy now that nsresult is an enum. bz#901200. + * configure*: Set WEBRTC_TARGET_ARCH to a right value on ia64. bz#901202. + * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fix Skia for ARM v4t. bz#901208. + * js/src/ion/AsmJSSignalHandlers.cpp: Support GNU/kFreeBSD. + * ipc/chromium/Makefile.in, ipc/chromium/chromium-config.mk, + ipc/chromium/src/base/dir_reader_posix.h, + ipc/chromium/src/base/platform_thread.h, + ipc/chromium/src/base/platform_thread_posix.cc, + ipc/chromium/src/base/process_util.h, + ipc/chromium/src/build/build_config.h: Fix ipc/chromium to build for + GNU/kFreeBSD. bz#901414. + + -- Mike Hommey <glandium@debian.org> Wed, 07 Aug 2013 08:25:28 +0900 + +iceweasel (22.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{49-62}, also known as + CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, + CVE-2013-1687, CVE-2013-1688, CVE-2013-1690, CVE-2013-1692, + CVE-2013-1693, CVE-2013-1694, CVE-2013-1695, CVE-2013-1696, + CVE-2013-1697, CVE-2013-1698, CVE-2013-1699, CVE-2013-1700. + + * debian/rules: + - Fix configure-check-xulrunner with gawk. Closes: #708765. + - Work around moz.build limitations for l10n. + - Work around the variable override limitation for MODULE. + - gc and ds include subdirectories have been removed. + - Disable branding check for now. + * debian/control*: Bump sqlite build dependency. + * debian/*/Makefile.in, debian/branding/**/moz.build: + Accomodate our extra Makefiles to upstream build system changes. + * debian/xulrunner-GRE_VERSION.install.in: libxpcom was removed. + * debian/rules, debian/check_resources.*: Remove resource:// url + checker, now that resource://app and resource://gre are different + upstream, too. + + * memory/mozjemalloc/jemalloc.c: Don't hardcode page size on mips. + Should fix FTBFS on mips. + * js/src/vm/Stack.cpp: Fix FTBFS on non-Linux glibc systems due to mincore + prototype discrepancy. Thanks Samuel Thibault. Closes: #697891. + + -- Mike Hommey <glandium@debian.org> Wed, 26 Jun 2013 08:43:55 +0900 + +iceweasel (21.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{41-43,46-48}, also known as + CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1671, + CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, + CVE-2013-1679, CVE-2013-1680, CVE-2013-1681. + + * debian/control*: + - Add Breaks: xul-ext-torbutton. Closes: #690729. + - Build depend on python 2.7 and python-minimal >= 2.6.6-13~. + - Bump nspr build dependencies. + * debian/rules: + - Use config.status directly to generate Makefiles. + - Adjust --{with,enable}-system options check to upstream build system + changes (in advance). + * debian/browser.install.in, debian/browser.links.in, + debian/check_resources.overrides, + debian/installer/package-manifest.xulrunner, debian/noinstall.in, + debian/rules, debian/branding/defs.mk: Browser parts moved in a + subdirectory. + * debian/check_resources.overrides: Add new overrides for providermanager.jsm. + * debian/xulrunner-GRE_VERSION.links.in: Use the full libmozjs soname for the + symlink in the xulrunner directory. + + * browser/confvars.sh: Disable Firefox Health Report. + + -- Mike Hommey <glandium@debian.org> Wed, 15 May 2013 12:40:11 +0200 + +iceweasel (20.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{30,35-39}, also known as + CVE-2013-0788, CVE-2013-0789, CVE-2013-0796, CVE-2013-0795, + CVE-2013-0794, CVE-2013-0793, CVE-2013-0792. + + * debian/browser.mozconfig: Disable DASH when building browser part. + * debian/check_resources.overrides: Add override for gcli.jsm. + * debian/rules: Test plugins have moved from dist/bin/plugins to + dist/plugins. + * debian/control.*: Bump nss and sqlite3 build dependencies. + + -- Mike Hommey <glandium@debian.org> Tue, 02 Apr 2013 21:13:56 +0200 + +iceweasel (19.0.2-1) experimental; urgency=low + + * New upstream release. + * Fix for mfsa2013-29, also known as CVE-2013-0787. + + -- Mike Hommey <glandium@debian.org> Fri, 08 Mar 2013 22:29:04 +0100 + +iceweasel (19.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{21-28}, also known as + CVE-2013-0783, CVE-2013-0784, CVE-2013-0772, CVE-2013-0765, + CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776, + CVE-2013-0780, CVE-2013-0782, CVE-2013-0777, CVE-2013-0778, + CVE-2013-0779, CVE-2013-0781. + + * debian/control*: Bump nspr build dependency and add missing epoch to nspr + and nss build dependencies. Closes: #698961. + + -- Mike Hommey <glandium@debian.org> Wed, 20 Feb 2013 09:22:52 +0100 + +iceweasel (18.0.2-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Fri, 08 Feb 2013 16:03:33 +0100 + +iceweasel (18.0.1-1) experimental; urgency=low + + * New upstream release. + - Fixes handling of language packs. Closes: #697836. + + -- Mike Hommey <glandium@debian.org> Fri, 18 Jan 2013 22:39:42 +0100 + +iceweasel (18.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2013-{01-19}, also known as + CVE-2013-0769, CVE-2013-0749, CVE-2013-0770, CVE-2013-0760, + CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0761, + CVE-2013-0763, CVE-2013-0771, CVE-2012-5829, CVE-2013-0768, + CVE-2012-0759, CVE-2013-0744, CVE-2013-0751, CVE-2013-0764, + CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, + CVE-2013-0750, CVE-2013-0752, CVE-2013-0757, CVE-2013-0758, + CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756. + + * debian/control*: Bump nspr, nss and sqlite build dependencies. + * debian/control*, debian/xulrunner.mozconfig: Build against embedded + libjpeg-turbo and build depend on yasm accordingly. + * debian/xulrunner-GRE_VERSION.lintian-overrides.in: Add a lintian override + for libjpeg-turbo. + * debian/check_resources.overrides: Add an override for SettingsDB.jsm. + + * services/*, testing/marionette/*: Fix services import urls. bz#815320. + + -- Mike Hommey <glandium@debian.org> Wed, 09 Jan 2013 08:56:15 +0100 + +iceweasel (17.0.1-2) experimental; urgency=low + + * debian/iceweasel-runner, debian/iceweasel.bug-presubj, + debian/iceweasel.install, debian/iceweasel.links.in, debian/noinstall.in, + debian/rules: Use the iceweasel binary instead of the xulrunner stub, and + remove the shell wrapper + * debian/control*: Remove xulrunner dependency on libnspr4-0d. + Closes: #695346. + * debian/iceweasel-xremote-client, debian/iceweasel.install, debian/rules: + Remove iceweasel-xremote-client. + * debian/noinstall.in, debian/rules: Don't remove update-settings.ini and + move firefox-l10n.js removal to debian/noinstall.in. + * debian/rules: Cleanup *.pyc removal, and remove *.pyo as well. + * debian/iceweasel.1: Update manpage. + * debian/noinstall.in: Remove usr/lib/xulrunner-@GRE_VERSION@/libmozjs.so + with noinstall.in, it's symlinked later on. + * debian/test.mk: Use the iceweasel binary for tests. + * debian/branding/Makefile.in, debian/iceweasel.install, debian/rules: + Don't generate mozicon*.xpm or firefox.ico, and generate iceweasel.xpm from + debian/rules. + * debian/*: Allow to build with the firefox branding. + * debian/browser.README.Debian.in: Update the text about the application not + being named Firefox. + + * browser/app/Makefile.in: Move MOZ_OFFICIAL_BRANDING definition to avoid + conflict with bz#755724. + * browser/app/Makefile.in, browser/app/nsBrowserApp.cpp, configure.in: + Don't use the xulrunner stub when building Firefox against a libxul SDK. + bz#755724. + * toolkit/mozapps/installer/Packager.pm: Dereference symbolic links when + packaging. This effectively reverts a part of bz#552864 that ended up not + being useful. + + -- Mike Hommey <glandium@debian.org> Fri, 28 Dec 2012 17:56:41 +0100 + +iceweasel (17.0.1-1) experimental; urgency=low + + * New upstream release. + * debian/upstream.mk: Add a rule to import tarballs in git repository. + * debian/repack.py: Don't error out when a repack filter is unused. + * debian/iceweasel.desktop: Fix StartupWMClass. Closes: #693714. + + * media/webrtc/shared_libs.mk, + media/webrtc/trunk/src/modules/audio_coding/codecs/pcm16b/pcm16b.c, + media/webrtc/trunk/src/typedefs.h: Allow webrtc to build on more + architectures (hopefully). Thanks Michel Dänzer for the original patch. + bz#814693. Closes: #694071. + + -- Mike Hommey <glandium@debian.org> Sat, 01 Dec 2012 09:58:43 +0100 + +iceweasel (17.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{91-106}, also known as + CVE-2012-5842, CVE-2012-5843, CVE-2012-4202, CVE-2012-4201, + CVE-2012-5836, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, + CVE-2012-4206, CVE-2012-4208, CVE-2012-5841, CVE-2012-4207, + CVE-2012-5837, CVE-2012-4209, CVE-2012-4210, CVE-2012-4214, + CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5839, + CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, + CVE-2012-4218, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, + CVE-2012-5838. + + * debian/upstream.mk: Get l10n for nightlies. + * debian/rules: + - Use a more generic command to build Makefiles. This avoids ftbfs + because make-makefile is gone. + - Modify the dh_xulrunner test to account for the second test plugin. + * debian/iceweasel.mozconfig: Disable webrtc during the browser build. + + * browser/locales/jar.mn: Preprocess appstrings.properties. Closes: #688987. + * toolkit/mozapps/installer/packager.mk: Avoid installing .mkdir.done and + precomplete with make install. bz#798450 + + -- Mike Hommey <glandium@debian.org> Tue, 20 Nov 2012 23:54:09 +0100 + +iceweasel (16.0.2-1) experimental; urgency=high + + * New upstream release. + * Fixes for mfsa2012-90, also known as + CVE-2012-4194, CVE-2012-4195, CVE-2012-4196. + + -- Mike Hommey <glandium@debian.org> Fri, 26 Oct 2012 20:46:21 +0200 + +iceweasel (16.0.1-1) experimental; urgency=high + + * New upstream release. + * Fixes for mfsa2012-{88-89}, also known as + CVE-2012-4191, CVE-2012-4192, CVE-2012-4193. + + * config/autoconf.mk.in, configure.in, extensions/gio/Makefile.in, + toolkit/library/Makefile.in, toolkit/library/nsStaticXULComponents.cpp: + toolkit/toolkit-tiers.mk: Actually build the GIO extension in libxul. + bz#799441. + + -- Mike Hommey <glandium@debian.org> Fri, 12 Oct 2012 00:24:42 +0200 + +iceweasel (16.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{74-77,79-87}, also known as + CVE-2012-3983, CVE-2012-3982, CVE-2012-3984, CVE-2012-3985, + CVE-2012-3985, CVE-2012-3986, CVE-2012-3988, CVE-2012-3989, + CVE-2012-3991, CVE-2012-3994, CVE-2012-3993, CVE-2012-4184, + CVE-2012-3992, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, + CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, + CVE-2012-4186, CVE-2012-4187, CVE-2012-4188, CVE-2012-3990. + + * debian/rules: Use xz compression for binary packages. Closes: #686325. + * debian/xulrunner.mozconfig: Enable gio protocol-handler and icon decoder. + * debian/control*: + - Bump libnspr4-dev build dependency to 4.9.2. + - Bump libsqlite3-dev build dependency to 3.7.13. + * debian/iceweasel.install, debian/iceweasel.links.in: Install webapprt + files. + + * media/webrtc/trunk/src/modules/video_coding/codecs/vp8/main/source/vp8.cc: + Fix to build against libvpx 1.1. + * extensions/gio/Makefile.in: Build the GIO extension in libxul. bz#799441. + * webapprt/gtk2/Makefile.in, webapprt/gtk2/webapprt.cpp: Don't search firefox + executable in $exe/../../dist/bin. bz#798233. + * webapprt/gtk2/webapprt.cpp: Fallback to the xulrunner subdirectory if + webapprt can't find xpcom in firefox directory. bz#762833. + + -- Mike Hommey <glandium@debian.org> Tue, 09 Oct 2012 15:13:08 +0200 + +iceweasel (15.0.1-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sun, 16 Sep 2012 09:18:40 +0200 + +iceweasel (15.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{57-66,68-70,72}, also known as + CVE-2012-1971, CVE-2012-1970, CVE-2012-1972, CVE-2012-1973, + CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, + CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, + CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, + CVE-2012-1956, CVE-2012-3965, CVE-2012-3966, CVE-2012-3968, + CVE-2012-3967, CVE-2012-3969, CVE-2012-3970, CVE-2012-3971, + CVE-2012-3972, CVE-2012-3973, CVE-2012-3975, CVE-2012-3976, + CVE-2012-3978, CVE-2012-3980. + + * debian/iceweasel.mozconfig: Build iceweasel with system ply. + * debian/xulrunner-GRE_VERSION.install.in: Don't install xulrunner-bin, as + it's gone. + * debian/rules: Also use an epoch for iceweasel-l10n-all. + + -- Mike Hommey <glandium@debian.org> Wed, 29 Aug 2012 08:19:45 +0200 + +iceweasel (14.0.1-2) experimental; urgency=low + + * mfbt/double-conversion/utils.h: Declare double conversion correctness for + more architectures. bz#750620. Should fix FTBFSes on most (all?) Debian + architecures. + + -- Mike Hommey <glandium@debian.org> Thu, 19 Jul 2012 08:03:16 +0200 + +iceweasel (14.0.1-1) experimental; urgency=high + + * New upstream release. + * Fixes for mfsa2012-{42-56}, also known as + CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, + CVE-2012-1953, CVE-2012-1952, CVE-2012-1966, CVE-2012-1955, + CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, + CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, + CVE-2012-1965, CVE-2012-1967. + * debian/rules: Remove packager fatal warnings. + * debian/xulrunner-GRE_VERSION.install.in: Don't install run-mozilla.sh and + xpcshell in usr/lib/xulrunner-x.y. They are in the SDK, now. + * debian/check_resources.py: Allow missing manifests when checking + resources. + + * browser/installer/package-manifest.in: Install URL classifier components + when MOZ_URL_CLASSIFIER is set. bz#762617. + + -- Mike Hommey <glandium@debian.org> Tue, 17 Jul 2012 12:13:48 +0200 + +iceweasel (13.0.1-2) experimental; urgency=low + + * debian/control*: Change font suggestions for MathML. Closes: #679469. + * dom/ipc/Makefile.in, dom/ipc/PBrowser.ipdl, dom/ipc/TabMessageUtils.cpp: + Only export TabMessageUtils.h in mozilla/dom. bz#761082. Closes: #675920. + + -- Mike Hommey <glandium@debian.org> Fri, 29 Jun 2012 09:56:00 +0200 + +iceweasel (13.0.1-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 16 Jun 2012 08:00:38 +0200 + +iceweasel (13.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{34,36-38,40}, also known as + CVE-2012-1938, CVE-2012-1937, CVE-2011-3101, CVE-2012-1944, + CVE-2012-1945, CVE-2012-1946, CVE-2012-1947, CVE-2012-1940, + CVE-2012-1941. + + * debian/check_resources.overrides: Remove now unused entries. + * debian/rules: Adjust mozjs includes copied in libmozjs-dev. + * debian/installer/Makefile.in: Use DEFINES from browser/installer to + build package manifests. + * debian/branding/Makefile.in, debian/extra-stuff/Makefile.in, + debian/installer/*: Remove build script compatibility with Firefox < 4.0. + + * browser/components/migration/content/migration.js, + browser/components/migration/content/migration.xul, + browser/components/migration/src/BrowserProfileMigrators.manifest, + browser/components/migration/src/FirefoxProfileMigrator.js, + browser/components/migration/src/ProfileMigrator.js, + browser/locales/en-US/chrome/browser/migration/migration.dtd, + browser/locales/en-US/chrome/browser/migration/migration.properties, + l10n-*/browser/chrome/browser/migration/migration.properties, + toolkit/content/aboutSupport.js, toolkit/content/jar.mn, + toolkit/content/resetProfile.js, toolkit/profile/nsIProfileMigrator.idl, + toolkit/xre/nsAppRunner.cpp: Make the "Reset Firefox" feature more + generic. bz#756390. Closes: #673353. + + -- Mike Hommey <glandium@debian.org> Tue, 05 Jun 2012 09:31:15 +0200 + +iceweasel (12.0-7) experimental; urgency=low + + * debian/rules: Also set LDFLAGS from dpkg-buildflags (although in practice + it changes nothing because relro is disabled) + * debian/control*: + - Force build and runtime dependency on libsqlite3-0 >= 3.7.12-1~ for a + right value of SQLITE_MAX_SCHEMA_RETRY and SQLITE_MAX_DEFAULT_PAGE_SIZE. + - Suggest fonts-lyx. Closes: #673222. + - Make xulrunner-dbg depend on nspr and nss debug packages. + * debian/xulrunner-GRE_VERSION.links.in, + debian/xulrunner-GRE_VERSION.install.in: Move omni.ja to + /usr/lib/xulrunner-x.0 because it contains arch-depend data. + * debian/xulrunner.mozconfig: Use system cairo again. + + * gfx/thebes/gfxPlatform.cpp: Make system cairo work again. bz#722975. + + -- Mike Hommey <glandium@debian.org> Thu, 17 May 2012 11:59:46 +0200 + +iceweasel (12.0-6) experimental; urgency=low + + * ipc/chromium/src/base/file_util_linux.cc, + ipc/chromium/src/base/message_pump_libevent.cc, + ipc/chromium/src/base/time_posix.cc: gcc 4.7 build failures (missing + headers). bz#725655. + * layout/base/tests/TestPoisonArea.cpp: fix build failures with Clang and + GCC 4.7 in TestPoisonArea.cpp. bz#734490. + + -- Mike Hommey <glandium@debian.org> Fri, 11 May 2012 19:09:23 +0200 + +iceweasel (12.0-5) experimental; urgency=low + + * debian/xulrunner-GRE_VERSION.1.in: Fix xulrunner-x.y manual page to say + XULRunner instead of Iceweasel. + + * gfx/skia/include/core/SkMath.h, gfx/skia/include/core/SkPostConfig.h, + gfx/skia/src/opts/SkBitmapProcState_opts_arm.cpp, + gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Fixup for bz#751814, and + refreshed as sent upstream. Should fix FTBFS on armel and armhf. + + -- Mike Hommey <glandium@debian.org> Fri, 11 May 2012 10:46:18 +0200 + +iceweasel (12.0-4) experimental; urgency=low + + * memory/jemalloc/jemalloc.c: Don't hardcode page size on sparc. + * gfx/skia/include/core/SkPreConfig.h: Fixup for bz#749533 for Hurd. + * gfx/skia/src/opts/SkBitmapProcState_opts_arm.cpp, + * gfx/skia/src/opts/SkBlitRow_opts_arm.cpp: Various Skia fixes for ARMv4T + and ARMv6+. bz#751814. + * js/src/Makefile.in, js/src/assembler/jit/ExecutableAllocator.h, + js/src/jsapi.cpp, js/src/jscntxt.cpp, js/src/jscntxt.h: Refresh to use + the last version of bz#691898 + some cleanup. + + -- Mike Hommey <glandium@debian.org> Fri, 04 May 2012 09:11:59 +0200 + +iceweasel (12.0-3) experimental; urgency=low + + * ipc/chromium/src/base/atomicops_internals_mips_gcc.h: Import + atomicops_internals_mips_gcc.h from protobuf. bz#749530. + * gfx/skia/include/core/SkPreConfig.h: Add support for GNU/kFreeBSD and Hurd + in SKIA. bz#749533. + * browser/locales/en-US/searchplugins/google.xml: Fix Google search plugin. + + -- Mike Hommey <glandium@debian.org> Fri, 27 Apr 2012 08:47:34 +0200 + +iceweasel (12.0-2) experimental; urgency=low + + * js/src/jsapi.cpp: Fixup for bz691898. Should fix FTBFSes. + + -- Mike Hommey <glandium@debian.org> Thu, 26 Apr 2012 20:28:58 +0200 + +iceweasel (12.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{20,22-24,26-33}, also known as + CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, + CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, + CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, + CVE-2012-0479. + + * debian/control*: Bump libsqlite3-dev build dependency. + * debian/xulrunner.mozconfig: Use in-tree cairo until things settle down + for bz#722975. + * debian/rules: + - Remove update-settings.ini. + - Remove MOZ_PHOENIX define, it's not useful anymore. + * debian/make.mk, debian/rules, debian/upstream.mk: Avoid spawning shells + from debian/rules when possible. + * debian/rules, debian/control*: + - Remove special case for Lenny, it's not supported anymore. + - Build with hardening flags. Closes: #609975. + * debian/iceweasel.mozconfig, debian/rules: Move --with-branding option to + debian/rules. + * debian/control, debian/l10n, debian/rules: Simplify l10n control + generation. + + * memory/jemalloc/jemalloc.c: Fix jemalloc mmap wrapper for s390. bz#747322. + Closes: #667901. + * toolkit/components/search/nsSearchService.js: Handle transition to + /etc/<appname>/searchplugins more gracefully. Closes: #666675. + * js/xpconnect/src/xpcprivate.h: Properly align XPCLazyCallContext::mData. + bz#747870. Closes: #669905. + * config/Preprocessor.py, config/tests/unit-Preprocessor.py, + js/src/config/Preprocessor.py: Use filters in #defines and #includes. + bz#508942. + + -- Mike Hommey <glandium@debian.org> Tue, 24 Apr 2012 08:21:07 +0200 + +iceweasel (11.0-4) experimental; urgency=low + + * debian/branding/content/Makefile.in: Work around imagemagick svg support + broken by latest librsvg2-bin. + * debian/vendor.js: Default to en-US searchplugins when locale's aren't + found. Closes: #665817. + * debian/iceweasel.links.in, debian/iceweasel.preinst: Don't create + /usr/lib/iceweasel/distribution/searchplugins symlink. + * debian/extra-stuff/addonsInfo.js: Synchronously get addons list. + * debian/branding/aboutIce.js: Use Services.jsm in aboutIce.js. + + * browser/components/dirprovider/DirectoryProvider.cpp: Load distribution + search plugins from /etc/<appname>/searchplugins. + + -- Mike Hommey <glandium@debian.org> Fri, 30 Mar 2012 19:22:56 +0200 + +iceweasel (11.0-3) experimental; urgency=low + + * debian/extra-stuff/addonsInfo.js: Remove debugging info from + dump-addons-info output, and avoid failure on addons that don't have the + getResourceURI method (like personas). + * debian/duckduckgo.xml: Add t=debian to duckduckgo query url. + * debian/iceweasel.install, debian/iceweasel.links.in, + debian/iceweasel.preinst, debian/rules: Move search plugins under + /etc/iceweasel. Closes: #632698. + * debian/l10n/recommends: Recommend xul-ext-mozvoikko instead of myspell-fi + for -l10n-fi. Closes: #635361. + + * memory/jemalloc/jemalloc.c: Don't hardcode page size on ia64. + + -- Mike Hommey <glandium@debian.org> Fri, 23 Mar 2012 13:22:46 +0100 + +iceweasel (11.0-2) experimental; urgency=low + + * toolkit/library/Makefile.in: Fixup bz#734335 backport. Should fix all + FTBFSes. + + -- Mike Hommey <glandium@debian.org> Fri, 16 Mar 2012 08:35:43 +0100 + +iceweasel (11.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{12-19}, also known as + CVE-2012-0454, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, + CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, + CVE-2012-0461, CVE-2012-0462, CVE-2012-0464. + * debian/source.filter: Adjusted to upstream changes. + * debian/rules: + - Work around make-makefile brokenness. + - Define MOZ_PHOENIX when building. Tab closing animation end fails + because of some telemetry items that aren't defined in xulrunner, + because they are enclosed in an ifdef MOZ_PHOENIX. + * debian/l10n/*, debian/control: Refreshed. + * debian/xulrunner-GRE_VERSION.install.in: update.locale is now in omni.ja. + * debian/control*: + - Bump build dependency on libnss3-dev and libnspr4-dev. + - Remove forced version-dependency on libnss3-1d. + * debian/dh/dh_xulrunner.in: Adjust to upstream changes. + * debian/check_resources.overrides: Ignore Webapps.jsm import from apps.js. + + * toolkit/system/gnome/nsGSettingsService.cpp: Define + G_VARIANT_TYPE_STRING_ARRAY when building against older glib. bz#710972. + * netwerk/protocol/http/HttpChannelParent.*: Revert investigation patch for + bz#621446, which triggers an ICE on gcc 4.4. + * configure.in, toolkit/library/nsStaticXULComponents.cpp, + tools/profiler/Makefile.in, tools/profiler/sampler.h: Only build SPS on + supported platforms. bz#734335. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Mar 2012 10:28:21 +0100 + +iceweasel (10.0.3esr-1) unstable; urgency=low + + * New upstream release. + - Avoid crashing when there are no GL extensions reported by the GL + implementation. bz#728656. Closes: #656611. + * Fixes for mfsa2012-{12-19}, also known as + CVE-2012-0454, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, + CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, + CVE-2012-0461, CVE-2012-0462, CVE-2012-0464. + * debian/control, debian/l10n/*, debian/rules: Modify the way we use + isoquery to get a language name out of iso 639 codes. + * debian/upstream.mk: + - Better detect beta version given for download. + - Allow to use with iceape and icedove. + - Support download ESR releases. + * debian/iceweasel-runner, debian/iceweasel.1, + debian/iceweasel.README.Debian, debian/iceweasel.install, + debian/iceweaselrc: Remove dsp wrapper glue. + * debian/rules, debian/iceweasel.install, debian/iceweasel.links.in: + Localize search plugins. + * debian/upstream.mk, debian/repack.py, debian/l10n.filter: Filter l10n + upstream tarballs such that they stay the same when there are no changes + besides tags. + * debian/rules: Don't sign NSS libraries, as this is done as part of libnss3 + build process. + + * storage/src/mozStorageService.cpp: Don't crash an app using libxul because + of the lack of je_malloc_usable_size_in_advance. bz#720682. Closes: #660487. + * widget/src/xpwidgets/GfxInfoX11.*: + - Block OpenGL 1 drivers explicitly to steer clear of crashes. bz#696636. + - Block the Nouveau 3D driver with Mesa < 8.0.1. bz#729817. + * browser/components/dirprovider/DirectoryProvider.cpp: Try getting + general.useragent.locale as a complex value first. bz#515232. + * xpcom/glue/standalone/nsGlueLinkingDlopen.cpp: Avoid confusing gdb by + dependent libs being symbolic links. + + -- Mike Hommey <glandium@debian.org> Wed, 14 Mar 2012 08:57:15 +0100 + +iceweasel (10.0.2-1) unstable; urgency=low + + * New upstream release. Addresses CVE-2011-3026. + * debian/import-tar.py: Allow to import multi-tarball sources. + * debian/rules: Install js/*.h in /usr/include/mozjs/. Closes: #658315. + * debian/xulrunner.mozconfig, debian/control*: Build against system + python-ply. + * debian/control*: Build conflict with liboss4-salsa-dev. + + * xpcom/typelib/xpidl/Makefile.in: Ship xpidllex.py and xpidlyacc.py. + bz#723861. + * config/autoconf.mk.in, configure.in, xpcom/idl-parser/Makefile.in, + xpcom/typelib/xpidl/Makefile.in: Allow to build with system python ply + library. bz#728229. + * browser/app/profile/firefox.js: Don't auto-disable extensions in system + directories. Closes: #656378 and friends. + + -- Mike Hommey <glandium@debian.org> Fri, 17 Feb 2012 18:40:48 +0100 + +iceweasel (10.0.1-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2012-10, also known as CVE-2012-0452. + + -- Mike Hommey <glandium@debian.org> Sat, 11 Feb 2012 08:26:28 +0100 + +iceweasel (10.0-3) unstable; urgency=low + + * debian/upstream.mk: Add rule to download compare-locales for a given + release. + * debian/rules: Build locales from build-browser only, and use + compare-locales to merge them with en-US for non-existing strings. + + * browser/locales/Makefile.in, toolkit/locales/Makefile.in: Revert previous + patch. + * browser/makefiles.sh: Add toolkit l10n Makefiles to browser/makefiles.sh. + bz#721737. + + -- Mike Hommey <glandium@debian.org> Fri, 10 Feb 2012 08:32:58 +0100 + +iceweasel (10.0-2) unstable; urgency=low + + * debian/control*: Bump libvpx-dev build dependency to 1.0.0. + * configure.in: Fix FTBFS with libvpx 1.0.0. + + -- Mike Hommey <glandium@debian.org> Sun, 05 Feb 2012 11:29:51 +0100 + +iceweasel (10.0-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2012-{01-09}, also known as + CVE-2012-0442, CVE-2012-0443, CVE-2011-3670, CVE-2012-0445, + CVE-2011-3659, CVE-2012-0446, CVE-2012-0447, CVE-2012-0444, + CVE-2012-0449, CVE-2012-0450. + + * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/.autoreg on upgrade. + Closes: #648541. + * debian/source.filter: The PNG test suite moved. + * debian/xulrunner-GRE_VERSION.{links,install}.in: Hyphenation + dictionaries moved inside omni.jar. + * debian/control*: Bump libvpx-dev build dependency. + * debian/xulrunner-GRE_VERSION.*.in: Omni.jar was renamed omni.ja. + * debian/upstream.mk: Use a separate variable for download version. + * debian/rules: Call configure directly for build-browser, instead of + using dh_auto_configure. Closes: #656313. + * debian/upstream.mk: Add rules to download l10n sources. + * debian/rules, debian/control*, debian/l10n, + debian/branding/locales/Makefile.in: Add rules to build l10n packages. + + * js/src/Makefile.in, js/src/vm/RegExpObject*, js/src/yarr/wtfbridge.h: + Use YARR interpreter instead of PCRE on platforms where YARR JIT is + not supported. bz#691898. + * browser/locales/Makefile.in, toolkit/locales/Makefile.in: Don't + build some toolkit l10n from browser/. + * l10n-ru/browser/chrome/browser-region/region.properties: Place google + and gmail before yandex. (imported from iceweasel-l10n) + + -- Mike Hommey <glandium@debian.org> Wed, 01 Feb 2012 14:13:16 +0100 + +iceweasel (9.0.1-1) unstable; urgency=low + + * New upstream release. + * debian/control*: Force xulrunner to depend on libnss3-1d >= 3.13.1. + It doesn't require symbols from versions that new, but it actually + requires some new flags being supported. + + -- Mike Hommey <glandium@debian.org> Thu, 22 Dec 2011 09:00:09 +0100 + +iceweasel (9.0-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2011-{53-56,58}, also known as + CVE-2011-3660, CVE-2011-3661, CVE-2011-3658, CVE-2011-3663, + CVE-2011-3665. + + * debian/test.mk: Remove hashbang. + * debian/control*: + - Build dependency on libidl-dev is not required anymore. + - Bump libsqlite3-dev build dependency. + - Bump libnss3-dev build dependency. + * debian/xulrunner-dev.install.in: Adapt to upstream changes. + * debian/check_resources.*, debian/rules: Check that resources:// urls are + appropriately used. + + * build/unix/gnu-ld-scripts/jemalloc-standalone-linkage-version-script: + Revert previous patch, the file is not used anymore. + * browser/devtools/highlighter/TreePanel.jsm: Use resource:// urls + appropriately. bz#703633. + * js/src/methodjit/MethodJIT.cpp: Don't require 16 bytes alignment for + VMFrame on sparc. bz#698923. + * ipc/chromium/src/base/dir_reader_posix.h: Fix GNU/non-Linux failure to + build. + * js/src/assembler/assembler/ARMAssembler.cpp: + Fix ARMAssembler::getOp2RegScale on < ARMv5. bz#703531. + * js/src/jscompartment.cpp: Fix build failure on platforms without YARR JIT. + bz#703534. + * js/src/methodjit/TrampolineSparc.s: Avoid R_SPARC_WDISP22 relocation + in TrampolineSparc.s. bz#703842. + * js/src/jsgc.cpp: Avoid invalid conversion from 'const size_t*' to + 'const jsuword*' on s390. bz#703833. + * gfx/angle/src/compiler/osinclude.h: Add support for GNU/kFreeBSD and + GNU/Hurd. bz#711353. + + -- Mike Hommey <glandium@debian.org> Tue, 20 Dec 2011 20:05:33 +0100 + +iceweasel (8.0-3) unstable; urgency=low + + * debian/rules: Don't remove lines beginning with # in preprocessed files. + Closes: #648143. + + -- Mike Hommey <glandium@debian.org> Wed, 09 Nov 2011 09:05:57 +0100 + +iceweasel (8.0-2) unstable; urgency=low + + * js/src/vm/String-inl.h: Add missing parts from bz#589735 for 8.0. + + -- Mike Hommey <glandium@debian.org> Tue, 08 Nov 2011 23:19:35 +0100 + +iceweasel (8.0-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2011-{47-52}, also known as + CVE-2011-3648, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, + CVE-2011-3650, CVE-2011-3649, CVE-2011-3653, CVE-2011-3655. + + * debian/*.in, debian/rules: Use @VARIABLE@ instead of ##VARIABLE## for + preprocessing. + * debian/rules: + - Use Preprocessor.py instead of sed for preprocessing. + - Application.ini tweaks for version aren't needed anymore. + - Add some dependencies to regenerate debian/control. + - Force MOZ_APP_BASE_VERSION to GRE_VERSION. + * debian/iceweasel.install, debian/rules, debian/test.mk: Build iceweasel + in build-browser/ instead of build-iceweasel/. + * debian/import-tar.py: Add a tool that dumps a tar as a git fast-import + stream. + * debian/rules, debian/control.in, debian/xulrunner-GRE_VERSION.links.in: + Rename SO_VERSION variable to JS_SO_VERSION and use the first digit of + GRE_VERSION to generate it. + * debian/noinstall.in: README.txt is not shipped anymore. + * debian/rules: Disable methodjit on sparc because of bz#698911. + + * configure*: Disable dead symbol removal when failing to test for bz#670659. + bz#690682. + * js/src/jsscan.cpp: Properly handle EOF in TokenStream::getAtSourceMappingURL + on platforms with unsigned chars. bz#686283. + * js/src/assembler/assembler/ARMAssembler.h: LDRH/STRH/LDRSB/STRSB are + supported on ARMv5-. bz#694533. + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_s390.cpp: Reimplement + NS_InvokeByIndex in C on S390 Linux. This will fix FTBFS on S390. + * config/config.mk, config/rules.mk, js/src/config/config.mk, + js/src/config/rules.mk: (Statically) link jemalloc to all programs. This + will solve FTBFS on ia64, and fits what is done in 9.0. + * browser/devtools/webconsole/HUDService.jsm, + browser/devtools/webconsole/test/browser/browser_webconsole_bug_651501_document_body_autocomplete.js, + browser/devtools/webconsole/test/browser/head.js: HUDService uses some + resource://gre/ urls that ought to be resource:///. bz#682217. + Closes: #638772. + * build/unix/gnu-ld-scripts/jemalloc-standalone-linkage-version-script: + Export the _IO_stdin_used symbol. bz#699734. This will fix FTBFS on + sparc. + * testing/xpcshell/runxpcshelltests.py: Read xpcshell process' stdout one + character at a time. + + -- Mike Hommey <glandium@debian.org> Tue, 08 Nov 2011 20:04:06 +0100 + +iceweasel (7.0.1-4) unstable; urgency=low + + * xpcom/base/nscore.h, xpcom/glue/nsID.h: Don't force nsID to align to + 64-bit boundary ; instead, use 32-bits comparisons in nsID::Equals, + effectively reverting bz#164580. Closes: #645371. + + -- Mike Hommey <glandium@debian.org> Sat, 15 Oct 2011 09:44:32 +0200 + +iceweasel (7.0.1-3) unstable; urgency=low + + * debian/branding/configure.sh: Set MOZ_APP_DISPLAYNAME in Iceweasel + branding. Closes: #644801. + * debian/xulrunner.mozconfig, debian/xulrunner-GRE_VERSION.install.in, + debian/rules: Enable GIO instead of gnome-vfs and GConf. + Partially fixes #410671. + + * ipc/chromium/src/build/build_config.h: Update supported architectures + for IPC, as landed upstream. Closes: #644939. + * xpcom/base/nscore.h, xpcom/glue/nsID.h: Force nsID to align to 64-bit + boundary. bz#660335. Closes: #642762. + + -- Mike Hommey <glandium@debian.org> Fri, 14 Oct 2011 17:22:42 +0200 + +iceweasel (7.0.1-2) unstable; urgency=low + + * debian/repack.py: Improved in several ways. + * debian/rules: Install vm/* headers under /usr/include/mozjs. + Closes: #644086. + + -- Mike Hommey <glandium@debian.org> Tue, 04 Oct 2011 08:32:20 +0200 + +iceweasel (7.0.1-1) unstable; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Fri, 30 Sep 2011 08:32:09 +0200 + +iceweasel (7.0-1) unstable; urgency=low + + * New upstream release. + * Fixes various security issues, which CVE ids are not published yet. + + * debian/branding/Makefile.in, debian/iceweasel.install: Remove document.png, + as it is not used anymore. + * debian/branding/content/Makefile.in, debian/branding/content/jar.mn: Stop + jarring up a copy of mozicon128.png that aboutHome no longer uses. + * debian/rules: Don't remove /usr/lib/xulrunner-7.0/libmozjs.so*, they're not + installed there anymore. + * debian/iceweasel.mozconfig: Add --disable-libjpeg-turbo to work around + configure checking for yasm on APP build. + + * js/src/Makefile.in: Only add -DENABLE_JIT=1 to CXXFLAGS if any of + trace/method/regex jit is enabled. bz#670719. Fixes FTBFSes on + powerpc and s390. + * js/src/jsregexpinlines.h, js/src/yarr/OSAllocatorPosix.cpp, + js/src/yarr/wtfbridge.h: build fix for ENABLE_YARR_JIT=0. bz#665819. + * xpcom/glue/pldhash.c: Work around recent ARM GNU ld bug with + -fdata-sections and variables names starting with "stub" leading to crash. + bz#675618. Also avoids elfhack crash during build. + * js/src/assembler/wtf/Platform.h: Don't enable YARR JIT on MIPS, as the + implementation is missing. bz#680642. + * js/src/yarr/BumpPointerAllocator.h: Use a pool size of 16kB on ia64 for + bump pointer allocator. bz#680917. + + -- Mike Hommey <glandium@debian.org> Wed, 28 Sep 2011 08:51:02 +0200 + +iceweasel (6.0.2-1) unstable; urgency=medium + + * New upstream release to strengthen the libnss3 response to the + DigiNotargate. + + -- Mike Hommey <glandium@debian.org> Tue, 06 Sep 2011 08:32:55 +0200 + +iceweasel (6.0-4) unstable; urgency=low + + * js/src/jsstrinlines.h: Fix-up bz#589735 backport. Should fix ia64 FTBFS. + + -- Mike Hommey <glandium@debian.org> Sat, 27 Aug 2011 09:07:06 +0200 + +iceweasel (6.0-3) unstable; urgency=low + + * debian/libmozjs-dev.install: Add more missing headers to libmozjs-dev. + * debian/rules, debian/xulrunner-GRE_VERSION.install.in: Install + plugin-container on all architectures. Closes: #639289. + * debian/extra-stuff/reportbug-helper-script: Avoid listing all debian + packages in the reportbug helper when no addons are installed. + * debian/duckduckgo.xml, debian/iceweasel.install: Add DuckDuckGo search + plugin. Closes: #616115. + + * js/src/jsgcinlines.h, js/src/jsnum.cpp, js/src/jsstr.cpp, js/src/jsstr.h, + js/src/jsstrinlines.h, js/src/jstracer.cpp, js/src/jstracer.h, + js/src/tracejit/Writer.cpp: Allow static JS strings to be turned off; + turn off on ia64. bz#589735. + * memory/jemalloc/jemalloc.c: Allocate memory with an address with high 17 + bits clear on ia64. bz#589735. This should finally make Iceweasel + actually work on ia64. + * js/src/jsval.h, js/src/jsvalue.h: Fix jsval_layout on 64-bit big-endian + platforms. bz#674522. Closes: #638623. + + -- Mike Hommey <glandium@debian.org> Fri, 26 Aug 2011 09:48:52 +0200 + +iceweasel (6.0-2) unstable; urgency=low + + * debian/libmozjs-dev.install: Install mfbt/* files under + /usr/include/mozjs/mozilla. Closes: #637984. + + -- Mike Hommey <glandium@debian.org> Sat, 20 Aug 2011 09:13:06 +0200 + +iceweasel (6.0-1) unstable; urgency=low + + * New upstream release. + * Fixes for mfsa2011-29, including: + CVE-2011-2989, CVE-2011-2991, CVE-2011-2992, CVE-2011-2985, + CVE-2011-2993, CVE-2011-2988, CVE-2011-2987, CVE-2011-0084, + CVE-2011-2990, CVE-2011-2986. + * debian/control*: + - Bump build dependency on nspr, nss and sqlite. + - Build-depend on libjpeg-dev instead of libjpeg62-dev. Closes: #636452. + - Remove xprint suggest. Closes: #626794. + * debian/rules: + - Official branding moved to browser/branding/official. + - Don't set -std=gnu++0x ourselves, upstream build system now does it for + us. + - Remove libmozjs.so* from /usr/lib/xulrunner-6.0. + - Link npapi_getinfo against libpthread for GNU/Hurd. + * debian/installer/package-manifest.xulrunner, + debian/xulrunner-dev.install.in: Install xpt.py from sdk instead of xpt_* + from /usr/lib/xulrunner-6.0. + * debian/xulrunner-GRE_VERSION.install.in, + debian/xulrunner-GRE_VERSION.links.in: Add hyphenation dictionary. This is + temporary until we use libreoffice.org's. + * debian/iceweasel.desktop: Add german translation for the Iceweasel menu + item. Thanks Ronny Standtke. Closes: #629924. + + * layout/build/Makefile.in, toolkit/library/Makefile.in: Unbreak build for + GNU/Hurd and GNU/kFreeBSD (since they don't have libossaudio). bz#673460. + * ipc/chromium/src/base/debug_util_posix.cc, + ipc/chromium/src/base/third_party/nspr/prcpucfg.h, + ipc/chromium/src/build/build_config.h: Allow ipc code to build on GNU/Hurd. + Closes: #636750. + * configure*: Revert "Allow to build against SQLite 3.7.3". + + -- Mike Hommey <glandium@debian.org> Mon, 15 Aug 2011 18:16:55 +0200 + +iceweasel (5.0-6) unstable; urgency=low + + * debian/rules: ia64 doesn't support stabs debugging information, so use a + different workaround: use -O2 instead of -Os. + + -- Mike Hommey <glandium@debian.org> Sat, 30 Jul 2011 10:31:55 +0200 + +iceweasel (5.0-5) unstable; urgency=low + + * debian/rules: + - Don't add -g to CFLAGS, the upstream build system does it. + - Use -gstabs on ia64, to work around ICE. + * xpcom/base/nsDebugImpl.cpp: Refresh with the patch from bz#643779 as + landed updstream. Closes: #635957. + + -- Mike Hommey <glandium@debian.org> Sat, 30 Jul 2011 08:48:19 +0200 + +iceweasel (5.0-4) unstable; urgency=low + + * debian/rules: Don't create a versioned shlibs for libmozjs. + * debian/xulrunner-dev.preinst.in: Add a preinst script to remove + /usr/lib/xulrunner-devel-GRE_VERSION/sdk/bin before upgrading from versions + <= 5.0-2. Closes: #634053. + * debian/control*: + - Use linux-any wildcard for libasound2-dev and libiw-dev Build-Depends + instead of using a list of negated architectures. Closes: #634629. + - Adjust some package descriptions. Closes: #633597. + - Bump Standards-Version to 3.9.2.0. No changes required. + * debian/extra-stuff/addonsInfo.js: Fix the addons info dumper to use the new + Addons Manager API. Closes: #603412. + * debian/xulrunner-GRE_VERSION.postinst.in, + debian/xulrunner-GRE_VERSION.prerm.in: Remove the xulrunner-stub + alternative. The reason why it was good to have in /usr/bin doesn't exist + anymore. + * debian/xulrunner-GRE_VERSION.postinst.in: Don't cleanup {compreg,xpti}.dat. + They've not been generated for a while. + + * js/src/xpconnect/shell/xpcshell.cpp: Fixup for bz#671804. + * configure*: Revert "Put the crmf library before the NSS libraries". + + -- Mike Hommey <glandium@debian.org> Fri, 22 Jul 2011 15:48:09 +0200 + +iceweasel (5.0-3) unstable; urgency=low + + * Upload to unstable. + * debian/control*: Fix build dependency on libsqlite3-dev. + * debian/rules: + - Replace sdk/bin files also in /usr/lib/xulrunner-5.0 with symbolic links. + - Use dist/include to find npapi.h when building npapi_getinfo. + * debian/control*, debian/rules: Use ${binary:Version} for iceweasel + dependency on xulrunner, now that they have the same version. + * debian/test.mk: + - Set the application directory for xpcshell tests. + - Set plugin path for all tests. + * debian/control*: Add a build dependency on ttf-dejima-mincho to avoid + reftest failure due to the lack of japanese font. + * debian/xulrunner-GRE_VERSION.lintian-overrides.in: Add a temporary lintian + override for libtheora embedding. + + * js/src/Makefile.in: Fix namespace exporting. + * toolkit/mozapps/installer/packager.mk: Install sdk/bin with make install. + bz#639554. + * config/autoconf.mk.in: Use the first two digits of the version number for + the install directory. bz#445128. + * xulrunner/installer/Makefile.in: Revert previous change for the version + number here, it concerns something that isn't built anymore and will go + away. + * embedding/android/GeckoAppShell.java, ipc/glue/GeckoChildProcessHost.cpp, + other-licenses/android/APKOpen.cpp, toolkit/xre/nsAppRunner.cpp, + toolkit/xre/nsEmbedFunctions.cpp, xpcom/build/Omnijar.*, + xpcom/build/nsXPComInit.cpp: Updated part 3 of bz#620931. + * js/src/xpconnect/shell/xpcshell.cpp: Add a -a option to xpcshell to set + an application directory. bz#620931 (part 6) + * browser/installer/Makefile.in, browser/installer/precompile_cache.js: + Make startup cache generation work better with new omni.jar handling. + bz#620931 (part 7) + * toolkit/components/places/tests/unit/test_database_replaceOnStartup.js: + Don't modify in-tree default.sqlite. bz#666709, bz#668906. + * storage/src/mozStorageService.cpp, + storage/test/unit/test_storage_service.js: Add a safeguard to + openUnsharedDatabase. bz#668906. + * toolkit/mozapps/downloads/tests/unit/test_DownloadUtils.js: Fix with + locales with a different decimal separator. bz#671533. + * xpcom/build/nsXPComInit.cpp: Initialize NS_XPCOM_LIBRARY_FILE from + NS_GRE_DIR. bz#671564. + * testing/xpcshell/runxpcshelltests.py: Allow to pass an application + directory to xpcshell tests. bz#671562. + * modules/plugin/test/unit/head_plugins.js, netwerk/test/unit/test_socks.js, + toolkit/mozapps/extensions/test/xpcshell/test_plugins.js: Fix some tests + using CurProcD where GreD should be used. + * xpcom/tests/unit/test_iniProcessor.js: Cleanup temporary files from + test_iniProcessor.js. bz#671570. + * modules/libpref/test/unit/test_libPrefs.js: Cleanup temporary files from + test_libPrefs.js. bz#671576. Together with bz#671570 and bz#666709 above, + Closes: #632890. + * toolkit/mozapps/extensions/test/xpcshell/test_update.js: Don't hardcode + en-US in test_update.js. bz#671631. + * modules/libpref/src/nsPrefService.cpp: Always load $gre/defaults/pref + prefs. bz#671798. + * js/src/xpconnect/shell/xpcshell.cpp: Provide NS_APP_PREF_DEFAULTS_50_DIR + and NS_APP_PREFS_DEFAULTS_DIR_LIST in xpcshell dir provider. bz#671804. + + -- Mike Hommey <glandium@debian.org> Fri, 15 Jul 2011 12:04:39 +0200 + +iceweasel (5.0-2) experimental; urgency=low + + * debian/rules: Fix configure permissions for source tarballs generated from + mercurial. + * debian/test.mk: Create a xulrunner symbolic link in + build-iceweasel/dist/bin so that reftests work. + * debian/watch: Always get the latest release. + + * js/src/nanojit/njconfig.cpp: Allow ARMv4T in nanojit. + * ipc/chromium/src/base/platform_thread_posix.cc, + ipc/chromium/src/base/third_party/nspr/prcpucfg.h, + ipc/chromium/src/build/build_config.h: Allow ipc code to build on + GNU/kfreebsd. Closes: #626314. + + -- Mike Hommey <glandium@debian.org> Fri, 01 Jul 2011 14:43:39 +0200 + +iceweasel (5.0-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2011-{09,19-22,25-28}, also known as + CVE-2011-0061, CVE-2011-2374, CVE-2011-2375, CVE-2011-2373, + CVE-2011-2372, CVE-2011-2371, CVE-2011-2366, CVE-2011-2367, + CVE-2011-2368, CVE-2011-2369, CVE-2011-2370. + + * debian/xulrunner-GRE_VERSION.install.in: /etc/gre.d is not used anymore. + * debian/branding/content/aboutDialog.css, debian/branding/content/jar.mn: + Updated branding. + * debian/rules: xulrunner and iceweasel now have the same version. + * debian/dh/dh_xulrunner.in: Modify the strings we try to find in the xpcom + standalone glue. + + * other-licenses/bsdiff/Makefile.in: Fix bsdiff build failure with system + bzip2. bz#644692. + * layout/base/nsDocumentViewer.cpp: Use an integer type in + DocumentViewerImpl::SetMinFontSize, instead of float. bz#652139. + * browser/base/content/aboutDialog.*, + browser/branding/*/content/aboutDialog.css + browser/branding/*/content/jar.mn, + other-licenses/branding/firefox/content/aboutDialog.css, + other-licenses/branding/firefox/content/jar.mn: Move some parts of + aboutDialog.css into branding. bz#652306. + * configure.*: Disable building embedded libjpeg-turbo when building with + system libjpeg. bz#652399. + + -- Mike Hommey <glandium@debian.org> Mon, 20 Jun 2011 17:17:04 +0900 + +iceweasel (4.0.1-4) experimental; urgency=low + + * The 'I meant that to be in previous release but forgot' release. + * xulrunner/installer/Makefile.in: Add -lmozalloc in link flags provided in + libxul.pc. bz#662223. + * memory/mozalloc/mozalloc.h, memory/mozalloc/Makefile.in, + xpcom/xpcom-config.h.in: Define NS_ATTR_MALLOC and NS_WARN_UNUSED_RESULT + in xpcom-config.h, and include it from mozalloc.h. bz#662224. + + -- Mike Hommey <glandium@debian.org> Mon, 20 Jun 2011 15:29:09 +0900 + +iceweasel (4.0.1-3) experimental; urgency=low + + * debian/installer/Makefile.in: Remove MOZ_IPC ifdef, it's not strictly + required, and won't be defined anymore in 5.0. + * debian/rules: + - Use official branding as reference when comparing to ours. + - Construct GRE_VERSION from the first two digits in GRE_MILESTONE. + - Handle build id from the debian version number. + - Handle UPSTREAM_RELEASE correctly for beta releases. + - Set MOZ_UA_BUILDID on betas and releases. + + -- Mike Hommey <glandium@debian.org> Fri, 17 Jun 2011 11:39:56 +0900 + +iceweasel (4.0.1-2) experimental; urgency=low + + * xpcom/base/nsDebugImpl.h, xpcom/base/nsTraceRefcntImpl.h, + xpcom/glue/nsEnumeratorUtils.cpp, xpcom/io/nsUnicharInputStream.h, + intl/unicharutil/util/nsUnicharUtils.h, toolkit/xre/nsAppRunner.cpp, + embedding/browser/gtk/src/EmbedPrivate.cpp: Add missing constructors + according to 8.5 [dcl.init], para 9 in C++03, para 6 in C++0x, + because gcc 4.6 enforces it. + * ipc/chromium/src/chrome/common/ipc_message_utils.h: Fix for s390, where + size_t is unsigned long. + + * debian/copyright: Updated to fit the replacement of the remove.nonfree + script. Closes: #624587. + + -- Mike Hommey <glandium@debian.org> Sat, 30 Apr 2011 19:29:34 +0200 + +iceweasel (4.0.1-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2011-{12,17-18}, also known as + CVE-2011-0079, CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, + CVE-2011-0068, CVE-2011-1202. + + * debian/rules, toolkit/components/url-classifier/src/Makefile.in: + Remove alpha specific thungs because it is unsure they still have any + positive effect, and alpha has many other problems that would need fixing + if porters care. + + * modules/libpr0n/encoders/png/nsPNGEncoder.cpp: Now that we use the bundled + PNG library, revert patch to use png_set_filter to avoid using write + filters. + * browser/app/Makefile.in, browser/app/profile/firefox.js, + browser/components/safebrowsing/Makefile.in, + browser/components/safebrowsing/content/application.js: Use + MOZ_OFFICIAL_BRANDING instead of MOZILLA_OFFICIAL to choose the shavar to + use for safebrowsing. + * modules/plugin/Makefile.in: Filter by toolkit instead of by OS to decide + whether to go into modules/plugin/test. + * xulrunner/app/xulrunner.js: Don't set extensions.dss.enabled at the XRE + level. It looks like the addons manager bug this would circumventing has + been fixed since 3.6. + * modules/plugin/base/src/nsPluginHost.cpp: Simplify MOZILLA_DISABLE_PLUGINS + environment variable handling. + * modules/libpr0n/test/reftest/pngsuite-ancillary/reftest.list: Revert what + was supposed to be a temporary patch. + * browser/components/build/Makefile.in: Revert our patch to link against + nspr, this was fixed upstream in a different location. + * security/manager/ssl/public/Makefile.in, + security/manager/ssl/public/nsIBadCertListener.idl, + security/manager/ssl/src/nsNSSIOLayer.*: Embedding as it existed is going + to go away in 5.0, don't fool ourselves in keeping that any longer. + * ipc/chromium/src/build/build_config.h: Add mips, hppa, ia64, s390 and sparc + defines. + * configure.in, gfx/ycbcr/Makefile.in: Reverted patch to avoid building ARM + neon code. + * gfx/ycbcr/yuv_convert_arm.cpp: Allow to build on armv4t. + * gfx/ycbcr/yuv_convert.cpp: Do runtime detection of NEON in + ConvertYCbCrToRGB565. + * xpcom/base/nsDebugImpl.cpp: Fix FTBFS in xpcom/base on armv4t differently. + * js/src/nanojit/NativeARM.cpp: Force NativeARM.o to have arch armv4t in its + .ARM.attributes. + * js/src/jsnum.h, js/src/jsvalue.h: Don't use std::signbit, and replace + JSDOUBLE_IS_* definitions with bitwise operations. bz#640494. + * js/src/shell/jsworkers.cpp: Get rid of STL algorithm use. bz#640494. + * js/src/configure.in: Update to landed version of bz#589744. + * configure.in, js/src/configure.in: Updated to latest version of bz#626035. + + * debian/rules: Enable IPC on all architectures. + + -- Mike Hommey <glandium@debian.org> Fri, 29 Apr 2011 08:01:15 +0200 + +iceweasel (4.0-3) experimental; urgency=low + + * accessible/src/base/TextUpdater.cpp: Fix crash @nsAccessible::AsHyperText() + bz#643906. Closes: #619637. + * configure*, gfx/ycbcr/Makefile.in: Avoid building arm neon code. bz#547946. + * js/src/xpconnect/src/xpcprivate.h, + js/src/xpconnect/src/xpccallcontext.cpp: Ensure XPCCallContext string + cache is aligned. bz#634594. + * gfx/ots/include/opentype-sanitiser.h: strict alignment issues when + displaying OpenType fonts. bz#643137. + + -- Mike Hommey <glandium@debian.org> Sun, 27 Mar 2011 14:23:44 +0200 + +iceweasel (4.0-2) experimental; urgency=low + + * debian/rules: Define __ARM_PCS when building on armel. Fixes FTBFS with + gcc 4.5 not declaring either __ARM_PCS or __ARM_PCS_VFP. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Mar 2011 15:45:17 +0100 + +iceweasel (4.0-1) experimental; urgency=low + + * New upstream release. It's actually the same as rc2. + + * debian/rules: Adjust version checking for version 4.0. + * debian/control: Refreshed. + + * ipc/chromium/Makefile.in: Fix FTBFS in IPC on Linux PPC, part 2. + * xpcom/base/nsDebugImpl.cpp: Fix FTBFS in xpcom/base on armv4t. bz#643779. + + -- Mike Hommey <glandium@debian.org> Tue, 22 Mar 2011 21:06:29 +0100 + +iceweasel (4.0~rc2-2) experimental; urgency=low + + * debian/rules: Actually disable methodjit on armel, instead of all other + architectures. + * ipc/chromium/src/build/build_config.h: Fix FTBFS in IPC on Linux PPC. + bz#643112. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Mar 2011 11:42:44 +0100 + +iceweasel (4.0~rc2-1) experimental; urgency=low + + * New upstream release candidate. + * debian/rules: Modify gross hack on the version checks to make it work with + RC2, which claims to be final. + * debian/control*: Include our tee-enabled cairo NMU from mozilla.debian.net + in build dependencies. + * debian/rules: + - Add IPC support for powerpc. + - Disable methodjit on armel. + + * gfx/layers/basic/BasicImages.cpp: fix bad rendering of video with 16-bits + displays. bz#640588. Closes: #617475. + * configure*: Allow to build against SQLite 3.7.3 for backports. + * js/src/Makefile.in: Avoid "The cacheFlush support is missing on this + platform" error on alpha, ia64, mips and s390. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Mar 2011 09:01:30 +0100 + +iceweasel (4.0~rc1-1) experimental; urgency=low + + * New upstream release candidate. + - Long link URLs are cropped in the middle instead of at the end. + Closes: #615853. + * debian/rules: Gross hack on the version checks to make it work with + RC, which claims to be final. + * js/src/jsnum.h, js/src/jsvalue.h: Use std::signbit when using js + headers in C++. Fixes FTBFS with -std=c++0x, which we use. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Mar 2011 10:19:52 +0100 + +iceweasel (4.0~b12-1) experimental; urgency=low + + * New upstream beta release. + - Properly build documents with overflow:hidden elements. Closes: #562996. + - window.alert dialogs are not popups any more. Closes: #239105. + - Upscaling of images uses bilinear filtering. Closes: #596774. + - Various improvements to the :visited css support to mitigate history + sniffing. Closes: #560108. + - Properly render SVG files with flowRoot. Closes: #513885. + - Fullscreen mode doesn't prevent proper search engine from being used. + Closes: #514939. + - Authentication dialogs are not really popups anymore, so focus problems + with them are fixed. Closes: #609768. + - Better focus handling with location bar vs. content. Closes: #611354. + - Various fixes for use with cairo 1.10, which most notably fixes + animated GIFs. Closes: #589576. + * debian/rules: Handle beta versions in milestone check. + * This new version makes use of APNG files in the GUI that can't easily + be replaced with GIF versions, so we're switching back to the embedded + libpng library. As a consequence, the APNG related patches were dropped. + + * debian/copyright: Updated, but there are most probably still things + missing. + * debian/rules, config/autoconf.mk.in: Bump base version to 2.0. + * debian/rules: + - Don't modify application.ini on the beta release. + - Adjust dh_xulrunner test to match the removal of unixprint plugin. + - Add new variables for packages lists, as required by + toolkit/mozapps/installer/packager.mk. + * debian/control*: + - Add a build dependency on mesa-common-dev. + - libmozjs4d doesn't break xulrunner-1.9.2. + - Build depend on libvpx-dev. + - Build depend on libnss3-dev >= 3.12.9~beta2. + - Build depend on libcairo2-dev >= 1.10.2-2~ for tee surfaces. + - Remove build-dep on libpng12-dev. + * debian/xulrunner-GRE_VERSION.install.in, + debian/xulrunner-GRE_VERSION.links.in: Adapt dh_install and dh_link data + files to new files in built application. + * debian/symbols.filter, debian/rules: Don't filter libmozjs symbols. + * debian/libmozjsSO_VERSION.symbols.*, debian/rules: Don't provide a + symbols file yet. + * js/src/Makefile.in: Bump libmozjs version. + * debian/xulrunner.mozconfig: + - Use internal png library. Works-around: #486827. + - Use system libvpx. + - Build with shared js library. + * debian/iceweasel.mozconfig: + - Disable webm support to avoid failure to build against libxul. This + doesn't remove webm support from underlying xulrunner. + - Build iceweasel without omni.jar until I figure out what to do with the + default profile. + * debian/xulrunner-GRE_VERSION.prerm.in, + debian/xulrunner-GRE_VERSION.postinst.in: Fit to new component + registration. The new component registration doesn't create compreg.dat + and xpti.dat anymore, and .autoreg is not used either. + python-xpcom and other similarly integrated components won't register + automatically until I either implement something to do so, or these + components get integrated as extensions. + * debian/branding: + - Remove brandTrade entity, we don't need it anymore. + - browserconfig.properties is now installed in the chrome. + - branding doesn't use xpcnativewrappers=yes anymore. + - Add icon16.png and icon128.png to branding. These are required for + the new about:home. + - Add missing contentaccessible=yes in content/jar.mn. + - Modify for the new about dialog. + - Use about:home as homepage. + * debian/iceweasel.install, debian/iceweasel.links.in: Don't install + browserconfig.properties from usr/lib/iceweasel, it's not shipped + anymore. + * debian/iceweasel.install: + - Don't install .autoreg, it isn't used anymore. + * debian/installer/Makefile.in: Define JAREXT when building package manifest. + * debian/noinstall.in: LICENSE file is not installed anymore. + * debian/iceweasel.install, debian/xulrunner-GRE_VERSION.install.in: + Install chrome.manifest in GRE and APP directories. + * debian/rules, debian/vendor.js: Set general.useragent.compatMode.firefox + instead of general.useragent.extra.firefoxComment. + * debian/rules, debian/iceweasel.install: Install vendor.js with dh_install + instead of manually in debian/rules. + * debian/watch: Updated. + * debian/xulrunner-GRE_VERSION.install.in, + debian/xulrunner-GRE_VERSION.links.in: Install omni.jar files for + xulrunner. + * debian/installer/Makefile.in, debian/installer/package-manifest.browser: + Properly handle the various MOZ_CHROME_FILE_FORMATs in the package + manifests. + * debian/source.filter: Don't remove branding from source tarball, it's + free as in speech. + * debian/test.mk: + - Don't skip but a few xpcshell tests. + - xpcshell-tests now need a X server. + - Remove the check-date-format-tofte.js test from its new location. + - Remove the test_handlerService.js test from its new location. + - dist/bin/distribution is not needed anymore. + + * js/src/tracejit/Writer.*: "Fix" tracejit to build against nanojit headers + in dist/include/nanojit. + * configure.in, configure: + - Don't take toolkit from the libxul sdk, it's not provided in + mozilla-config.h anymore. + - Allow to build against nspr 4.8.6. + * layout/style/jar.mn, netwerk/protocol/res/nsResProtocolHandler.cpp, + browser/locales/Makefile.in, ipc/glue/GeckoChildProcessHost.cpp, + js/src/xpconnect/loader/mozJSComponentLoader.cpp, modules/libjar/nsJAR.cpp, + modules/libpref/src/nsPrefService.cpp, + netwerk/protocol/res/nsResProtocolHandler.cpp, + startupcache/StartupCache.cpp, toolkit/xre/nsAppRunner.cpp, + toolkit/mozapps/installer/packager.mk, toolkit/xre/nsEmbedFunctions.cpp, + toolkit/xre/nsXREDirProvider.cpp, xpcom/build/Makefile.in, + xpcom/build/Omnijar.*, xpcom/build/nsXPComInit.cpp, + xpcom/components/nsComponentManager.cpp, xulrunner/confvars.sh: Add support + for omni.jar in xulrunner. bz#620931. + * configure.in, configure, js/src/configure.in, js/src/configure: + Don't force build flags upon ARM compilers. bz#626035. + * js/src/configure.in: Fallback to perf measurement stub when perf_event_open + syscall isn't supported. bz#589744. + * config/rules.mk, js/src/config/rules.mk: Remove -ljs_static from test + linking flags. part of bz#584474. + * content/base/src/nsWebSocket.cpp: Use chrome://global url instead of + chrome://browser for websockets errors. bz#636960. + * toolkit/xre/nsAppRunner.cpp: Restore DESKTOP_STARTUP_ID if a restart is + required. bz#607900. + + -- Mike Hommey <glandium@debian.org> Sat, 26 Feb 2011 11:13:10 +0100 + +iceweasel (3.6.13-3) UNRELEASED; urgency=low + + * debian/branding/locales/en-US/brand.*: Changed vendorShortName to + Mozilla to fit upstream. + * debian/branding/Makefile.in, debian/branding/aboutIce.*, + debian/rules: Prepare aboutIce component to the XPCOM changes in + Gecko 2.0. + * debian/extra-stuff/Makefile.in, debian/extra-stuff/addonsInfo.*, + debian/extra-stuff/packages-static.xulrunner: Prepare extra components + to the XPCOM changes in Gecko 2.0. + * debian/iceweasel.install, debian/rules: Install vendor.js with dh_install + instead of manually in debian/rules. + * debian/extra-stuff/Makefile.in, + debian/extra-stuff/packages-static.xulrunner, debian/iceweasel.install, + debian/installer/Makefile.in, debian/installer/package-manifest.*, + debian/rules: Use packager.mk to install about:iceweasel files. + * debian/iceweasel.desktop: Add x-scheme-handler/http* MimeTypes. + Closes: #613109. + + * browser/components/nsBrowserGlue.js: Unbrand Browser Glue Service. + * browser/locales/en-US/chrome/overrides/appstrings.properties, + browser/locales/Makefile.in: Use MOZ_APP_DISPLAYNAME to fill + appstrings.properties. + * browser/branding/*/locales/en-US/brand.dtd, + browser/base/content/credits.xhtml: Use &brandTrade; instead of ™. + * browser/base/content/credits.xhtml, browser/base/Makefile.in: + Use MOZ_APP_DISPLAYNAME to make credits.xhtml vary depending on branding. + * browser/locales/en-US/searchplugins/answers.xml, + browser/locales/en-US/searchplugins/google.xml, + browser/locales/Makefile.in: Modify search plugins depending on + MOZ_APP_NAME. + * browser/app/Makefile.in, browser/app/application.ini, browser/confvars.sh, + config/autoconf.mk.in, configure.in: Don't hardcode anything in + application.ini files. bz#525882. + * browser/components/safebrowsing/content/application.js, + browser/app/profile/firefox.js: Determine which phishing shavar to use + depending on MOZ_OFFICIAL. + + * debian/branding/configure.sh, debian/branding/locales/en-US/brand.dtd: + Adjust Iceweasel branding to unbranding changes above. + + -- Mike Hommey <glandium@debian.org> Sat, 19 Feb 2011 13:47:22 +0100 + +iceweasel (3.6.13-2) experimental; urgency=low + + * debian/control: Refresh from debian/control.in. + * debian/*.mozconfig: Add a comment on top of mozconfig files to avoid + people using them. + * debian/remove.nonfree, debian/repack.py, debian/source.filter, + debian/watch: Update debian/watch and provide a script repacking + upstream source tarballs. + * debian/iceweasel.README.Debian: Fix for the default dsp wrapper behaviour. + * debian/iceweasel.desktop: Add russian translation. Closes: #608876. + Thanks Alexander Sashanov. + * debian/control.in, debian/rules, debian/xulrunner-GRE_VERSION.links.in: + Use /usr/share/myspell/dicts for dictionaries when building for lenny. + Closes: #609111. + * debian/extra-stuff/Makefile.in, debian/extra-stuff/debUpdateNotifier.*, + debian/extra-stuff/filemonitor/, + debian/extra-stuff/packages-static.xulrunner, + debian/xulrunner-GRE_VERSION.install.in: Remove update notifier, it's + not quite as helpful as it should be. + * debian/control.*: + - Relax libglib2.0-dev build dependency. 2.18.0 was only needed for + filemonitor, which we just removed. + - Add a minimum version for build dependency on libevent-dev, for + event_base_loopbreak() and event_base_new(). + + * testing/xpcshell/runxpcshelltests.py: Add a 2 minutes timeout on xpcshell + tests. + + -- Mike Hommey <glandium@debian.org> Sun, 09 Jan 2011 13:46:07 +0100 + +iceweasel (3.6.13-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2010-{74-84}, also known as + CVE-2010-3776, CVE-2010-3777, CVE-2010-3769, CVE-2010-3771, + CVE-2010-3772, CVE-2010-3768, CVE-2010-3775, CVE-2010-3766, + CVE-2010-3767, CVE-2010-3773, CVE-2010-3774, CVE-2010-3770. + * debian/copyright: Updated to include gfx/ots. + * debian/libmozjsSO_VERSION.symbols.in: Add new symbols. + + -- Mike Hommey <glandium@debian.org> Fri, 10 Dec 2010 00:11:50 +0100 + +iceweasel (3.6.12-2) experimental; urgency=low + + * layout/base/tests/TestPoisonArea.cpp: Allow TestPoisonArea to work on + more architectures. + * layout/base/tests/Makefile.in: Revert previous hack to avoid building and + running TestPoisonArea. + + -- Mike Hommey <glandium@debian.org> Sat, 30 Oct 2010 10:46:09 +0200 + +iceweasel (3.6.12-1) experimental; urgency=low + + * New upstream release. + * Fix for mfsa2010-73, also known as CVE-2010-3765. + + -- Mike Hommey <glandium@debian.org> Thu, 28 Oct 2010 09:21:33 +0200 + +iceweasel (3.6.11-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2010-{64-69}, also known as + CVE-2010-3176, CVE-2010-3175, CVE-2010-3179, CVE-2010-3180, + CVE-2010-3183, CVE-2010-3177, CVE-2010-3178. + * debian/control*: Bump build dependencies on libnspr4-dev, libnss3-dev, + and libsqlite3-dev to fit what configure will be looking for. + + -- Mike Hommey <glandium@debian.org> Wed, 20 Oct 2010 02:15:38 +0200 + +iceweasel (3.6.10-1) experimental; urgency=low + + * New upstream release. + * config/JarMaker.py: Use errno.ENOENT instead of "2" in JarMaker.py. + bz#595459. Fixes FTBFS on Hurd. + * debian/rules, debian/xulrunner-dev.install.in: Build npapi_getinfo in + build-xulrunner/dist/bin, and use an RPATH. Some plugins depend on + libxpcom.so, and dlopen() from npapi_getinfo fails unless libxpcom.so + can be loaded too. Fixes FTBFS on hppa as a side effect. + + -- Mike Hommey <glandium@debian.org> Thu, 16 Sep 2010 09:15:51 +0200 + +iceweasel (3.6.9-1) experimental; urgency=low + + * New upstream release. + * Fixes for mfsa2010-{49-51,53-57,59-63}, also known as + CVE-2010-3169, CVE-2010-2765, CVE-2010-2767, CVE-2010-3166, + CVE-2010-2760, CVE-2010-3168, CVE-2010-3167, CVE-2010-2766, + CVE-2010-2762, CVE-2010-2763, CVE-2010-2768, CVE-2010-2769, + CVE-2010-2764. + + * debian/README.Debian: Move to debian/iceweasel.README.Debian. + * debian/branding/content/*.png.uu (removed), + debian/branding/content/*-base.png, debian/source/include-binaries, + debian/branding/content/Makefile.in: Replace .uu files with their binary + counterpart, now that dpkg-dev supports binary files in the debian/ + directory. + * debian/control*: + - Remove build dependency on sharutils. + - Install libmozjs debug symbols together with the xulrunner ones. + - Remove extra ~ in iceweasel version dependency on xulrunner, which + was only required for 3.6.4~build2. + * debian/rules: + - Refactor file preprocessing. + - Actually allow the build sequence to start from intermediate stamps. + - Don't fail to build if the build-xulrunner directory exists. + - Move .PHONY definitions for test targets to debian/test.mk. + - Add some sanity checks on version numbers. + - Use the new DEBIAN_RELEASE variable for dh_gencontrol. + - Enhance the check-system-libs rule to check in the all autoconf.mk + files. + - Further split build and install process in several stamped steps. + - Actually set CXX in default case, and re-export it. + - Move stamps creation at the end, so that "touch" always happens at + the end. + - Separate dh_xulrunner check from dh_install rule for better debugging. + * debian/test.mk: + - Move tests HOME directory into build-xulrunner/dist instead of now + nonexistent dist. + - Don't automatically modify TESTS when TEST_PATH is set. + - Force armel JIT to compile ARMv4T instructions during tests. + - Define generic -skip rules for tests. + - Put all tests requiring an application in a separate variable. + - Use iceweasel for reftest/crashtest. + * debian/reftest-app: Remove our custom reftest-app. + * debian/extra-stuff/Makefile.in: Remove duplicated variables definitions. + * debian/branding/content/jar.mn: Add missing aboutFooter.png to branding. + * debian/rules, debian/noinstall.in: Move testsuite related header field + removal to noinstall.in. + * debian/rules, debian/branding/jar.mn, debian/branding/Makefile.in: Check + the iceweasel branding installs all files provided by upstream unofficial + branding. + * debian/dh/dh_xulrunner.in: + - Fix small formatting issue in dh_xulrunner manual page. + - Remove debug output in dh_xulrunner. + * debian/rules, debian/dh/dh_xulrunner_test, debian/dh/dh_xulrunner.in: + Better check for the dh_xulrunner behaviour. + * debian/rules, debian/dh/npapi_getinfo.c, debian/dh/dh_xulrunner.in, + debian/xulrunner-dev.install.in: New dh_xulrunner feature: return + plugins handled mime types in a substvar. + * debian/xulrunner-dev.links.in: Install a symlink to nspr-config for the + SDK. + * debian/branding/firefox-branding.js: Unset startup.homepage_override_url + and startup.homepage_welcome_url. In other words, don't display anything + special after an upgrade or for the first time the browser is started. + * debian/xulrunner-GRE_VERSION.postinst.in, + debian/xulrunner-GRE_VERSION.prerm.in, + debian/xulrunner-GRE_VERSION.manpages.in, + debian/xulrunner-stub-GRE_VERSION.1.in: Add a /usr/bin/xulrunner-stub + binary in the form of an alternative, and a corresponding manual page. + * debian/smjs.1, debian/control*: Add a note that smjs is not recommended + for production use. + + * gfx/qcms/iccread.c: Fix unaligned reads in qcms. bz#504766. + Closes: #591512. + * browser/components/privatebrowsing/src/nsPrivateBrowsingService.js: Align + -private description in --help output. + * js/src/nanojit/NativeARM.*, js/src/nanojit/avmplus.*, + js/src/nanojit/njcpudetect.h: Fix ARMv4T JIT support, and use patches as + landed in upstream nanojit. + * profile/dirserviceprovider/src/nsProfileLock.*, + toolkit/xre/nsSigHandlers.cpp: Support platforms without SA_SIGINFO. + bz#593767. Closes: #595535. Thanks Samuel Thibault. + * xulrunner/installer/*.pc.in: pkg-config files don't need to require the + version of nspr xulrunner was built against. Closes: #595842. + + * testing/xpcshell/head.js, debian/test.mk: Revert previous temporary hacks + to track down kfreebsd buildd issues. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Sep 2010 09:05:03 +0200 + +iceweasel (3.6.8-2) experimental; urgency=low + + * New upstream release. + + [ iceweasel ] + * debian/iceweasel.install, debian/rules: Build in a subdirectory instead + of within the source directory. + * debian/iceweasel.mozconfig, debian/rules: Move most configure options + to a separate mozconfig file. + * debian/iceweasel.install: Install blocklist.xml. + * debian/noinstall, debian/rules: Remove some installed files from + debian/tmp, and use dh_install --fail-missing. + * debian/rules: Add --with-system-libxul configure option. + * debian/rules: Rename CONFIGURE_OPTIONS to CONFIGURE_FLAGS + * debian/control*: + - Reformat. + - Remove Eric Dorland from the Uploaders field. Given his limited time + and lost interest, Eric agreed to formally retire from iceweasel + maintenance. Thanks for all these years, Eric. + + * build/Makefile.in, build/automation-build.mk: Revert cleaning patches. + + [ xulrunner ] + * debian/control*, debian/extra-stuff/packages-static.xulrunner, + debian/libmozillainterfaces-java.*, debian/rules, + debian/xulrunner-BASE_VERSION.install.in: Remove unsupported javaxpcom + support. + * debian/rules, debian/test.mk: Build in a subdirectory instead of within + the source directory. + * debian/mozconfig*, debian/rules: Move default-mozilla-five-home + definition from mozconfig to debian/rules. + * debian/mozconfig, debian/rules: Rename mozconfig to xulrunner.mozconfig. + * debian/*: Rename BASE_VERSION to GRE_VERSION. + + * Makefile.in, build/Makefile.in, build/automation-build.mk, + config/rules.mk, js/src/Makefile.in, js/src/config/rules.mk, + js/src/xpconnect/src/Makefile.in, testing/testsuite-targets.mk, + xpcom/tests/Makefile.in: Revert cleaning patches. + * extensions/java/xpcom/Makefile.in, + toolkit/toolkit-makefiles.sh: Revert javaxpcom patches. + * memory/jemalloc/jemalloc.c: Properly disable ncpus in jemalloc, which + the previous patch didn't do. + + [ merged packages ] + * debian/control*, debian/rules: Merged iceweasel and xulrunner source + packages. Binary packages are kept as they were before. + * debian/copyright, debian/watch: Use Iceweasel's version. + * debian/changelog: Keep Iceweasel changelog. Xulrunner's go in a separate + debian/changelog.xulrunner file, for historical purpose. The file is not + installed in binary packages. + * debian/control*: Fix xulrunner-dev dependencies. As ${source:*Version} + will return iceweasel version, ${binary:Version} is better to use. It + turns out it is safe to use now xulrunner-dev is not Arch: all. + * debian/extra-stuff/Makefile.in: + - Fix to support subdirectory build. + - Avoid duplicated entries in generated jar manifest. + * debian/rules: + - Set LDFLAGS for iceweasel the same way xulrunner does. + - Export CFLAGS and CXXFLAGS directly from rules instead of setting them + when calling configure. + * debian/extra-stuff/Makefile.in, debian/noinstall*, debian/rules: Use + debian/noinstall to avoid installing some xulrunner files, instead of + filtering the package manifest. + * debian/rules, debian/*.manpages*: Use .manpages files instead of calling + dh_installman manually. Iceweasel was doing that, but not xulrunner. + * Skip version 3.6.8-1, as xulrunner packages versions numbers would then + be 1.9.2.8-1, which was already used. + * debian/reftest-app/defaults/preferences/reftest-app.js: Add a default + value for the dom.ipc.plugins.enabled pref to the reftest app. + + * testing/xpcshell/head.js: Add a 2 minutes timeout on xpcshell tests. + * debian/test.mk: Add logging messages during xpcshell tests to track down + kfreebsd buildd issues. + + -- Mike Hommey <glandium@debian.org> Fri, 20 Aug 2010 21:57:53 +0200 + +iceweasel (3.6.7-1) experimental; urgency=low + + * New upstream release. + * Fixes mfsa-2009-45, also known as CVE-2010-1206. + * debian/control: + - Remove conflict with very old package. + - Bump Standards-Version to 3.9.0.0. + + -- Mike Hommey <glandium@debian.org> Wed, 21 Jul 2010 00:21:17 +0200 + +iceweasel (3.6.4-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 23 Jun 2010 15:27:03 +0200 + +iceweasel (3.6.4~build2-1) experimental; urgency=low + + * debian/copyright, debian/remove.nonfree: Update to fit new upstream + (pre)release. + * debian/iceweasel-runner: Don't override MOZ_APP_LAUNCHER, which was + already set. + * debian/firefox, debian/iceweasel.install, debian/iceweasel.postrm, + debian/iceweasel.preinst: Divert /usr/bin/firefox and put a wrapper script + instead. The wrapper script runs the diverted firefox if it exists, and + iceweasel otherwise. Closes: #576392. + * debian/README.Debian: Add a note about safe browsing in README.Debian. + Closes: #575039. + * debian/rules: + - Build with --std=gnu++0x. + - Don't check for libiw, necko wifi is part of libxul already. + * debian/control*: + - Remove dependency on psmisc as we've not been using fuser for years. + - Iceweasel 3.6.4~build2 needs to depend on xulrunner 1.9.2.4~build2. + * debian/branding/Makefile.in, debian/branding/aboutIce.js, + debian/branding/ice.*, debian/branding/jar.mn, debian/iceweasel.install: + Add a about:iceweasel page similar to about:mozilla. Closes: #413725. + + * configure.in: Revert change to force not to use -fshort-wchar. + + -- Mike Hommey <glandium@debian.org> Mon, 03 May 2010 13:44:40 +0200 + +iceweasel (3.6.3-1) experimental; urgency=low + + * New upstream release. + * debian/rules, debian/control: Bump GRE version to 1.9.2. + * debian/branding/Makefile.in: document.png moved in upstream tarball. + * debian/patches/*: Refresh patches and add some more: + - More s/%APP%/firefox/ changes for 3.6. + - Additional --with-libxul-sdk changes for 3.6. + + -- Mike Hommey <glandium@debian.org> Fri, 02 Apr 2010 21:44:36 +0200 + +iceweasel (3.5.9-2) unstable; urgency=low + + * debian/remove.nonfree: There are still some .cvsignore files in the + upstream tarballs. + * debian/rules, debian/iceweasel.links.in, debian/iceweasel.bug-script.in, + debian/iceweasel.bug-control.in, debian/control.in, debian/control: + Generate GRE version dependent information from GRE_VERSION set in + debian/rules. + * debian/rules, debian/control*: Have iceweasel 3.5.x depend on xulrunner + 1.9.1.x at least. This will force upgrades of xulrunner when iceweasel + is upgraded. + + -- Mike Hommey <glandium@debian.org> Fri, 02 Apr 2010 20:08:22 +0200 + +iceweasel (3.5.9-1) unstable; urgency=low + + * New upstream release. + * config/autoconf.mk.in: Revert previous changes to install in an + unversioned directory. + * debian/rules: Pass an installdir variable to install into + /usr/lib/iceweasel. + * debian/control: + - Suggest libkrb53 for backports. + - Build-depend on xulrunner-dev << 1.9.2. + * debian/iceweasel.prerm, debian/iceweasel.postinst: Remove old mozilla + alternative. I think there is no reason to keep this anymore. + * debian/iceweasel.links: Remove firefox and mozilla-firefox links. + It will help make transition to Firefox easier if that ever happens. + * debian/remove.nonfree: We now remove more non-free data. Also cleaned up + outdated stuff. Closes: #567915 + * debian/source/format, debian/patches/*: Switch to 3.0 (quilt) format, + with patches. + + * browser/components/safebrowsing/content/application.js, + browser/app/profile/firefox.js: Use googpub-phish-shavar instead of + goog-phish-shavar for safe browsing. This is a first step for fixing safe + browsing. Either the current setup will work if Google allows our client + string to get this data, or we'll be allowed to say we're firefox to the + safe browsing server. Closes: #561927. + + -- Mike Hommey <glandium@debian.org> Thu, 01 Apr 2010 16:23:51 +0200 + +iceweasel (3.5.8-1) unstable; urgency=low + + * New upstream release. + * browser/components/nsBrowserContentHandler.js: Revert temporary hack to + force homepage_override to be triggered. + * extensions/reporter/resources/content/reporter/reporterOverlay.xul, + browser/base/content/baseMenuOverlay.xul: Resurrect release notes menu + item. Also resurrect the check for updates one, since it is #ifdef'ed on + something we disable. + * browser/components/safebrowsing/content/report-phishing-overlay.xul: + Revert the change in report phishing menu item location. Now we + resurrected the release notes item and restored the updateSeparator, + this change is pointless. + * browser/base/content/credits.xhtml: Correct old merge mistake. + * browser/locales/en-US/searchplugins/google.xml: Fix Google suggestions + in search box. Closes: #568004. + * build/Makefile.in: Remove leaktest files in make clean. bz#541769. + * build/Makefile.in, build/automation-build.mk, build/automation.py.in, + build/pgo/Makefile.in, layout/tools/reftest/Makefile.in, + testing/mochitest/Makefile.in: Don't remove build/automationutils.py + on make clean. bz#525047. + * build/automation-build.mk: Remove automation.py in make clean. bz#541768. + + * debian/control: + - iceweasel provides gnome-www-browser: Closes: #568320. + - Bump Standards-Version to 3.8.4.0. + * debian/branding/firefox-branding.js: + - Add a release notes URL. + - Point to localized urls on mozilla.debian.net. + * debian/rules: + - Remove Debian revision from the User Agent string. + - Don't set distribution-id, it's only used in toolkit, i.e. xulrunner. + - Remove uneffective --disable-gtktest flag. + * debian/iceweasel.install, debian/wikipedia-en.xml: Remove + wikipedia-en.xml searchplugin. There is now a better search plugin (with + suggestions) provided upstream. + * debian/rules, debian/iceweasel.install, debian/debsearch.*: Refresh + debsearch search plugin. + * debian/iceweasel.1: Improve manual page for -P option. Closes: #568677. + * debian/iceweasel-xremote-client: Don't need to set LD_LIBRARY_PATH. + * debian/iceweasel.install, debian/rules: Don't install xpm files in + chrome/icons/default. They are not provided there upstream anymore, + there is no reason to do so. + * debian/rules, debian/*.svg, debian/iceweasel.install, debian/*.png.uu, + debian/branding: Move images generation and cleanup in debian/branding. + * debian/rules: + - Remove unused variables in debian/rules. + - Remove binary-indep rules, as we don't build an arch: all package + anymore. + - Don't unnecessarily set LD_LIBRARY_PATH when building. + - Remove old comments from dh-make templates. + - Use browser/config/version.txt content as UPSTREAM_VERSION. + - Use a variable for GRE version. + - Use the GRE directory as hint for dh_shlibdeps. + - Install the MPL license text in all packages. + - Don't fix permissions that don't need to be fixed. + * debian/README.Debian: Remove mostly irrelevant parts of README.Debian. + * debian/compat, debian/rules: Switch to dh. + * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/updates on upgrades. + * debian/rules: + - There is no bashism in debian/rules anymore. + - Use make dependency to "generate" the MPL file. + - Set LDFLAGS at configure time. + * debian/vendor.js: Don't trigger the debAbout component. Now we have a + release notes link in about:, the debAbout generated links are pointless, + especially since they create problems in the target web pages + (e.g. unstyled BTS). + * debian/iceweasel-gnome-support.{prerm,postinst}, + debian/iceweasel.{prerm,postinst}: Merge iceweasel-gnome-support + maintainer scripts into iceweasel ones. + + -- Mike Hommey <glandium@debian.org> Wed, 17 Feb 2010 22:46:30 +0100 + +iceweasel (3.5.6-2) unstable; urgency=low + + * debian/iceweasel-runner: + - Allow iceweasel-runner not to hardcode the iceweasel base directory. + Closes: #507120. + - Remove old compatibility stuff. + * debian/iceweasel.desktop: Only put the name in the Name field of the + freedesktop application file. Closes: #507961. + * debian/iceweasel.dirs: + - Make it clear that plugins should live in /usr/lib/mozilla/plugins/ + by shipping the directory in the iceweasel package. Closes: #520676. + - Likewise for extensions in /usr/{lib,share}/mozilla/extensions/$app-id. + Closes: #564669. + * debian/control: + - Suggest ttf-lyx | latex-xft-fonts (latex-xft-fonts is kept for stable + users). Closes: #539537. + - Replace libkrb53 suggestion with libgssapi-krb5-2. + - Remove the iceweasel-gnome-support package. + - Rewrite the short description. Also slightly modify the long + description. Closes: #400858. + - Build conflict with libhildonmime-dev and libosso-dev. Closes: #544369 + * debian/iceweasel.1: + - Fix trivial typo in the manual page. Closes: #528789. + - Synchronize manual page with iceweasel --help output, and add various + other information. Closes: #362020, #520660, #556258. + * debian/homepagereset.js, debian/iceweasel.install: Remove the + homepagereset component. It was used to reset the homepage user settings + if it were a very old value. Anyone using these old homepages should have + had their homepage reset by now. + * debian/control, debian/iceweasel.bug-presubj, debian/iceweasel.install, + debian/rules: Use dh_bugfiles instead of installing reportbug-related + files by hand. + * debian/iceweasel.bug-script: Add reportbug script to list addons. + This uses a new helper in xulrunner-1.9.1. Closes: #356647. + * debian/iceweasel.bug-control: Request xulrunner-1.9.1 dependency list in + bug reports. + * debian/branding/Makefile.in, debian/branding/firefox-branding.js: + Use http://mozilla.debian.net pages for homepage_override and welcome. + * browser/components/nsBrowserContentHandler.js: Temporary hack to force + homepage_override to be triggered. This hack is to be removed in next + release. Its sole purpose is to get people to see the pages on + http://mozilla.debian.net/ despite the upstream version not being bumped. + * debian/iceweasel.prerm: When removing the package, cleanup files + iceweasel creates if run as root. + * debian/iceweasel.install, debian/iceweasel.prerm: Make .autoreg part of + the package. + * debian/iceweasel-restart-required.update-notifier, + debian/iceweasel.install, debian/iceweasel.postinst: Remove update + notification through update-notifier + * browser/components/nsBrowserContentHandler.js, + browser/components/shell/src/nsSetDefaultBrowser.js: Fix misalignments + in --help command line. bz#458631. + * browser/base/content/browser.css: Favicons in search bar dropdown not + shown if menus_have_icons=false. bz#508221. Closes: #561902. + + -- Mike Hommey <glandium@debian.org> Wed, 03 Feb 2010 07:55:01 +0100 + +iceweasel (3.5.6-1) unstable; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 16 Dec 2009 11:08:01 +0100 + +iceweasel (3.5.5-1) unstable; urgency=low + + * New upstream release. + * debian/remove.nonfree: Synchronize with Iceape 2.0. + * debian/copyright: Update with missing information, and remove lcms + licensing as it was dropped in 3.5. + * debian/iceweasel-runner: Synchronize with Iceape 2.0's iceape-runner: + - Remove obsolete (and commented) Xprint support. + - Only handle --verbose, -V, -g and --debugger options. + - Output less variables when running verbosely. + * debian/README.Debian: Point to the proper file containing the + app.update.enabled setting. + * debian/rules: Properly modify {Min,Max}Version in application.ini. + * debian/control, debian/iceweasel.preinst: Removed upgrade path from + old firefox packages. + * debian/rules: Add a "like Firefox/version" string to the UA. + Closes: #399633. + * debian/control: + - Set the pkg-mozilla team as maintainer. + - Bump Standards-Version to 3.8.3.0. + * browser/components/sessionstore/src/nsSessionStore.js: Avoid wrong + sessionstore data to keep windows out of user sight. + Closes: #552426, #553453. + + -- Mike Hommey <glandium@debian.org> Thu, 12 Nov 2009 17:32:42 +0100 + +iceweasel (3.5.4-1) unstable; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Wed, 28 Oct 2009 16:36:06 +0100 + +iceweasel (3.5.3-2) unstable; urgency=low + + * debian/iceweasel-runner: Set the MOZ_APP_LAUNCHER in the runner script to + register the proper name with XSMP. Closes: #437999. + * debian/watch: Fix to fit new upstream tarball names. + Thanks Yan Morin <progysm@gmail.com>. Closes: #550482. + + -- Mike Hommey <glandium@debian.org> Sat, 10 Oct 2009 16:03:21 +0200 + +iceweasel (3.5.3-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Thu, 10 Sep 2009 22:04:25 +0200 + +iceweasel (3.5.2-1) experimental; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Thu, 20 Aug 2009 07:30:00 +0200 + +iceweasel (3.5.1-1) experimental; urgency=low + + * New upstream release. + * debian/copyright: + - Fix GPL and LGPL text location. + - Update copyright information. + * debian/control: + - Add ${misc:Depends} in all binary packages dependencies. + - Set iceweasel-dbg's section to debug. + - Bumped Standards-Version to 3.8.2.0. + * debian/rules: Removed call to deprecated dh_desktop. + * debian/iceweasel.postinst: Remove call to update-desktop-database, which + is not in /usr/sbin anyways, and is called automatically (was added by + dh_desktop before, and run by desktop-file-utils triggers now). + + -- Mike Hommey <glandium@debian.org> Fri, 17 Jul 2009 20:49:41 +0200 + +iceweasel (3.5-1) experimental; urgency=low + + * New upstream release. + * debian/control, debian/rules, debian/iceweasel.links: Build against and + depend on xulrunner 1.9.1. + * configure.in, configure: Don't check for libasound. + * debian/branding/locales/en-US/brand.dtd: Add missing entity. + * browser/components/build/Makefile.in: Link against nspr. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Jul 2009 07:59:42 +0200 + +iceweasel (3.0.11-1) unstable; urgency=low + + * New upstream release. + + -- Mike Hommey <glandium@debian.org> Sat, 13 Jun 2009 20:33:30 +0200 + +iceweasel (3.0.9-1) unstable; urgency=high + + * New upstream release. + * Fixes mfsa-2009-20, also known as CVE-2009-1310. + + -- Mike Hommey <glandium@debian.org> Wed, 22 Apr 2009 21:18:38 +0200 + +iceweasel (3.0.7-1) unstable; urgency=high + + * New upstream release. + * Fixes mfsa-2009-11, also known as CVE-2009-0777. + + -- Mike Hommey <glandium@debian.org> Sun, 08 Mar 2009 11:23:28 +0100 + +iceweasel (3.0.6-1) unstable; urgency=low + + * New upstream release. + * Fixes mfsa-2009-03, also known as CVE-2009-0355. + + -- Mike Hommey <glandium@debian.org> Wed, 04 Feb 2009 08:19:24 +0100 + +iceweasel (3.0.5-1) unstable; urgency=low + + * New upstream release. + * Fixes mfsa-2008-{63,69}, also known as CVE-2008-5505 and CVE-2008-5513. + * debian/vendor.js: Remove EULA override, since the EULA was removed + upstream, and its replacement has been made hidden to unofficial builds. + + -- Mike Hommey <glandium@debian.org> Sat, 20 Dec 2008 13:40:23 +0100 + +iceweasel (3.0.4-1) unstable; urgency=low + + * New upstream release. (Closes: #505557) + + [ Mike Hommey ] + * debian/iceweasel-gnome-support.postinst, + debian/iceweasel-gnome-support.prerm: Handle gnome-www-browser alternative. + Restored from 3.0~b5-3. Closes: #492286. + * debian/branding/locales/browserconfig.properties: Change the homepage to + about:. Closes: #499346 + * browser/branding/unofficial/locales/browserconfig.properties: Revert + previous change, this is not the installed file. + * debian/homepagereset.js: Force homepage reset if it was previously set to + the granparadiso homepage. + * debian/iceweasel-restart-required.update-notifier: Added japanese + translation. Thanks Hideki Yamane. Closes: #503595. + * browser/components/shell/src/nsGNOMEShellService.cpp: Fix various problems + in the handling of GNOME background color. Closes: #495897. + + [ Eric Dorland ] + * debian/iceweasel.desktop: Just specify "iceweasel" as the icon, so it + can pick the scalable one under certain circumstances. (Closes: + #451943) + + -- Eric Dorland <eric@debian.org> Sun, 23 Nov 2008 01:32:40 -0500 + +iceweasel (3.0.3-3) unstable; urgency=low + + * browser/app/profile/firefox.js: Replace %APP% with firefox in some places. + Closes: #501540, #502450. + * browser/branding/unofficial/locales/browserconfig.properties: Change the + homepage to about:. Closes: #499346. + * browser/app/profile/firefox.js, browser/locales/en-US/firefox-l10n.js: + Remove general.useragent.locale prefs from firefox*.js. Closes: #495381. + * browser/components/feeds/src/FeedConverter.js: Allow external web feed + application to work without gnome libraries. Closes: #406380. + * debian/presubj: Minor changes and add a note about MOZILLA_DISABLE_PLUGINS + environment variable. + * debian/control: Depend on a version of xulrunner-1.9 that handles the + MOZILLA_DISABLE_PLUGINS environment variable. + + -- Mike Hommey <glandium@debian.org> Fri, 24 Oct 2008 08:16:02 +0200 + +iceweasel (3.0.3-2) unstable; urgency=low + + * debian/iceweasel-xremote-client, debian/iceweasel-runner: Use 'iceweasel' + as default application id instead of 'firefox'. + * debian/iceweasel.1: Update the manpage accordingly. + * Thanks to Sven Hartge. Closes: #501304, #501363, #501394, #501445. + + -- Mike Hommey <glandium@debian.org> Wed, 08 Oct 2008 07:36:53 +0200 + +iceweasel (3.0.3-1) unstable; urgency=high + + * New upstream release. (Closes: #500374) + + * debian/presubj: Fix typo. Thanks Rémi Vanicat. (Closes: #444736) + * browser/app/application.ini: Our name should be Iceweasel and not + Firefox. This name here is used early in the startup, for things like + the group leader window name. (Closes: #428836) + * browser/app/application.ini: Set the profile path explicitely now that + we have a different application name. + * debian/iceweasel-runner: Add the -profile and + -install-global-extension to the list of single arg flags for + iceweasel. (Closes: #425874, #440455) + * debian/iceweasel.desktop: Fixed Finnish desktop file + translation. Thanks Timo Jyrinki. (Closes: #483941) + + -- Eric Dorland <eric@debian.org> Mon, 06 Oct 2008 01:59:30 -0400 + +iceweasel (3.0.1-1) unstable; urgency=low + + * New upstream release. + * debian/rules: + - Install the 64x64 icon into the proper place. Closes: #479032. + - Broaden version range for the GRE in application.ini. + * browser/components/preferences/applications.js: Avoid spurious "Run" items + in application handlers configuration pane. + * browser/components/preferences/applicationManager.xul: Fix breakage of the + application manager by change to applications.js in 3.0~rc2-2. + * debian/iceweasel-runner: Don't set MOZILLA_NO_JEMALLOC when using aoss. + * debian/control: + - Depend on a version of xulrunner with a fixed jemalloc. + - Updated Standards-Version to 3.8.0.1. No changes required. + * debian/remove.nonfree: Don't remove files that don't exist anymore, and + properly remove some files with spaces in their name. + * debian/iceweasel.links: /usr/share/icons/hicolor/64x64/apps/iceweasel.png + is not a link anymore. + + -- Mike Hommey <glandium@debian.org> Mon, 14 Jul 2008 22:51:39 +0200 + +iceweasel (3.0~rc2-2) unstable; urgency=low + + * debian/iceweasel-runner: + - Fix startup with aoss as ICEWEASEL_DSP. Closes: #485623. + - Use MOZILLA_NO_JEMALLOC instead of LD_PRELOAD to disable jemalloc. + * browser/components/preferences/applications.js: Avoid failure to + initialize the applications preferences pane when the shell service is not + loaded, which happens when xulrunner-1.9-gnome-support is not installed. + Closes: #485765. + * browser/confvars.sh: Set MOZ_APP_NAME to iceweasel. This will make the + shell service use the proper path when setting the default browser. + Closes: #399632. + * configure, configure.in: Force to not use -fshort-wchar. Closes: #474281. + * debian/control: + - Build depend on version of xulrunner-dev that doesn't use -fshort-wchar. + - Depend on version of xulrunner-1.9 implementing MOZILLA_NO_JEMALLOC and + lockPref in preferences. + * debian/iceweasel.cfg: Removed. + * debian/iceweasel.install: Don't install iceweasel.cfg. + * debian/vendor.js: Moved the locked preference for app.update.enabled here, + now that can be done here with newest xulrunner-1.9. Note that + iceweasel.cfg was not taken into account due to general.config.filename + mistakenly not being set. + * debian/iceweasel.js: Fixed preferences location in /usr/lib/iceweasel and + added a note about lockPref. + * debian/rules, debian/iceweasel.install: Now that we don't have flat + chrome, we can't use icons from chrome/browser/content. Change links to + point to a proper location, and install missing 64x64 icon. Thanks + Franklin PIAT. Closes: #486521. + + -- Mike Hommey <glandium@debian.org> Sat, 21 Jun 2008 15:57:49 +0200 + +iceweasel (3.0~rc2-1) unstable; urgency=low + + * New upstream release candidate. + + -- Mike Hommey <glandium@debian.org> Sat, 07 Jun 2008 12:46:43 +0200 + +iceweasel (3.0~rc1-1) experimental; urgency=low + + * configure.in, configure: Fix LIBXUL_SDK_DIR variable use. Closes: #479041. + * debian/iceweasel-runner: Work around problems with aoss and libjemalloc by + preloading the glibc. Closes: #475166. + * debian/iceweasel.postinst: + - Remove any compreg.dat and xpti.dat that would be left from earlier runs + of iceweasel as root, causing possible random crashes with xpcom. + Closes: #481020. + - Touch .autoreg on install/upgrade, so that components registration is + triggered for the components provided by iceweasel. + * debian/control: + - Build depend on xulrunner-dev 1.9~rc1 and stop build depending on + xulrunner-1.9-common which was only required because of incompatible + platform.ini in xulrunner-1.9-common 1.9~b5-1. + - iceweasel depends on xulrunner >= 1.9~rc1. + * debian/about_debian.js: Removed, as this component will be provided by + xulrunner. + * debian/iceweasel.install: Don't install about_debian.js. + * debian/rules: Use proper flag to disable optimization. + * debian/branding/branding.nsi, debian/branding/content/contents.rdf: + Removed useless branding files. + * debian/branding/locales/en-US/brand.dtd: Removed useless entity. + * debian/vendor.js: + - Add package name for debAbout.js component. + - Avoid displaying useless EULA at iceweasel startup. + * debian/rules: Install debian/vendor.js and append + general.useragent.extra.firefoxComment there. + * configure.in, configure: Don't build libjemalloc when building against + libxul-sdk. + * browser/base/content/baseMenuOverlay.xul, + browser/components/safebrowsing/content/report-phishing-overlay.xul, + extensions/reporter/resources/content/reporter/reporterOverlay.xul: + Arrange menu overlays so that nothing ends up after "About Iceweasel". + + -- Mike Hommey <glandium@debian.org> Sat, 24 May 2008 22:48:48 +0200 + +iceweasel (3.0~b5-4) experimental; urgency=low + + [ Eric Dorland ] + * debian/control: + - Add Replaces on iceweasel-gnome-support for imgicon move. + (Closes: #478084) + - Fix GNOME spelling errors. + - Remove binutils and dpkg-dev build dependencies that were workarounds + for broken version that are no longer in Debian. + * debian/rules: Add calls to dh_desktop. + * debian/iceweasel.postinst: Fix inverted check for a running + iceweasel. Thanks Andreas Beckmann. (Closes: #473756) + * debian/iceweasel.desktop: Add trailing semicolons to Categories and + Mimetype to comply the standard. Thanks Michael Biebl. (Closes: + #468117) + + [ Mike Hommey ] + * debian/control: + - Replace a bunch of build dependencies with xulrunner-dev and + xulrunner-1.9-common (a versioned dependency is required for this one + because of an incompatible platform.ini in 1.9~b5-1). + - iceweasel now depends on xulrunner-1.9 (we rely on xulrunner-stub from + version 1.9~b5-4). + - iceweasel-dbg depends on xulrunner-1.9-dbg. + - iceweasel-gnome-support is transformed into a dummy package to install + xulrunner-1.9-gnome-support. + * debian/iceweasel-gnome-support.*: Removed. + * debian/iceweasel.install, debian/iceweasel.links: + - Don't install files that are provided by xulrunner-1.9, including the + firefox binary, which is a copy of xulrunner-stub. + - defaults/pref is now defaults/preferences. + - Install application.ini in /usr/lib/iceweasel instead of + /usr/share/iceweasel. Xulrunner following symlinks, it fails running + iceweasel without the file being in /usr/lib/iceweasel. + * debian/rules: + - Build against xulrunner-1.9. + - Don't install files in the iceweasel-gnome-support package and don't + filter anything in the iceweasel package. + - Don't set general.useragent.product and general.useragent.productSub, + they have no effect anymore. + - defaults/pref is now defaults/preferences. + - Remove specific CFLAGS for alpha and ppc64, since we don't build from + code that may require it. + - Properly cleanup debian/branding with clean rule. + * debian/iceweasel.links: + - Install the xulrunner-stub as a /usr/lib/iceweasel/firefox-bin symlink. + It will also allow smooth upgrade for those whose session manager stored + firefox-bin as iceweasel main executable. + - Help xulrunner-stub by pointing to xulrunner's home with a + /usr/lib/iceweasel/xulrunner symlink to /usr/lib/xulrunner-1.9. + * debian/iceweasel.postinst: Remove /usr/lib/iceweasel/.autoreg on upgrade. + * debian/iceweasel-xremote-client: Don't set MOZILLA_FIVE_HOME anymore. + * toolkit/library/Makefile.in, + xpcom/reflect/xptcall/src/md/unix/Makefile.in: Revert changes to these + files, as they are not used for the build anymore. + + -- Mike Hommey <glandium@debian.org> Thu, 01 May 2008 18:56:40 +0200 + +iceweasel (3.0~b5-3) experimental; urgency=low + + * debian/README.Debian: Change the paragraph about pango, since this is now + the only font backend and MOZ_DISABLE_PANGO is effectless. + * debian/presubj: Remove the paragraph about MOZ_DISABLE_PANGO. + * debian/iceweasel-runner: Don't export the MOZ_DISABLE_PANGO variable. + * debian/rules: + - Remove old unused stuff. + - Use upstream optimization flags. + - Arrange LDFLAGS so that -Wl,--as-needed appears before -lpthread. + * debian/iceweasel-gnome-support.install: Remove the imgicon component from + the iceweasel-gnome-support package. (Closes: #477661) + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fix FTBFS on hppa. + (Closes: #473766) + + -- Mike Hommey <glandium@debian.org> Sat, 26 Apr 2008 09:35:27 +0200 + +iceweasel (3.0~b5-2) experimental; urgency=low + + [ Mike Hommey ] + * allmakefiles.sh: Make the branding directory cleanup properly. + * browser/build.mk, browser/installer/Makefile.in, + toolkit/mozapps/installer/packager.mk: Cleanup the few remaining files in + browser/installer when distcleaning. + * configure.in, configure: Check less things during configure when using + libxul-sdk. + + [ Eric Dorland ] + * debian/rules: Install the libimgicon.so component in the regular + iceweasel package and not iceweasel-gnome-support. It's needed to + display the icons and doesn't actually depend on anything gnome + specific. (Closes: #474728) + * debian/rules: Suggest xfonts-mathml and ttf-mathematica4.1 for mathml + support. (Closes: #445564) + + -- Eric Dorland <eric@debian.org> Tue, 22 Apr 2008 01:26:06 -0400 + +iceweasel (3.0~b5-1) experimental; urgency=low + + * New upstream beta release. + * debian/branding/locales/Makefile.in: Fix location of the branding + directory. + + -- Eric Dorland <eric@debian.org> Wed, 02 Apr 2008 22:58:08 -0400 + +iceweasel (3.0~b4-2) experimental; urgency=low + + * debian/branding/*, debian/rules, debian/iceweasel.install: Use the + --with-branding flag, create a branding directory and generate all of + our snazy icons inside of it. + * debian/filter-globe.xsl: Remove, no longer needed. + * debian/control: Fix build dependencies, add zip and + libdbus-glib-1-dev, and tighten the cairo dependency. Thanks Michel + Dänzer. (Closes: #472467) + * debian/rules: Disable the crash reporter, Mozilla probably won't + appreciate our reports. + + -- Eric Dorland <eric@debian.org> Tue, 01 Apr 2008 01:42:10 -0400 + +iceweasel (3.0~b4-1) experimental; urgency=low + + * New upstream beta release. + + * debian/control: + - Sort the Build-Depends by alphabetical order and add proper linebreaks. + - Update Standards-Version to 3.7.3. + - Point Vcs-* headers at new Git repo. + * browser/base/content/baseMenuOverlay.xul, + browser/base/content/baseMenuOverlay.xul, + browser/base/content/credits.xhtml, + browser/components/nsBrowserGlue.js, + browser/locales/en-US/chrome/overrides/appstrings.properties, + browser/locales/en-US/searchplugins/answers.xml, + browser/locales/en-US/searchplugins/google.xml: Re-port a bunch of + Firefox to Iceweasel renames. + * debian/iceweasel-dom-inspector.install, + debian/iceweasel-dom-inspector.links, debian/control, debian/rules: + The dom-inspector has been removed from 3.0, so remove the package and + conflict against the old one. + + -- Eric Dorland <eric@debian.org> Sun, 23 Mar 2008 23:09:32 -0400 + +iceweasel (3.0~b3-1) experimental; urgency=low + + * New upstream beta release. + * debian/rules: Remove the --enable-chrome-format=flat for now. + + -- Eric Dorland <eric@debian.org> Tue, 04 Mar 2008 01:36:37 -0500 + +iceweasel (3.0~b2-1) UNRELEASED; urgency=low + + * New upstream beta release. + * debian/remove.nonfree: Don't remove atk components from other-licenses. + * debian/rules: + - Don't build static, seems static building is incompatible with libxul. + - Need to build with internal libpng, since the system on doesn't support + APNG. + - Don't use system nss, nspr and hunspell for the moment. + - Don't install the nspr, nss, etc links for now. + - Pass --disable-install-strip and drop --disable-strip-libs, which + doesn't exist anymore. + * toolkit/library/Makefile.in: Include -lXrender, the GTK libs don't + seem to pull it in and we need it. + * debian/iceweasel.install: + - Apparently the unixprintplugin isn't there anymore, remove the line. + - Collapse the chrome installation, the manifest files there are the only + ones we want. + * debian/iceweasel.install, debian/iceweasel.links: + - Install and link to the new modules directory. + - Install and link to new .ini files. + + -- Eric Dorland <eric@debian.org> Mon, 21 Jan 2008 17:56:50 -0500 + +iceweasel (2.0.0.11-1) unstable; urgency=low + + * New upstream release, not actually different from 2.0.0.10-2. + + [ Eric Dorland ] + * debian/iceweasel.desktop: Set the Category to Network;WebBrowser and + remove invalid Applcation. + * debian/rules: Don't unilaterally ignore make distclean errors. + + [ Mike Hommey ] + * debian/shlibs.local: Not needed now that older versions of libnss are not + longer in the archive. + + -- Eric Dorland <eric@debian.org> Sat, 01 Dec 2007 20:40:54 -0500 + +iceweasel (2.0.0.10-2) unstable; urgency=low + + * content/canvas/src/nsCanvasRenderingContext2D.cpp: Apply patch from + bz#391028 to fix bz#405584, a regression in Canvas.drawImage. + + -- Eric Dorland <eric@debian.org> Tue, 27 Nov 2007 13:13:56 -0500 + +iceweasel (2.0.0.10-1) unstable; urgency=low + + * New upstream release. + - Fix the following security issues: CVE-2007-5960, CVE-2007-5959, + CVE-2007-5947. (Closes: #451624) + + [ Mike Hommey ] + * layout/build/Makefile.in: Properly get cairo lib dependencies for arch + where we build with a libgklayout.so, such as mips. + + [ Eric Dorland ] + * debian/control: + - Add Vcs-* headers. + - Use binary:Version rather than Source-Version where appropriate. + + -- Eric Dorland <eric@debian.org> Tue, 27 Nov 2007 03:13:22 -0500 + +iceweasel (2.0.0.9-2) unstable; urgency=low + + * configure, configure.in, content/canvas/src/Makefile.in, + layout/svg/renderer/src/cairo/Makefile.in, + config/static-config.mk, config/autoconf.mk.in: Properly get cairo lib + dependencies and don't rely on GTK bringing them, which just don't + happen anymore (see #343711). Patch adapted from bz#344818. + * debian/rules: Add -l option to dh_shlibdeps call so that private libraries + are properly found by newest dpkg-shlibdeps. Also removed useless call to + dh_shlibdeps in build-indep target. + * debian/control: Build depend on non broken versions of dpkg-dev. + (Closes: #452312) + + -- Mike Hommey <glandium@debian.org> Fri, 23 Nov 2007 20:40:22 +0100 + +iceweasel (2.0.0.9-1) unstable; urgency=low + + * New upstream release. (Closes: #449195) + + -- Eric Dorland <eric@debian.org> Sun, 04 Nov 2007 22:53:03 -0500 + +iceweasel (2.0.0.8-1) unstable; urgency=low + + * New upstream release. + - Fixes the following security issues: CVE-2007-4841, CVE-2007-5338, + CVE-2007-5337, CVE-2007-5334, CVE-2007-3511, CVE-2006-2894, + CVE-2007-2292, CVE-2007-1095, CVE-2007-5339, CVE-2007-5340. + (Closes: #445514, #438873) + + -- Eric Dorland <eric@debian.org> Sat, 20 Oct 2007 02:04:01 -0400 + +iceweasel (2.0.0.7-2) unstable; urgency=low + + * gfx/src/gtk/gtk2drawing.c: Add patch from bz#389801 for gtk problems + with gtk 2.12. (Closes: #444149) + + -- Eric Dorland <eric@debian.org> Thu, 27 Sep 2007 22:26:44 -0400 + +iceweasel (2.0.0.7-1) unstable; urgency=low + + * The "pointlessly following upstream" release. + * New upstream security release, fixes a Windows only vulnerability. + + * debian/iceweasel.menu: Drop the Web Browser menu hint in the face of + the menu reorg. (Closes: #435106) + * debian/debsearch.src: Fix for new packages.debian.org, thanks Hristo + Hristov. (Closes: #440826) + * debian/wikipedia-en.xml: Update to newer Wikipedia search engine + plugin. (Closes: #443465) + * debian/iceweasel.NEWS: Remove, it is now quite outdated. (Closes: #434526) + * debian/control, debian/iceweasel.postinst: Add dependency on procps, + and check if firefox is running before printing the message about + restarting. (Closes: #435119) + * configure.in, configure: Steal asac's patch to work around visibility + issues in gcc 4.2. (Closes: #428282) + + -- Eric Dorland <eric@debian.org> Mon, 24 Sep 2007 00:07:12 -0400 + +iceweasel (2.0.0.6-1) unstable; urgency=high + + * New security/stability upstream release (v2.0.0.6) + * MFSA 2007-26 aka CVE-2007-3844 + * MFSA 2007-27 aka CVE-2007-3845 + * debian/remove.nonfree: Also remove DLLs we don't have source for. + + -- Mike Hommey <glandium@debian.org> Wed, 01 Aug 2007 08:30:37 +0200 + +iceweasel (2.0.0.5-2) unstable; urgency=high + + * configure, configure.in: Make sure we won't be bitten by upstream + changing libjpeg, libpng or zlib internal version, which makes system + library not used even though --with-system-* argument is given to + configure. This time, it happened with libpng. + * uriloader/exthandler/unix/nsGNOMERegistry.cpp: Remove an include that + should have been removed earlier. + + -- Mike Hommey <glandium@debian.org> Sat, 21 Jul 2007 22:15:43 +0200 + +iceweasel (2.0.0.5-1) unstable; urgency=high + + [ Mike Hommey ] + * New security/stability upstream release (v2.0.0.5) + * MFSA 2007-18 aka CVE-2007-3734 (browser), CVE-2007-3735 (Javascript) + * MFSA 2007-19 aka CVE-2007-3736 + * MFSA 2007-20 aka CVE-2007-3089 + * MFSA 2007-21 aka CVE-2007-3737 + * MFSA 2007-22 aka CVE-2007-3285 + * MFSA 2007-24 aka CVE-2007-3656 + * MFSA 2007-25 aka CVE-2007-3738 + * config/system-headers, config/Makefile.in: Add system wrapper for + hunspell.hxx. + (Partially fixes #428282) + + [ Eric Dorland ] + * debian/iceweasel.menu: Change section for the new menu hierarchy. + + -- Mike Hommey <glandium@debian.org> Thu, 19 Jul 2007 23:30:11 +0200 + +iceweasel (2.0.0.4-1) unstable; urgency=low + + * New upstream release. (Closes: #427785) + * Fixes mfsa-2007-{12-14}, mfsa-2007-{16-17}, also known as + CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, + CVE-2007-2870, CVE-2007-2871. + * uriloader/exthandler/unix/nsOSHelperAppService.cpp: Revert our changes + that are deprecated by upstream changes. + * uriloader/exthandler/unix/nsGNOMERegistry.h: Adapt so that our changes + build correctly. + * debian/iceweasel.desktop: Add Swedish translation. Thanks Daniel + Nylander. (Closes: #420051) + * security/manager/ssl/src/nsCertVerificationThread.cpp, + security/manager/ssl/src/nsSSLThread.cpp: Avoid some cpu wake ups in + PSM. bz#380558 + * modules/libpref/src/init/all.js: Set layout.css.dpi to 0 instead of -1. + Iceweasel will use system DPI and avoid using huge fonts on systems where + DPI < 96. (Closes: #409074) + * debian/control: + + Build depend on libnspr4-dev and libnss3-dev. + + Remove mozilla-firefox* and firefox* transition packages. + * debian/mozilla-firefox*, debian/firefox*: Removed. + * debian/rules: + + Use system nspr and nss. + + Don't shlibsign. + + Install symlinks for nspr and nss libraries in /usr/lib/iceweasel. + * shlibs.local: Force versioned dependencies on libnss because of our use + of the libnssckbi.so file under /usr/lib/nss which appeared in version + 3.11.5-1. + * extensions/reporter/resources/content/reporter/reporterOverlay.xul: + Put the "Report Broken Site" item before the about separator. + (Closes: #416190) + + -- Mike Hommey <glandium@debian.org> Sat, 09 Jun 2007 08:26:05 +0200 + +iceweasel (2.0.0.3-2) unstable; urgency=low + + * debian/README.Debian: ICEWEASEL_DSP default is none, not auto. + * debian/copyright: Updated part about removed files. + * configure, configure.in, config/autoconf.mk.in, + extensions/spellchecker/myspell/src/Makefile.in, + extensions/spellchecker/myspell/src/mozMySpell.h: Modified to have + system hunspell library used instead of myspell. (Closes: #400621) + * debian/rules: Replaced --enable-system-myspell with + --enable-system-hunspell. + * debian/control: Don't build depend on libmyspell-dev but on correct + version of libhunspell-dev. + * configure, configure.in: Apply fix from bz#366844 to avoid bashisms and + do better checks. + + -- Mike Hommey <glandium@debian.org> Fri, 23 Mar 2007 20:01:19 +0100 + +iceweasel (2.0.0.3-1) unstable; urgency=low + + * New upstream release. Fixes mfsa-2007-11. + * Cleaned up the orig.tar.gz from non-free files. + * debian/remove.nonfree: Added the script used to do the clean-up for + documentation purpose. + * uriloader/exthandler/unix/nsOSHelperAppService.cpp: Make MIME registry + use system mime.types when it doesn't get extensions from the Gnome + registry. This will make the helper configuration dialogs work better. + * debian/control: + + Build Conflict on graphicsmagick-imagemagick-compat to avoid bug + #413954. + + Bumped Standards-Version to 3.7.2.2. No changes. + * debian/iceweasel.install: Don't install iceweasel.png in + /usr/share/pixmaps. + * debian/rules: Install several icons in the hicolor theme. + * debian/iceweasel.links: + + Change links for /usr/share/pixmaps/firefox.png and + /usr/share/pixmaps/mozilla-firefox.png. + + Link some icons in iceweasel directories into the appropriate hicolor + directory. + + Make /usr/share/pixmaps/iceweasel.png a link to the appropriate hicolor + icon. + (Closes: #414012) + * browser/locales/en-US/searchplugins/answers.xml, + browser/locales/en-US/searchplugins/google.xml: Remove firefox branding in + search engines. Note the output=firefox is necessary for google + suggestions. (Closes: #414933) + + -- Mike Hommey <glandium@debian.org> Wed, 21 Mar 2007 20:29:33 +0100 + +iceweasel (2.0.0.2+dfsg-3) unstable; urgency=low + + * debian/iceweasel-runner: Fix the previous fix, so that arguments are not + doubled. (Closes: #413162) + * debian/Options.png.uu, debian/iceweasel.png.uu, debian/iceweasel48.png.uu, + debian/document.png.uu, debian/mozicon128.png.uu, debian/mozicon16.xpm, + debian/mozicon50.xpm, debian/default.xpm, debian/iceweasel.xpm: Removed. + * debian/iceweasel_icon.svg, debian/iceweasel_logo.svg: Added source SVG + files for the logo and the icon, and changed the color of the globe. + (Closes: #404882, #408108, #409035) + * debian/filter-globe.xsl: Added XSLT stylesheet to filter the globe out of + the icon. + * debian/about.png.uu, debian/aboutCredits.png.uu: Removed the logo and icon + from these, so that they can be used as a base to generate the final PNG + images, combined with the proper icon and logo. + * debian/control: Added build dependencies on librsvg-bin, xsltproc and + imagemagick to generate all appropriate images from the SVG files. + * debian/rules: Added rules to generate all the necessary images and clean + up generated images. + * debian/copyright: Added copyright for the svg files. + * debian/homepagereset.js: Custom component to reset the browser homepage + if it is set to the old localstart.html page from the mozilla-browser + package, which doesn't exist any more. (Closes: #410841) + * debian/iceweasel.install: Install the homepagereset component. + * browser/base/content/browserconfig.properties: Set home page to about:. + * toolkit/content/about.xhtml: Add links to about:bugs and + about:README.Debian to the about: page. Also remove the non-link to + upstream release notes. + * debian/about_debian.js: Custom component to add support for + about:README.Debian and about:bugs addresses. + * debian/iceweasel.install: Install the about_debian component. + * layout/base/nsPresContext.cpp, layout/base/nsPresContext.h: Fix for hang + up when switching GTK theme. bz#352096. Thanks Alexander Sack. + * debian/iceweasel.install, debian/iceweasel.links: Install the + browserconfig.properties file. + * debian/rules: Avoid compressing README.Debian for it to be seen in + about:README.Debian. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fixed test on OS_TEST so + that hppa stops using the unsupported stubs. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Update patch for Linux + ppc to match those on iceape and xulrunner. + * xpcom/typelib/xpidl/xpidl.c: Revert useless patch: xpidl is not installed + anymore. + * configure, configure.in: + + Reverted remainings of an old patch for pango that was reverted in + 2.0+dfsg-1. + + Update patch for zip check to match that of xulrunner. + * layout/generic/nsTextTransformer.h: Avoid freeze/crash when null + characters are present in justified text by discarding NULL characters + before displaying. bz#366902 I don't like to have the two backends do + different things, so we just unconditionally apply the workaround. (Stolen + from xulrunner) + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_m68k.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_m68k.cpp: Better patch + for m68k, from Modified by Roman Zippel. (Stolen from xulrunner) + * modules/libjar/nsJAR.h, modules/libjar/nsJAR.cpp: Invalidate cache for a + zip file that got modified. It will prevent corruption of the XUL FastLoad + cache when upgrade is performed while an instance of the application is + running. bz#368428. (Stolen from iceape and xulrunner) + * browser/base/content/baseMenuOverlay.xul: Removed "Release Notes" and + "Check for Updates" menu items from the Help menu. (Closes: #407508) + * debian/control: Added build dependencies on autotools-dev. + * debian/rules: Added rules to update config.guess and config.rules at + configure time, and remove the changes at clean time. + + -- Mike Hommey <glandium@debian.org> Sun, 4 Mar 2007 22:29:59 +0100 + +iceweasel (2.0.0.2+dfsg-2) unstable; urgency=low + + [ Mike Hommey ] + * debian/iceweasel-runner: Use of a dummy argument is useless now set -- is + being used. Plus, it avoids an ill side effect of now using set --. + (Closes: #412344, #412404, #412418, #412585, #412711, #412746, #412876) + + [ Eric Dorland ] + * debian/iceweasel-runner: + - Patch from Sam Pennyto fix firefox reference. Clean up wording a + bit too. (Closes: #412475) + - Don't lose $prev in some cases. Thanks Loic Grenie. + + -- Eric Dorland <eric@debian.org> Fri, 2 Mar 2007 03:36:58 -0500 + +iceweasel (2.0.0.2+dfsg-1) unstable; urgency=high + + * New upstream release. Fixes security vulnerabilities: CVE-2007-0775, + CVE-2007-0776, CVE-2007-0777, CVE-2007-0995, CVE-2006-6077, + CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, + CVE-2007-0008, CVE-2007-0009, CVE-2007-0981. + * browser/app/firefox-branding.js: Set app.releaseNotesURL to the + correct url for release notes. (Closes: #411226) + * debian/iceweasel-runner: Use set -- everywhere. Thanks Loic Grenie. + + -- Eric Dorland <eric@debian.org> Sun, 25 Feb 2007 06:08:04 -0500 + +iceweasel (2.0.0.1+dfsg-4) unstable; urgency=low + + * debian/iceweasel.menu: Add a longtitle. + * browser/app/nsBrowserApp.cpp, toolkit/xre/nsXULAppAPI.h, + toolkit/xre/nsAppRunner.cpp: Add a new displayName field and set it to + "Iceweasel". Use it in a number of places instead of name for + display. (Closes: #411493) + + -- Eric Dorland <eric@debian.org> Tue, 20 Feb 2007 18:33:58 -0500 + +iceweasel (2.0.0.1+dfsg-3) unstable; urgency=high + + * debian/README.Debian: Fix typo, thanks Joey "I See All!" + Hess. (Closes: #407366) + * debian/presubj: Fix embarrassing typos and wording. Thanks Ross + Boylan. (Closes: #407726) + * debian/iceweasel.1: Mention "aoss" as a dsp wrapper, and fix esd and + arts references. Thanks Alain Kalker. (Closes: #407662) + * intl/unicharutil/util/nsUnicharUtils.h: Patch from David + Mosberger-Tang to fix unaligned access on ia64. + * browser/app/nsBrowserApp.cpp: Fix another Firefox reference. Thanks + Ben Stewart (Closes: #408883) + * browser/app/firefox-branding.js: Set startup.homepage_override_url and + startup.homepage_welcome_url to "" to really disable the upgrade page + overrides. (Closes: #407533) + * debian/control: Call iceweasel-gnome-support a component rather than an + extension. Thanks Axel Beckert. (Closes: #409950) + * gfx/src/gtk/nsFontMetricsPango.cpp: Patch from bz#335810 to preserve + horizontal position in text input fields. (Closes: #409634, 406612) + * netwerk/base/src/nsSimpleURI.cpp, netwerk/base/src/nsStandardURL.cpp, + netwerk/base/src/nsURLHelper.cpp: Fix for security bug CVE-2007-0981 + from bz#370445. (Closes: #411192) + + -- Eric Dorland <eric@debian.org> Sun, 18 Feb 2007 20:56:27 -0500 + +iceweasel (2.0.0.1+dfsg-2) unstable; urgency=high + + [ Eric Dorland ] + * debian/rules: Use chmod a-x instead of just -x. (Closes: #404548) + * browser/locales/en-US/chrome/browser/credits.dtd, + browser/base/content/credits.xhtml: Remove trademark symbol and fix + the motto. (Closes: #404945) + * debian/control: Remove recommends added into the previous version, + libmyspell already has them. + * security/nss/lib/freebl/unix_rand.c: #undef DO_NETSTAT instead of just + setting it to 0, to really stop it from running netstat. (Closes: + #405531) + * browser/base/content/browserconfig.properties: Change the default + start homepage to http://www.debian.org/. + * browser/app/firefox-branding.js: Set + "browser.startup.homepage_override.mstone" to "ignore" to prevent + annoying Firefox branded firstrun and upgrade pages. (Closes: #404649) + * debian/README.Debian: Document why we're now called + Iceweasel. (Closes: #399814) + * debian/copyright: Indicate that the debian directory is licensed like + firefox, under the GPL/LGPL/MPL. (Closes: #406846) + + [ Mike Hommey ] + * debian/iceweasel-runner: Removed bashisms. + * debian/README.Debian: Updated information about ICEWEASEL_DSP setting and + java plugin. Also replaced Firefox by Iceweasel where appropriate. + * debian/iceweasel.links: Removed /usr/{lib|share}/firefox links. + (Closes: #404733) + + -- Eric Dorland <eric@debian.org> Tue, 16 Jan 2007 00:02:34 -0500 + +iceweasel (2.0.0.1+dfsg-1) unstable; urgency=high + + [ Eric Dorland ] + * New upstream release. Fixes mfsa-2006-{68-73,74,75} also known as + CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500, + CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, + CVE-2006-6506, CVE-2006-6507. + * directory/c-sdk/ldap/docs/draft-ietf-ldapext-ldap-c-api-05.txt, + netwerk/protocol/ftp/doc/rfc959.txt: Removed from the orig.tar.gz + because of freeness issues. (Closes: #400339, #393370) + * debian/copyright: Update to list the files removed from the upstream + tarball. + + * browser/locales/en-US/updater/updater.ini, + browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in, + browser/locales/en-US/chrome/overrides/appstrings.properties, + browser/components/nsBrowserGlue.js, + toolkit/locales/en-US/chrome/mozapps/extensions/extensions.properties: + Rename Firefox to Iceweasel. (Closes: #399656, #400721) + * browser/locales/en-US/chrome/browser/aboutDialog.dtd, + browser/base/content/credits.xhtml: Remove references to Firefox + trademarks. + * debian/wikipedia-en.xml, debian/wikipedia.gif.uu, + debian/wikipedia.src, debian/iceweasel.install, debian/rules: Add new + style Wikipedia search plugin and remove old one. + * debian/presubj: Fix references to Firefox. (Closes: #399817) + * debian/control: + - Clearify relationship to Firefox in the Iceweasel description. + (Closes: #399678) + - Add Recommends on some myspell dictionaries. (Closes: #400622) + * debian/iceweasel-dom-inspector.links: Fix mistaken link to + /usr/lib/firefox. (Closes: #399631) + * browser/locales/en-US/chrome/browser/preferences/advanced.dtd: Fix + accelerator key for "Iceweasel". (Closes: #400308) + * debian/iceweasel.1: + - Fix some incorrect references to Firefox. Thanks Chris Neugebauer. + (Closes: #400708) + - ICEWEASEL_DSP default is none, not auto. Thanks Rafal Rutkowski. + * debian/debsearch.png.uu, debian/debsearch.gif.uu, + debian/iceweasel.install, debian/rules: Install a .png version of the + debsearch logo, with better transparency. Thanks Daniel Hess. (Closes: + #400248) + * debian/iceweasel-runner: Fix ICEWEASEL_DSP set from the + environment. Thanks Rafal Rutkowski. (Closes: #404356) + + [ Mike Hommey ] + * debian/watch: Updated for non experimental versions. + * browser/base/branding/searchconfig.properties: Replaced firefox with + iceweasel. + * debian/firefox.prerm, debian/firefox.postinst: Removed. (Closes: #402407) + * debian/firefox/preinst: Remove old generated files from firefox. + * debian/iceweasel-gnome-support.postinst, debian/iceweasel.prerm, + debian/iceweasel-gnome-support.prerm: Replaced firefox by iceweasel. + * configure, configure.in: Fix OS_TARGET so that it is correctly set + to Linux for things that expect this value instead of linux-gnu, such as + the extensions manager (Closes: #401987) + * debian/iceweasel.preinst: Applied patch from Peter Green to fix some + issues with upgrades where doesn't /etc/firefox contain firefox's config + files for some reason (Closes: #399670). Also replace FIREFOX with + ICEWEASEL in /etc/iceweasel/iceweaselrc. + + [ Alexander Sack ] + * debian/default.xpm, debian/mozicon16.xpm, debian/mozicon50.xpm, + debian/iceweasel.png.uu, debian/about.png.uu, debian/mozicon128.png.uu, + debian/document.png.uu, debian/iceweasel48.png.uu, debian/Options.png.uu + debian/aboutCredits.png.uu: Added unicko iceweasel artwork. + * debian/iceweasel.install: installing appropriate artwork files from + above to /usr/share/iceweasel/chrome/icons/default and + /usr/share/iceweasel/icons/. + * debian/rules: uudecoding artwork files from above. Installing appropriate + files in build tree in 'build-stamp' and cleaning them up in 'clean' + + -- Eric Dorland <eric@debian.org> Mon, 25 Dec 2006 15:30:04 -0500 + +iceweasel (2.0+dfsg-1) unstable; urgency=low + + * New upstream release. This release dedicated to Mike Connor. + + [ Eric Dorland ] + * Too many renames of firefox to iceweasel to count. + * debian/iceweasel.desktop: Remove duplicate pt_BR entries and replace + Firefox with Iceweasel. + * debian/iceweaselrc: Rename FIREFOX_DSP to ICEWEASEL_DSP. + * configure.in: MOZ_APP_DISPLAYNAME=Iceweasel. + * config/autoconf.mk.in: Set mozappdir to /usr/lib/iceweasel. + * debian/iceweasel.preinst: Copy /etc/firefox into /etc/iceweasel + * modules/libpref/src/init/all.js: Use iceweasel.cfg instead of + firefox.cfg. + * iceweasel.png.uu: Generate iceweasel.png, not firefox.png. + * browser/locales/en-US/chrome/branding/brand.properties, + browser/locales/en-US/chrome/branding/brand.dtd: Switch Bon Echo to + Iceweasel. + + [ Mike Hommey ] + * gfx/src/gtk/mozilla-decoder.cpp, config/autoconf.mk.in: Revert changes + for pangocairo support, since we solved the build problem by correctly + detecting pangoxft instead. + * debian/control: Suggest libkrb53 for kerberos authentication. + * modules/libpr0n/build/Makefile.in: Add empty line at the end to avoid + useless change to show up in the diff. + * security/nss/lib/freebl/unix_rand.c: Stole patch from Ubuntu that adapted + the previous changes to the new version of the upstream file. + * modules/libpref/src/init/all.js: Stole patch from Ubuntu that changes some + default fonts from serif to sans-serif. + * debian/rules: + + Set distribution id to 'org.debian'. + + Force the build to have a "correct" build ID. + * browser/components/feeds/src/FeedWriter.js: Patch from bz#343360 to make + feed subscription and preview work properly. (Closes: #387639) + + -- Eric Dorland <eric@debian.org> Mon, 13 Nov 2006 23:18:40 -0500 + +firefox (2.0~rc1+dfsg-1) experimental; urgency=low + + [ Eric Dorland ] + * New upstream release candidate release. + + [ Mike Hommey ] + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Revert patch from version + 1.5.0.6-5, the problem was configure.in changes not applied in configure, + which was already done on this branch anyways. + Adapted to not build the ppc_linux code for ppc64, though. + * debian/watch: Updated watch file for new version scheme. + * config/make-jars.pl: Applied patch from bz#336056 to allow ~ in the + destination directory (which is required since we now have a ~ in the + main firefox directory name). + * gfx/src/ps/nsFontMetricsPS.cpp: Applied patch from Alexander Sack to fix + crashes while printing. (Closes: #389724) + + -- Mike Hommey <glandium@debian.org> Sat, 7 Oct 2006 09:23:12 +0200 + +firefox (1.5.dfsg+1.5.0.7-1) unstable; urgency=high + + * New upstream release. Urgency high because it fixes security issues. + * editor/libeditor/text/nsPlaintextEditor.cpp: Quite likely reverted the + OverTheSpot patch, did not feel confident reapplying it with the + upstream changes in this file. Please submit an updated patch to get + it back. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Slightly puzzling patch + from Andreas Jochens to make firefox compile on ppc64 again. (Closes: + #387423) + + -- Eric Dorland <eric@debian.org> Mon, 18 Sep 2006 01:55:57 -0400 + +firefox (1.5.dfsg+1.5.0.6-5) unstable; urgency=high + + * Severity high because we fix an RC bug. + * debian/control: Adjust mozilla-firefox-dom-inspector for binNMU safety + as well. + * debian/firefox.desktop: Patch from Yavor Doganov to add a Bulgarian + translation. (Closes: #386988) + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: Fix slight mistake in + Mike's previous patch that misrecognized ppc arches. Thanks Markus for + the patch. (Closes: #386367) + + -- Eric Dorland <eric@debian.org> Wed, 13 Sep 2006 01:45:20 -0400 + +firefox (1.5.dfsg+1.5.0.6-4) unstable; urgency=high + + [ Eric Dorland ] + * Urgency still high, as we're still trying to get into testing. + * debian/firefox.desktop: Patch from Nick Niktaris with Greek + translation. (Closes: #384678) + * debian/control: Add Suggests on mozplugger. (Closes: #384382) + + [ Mike Hommey ] + * debian/control: Adjust dependencies for binNMU safety. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in, configure.in, configure: + Use ${host_cpu} instead of uname -m so that firefox can safely build on + s390x with a s390 target, and on amd64 with an x86 target. + * uriloader/exthandler/unix/nsGNOMERegistry.cpp, + uriloader/exthandler/unix/nsGNOMERegistry.h, + uriloader/exthandler/unix/nsOSHelperAppService.cpp, + uriloader/exthandler/unix/nsMIMEInfoUnix.cpp, + uriloader/exthandler/unix/nsMIMEInfoUnix.h: Adapted patch from bz#273524 to + make helper applications with parameters work. (Closes: #355511) + * debian/watch: Updated. + + -- Eric Dorland <eric@debian.org> Mon, 4 Sep 2006 23:25:44 -0400 + +firefox (1.99+2.0b2+dfsg-1) experimental; urgency=low + + * New upstream beta release. + + * extensions/inspector/build/src/Makefile.in, + extensions/inspector/build/src/inspector.pkg, + extensions/inspector/build/src/nsInspectorModule.cpp: Removed, the problem + was lying in debian/rules. /me goes hiding under a rock. + * layout/inspector/public/Makefile.in: Reverted previous changes. + * debian/rules: Don't exclude inspector files when dh_installing the firefox + package. We need the inspector.xpt file from the components directory. The + files for the dom-inspector package are already excluded from the + firefox.install file anyway. + * debian/firefox-dom-inspector.install, + debian/firefox-dom-inspector.links: Simplified. + * debian/control: + + Turn firefox-dom-inspector into an arch: all package, since the binary + component has been merged into the firefox binary. + + Adjust dependencies for binNMU safety. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in, configure.in, configure: + Use ${host_cpu} instead of uname -m so that firefox can safely build on + s390x with a s390 target, and on amd64 with an x86 target. + * uriloader/exthandler/unix/nsGNOMERegistry.cpp, + uriloader/exthandler/unix/nsGNOMERegistry.h, + uriloader/exthandler/unix/nsOSHelperAppService.cpp, + uriloader/exthandler/unix/nsMIMEInfoUnix.cpp, + uriloader/exthandler/unix/nsMIMEInfoUnix.h: Adapted patch from bz#273524 to + make helper applications with parameters work. (Closes: #355511) + * debian/copyright: Adjusted with updated information for firefox 2.0, which + is now properly tri-licensed \o/. (Closes: #330295) + * debian/rules: Install the MPL file taken from the upstream LICENSE file. + * debian/watch: Updated. + + -- Mike Hommey <glandium@debian.org> Fri, 1 Sep 2006 08:36:26 +0200 + +firefox (1.5.dfsg+1.5.0.6-3) unstable; urgency=low + + * browser/app/Makefile.in: Workaround to force link the xpcom library to + the firefox binary despite -Wl,--as-needed in the LDFLAGS. + (Closes: #378667) + * debian/firefox.install: Don't install xpt_link, xpt_dump, xpidl, + xpicleanup, xpcshell nor regxpcom. They are of no use to firefox users and + are provided with xulrunner anyway. (Closes: #362190) + + -- Mike Hommey <glandium@debian.org> Sun, 20 Aug 2006 19:49:25 +0200 + +firefox (1.5.dfsg+1.5.0.6-2) unstable; urgency=low + + * debian/firefox.desktop: + - Polish translation from Ian Jackson by way of an Ubuntu user. + (Closes: #382079) + - Patch from Ian Jackson to stop claiming dav:// URLs when firefox + doesn't understand them. (Closes: #382080) + * editor/libeditor/text/nsPlaintextEditor.cpp: Apply patch from + bz#271815 to fix OverTheSpot mode used by many Asian language input + modules. (Closes: #379935) + + -- Eric Dorland <eric@debian.org> Tue, 15 Aug 2006 00:09:55 -0400 + +firefox (1.5.dfsg+1.5.0.6-1) unstable; urgency=low + + * New upstream release. + + -- Eric Dorland <eric@debian.org> Thu, 3 Aug 2006 13:17:45 -0400 + +firefox (1.5.dfsg+1.5.0.5-1) unstable; urgency=high + + [ Eric Dorland ] + * New upstream release. Urgency high because it fixes MFSA 2006-44 to + MFSA 2006-56 excluiding MFSA-2006-49. (Closes: #380463) + + [ Mike Hommey ] + * debian/firefox.prerm: Remove /usr/lib/firefox/.autoreg instead of + /var/lib/firefox/.autoreg. + * browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in: + Removed very old and now useless changes. + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_alpha.cpp: Removed + useless new line that showed up in the diff.gz. + + -- Eric Dorland <eric@debian.org> Sun, 30 Jul 2006 17:08:38 -0400 + +firefox (1.99+2.0b1+dfsg-1) experimental; urgency=low + + * New upstream beta targetted at experimental: + - Much better search plugins handling. They can be added and removed at + will, and even better, system-wise search plugins can be ignored at the + profile level. (Closes: #352195, #320957, #296425, #308005) + * browser/components/shell/src/Makefile.in: Correctly install the + setDefaultBrowser component. + * config/rules.mk: Don't install extensions in the chrome. + * debian/firefox.links: Link /usr/lib/firefox/dictionaries to + /usr/share/myspell/dicts. + * config/autoconf.mk.in, configure, configure.in: Add the + --enable-system-myspell argument to configure to use the system myspell + library. + * extensions/spellcheck/myspell/src/Makefile.in: Use the system myspell + library when asked to. + * debian/rules: + - Add --enable-system-myspell to configure call. + - Do shlibsign libfreebl's (there can be several depending on the arch). + * debian/control: Add libmyspell-dev to build dependencies. + * browser/components/microsummaries/src/Makefile.in, config/Makefile.in: + Add rules so that make clean cleans everything. + * allmakefiles.sh: Removed references to nonexisting Makefiles in + extensions/xmlextras/base. + * configure, configure.in: Apply patches from bz#334866, bz#319012 and + bz#335949 + fixups to workaround gcc visibility hidden bugs, especially + #331460 (an instance of which is actually still present in C++, + see gcc#26905). + * extensions/inspector/build/src/Makefile.in, + extensions/inspector/build/src/inspector.pkg, + extensions/inspector/build/src/nsInspectorModule.cpp: Added missing files + for the DOM Inspector component. + * extensions/inspector/build/src/Makefile.in, + layout/inspector/public/Makefile.in: Adapted so that the DOM Inspector + component would build correctly and the xpt would be installed in + the extensions directory. + * extensions/reporter/Makefile.in: Install missing reporter's preference. + + -- Mike Hommey <glandium@debian.org> Fri, 21 Jul 2006 07:05:25 +0200 + +firefox (1.5.dfsg+1.5.0.4-3) unstable; urgency=low + + [ Eric Dorland ] + * debian/control: + - Fix silly typo of binutils. (Closes: #378582) + - Standards-Version to 3.7.2.1. + + [ Mike Hommey ] + * debian/rules: + - Use a specific LD_LIBRARY_PATH at link time so that we don't need to + link against indirect dependencies. (Closes: #378378) + - Run shlibsign after the files are stripped so that it is accurate and + FIPS mode can correctly work. + - Removed old commented out OPTFLAGS that were kept in case gcc 4.0 did + no better than gcc 3.x. + - Removed old exported variables that are useless nowadays. + - Removed dh_strip call in binary-indep. Who wants to strip + arch-independant files ;) + * debian/presubj: Added notes about plugins and crash reports. + * security/manager/Makefile.in, security/nss/cmd/shlibsign/Makefile: + Don't build nor install the .chk files but still build shlibsign. + * debian/firefox.install: Don't install .chk files since we generate them + after dh_strip. + * security/nss/cmd/shlibsign/manifest.mn: Don't build in shlibsign/mangle. + It doesn't build anyway. + + -- Eric Dorland <eric@debian.org> Wed, 19 Jul 2006 23:56:22 -0400 + +firefox (1.5.dfsg+1.5.0.4-2) unstable; urgency=low + + [ Eric Dorland ] + * netwerk/base/public/security-prefs.js: Disable SSLv2 by default. I + thought the weak cipher warning took care of this. (Closes: #371153) + * debian/firefox-runner: Simplify the dsp autodetection and add aoss to + the roster. (Closes: #372848) + * firefox-restart-required.update-notifier, firefox.postinst, + firefox.install: Add update-notifier to indicate that firefox needs to + be restarted on upgrade. Based on Ian Jackson's patch, but reworked a + little. Also with a bad French translation. Translators, assemble! + (Closes: #365865) + * config/rules.mk, debian/control: Apply patch from Thiemo Seufer to + remove mips -xgot hack and build depend on the appropriate binutils on + mips and mipsel. (Closes: #374372) + * debian/presubj, debian/README.Debian: Add a bit more information about + disabling Pango, which often seems to be the source of problems. + * debian/firefox-runner: + - Print out MOZ_NO_REMOTE in verbose mode. + - Fix some unreachable logic, Thanks Daniel Jacobowitz. + + [ Mike Hommey ] + * debian/rules: + - Fix for Gecko date extraction from client.mk. + - Disabled strict aliasing from optimized builds. + - Added -Wl,--as-needed to the LDFLAGS, so that we don't get indirect + libraries linked. + * config/static-config.mk: Add MOZ_XFT_LIBS to STATIC_EXTRA_LIBS. It used to + get linked as a side effect of linking to indirect libraries, but should + be linked directly since Xft symbols are used. + * debian/firefox-restart-required.update-notifier: Fixed the french + translation. ;) + * content/html/content/src/nsGenericHTMLElement.cpp, + content/html/content/src/nsHTMLInputElement.cpp, + dom/src/base/nsGlobalWindow.cpp: Fixed crasher and potential crashers. + Reported bz#343953. + + -- Eric Dorland <eric@debian.org> Sun, 9 Jul 2006 02:37:28 -0400 + +firefox (1.5.dfsg+1.5.0.4-1) unstable; urgency=low + + * The "Post-DebConf Hangover" release. + + [ Eric Dorland ] + * New upstream release. Fixes various security issues. MFSA 2006-31 to + MFSA 2006-43, excluding MFSA 2006-40. + * debian/control: + - Standards-Version to 3.7.2.0. + - Set priority of -dbg to extra and Section to devel. + * gfx/src/gtk/nsFontMetricsPango.cpp, + intl/lwbrk/src/nsJISx4501LineBreaker.cpp, + intl/unicharutil/util/nsUnicharUtils.h, + intl/unicharutil/util/nsUnicharUtils.cpp, + layout/generic/nsTextFrame.cpp: Patch from Jurij Smakov (from + bz#161826) to fix alignment issues on sparc64. (Closes: #354725) + + [ Mike Hommey ] + * Applied distclean patch from xulrunner (in + debian/patches/01_distclean.dpatch), except for the javaxpcom stuff we + don't build anyway. + * browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}, + config/static-rules.mk: More cleaning for firefox. + * nsprpub/configure: Apply change to nsprpub/configure.in. + (Closes: #350616) + * gfx/src/gtk/nsFontMetricsPango.cpp: Some more changes so that it + actually builds without errors, and use PR_Malloc and PR_Free instead + of malloc and free. + + -- Eric Dorland <eric@debian.org> Fri, 2 Jun 2006 12:13:18 -0400 + +firefox (1.5.dfsg+1.5.0.3-2) unstable; urgency=low + + * debian/firefox.desktop: Add spanish translation, just in time for + DebConf 6! Thanks Ian Jackson. (Closes: #365870) + * debian/firefox-runner: Actually apply the patch from Morita Sho in + #364566. I'm a moron. (Closes: #365956, #365960) + * debian/control: Standards-Version to 3.7.1.0. Go policy team! + + -- Eric Dorland <eric@debian.org> Thu, 4 May 2006 01:38:18 -0400 + +firefox (1.5.dfsg+1.5.0.3-1) unstable; urgency=critical + + * The "secure enough for ya!" release. + * New upstream release. Contains security fixes, hence severity + critical. + - Fixes CVE-2006-1993 aka MFSA 2006-30. (Closes: #364810) + + [ Mike Hommey ] + * security/manager/Makefile.in, debian/firefox.install: Build and + install the .chk file again. That will make the FIPS mode work again. + * debian/control: Bumped Standards-Version to 3.7.0.0. No changes. + * debian/rules: Fix the navigator.ProductSub value for dumb scripts. + Closes: #364640, #365099. We now use the date of the client.mk file, + which is likely to be the closest value to the release date, instead of + useless build date. + Add the debian version after the firefox version string. + * debian/rules: Use dpkg-architecture to find out the host and build that + we want to pass to the configure script. (Closes: #365738) + + [ Eric Dorland ] + * debian/firefox-runner: + - Quote the APPLICATION_ID variable to handle profiles with a space + in the name. Inspired by Morita Sho's patch. (Closes: #364566) + - echo MOZ_DISABLE_PANGO on verbose. + * debian/rules: It's baaaackkk. Reenable xprint. + + -- Eric Dorland <eric@debian.org> Wed, 3 May 2006 00:32:49 -0400 + +firefox (1.5.dfsg+1.5.0.2-3) unstable; urgency=low + + * debian/rules, debian/control: Build the -dbg package again. + * debian/firefox.1: Fix some incorrect references to mozilla. Thanks + Loïc Minier. (Closes: #364101) + * debian/firefox-runner: Patch from Mikhail Gusarov to be able to use + Network Audio Server's dsp wrapper. (Closes: #363124) + * debian/firefox.install: Fix screwed up path to firefox.xpm. (Closes: + #364359) + * debian/README.Debian: Document that firefox doesn't allow connections + on certain ports. Thanks W. Borgert. (Closes: #362785) + + -- Eric Dorland <eric@debian.org> Sun, 23 Apr 2006 22:41:15 -0400 + +firefox (1.5.dfsg+1.5.0.2-2) unstable; urgency=critical + + * The "ftp-master's aren't my friends today" release. + * debian/rules, debian/control: Don't build the -dbg package for now, to + get around NEW queue processing. + + -- Eric Dorland <eric@debian.org> Thu, 20 Apr 2006 22:33:18 -0400 + +firefox (1.5.dfsg+1.5.0.2-1) unstable; urgency=critical + + [ Eric Dorland ] + * New upstream release. Contains security fixes, hence severity + critical. + - Fixes the following vulnerabilites (Thanks Alexander Sack for + compiling the list): CVE-2006-1724, CVE-2006-0884, + CVE-2006-1730, CVE-2006-1729, CVE-2006-1728, CVE-2006-1727, + CVE-2006-1045, CVE-2006-0748, CVE-2006-1726, CVE-2006-1725, + CVE-2005-2353. (Closes: #362656) + * debian/firefox-runner: Patch from Paul Collins to fix some lingering + ProfileManager launch issues. (Closes: #356250) + * browser/components/preferences/privacy.xul, + browser/locales/en-US/chrome/browser/preferences/preferences.dtd: + Patch from Ian Jackson to make the preferences window bigger for + people with high rez displays. His changelog entry reads: + * Make Preferences window not chop off various elements: + - specify a width of 50em instead of 42em + - do not specify a height + - add another <separator/> to the bottom of privacy.xul's prefpane. + I have no idea why this is necessary :-(. + Malone 36985. + * configure.in, configure: Small typo in configure.in that wasn't + setting TARGET_XPCOM_ABI properly and breaking binary extensions on + some arches. (Closes: #359228) + + [ Mike Hommey ] + * debian/rules: Disable elf-dynstr-gc, which is pretty useless nowadays. + * security/coreconf/rules.mk: Fix perl code that got broken by newer make. + Taken from bz#325148. + * browser/app/Makefile.in: Apply patch from bz#314927 to install default.xpm + in the correct place. + * debian/rules, debian/firefox.dirs, debian/firefox.install: Updated to fit + this change. + * security/coreconf/rules.mk: Force use of the -g flag in the CFLAGS. + + -- Eric Dorland <eric@debian.org> Sun, 16 Apr 2006 18:40:02 -0400 + +firefox (1.5.dfsg+1.5.0.1-5) unstable; urgency=low + + [ Mike Hommey ] + * debian/rules: + - Add -g to the build flags when building with DEB_BUILD_OPTIONS=nostrip. + If we ask for nostrip, we want the debugging + symbols, right? ;) + - Changed the way we identificate ourselves in vendor.js. + * layout/build/Makefile.in, layout/build/nsLayoutModule.cpp: Remove useless + useragent setter at startup so that general.useragent.product and + general.useragent.productSub set in our vendor.js preference file work at + startup time. + * security/coreconf/Linux.mk: + - Patch from Martin Michlmayr for mips64 builds. + - Don't use x86 as CPU_ARCH when building on an unsupported architecture. + * security/manager/Makefile.in, security/nss/lib/ckfw/builtins/Makefile, + security/nss/lib/manifest.mn: Don't build the stuff we don't need, and + dynamically link libnssckbi to both libplc4 and libplds4 instead of + linking statically. + * debian/firefox.postinst, debian/firefox.prerm, + debian/firefox-gnome-support.postinst, debian/firefox-gnome-support.prerm: + Touch a .autoreg file at configure time, or removal of gnome-support and + remove it with the package. This will trigger autoregistration of the + components if the compreg.dat and xpti.dat files are older than the + .autoreg file. We used to remove compatibility.ini for that reason, but + stopped doing that because firefox was supposed to do that correctly, + which actually only correctly works on new upstream versions, not new + debian revisions, or installation of gnome-support. + * xpfe/components/killAll/Makefile.in: Correctly install the killAll + component. + + [ Eric Dorland ] + * debian/control: + - Set Section of firefox-gnome-support and + mozilla-firefox-gnome-support to gnome. + - Standards-Version to 3.6.2.2. + - debhelper build-dep to >= 5.0. + - Add firefox-dbg package. + * debian/compat: Set to 5. + * debian/rules: + - Remove silly CVS tarball cleanup target. + - Add arch-independant debhelper calls, and make other debhelper + calls arch-dependent. + - Add --dbg-package=firefox-dbg to dh_strip call. + - Always build with the -g flag. (Based on a change Mike made) + - Patch from Andreas Jochens to use -mminimal-toc when building on + ppc64. (Closes: #361035) + - Use --disable-strip, --disable-strip-libs in configure parameters. + Thanks Ian Jackson. + - Use .upstream instead of .orig to make it more clear and not + confuse the clean target. Thanks Ian Jackson. (Closes: #362186) + - Disable xprint support for now, while the Xorg 7 transition sorts + itself out. Should be reenabled next release. + * debian/firefox.xpm: Add more Debian compliant menu icon. + * debian/firefox.install, debian/rules: Install new Debian compliant + icon. + * debian/firefox.desktop: Add StartupNotify=true for pretty waiting + cursor. Thanks Sven Arvidsson. (Closes: #361527) + * debian/firefox-dom-inspector.preinst, + debian/firefox-dom-inspector.links, + debian/firefox-dom-inspector.install: Install non-architecture + specific bits of the inspector into /usr/share/firefox. + * debian/firefoxrc: Disable the dsp wrapper by default. esddsp is just + too buggy to allow this to continue. May reenable later if they clean + up their act. Leaving the bugs open for now. + * debian/firefox.NEWS: + - Document the dsp wrapper changes. + - Remove old mozilla-firefox entries. + * debian/firefox.1: Fix typo of firefox, thanks Andrew Rendle. (Closes: + #362413) + * debian/firefox.install: We don't get .chk files anymore for some + reason. + + -- Eric Dorland <eric@debian.org> Fri, 14 Apr 2006 15:52:41 -0400 + +firefox (1.5.dfsg+1.5.0.1-4) unstable; urgency=low + + [ Mike Hommey ] + * debian/firefox-runner, debian/firefox.1: Patch from Ian Jackson to + make -P, -CreateProfile and -ProfileManager options correctly work + again, and improve the manual page. (Closes: #356250) + * debian/firefox.desktop: + - Fix trivial syntax problems. (Closes: #356263) + - Added Japanese and Korean translations. + * debian/firefox.dirs: Removed remainings of the time when we had a file + in /usr/sbin. (Closes: #356268) + * debian/firefox-gnome-support.prerm, + debian/firefox-gnome-support.postinst: Removed bashisms. (Closes: + #349946) + * debian/README.Debian: + - Replaced the bug reporting information by an invitation to read + /usr/share/bug/firefox/presubj. (Closes: #356269) + - Changed the heading to "Firefox for Debian". + + [ Eric Dorland ] + * debian/firefox-gnome-support.postinst, + debian/firefox-gnome-support.prerm: Add forgotten #DEBHELPER# token. + + -- Eric Dorland <eric@debian.org> Sun, 12 Mar 2006 21:34:14 -0500 + +firefox (1.5.dfsg+1.5.0.1-3) unstable; urgency=low + + [ Eric Dorland ] + * debian/control: Use strict dependencies for the transition packages, + no reason a transition package should be upgraded before the real + package. + * debian/README.Debian: Fix all references to + /etc/mozilla-firefox/mozilla-firefoxrc. (Closes: #351956) + * debian/firefox.desktop: Patch from Ian Jackson to add more + translations and more inline with the GNOME HIG. (Closes: #351807) + * widget/src/gtk2/nsWindow.cpp: Apply new ignore extended mouse buttons + patch from Peter Colberg (Closes: #351972) + * debian/firefox.1: Lower case first letter of -ContentLocale. + * debian/firefox.1, debian/firefox-runner: Add -no-remote switch to turn + on MOZ_NO_REMOTE. Use it for profile related commands as + well. (Closes: #351717, #344849) + * wikipedia.gif.uu, wikipedia.src, rules, firefox.install: Patch from + Ian Jackson to add wikipedia search engine. (Closes: #354107) + + [ Mike Hommey ] + * modules/libpref/src/init/all.js: Set default fonts for all languages to + serif, sans-serif and monospace. It might solve a lot of fonts problems. + * config/config.mk, config/make-jars.pl, configure.in, + security/nss/lib/fortcrypt/swfort/pkcs11/config.mk, + extensions/inspector/Makefile.in: Allow building without zip when + building flat chrome. + * configure: Ran autoconf accordingly to changes in configure.in. + * debian/control: Removed build dependency on zip. + * debian/rules: Build flat chrome. + * debian/firefox.install: Changed wildcards accordingly. + * config/rules.mk: + + Don't build chromelist.txt files. + + Fixed "jar" build so that inspector files don't get duplicated in the + extension directory. + + -- Eric Dorland <eric@debian.org> Sun, 26 Feb 2006 11:45:15 -0500 + +firefox (1.5.dfsg+1.5.0.1-2) unstable; urgency=low + + [ Mike Hommey ] + * debian/firefox-runner: export MOZ_DISABLE_PANGO. (Closes: #351959) + * debian/README.Debian: changed reference to the rc file in /etc. + (Closes: #351956) + + [ Eric Dorland ] + * debian/firefox.preinst: Fix {}'s bashism. Thanks Jeff King. (Closes: + #351811) + * modules/libpref/src/init/all.js: Make print.postscript.print_command + space-safe. Thanks Ian Jackson. (Closes: #351809) + * debian/firefox-runner: Don't completely override + $MOZ_PLUGIN_PATH. Thanks Ian Jackson. (Closes: #351806) + + -- Eric Dorland <eric@debian.org> Thu, 9 Feb 2006 01:23:35 -0500 + +firefox (1.5.dfsg+1.5.0.1-1) unstable; urgency=low + + * The "those Ubuntu guys are great after all" release. + * New upstream release. (Closes: #351442) + + [ Mike Hommey ] + * debian/presubj: Added indications to try to reproduce without extensions + before actually filing a bug, and a hint to the safe mode. + * debian/firefox.install: added the reporter chrome files. (Closes: #344888) + * widget/src/gtk2/nsWindow.cpp: Revert additional stale patch for + extended mouse buttons support. + * debian/firefox.postinst, debian/firefox.prerm: unbashified. + (Closes: #349946) + * debian/control, debian/firefox-gnome-support.postinst, + debian/firefox-gnome-support.prerm: Let the firefox-gnome-support + package provide gnome-www-browser and handle a gnome-www-browser + alternative. Thanks Loïc Minier. (Closes: #350788) + * debian/firefox-runner: Enable Pango support by default. The + MOZ_ENABLE_PANGO environment variable is now useless. (Closes: #338716) + * debian/README.Debian: Change the paragraph about Pango to hint about + the MOZ_DISABLE_PANGO variable. + + [ Eric Dorland ] + * content/events/src/nsEventStateManager.cpp, + modules/libpref/src/init/all.js, widget/public/nsGUIEvent.h: Apply + patch from Ian Jackson to revert a stale patch for multiple mouse + button support that was fixed in a different way in 1.5 + (Closes: #348375) + * debian/firefox.preinst: Check md5sum's of old conffiles before cp'ing + them on upgrade. This won't stop all unnecessary conffile prompting in + all situations (especially from really old versions), but should + definitely should work for upgrading from testing or stable. (Closes: + #345112) + * debian/firefox.install: + - Remove run-mozilla.sh. (Closes: #348902) + - Reorganize things a bit. + - Move profile into /etc/firefox here, instead of in the rules file. + * debian/firefox.install, debian/firefox.preinst, debian/firefox.links, + debian/firefox.dirs, debian/rules: Move chrome, defaults, greprefs + into /usr/share/firefox for more FHS goodnesss. + * debian/firefox.1: Document -new-tab and -new-window options, and + remove deprecated -remote option. (Closes: #348699) + * debian/firefox-runner: Apply patch to properly URL escape local + files. Thanks Morita Sho. (Closes: #348451) + * browser/app/profile/firefox.js: + - Reallow 40-bit ciphers, since now firefox warns people who + use them. (Closes: #349624) + - Enable bidi UI elements for our bi-directional friends. + (Closes: #348069) + * debian/rules: Remove glob pattern from dh_install invocation. Thanks + Ian Jackson. (Closes: #350571) + * browser/base/content/aboutDialog.xul: Fix spurious scrollbar in the + about dialog box. Thanks Ian Jackson. (Closes: #350608) + * js/src/fdlibm/fdlibm.h: Patch to fix little endianess of + mipsel. Thanks Ian Jackson and Thiemo Seufer. (Closes: #350621) + * browser/base/content/search.xml: Patch from Ian Jackson to remove + misleading Clear option from search box context menu. (Closes: #350611) + * debian/watch: Fix regex to actually find the upstream tarballs. + * modules/libpref/src/init/all.js: Cope better with printers with spaces + in the name. Thanks Ian Jackson. + * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Take patch + from bz#235336 as suggested by Ian Jackson to allow password manager + to work with sites that only have a password field, no username. + + -- Eric Dorland <eric@debian.org> Mon, 6 Feb 2006 23:10:29 -0500 + +firefox (1.5.dfsg-4) unstable; urgency=low + + [ Eric Dorland ] + * debian/control, debian/rules: + - Remove Kerberos options, it is now loaded dynamically. + - Use /usr/share/firefox now for finding default.xpm. + * debian/firefox.install, debian/firefox.links, debian/firefox.preinst: + Start moving some clearly non-arch specific things + (/usr/lib/firefox/searchplugins, /usr/lib/firefox/icons, + /usr/lib/firefox/res) out of /usr/lib/firefox and into + /usr/share/firefox to make things more FHS friendly. Can't believe no + one ever called me on this before. + * toolkit/components/remote/nsGTKRemoteService.cpp, + widget/src/xremoteclient/XRemoteClient.cpp: Apply patch from bz#312154 + to fix remote interface on PPC (and probably other arches). (Closes: + #343913) + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_m68k.cpp: Patch from + Zack Weinberg to fix FTBFS on m68k. (Closes: #343687) + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_arm.cpp: Patch from Antti + P Miettinen to fix small optimization problem with newer gcc's + (Closes: #344846) + + [ Mike Hommey ] + * debian/firefox-runner: Cleaned up now useless variables. + + -- Eric Dorland <eric@debian.org> Tue, 10 Jan 2006 10:11:34 -0500 + +firefox (1.5.dfsg-3) unstable; urgency=low + + * debian/control: + - Need explicit build dependency on gtk >= 2.8. + - Upgrade Standards-Version to 3.6.2.1. No changes. + - Add compatibility packages for mozilla-firefox-dom-inspector + and mozilla-firefox-gnome-support and make all the upgrade packages + Architecture: all. (Closes: #343879, #344379) + * debian/watch: Add watch file. + * debian/about.png.uu: Add uuencoded version of previous about box + graphic. + * debian/rules: uudecode and install the about.png into the right + location. + * debian/firefox-runner: Add MOZ_PLUGIN_PATH to include plugins at the + old location for now. (Closes: #344085, #341682) + * widget/src/gtk2/nsWindow.cpp: Patch from bz#305970 to fix broken + contextual menu on Save File As. (Closes: #344430) + + * config/mkdepend/imakemdep.h, security/nss/lib/pki1/pki1.h: Remove some + patches that are now useless (suggested by Mike Hommey). + * mailnews/extensions/palmsync/palm.html, + browser/themes/pinstripe/browser/browser.css, + gfx/src/mac/nsNativeThemeMac.h, + directory/c-sdk/ldap/docs/draft-ietf-ldapext-ldap-c-api-05.txt, + layout/html/tests/table/bugs/bug123862.html, + layout/html/tests/table/bugs/bug119786.html, + layout/html/tests/table/bugs/bug101759.html, + layout/html/tests/table/bugs/bug14489.html, + layout/html/tests/table/bugs/bug222846.html, + layout/html/tests/block/bugs/155333-1.html, + layout/html/tests/block/bugs/185411-2.html, + layout/html/tests/block/bugs/13599.html, + layout/html/tests/block/bugs/53960.html, + layout/html/tests/block/bugs/155333-2.html, + layout/html/tests/block/bugs/38157-a.html, + layout/html/tests/block/bugs/38157-b.html, + layout/html/tests/block/bugs/46918.html, + layout/html/tests/block/printing/145305-11.html, + layout/html/tests/block/printing/145305-21.html, + layout/html/tests/block/printing/145305-13.html, + layout/html/tests/block/printing/145305-17.html, + layout/html/tests/block/printing/145305-19.html, + layout/html/tests/block/printing/145305-4.html, + layout/html/tests/block/printing/127145-1.html, + layout/html/tests/block/printing/145305-3.html, + layout/html/tests/block/printing/145305-7.html, + layout/html/tests/block/printing/145305-9.html, + layout/html/tests/frameset/core/r3.html, + layout/html/tests/frameset/core/r4.html, + layout/html/tests/frameset/core/blank2.html, + xpinstall/packager/stage_mfcembed.pl, xpinstall/packager/stage_gre.pl, + embedding/qa/testembed/Tests.cpp, + embedding/qa/testembed/nsihttpchanneltests.cpp, + embedding/qa/testembed/BrowserImpl.cpp, + embedding/qa/testembed/Tests.h, embedding/qa/testembed/QaUtils.cpp, + embedding/qa/testembed/resource.h, + embedding/qa/testembed/DomWindow.cpp, + embedding/qa/testembed/QaUtils.h, build/unix/abs2rel.pl, + xpfe/bootstrap/icons/windows/readme.txt, + security/nss/cmd/ssltap/ssltap-manual.html: Fix mess my subversion + repository made of line endings. This should reduce the size of the + diff.gz dramatically. + + -- Eric Dorland <eric@debian.org> Sat, 24 Dec 2005 03:23:02 -0500 + +firefox (1.5.dfsg-2) unstable; urgency=low + + * browser/locales/en-US/chrome/branding/brand.dtd, + browser/locales/en-US/chrome/branding/brand.properties: Change brand + name from Deer Park to Firefox. About box graphic still needs to be + fixed. *grumble* *grumble* (Closes: #343704) + + -- Eric Dorland <eric@debian.org> Sat, 17 Dec 2005 13:45:14 -0500 + +firefox (1.5.dfsg-1) unstable; urgency=low + + * New upstream release. No actual code changes from RC3. Took the + opportunity to completely empty the /other-licenses directory of the + upstream tarball. + * configure, configure.in: Change MOZ_APP_DISPLAYNAME to Firefox, so we + can be called Firefox without using + --enable-official-branding. *grumble* + * config/autoconf.mk.in, gfx/src/gtk/mozilla-decoder.cpp, configure.in: + Apply patch from bz#305185 to fix problems building against gtk+ 2.8. + * debian/control: + - Build-Depend on libfreetype6-dev since we do link + against it directly. + - Add mozilla-firefox package for easy transition. + - Conflict against older mozilla-firefox packages. + * debian/firefox-runner: + - Fix typo. (Closes: #341113) + - Check /usr/lib/mozilla-firefox/plugins for plugins too for the + time being. (Closes: #341682) + * debian/firefox-dom-inspector.preinst: Remove, not needed since the + name change. + * debian/firefox.preinst: + - Remove old upgrade code. + - Move old mozilla-firefox configs into place on install. + * debian/mozilla-firefox.preinst: Move upgrade code in here. Remove + mozilla-firefox alternative. + * debian/mozilla-firefox.postrm: Remove /etc/mozilla-firefox on purge. + + * Some patches missed when merging from Mike Hommey: + * browser/locales/en-US/searchplugins/answers.src: Change updateDays to + 0. + * config/mkdepend/imakemdep.h: Define for amd64. + * configure, configure.in: Visibility patch for recent gcc's. (Closes: + #341766) + * modules/libpref/src/nsPrefService.cpp: Patch to load preferences from + defaults/syspref. + * content/events/src/nsEventStateManager.cpp: Extended mouse events + patch. + * gfx/idl/nsIFreeType2.idl, gfx/src/freetype/nsFreeType.cpp, + gfx/src/freetype/nsFreeType.h, gfx/src/ps/nsFontMetricsPS.h, + gfx/src/x11shared/nsFontFreeType.cpp, + gfx/src/x11shared/nsFontFreeType.h, + layout/svg/renderer/src/libart/nsSVGLibartGlyphMetricsFT.cpp: Patch to + use new freetype API. + + -- Eric Dorland <eric@debian.org> Fri, 16 Dec 2005 11:37:23 -0500 + +firefox (1.4.99+1.5rc3.dfsg-2) unstable; urgency=low + + * The "Grand Renaming" release. Thanks to Mike Hommey for sherperding + the 1.5 series through experimental. Now it's my turn to muck it up. A + transition packages will be in the next release. + * debian/mozilla-firefox*: Rename to firefox*. + * debian/firefox.install, debian/firefox-dom-inspector.install, + debian/firefox-gnome-support.install, debian/firefox-runner, + firefox-xremote-client, firefox.1, firefox.desktop, firefox.dirs, + debian/firefox.js, debian/firefox.links, debian/firefox.manpages, + debian/firefox.menu, debian/firefox.mime, debian/firefox.postinst, + debian/firefox.prerm, debian/firefox.png.uu, debian/README.Debian, + debian/control, debian/rules: Search/Replace mozilla-firefox -> + firefox where appropriate. + * debian/firefox.links: Link old icon name to new. + * debian/README.Debian: Fix path to .mozilla/firefox/rc. (Closes: + #335433) + * config/autoconf.mk.in: Set mozappdir to /usr/lib/firefox. + + -- Eric Dorland <eric@debian.org> Sun, 27 Nov 2005 20:03:02 -0500 + +mozilla-firefox (1.4.99+1.5rc3.dfsg-1) experimental; urgency=low + + * New upstream 1.5 preview release. Release Candidate 3. + * debian/mozilla-firefox-runner: Removed the ping stuff, it's now done by + firefox itself. + + -- Mike Hommey <glandium@debian.org> Fri, 18 Nov 2005 07:24:05 +0100 + +mozilla-firefox (1.4.99+1.5rc2.dfsg-1) experimental; urgency=low + + * New upstream 1.5 preview release. Release Candidate 2. + * xpcom/typelib/xpidl/xpidl.c: Fix crash when no file is given on the + command line (Closes: #323639). Also fix the error message about extra + arguments given showing before the crash. + * configure.in, configure: Work around dash's bug #337294 so that we can + build fine when sh is dash (Closes: #211010, #256384). + * debian/mozilla-firefox-runner: + - Removed the code to detect the JVM and set LD_ASSUME_KERNEL=2.2.5 for + b0rked 1.3 JVMs: it's been a long time they've not been ABI compatible. + - Removed setting of MOZILLA_FIVE_HOME. We already have a default one + built-in. + - Removed /usr/lib/mozilla/plugins from EXTENT_LD_LIB_PATH, since we never + get the plugins from there. + - Removed cleanup of the profile. It is correctly done by firefox, now. + + -- Mike Hommey <glandium@debian.org> Fri, 11 Nov 2005 08:07:05 +0100 + +mozilla-firefox (1.4.99+1.5rc1.dfsg-1) experimental; urgency=low + + * New upstream 1.5 preview release. Release Candidate 1. + * debian/mozilla-firefox.install: Don't install + /usr/lib/mozilla-firefox/extensions/reporter@mozilla.org, it got moved in + the chrome. + + -- Mike Hommey <glandium@debian.org> Tue, 1 Nov 2005 22:01:15 +0100 + +mozilla-firefox (1.4.99+1.5beta2.dfsg-1) experimental; urgency=low + + * build/unix/run-mozilla.sh, netwerk/base/src/nsStandardURL.cpp: + Reverted debian changes: they got applied upstream. + * configure: Applied configure.in changes by hand. + * debian/rules: Disabled both the installer and the updater, we don't need + them. + + -- Mike Hommey <glandium@debian.org> Fri, 7 Oct 2005 15:06:05 +0200 + +mozilla-firefox (1.4.99+1.5beta1.dfsg-5) experimental; urgency=low + + * debian/control: Bumped Standards-Version to 3.6.2. + * nsprpub/configure.in: Reverted changed. + * configure.in: Use -fvisibility=hidden in all cases. There is another bug + in gcc that makes it generate position dependent code when using the + system wrappers. + * configure, nsprpub/configure: Applied configure.in changes with + autoconf2.13. + * debian/rules: Put back the /usr/share/pixmaps/mozilla-firefox.xpm file. + + -- Mike Hommey <glandium@debian.org> Mon, 3 Oct 2005 18:46:50 +0200 + +mozilla-firefox (1.4.99+1.5beta1.dfsg-4) experimental; urgency=low + + * xpcom/typelib/xpt/src/Makefile.in: Reverted changes. + * configure.in, nsprpub/configure.in: Added a detection of the gcc bug about + visibility for builtins, and use -fvisibility=hidden instead of the system + wrappers in case the bug is found. + * configure, nsprpub/configure: Applied configure.in changes with + autoconf2.13. (Really closes: #329642) + + -- Mike Hommey <glandium@debian.org> Tue, 27 Sep 2005 20:16:34 +0200 + +mozilla-firefox (1.4.99+1.5beta1.dfsg-3) experimental; urgency=low + + * Sync with unstable branch. + * xpcom/typelib/xpt/src/Makefile.in: disable visibility stuff for ppc, as a + workaround for FTBFS. (Closes: #329642) + + -- Mike Hommey <glandium@debian.org> Mon, 26 Sep 2005 18:35:11 +0200 + +mozilla-firefox (1.0.7-1) unstable; urgency=high + + * New upstream release. Contains fixes for various security issues. + * debian/mozilla-firefox-runner: Remove /usr/lib from + LD_LIBRARY_PATH. (Closes: #321789) + + -- Eric Dorland <eric@debian.org> Thu, 22 Sep 2005 01:23:10 -0400 + +mozilla-firefox (1.4.99+1.5beta1.dfsg-2) experimental; urgency=low + + * debian/rules: enabled support for canvas. + + -- Mike Hommey <glandium@debian.org> Tue, 20 Sep 2005 07:56:01 +0200 + +mozilla-firefox (1.4.99+1.5beta1.dfsg-1) experimental; urgency=low + + * Cleaned-up source tarball from trademarked content and CVS directories. + * debian/mozilla-firefox-small.xpm, debian/mozilla-firefox.xpm: Removed. + * debian/mozilla-firefox.dirs, debian/rules: + + Create /usr/lib/mozilla-firefox/chrome/icons/default and move + default.xpm in it. (Closes: #327828) + + Stop using our own xpm icons, upstream provide them, now. + * debian/rules: changed the build system a bit. + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_parisc_linux.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_parisc_linux.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s: Somewhat these + files disappeared. Put them back. (Closes: #328074) + + -- Mike Hommey <glandium@debian.org> Tue, 13 Sep 2005 18:25:48 +0200 + +mozilla-firefox (1.4.99+1.5beta1-2) experimental; urgency=critical + + * Sync with unstable branch. + * netwerk/base/src/nsStandardURL.cpp: Apply the patch for the 1.8 branch + from bz#307259 to fix CAN-2005-2871. (Closes: #327452) + * debian/mozilla-firefox-gnome-support.install, debian/rules: Move out + imgicon module in mozilla-firefox-gnome-support. (Closes: #327451) + + -- Mike Hommey <glandium@debian.org> Sun, 11 Sep 2005 10:45:34 +0200 + +mozilla-firefox (1.0.6-5) unstable; urgency=critical + + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp: Fix for previous + arm fix. Thanks Steve. (Closes: #325535) + * netwerk/base/src/nsStandardURL.cpp: Patch from bz#307259 to fix + CAN-2005-2871, a buffer overflow vulnerability in IDN + processing. (Closes: #327452) + + -- Eric Dorland <eric@debian.org> Sat, 10 Sep 2005 23:03:26 -0400 + +mozilla-firefox (1.4.99+1.5beta1-1) experimental; urgency=low + + * New upstream beta release. + + Find toolbar doesn't show up when in text fields. Closes: #280852. + + Better use of GTK2 themes. The most common case was highlighted menu + item text appearing in white on a white background. Closes: #223696, + #257430, #258181, #266334, #278559, #289326, #297320, #310098. + + Download manager correctly closes. Closes: #259015, #269975. + + Doesn't crash with the http://ln.hixie.ch/resources/style/orange + stylesheet. Closes: #277987. + + Locale extensions can properly be disabled. Closes: #279749 (to check). + + Doesn't crash on + http://einsteinmg.dyndns.org/cgi-bin/remangle.cgi?=0x27b9b660 anymore. + Closes: #294372. + + Downloads don't freeze when a modal window opens. Closes: #211332. + + Use GTK stock images. Closes: #281660. + * Sync with unstable branch changes. + * browser/app/profile/firefox.js, debian/firefox.js: + + Removed outdated extensions.update.autoUpdateEnabled and + extensions.update.autoUpdate; + + Removed general.useragent.locale. + + Allow extensions updates. It works correctly with system-wide installed + ones, now. + * netwerk/protocol/http/src/nsHttpConnectionMgr.cpp, + nsprpub/pr/include/md/_linux.cfg, widget/src/gtk2/mozdrawingarea.c, + widget/src/gtk2/nsDragService.cpp: Reversed changes, since they got + applied upstream. + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp: correctly set + __attribute__. Closes: #325535. + * debian/rules: + + set --enable-extensions=default instead of a full list. + We will get the default set of extensions provided by upstream, and + won't need to check if they changed. + + set --enable-pango. + + set --enable-system-cairo. + * debian/control: added build dependency on libgnomeui-dev and libcairo2-dev. + * debian/mozilla-firefox.install, debian/rules: don't install files in + /usr/lib/mozilla-firefox/chrome/icons/ anymore. + * debian/mozilla-firefox-runner: Force MOZ_DISABLE_PANGO to 1 if + MOZ_ENABLE_PANGO is not set. + * debian/README.Debian: + + Removed the note about IDN, it is now enabled by default, with correct + whitelist set. + + Added a note about MOZ_ENABLE_PANGO. + + Changed notes about application update, extensions, and packaged + extensions. + * modules/libpref/src/init/all.js: + + Set general.config.obscure_value to 0, we don't care about the config + file not to be "obscured". + + Set general.config.filename to firefox.cfg. + * debian/firefox.cfg: Create configuration to lock some properties. + * debian/mozilla-firefox.install: Install this firefox.cfg in + /usr/lib/mozilla-firefox + + -- Mike Hommey <glandium@debian.org> Fri, 9 Sep 2005 17:40:40 +0200 + +mozilla-firefox (1.0.6-4) unstable; urgency=low + + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_linux_alpha.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_arm.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_linux_alpha.cpp: Patch + from Steve Langasek to fix unused vs. used gcc attribute on alpha and + arm. (Closes: #325535) + * browser/app/profile/firefox.js: Revert patch to remove the "I'm + feeling lucky" search. Some like it, some hate it, so upstream + behaviour wins. If you still feel strongly about it, make your case + upstream. + * gfx/src/gtk/nsFontMetricsXft.cpp: Apply patch from bz#252033 to work + around a bug in XRender that might be causing #319349. + + -- Eric Dorland <eric@debian.org> Tue, 6 Sep 2005 02:10:07 -0400 + +mozilla-firefox (1.0.99+deerpark-alpha2-2) experimental; urgency=low + + * Sync with unstable branch changes, except the controversial "I'm feeling + lucky" change. I prefer waiting for the controversy to get to a + conclusion. + * debian/rules, debian/control: Remove build dependency on libmng-dev and + the --with-system-mng option to configure, the MNG support has been + removed upstream. + * debian/rules: Explicitely set the svg-renderer as cairo. It will use an + old cairo version bundled with firefox, but there's no other solution for + the moment. We have to wait for upstream 0.9.x and greater support + (hoped for 1.5). + + -- Mike Hommey <glandium@debian.org> Sun, 4 Sep 2005 09:01:54 +0200 + +mozilla-firefox (1.0.6-3) unstable; urgency=low + + * debian/rules, nsprpub/pr/include/md/_linux.cfg, + security/coreconf/Linux.mk: Apply patch from Andreas Jochens to allow + ppc64 builds. (Closes: #322617) + * debian/mozilla-firefox.prerm: Move -depth option to find to suppress + warnings. Thanks Mike Hommey. + * debian/presubj: Have bugzilla bug URL point to a page where you can + enter a bug. + * browser/app/profile/firefox.js: removed the "I'm feeling lucky" from + the keyword.URL, so now if you enter search terms in the address bar + you will be presented with search results and not taken to the first + result. Thanks Torok Edwin. (Closes: #321823) + + -- Eric Dorland <eric@debian.org> Mon, 22 Aug 2005 01:20:28 -0400 + +mozilla-firefox (1.0.6-2) unstable; urgency=medium + + * modules/libpr0n/src/imgLoader.cpp, modules/libpr0n/src/imgLoader.h: + Apply ported patch from Serge Belyshev from bz#293307 to fix problem + with gcc-4.0 on amd64. (Closes: #319336) + * debian/rules: Remove silly --enable-freetype configure line. Thanks + Antony Gelberg. (Closes: #319886) + + -- Eric Dorland <eric@debian.org> Sat, 30 Jul 2005 02:11:03 -0400 + +mozilla-firefox (1.0.6-1) unstable; urgency=low + + * New upstream release. (Closes: #318672) + * debian/rules: Remove hack to use gcc 3.4 on amd64, since now we're all + on gcc 4.0. (Closes: #318684) + * debian/control: + - Remove gcc 3.4 build depends on amd64 + - Explicitly build depend on libxinerama-dev. + * gfx/src/gtk/nsScreenGtk.cpp: Patch from Loic Minier to fix + gdk_property_get warnings. + * widget/src/gtk2/mozdrawingarea.c: Patch from Loic Minier to fix + crashes under GTK 2.7. (Closes: #318903) + + -- Eric Dorland <eric@debian.org> Wed, 20 Jul 2005 02:57:44 -0400 + +mozilla-firefox (1.0.99+deerpark-alpha2-1) experimental; urgency=low + + * New upstream alpha release. Be aware that you WILL have troubles with + debian packages for firefox extensions. + * Reverted patches that got incorporated upstream. + * content/events/src/nsEventStateManager.cpp: Some changes to the previous + patch to fit changes in API. + * debian/update-mozilla-firefox-chrome, + debian/update-mozilla-firefox-chrome.8, + debian/mozilla-firefox-dom-inspector.post(inst|rm), + debian/mozilla-firefox-gnome-support.post(inst|rm), + debian/theme/*, debian/inspector/*: Removed. + * debian/mozilla-firefox.postinst: Removed call to + update-mozilla-firefox-chrome. + * debian/mozilla-firefox-dom-inspector.install: Only install files from + /usr/lib/mozilla-firefox/extensions/inspector@mozilla.org + * debian/mozilla-firefox.dirs: Don't create /var/lib/mozilla-firefox/*, + /usr/lib/mozilla-firefox/extensions nor /usr/lib/mozilla-firefox/plugins. + * debian/mozilla-firefox.install: + - Don't install regxpchrome, chrome/pipnss.jar and chrome/help.jar which + don't exist anymore. + - Install manifest files in addition to jar files in chrome. + - Install classic.jar in the normal chrome directory (awaiting EM + modifications so that it can actually go back in the extensions + directory). + - Don't install debian/theme/00classic and debian/theme/Uninstall, + which got removed. + - Get the theme in the correct directory (it's not in + defaults/profile/extensions anymore). + - Install the reporter extension. + - Selectively install subdirectories of /usr/lib/mozilla-firefox/defaults, + since some of them are useless. + - Install the unixprint plugin. + * debian/mozilla-firefox.manpages: Removed manual page for + update-mozilla-firefox-chrome. + * debian/mozilla-firefox.links: Removed all links in + /var/lib/mozilla-firefox/. + * debian/rules: + - Enable freetype in the build, we'll see if deerpark is any better than + 1.0.x. + - Commented out OPTFLAGS set for some architectures. We will see if gcc + 4.0 is doing any better. + - Enabled SVG support. (Closes: #215990) + - Enabled some more extensions to fit extensions provided by upstream. + - Added needed --enable-application=browser to the ./configure call. + - Don't install update-mozilla-firefox-chrome. + - Don't create installed-chrome.txt. + - Don't remove installed-extensions.txt, it doesn't exist anyway. + - Don't move classic theme's install.rdf, it's already at the correct + place. + - Remove unneeded removals of preferences files which are not there + anymore. + * debian/mozilla-firefox.preinst: Clean-up old generated files (those in + /var/lib/mozilla-firefox and + /usr/lib/mozilla-firefox/extensions/*/uninstall/Uninstall. (Note that for + the latter, some packages do provide them, but they were overwritten by + update-mozilla-firefox-chrome. They have actually no use, and it is safe + to remove them. Extensions packages will eventually remove them anyway) + * debian/mozilla-firefox.prerm: Put -depth option of find before -type d. + + -- Mike Hommey <glandium@debian.org> Sat, 16 Jul 2005 10:18:40 +0200 + +mozilla-firefox (1.0.5-1) unstable; urgency=high + + * New upstream release, fixes security issues. (Closes: #318061) + * debian/rules: Disable freetype in the build for the time being. This + *might* break printing in some cases. + * gfx/idl/nsIFreeType2.idl, gfx/src/freetype/nsFreeType.cpp, + gfx/src/freetype/nsFreeType.h, gfx/src/ps/nsFontMetricsPS.cpp, + gfx/src/ps/nsFontMetricsPS.h, gfx/src/x11shared/nsFontFreeType.cpp, + gfx/src/x11shared/nsFontFreeType.h, + layout/svg/renderer/src/libart/nsSVGLibartGlyphMetricsFT.cpp: Patch + from bz#234035 to try to get building with the new freetype. (Closes: + #314243) + + -- Eric Dorland <eric@debian.org> Sat, 16 Jul 2005 00:43:54 -0400 + +mozilla-firefox (1.0.4-3) unstable; urgency=low + + * debian/mozilla-firefox.desktop: Add Czech translation from Jan + Outrata. (Closes: #311376) + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp, + xpcom/reflect/xptcall/public/xptcstubsdecl.inc: Revert patch from + David Mosberger for 7+ args on ia64 that was added 1.0.3-2. + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf32.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf32.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp, + xpcom/reflect/xptcall/public/genstubs.pl: Better patch from bz#291378 + which has been accepted upstream for ia64 7+ args fix. + * xpcom/reflect/xptcall/public/xptcstubsdecl.inc: Call genstubs.pl to + regenerate this file. + * dom/src/base/nsGlobalWindow.cpp, + embedding/components/windowwatcher/src/nsWindowWatcher.cpp: Fix + injection spoofing, patch from bz#296850. Fixes CAN-2004-0718. + + -- Eric Dorland <eric@debian.org> Thu, 9 Jun 2005 23:54:41 -0400 + +mozilla-firefox (1.0.4-2) unstable; urgency=critical + + * debian/control: Build-depend on libxft-dev not libxft2-dev to appease + finicky sparc buildd. + + -- Eric Dorland <eric@debian.org> Mon, 16 May 2005 21:17:57 -0400 + +mozilla-firefox (1.0.4-1) unstable; urgency=critical + + * New upstream release. Fixes CAN-2005-1477 and CAN-2005-1476. (Closes: #308620) + * debian/update-mozilla-firefox-chrome.8: Patch from A Costa to fix the + spelling of maintenace. (Closes: #305968) + * debian/mozilla-firefox.desktop: Patch from Steinar H. Gunderson to add + a Norwegian translation. (Closes: #305983) + + -- Eric Dorland <eric@debian.org> Thu, 12 May 2005 22:59:47 -0400 + +mozilla-firefox (1.0.3-2) unstable; urgency=high + + * browser/app/profile/firefox.js: Disable SSLv2 and 40-bit ciphers by + default. + * debian/mozilla-firefox.NEWS: Explain the SSL change. + * extensions/transformiix/source/base/Double.cpp: Patch from David + Mosberger-Tang (fixed up by me) to fix unaligned access on ia64 (and + perhaps other platforms). (Closes: #303518) + * xpcom/reflect/xptcall/public/xptcstubsdecl.inc, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_ipf64.s, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_ipf64.cpp: Another patch + from David Mosberger-Tang to fix extension loading on ia64. (Closes: + #303515) + + -- Eric Dorland <eric@debian.org> Thu, 21 Apr 2005 01:25:02 -0400 + +mozilla-firefox (1.0.3-1) unstable; urgency=low + + * New upstream release, fixes various security issues, so urgency high. + * js/src/fdlibm/fdlibm.h: Fix from David Mosberger to define ia64 as + little-endian arch (also added for mipsel). (Closes: #303438) + + -- Eric Dorland <eric@debian.org> Sun, 17 Apr 2005 23:13:01 -0400 + +mozilla-firefox (1.0.2-3) unstable; urgency=high + + * gfx/src/freetype/nsFreeType.cpp, + netwerk/protocol/http/src/nsHttpConnectionMgr.cpp, + security/nss/lib/pki1/oiddata.h, security/nss/lib/pki1/pki1.h, + widget/src/gtk2/nsDragService.cpp: Fixes for gcc-4.0, + bz#289238. (Closes: #301485) + * js/src/jsstr.c: Fix for JS memory access security bug, patch from + bz#288688. (Closes: #302775) + + -- Eric Dorland <eric@debian.org> Wed, 6 Apr 2005 01:36:11 -0400 + +mozilla-firefox (1.0.2-2) unstable; urgency=high + + * Last upload should of been marked urgency=high because of the security + fixes. + * debian/mozilla-firefox.postinst: Fix ridiculous typos. (Closes: + #300685) + * debian/mozilla-firefox-runner: Use pgrep to detect esd and arts + instead. Thanks Craig Small for the advice. (Closes: #302086) + + -- Eric Dorland <eric@debian.org> Fri, 1 Apr 2005 01:18:18 -0500 + +mozilla-firefox (1.0.2-1) unstable; urgency=low + + * New upstream release. Fixes CAN-2005-0399, CAN-2005-0401, + CAN-2005-0402. (Closes: #301243) + * debian/control: Update suggest for xprint rename. (Closes: #300976) + * xpcom/reflect/xptcall/src/md/unix/{Makefile.in, + xptcinvoke_asm_parisc_linux.s, xptcstubs_asm_parisc_linux.s}: Apply + patch from Ivar (Contributed by Randolph Chung) to fix Firefox on + hppa. (Closes: #286038) + + -- Eric Dorland <eric@debian.org> Fri, 25 Mar 2005 02:30:10 -0500 + +mozilla-firefox (1.0.1-3) unstable; urgency=low + + * widget/src/gtk2/nsGtkKeyUtils.cpp: Patch from bz#108170 to fix broken + keymap for Germans. (Closes: #299781) + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: avoid + crashing when extension's install.rdf is broken. (Closes: #298796) + (MH) + * debian/mozilla-firefox.prerm: Remove + /usr/lib/mozilla-firefox/defaults/profile/extensions/Extensions.rdf on + uninstall. (Closes: #298636) + * debian/mozilla-firefox.postinst: Add little echo to tell people to + restart firefox after upgrades. + * debian/presubj: Add a note there about restarting firefox before + submitting bugs. + * debian/mozilla-firefox-runner: Properly quote $@ expansion. (Closes: + #300195) + * browser/locales/en-US/searchplugins/ + {yahoo.src,google.src,eBay.src,dictionary.src,creativecommons.src, + amazondotcom.src}: Set updateCheckDays to 0, which avoids duplicated + search entries in the menu. (Closes: #299006, #299813) + + -- Eric Dorland <eric@debian.org> Sun, 20 Mar 2005 17:08:12 -0500 + +mozilla-firefox (1.0.1-2) unstable; urgency=high + + * Changes by Mike Hommey: + * Urgency: high due to RC bug fix. + * debian/update-mozilla-firefox-chrome: Re-initialize Extensions.rdf + inside the script instead of relying on mozilla-firefox's default + behaviour, which just fails when defaults/profile/extensions/ \ + Extensions.rdf doesn't exist (and it seems some people like to remove + files in /etc). (Closes: #294175) + + * Changes by Eric Dorland: + * debian/mozilla-firefox.menu: Capitalize "browsers". Thanks Gerfried + Fuchs. + * debian/mozilla-firefox-runner: Fix from Marc Horowitz to fix sound + device detection. (Closes: #297088) + * toolkit/content/widgets/tabbrowser.xml: Apply patch from bz#283063, to + fix a memory leak when closing tabs. (Closes: #296749) + * xpfe/global/resources/content/bindings/browser.xml, + xpfe/global/resources/content/bindings/tabbrowser.xml, + toolkit/content/widgets/browser.xml, + toolkit/content/widgets/tabbrowser.xml: Apply patches from bz#131456 + to fix various tab related memory leaks. (Closes: #280586) + * netwerk/protocol/http/src/nsHttpHandler.cpp: Patch from bz#265536 to + differentiate between AMD64 and i386. (Closes: #282592) + + -- Eric Dorland <eric@debian.org> Sat, 5 Mar 2005 18:46:09 -0500 + +mozilla-firefox (1.0.1-1) unstable; urgency=high + + * New upstream release. (Closes: #296851) + - This release fixes the Secunia window injection bug, + CAN-2004-1156. (Closes: #293664) + + * Changes by Mike Hommey: + * debian/rules: Some clean-up. + * debian/control: Changed my maintainer address. + * debian/README.Debian: Add a note about automatic updates for + extensions. (Closes: #296761) + + * Changes by Eric Dorland: + * browser/app/profile/firefox.js: Remove disable IDN pref, it's the + default now anyway. + + -- Eric Dorland <eric@debian.org> Tue, 1 Mar 2005 02:03:48 -0500 + +mozilla-firefox (1.0+dfsg.1-6) unstable; urgency=high + + * The "And I thought IE had security bugs!" release. + * toolkit/content/widgets/tabbrowser.xml, + xpfe/global/resources/content/bindings/tabbrowser.xml: Fix + "Firetabbing" vulnerability from bugzilla#280056, fixes + CAN-2005-0231. (Closes: #294415) + * modules/plugin/base/src/nsPluginHostImpl.cpp: Fix "Fireflashing" + vulnerability from bugzilla#280664, fixes CAN-2005-0232. (Also Closes: + #294415) + * build/unix/run-mozilla.sh: Patch from Javier Fernández-Sanguino Peña + to fix insecure temp file usage in run-mozilla.sh. (Closes: #294127) + * netwerk/base/src/nsStandardURL.cpp, netwerk/base/src/nsStandardURL.h: + Patch from bugzilla#261934 to make the network.enableIDN preference + work and again. + * browser/app/profile/firefox.js: Disable IDN by default. This doesn't + close #293975, but drops its severity. + * debian/README.Debian: Add warning and describe how to enable IDN. + + -- Eric Dorland <eric@debian.org> Wed, 9 Feb 2005 22:56:17 -0500 + +mozilla-firefox (1.0+dfsg.1-5) unstable; urgency=low + + * debian/mozilla-firefox.desktop: Don't translate "Mozilla Firefox" into + French. + * browser/app/profile/firefox.js: Set mozilla.widget.raise-on-setfocus + to false to prevent unecessary window raising. (Closes: #292049) + * debian/rules: Don't compile statically on mips and mipsel, since it's + broken for now. + + -- Eric Dorland <eric@debian.org> Sun, 6 Feb 2005 15:02:36 -0500 + +mozilla-firefox (1.0+dfsg.1-4) unstable; urgency=low + + * debian/mozilla-firefox.desktop: Add French translations from Jerome + Warnier. I will accept more, but closing this bug. (Closes: #292506) + * debian/README.Debian: Update the Emacs keybindings instructions. + (Closes: #291691) + * debian/mozilla-firefox.1: + - Remove -splash from the manpage, it has never worked. (Closes: + #287088) + - Add units to -height and -width description. (Closes: #285142) + + -- Eric Dorland <eric@debian.org> Wed, 2 Feb 2005 01:42:53 -0500 + +mozilla-firefox (1.0+dfsg.1-3) experimental; urgency=low + + * debian/mozilla-firefox.desktop: Add %u to the exec line so that apps + know it can handle URLs. (Closes: #290132) + * debian/README.Debian: + - Improve button reversal instructions. Thanks Christian Mayrhuber + - Fix reference to ~/.firefox. + * debian/rules: Enable static building. This will build firefox as one + large binary (mostly) and should speed a few things up, especially + program load time. I'd like to hear about any speedup (or slow down) + you exprience. Porters, please build this for your arch to make sure + this doesn't break anything. + + -- Eric Dorland <eric@debian.org> Thu, 20 Jan 2005 01:40:34 -0500 + +mozilla-firefox (1.0+dfsg.1-2) unstable; urgency=medium + + * debian/mozilla-firefox-gnome-support.postrm, + debian/mozilla-firefox-dom-inspector.postrm: Don't die if + update-mozilla-firefox-chrome dies. (Closes: #287355) + + -- Eric Dorland <eric@debian.org> Sun, 9 Jan 2005 23:51:10 -0500 + +mozilla-firefox (1.0+dfsg.1-1) unstable; urgency=low + + * Not a new upstream release. + * other-licenses/branding/firefox, other-licenses/7zstub/firefox: Remove + these from the .orig.tar.gz, since they are not DFSG-free. We're not + using the files anyway, so out they go. (Not sure the 7zstub stuff is + non-free, but it's Windows only so no harm) + * debian/rules: + - Remove explicit low-optimization on alpha, since Falk + Hueffner claims it works. + - Move entire defaults/profile directory into /etc/mozilla-firefox, + rather than just the bookmarks.html. (Closes: #285538) + * debian/mozilla-firefox.links: Link entire defaults/profile now. + * debian/mozilla-firefox.preinst: Add upgrade code to remove old + defaults/profile to make way for new symlink. + * debian/mozilla-firefox.dirs: Just create etc/mozilla-firefox. + + -- Eric Dorland <eric@debian.org> Sun, 19 Dec 2004 01:31:44 -0500 + +mozilla-firefox (1.0-5) unstable; urgency=medium + + * Changes by Mike Hommey: + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Make the + extensions upgrade work again. (Closes: #282143) + * debian/rules: Better DEB_BUILD_OPTIONS handling, better debugging + build (DEB_BUILD_OPTIONS="nostrip debug") + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, + toolkit/mozapps/extensions/content/extensions.js: Allow users to + disable globally installed extensions. + + * Changes by Eric Dorland: + * debian/rules: Remove explicit low-optimization on sparc. Apparently + there was an issue for a number of arches that required lower + optimization settings, but it is now resolved. So porters, please + check -O2 on arm, alpha, powerpc and ia64 and let me know if it's + safe. Thanks David S. Miller. (Closes: #284533) + + -- Eric Dorland <eric@debian.org> Tue, 7 Dec 2004 01:06:48 -0500 + +mozilla-firefox (1.0-4) unstable; urgency=medium + + * debian/control: Make mozilla-firefox-gnome-support and xprt-xprintorg + Suggests, no Recommends after a look at policy. (Closes: #282432) + * debian/README.Debian: + - Refer to .mozilla/firefox, not .firefox. + - Explain how to reenable emacs style keybindings. (Closes: #282321) + + -- Eric Dorland <eric@debian.org> Sat, 27 Nov 2004 20:40:10 -0500 + +mozilla-firefox (1.0-3) unstable; urgency=low + + * Changes by Mike Hommey + * The "becoming more and more an iceweasel" release. + * debian/firefox.js: + + Enable firefox's internal locale autodetection. + + Disable default browser question at startup. (Closes: #280752) + * debian/mozilla-firefox-runner: Removed our locale autodetection. + That means now locales installed in user profiles are automatically + used, and that there is no need for /var/lib/mozilla-firefox/locales.d + anymore. + * debian/mozilla-firefox.dirs: Removed creation of + /var/lib/mozilla-firefox/locales.d. + * debian/rules: Removed creation of the locale file in + /var/lib/mozilla-firefox/locales.d. + * debian/presubj: Put some more recent information. + * htmlparser/src/nsParser.cpp: Applied patch from bz#57717 so that empty + html files don't get <html><body></body></html> when viewing source. + * browser/base/content/aboutDialog.css: increase the User Agent element + height as in bz#238137 (but up to MacOSX's height) to show the full User + Agent string. + * xpcom/io/nsAppDirectoryServiceDefs.h, + xpcom/io/nsAppFileLocationProvider.cpp, + xpfe/components/search/src/nsInternetSearchService.cpp: Applied patch from + bz#123315 so that Internet search services in user profiles are supported. + (Closes: #219053) + * debian/mozilla-firefox-runner: + + Remove compatibility.ini only if it is older than + /usr/lib/mozilla-firefox/components.ini. That way, we only rebuild it + after an update-mozilla-firefox-chrome. + + Detect if we're being run through sudo without the -H option, in which + case we force setting of $HOME. (Closes: #218156) + * browser/app/profile/firefox.js: Sync'ed with debian/firefox.js. + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: + + Removed some error messages that get there because firefox is trying to + write in the /usr/lib/mozilla-firefox directory as a user. They are + useless and lead users to think something is going wrong while it's the + (stupid but) normal way firefox works. + + Avoid creation of directories when attempting to read files, that + throwed uncaught exceptions breaking some stuff in several different + ways when extensions don't follow the new scheme for extensions. + + Avoid copying stuff from + /usr/lib/mozilla-firefox/defaults/profile/extensions/ to + /usr/lib/mozilla-firefox/extensions/, that's the *very* old way of + installing extensions, which, since the old scheme has been thrown away, + won't work anyway, if any extension provides files out there. + + CheckForMismatches: Avoid to disable already disabled global extensions, + and don't propose to upgrade the locked extensions. That fixes a + never-ending loop occuring when running firefox for the first time in a + user account, while some global extensions are expired. + (Closes: #278722, #281537) + * debian/mozilla-firefox.prerm, debian/mozilla-firefox.preinst: Moved + removal of links to /usr/lib/mozilla-firefox/defaults/profile/extensions/ + sitting in /usr/lib/mozilla-firefox/extensions/, if any remaining, from + prerm to preinst. We remove them once and for all, they won't be created + by us anymore. + * debian/update-mozilla-firefox-chrome: + + Removed support for extensions in + /usr/lib/mozilla-firefox/defaults/profile/extensions/. + + Removed some clean-up that had been introduced to help the Extensions + Manager not to die, and which, actually, did not work out quite so well. + Anyways, with the changes this time, the EM is supposed to support much + more problems than ever before (as usual ;) ) so we don't need that + anymore. + + Avoid stupid mv error messages when firefox-bin -register fails (which + is not supposed to happen, but you're never too careful) + * debian/update-mozilla-firefox-chrome, debian/mozilla-firefox.preinst: + Move removal of some very old stuff to preinst, to do it once and for all + instead of doing it every time we run update-mozilla-firefox-chrome. + * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Applied patch from + bz#124561 to get a prompt for username/password in case anonymous login + fails. + * debian/mozilla-firefox-runner: + + Added check for more arguments so that the url in the command line get + detected more accurately. + + When a file name is given on the command line, prepend "file://" and + change spaces into %20. (Closes: #281800) + + * Changes by Eric Dorland + * debian/mozilla-firefox.prerm: Patch from Philipp Weis to fix order of + find arguments. (Closes: #280852) + * debian/mozilla-firefox.desktop: Support new mime type handler in Gnome + 2.8. (Closes: #281274) (MH: I added some more myme-types) + * debian/mozilla-firefox.postinst: Run update-desktop-database if it + exists. + * widget/src/gtk/nsWidget.cpp: We don't use gtk anymore, might as well + revert these patches. Thanks Stephane Despret. + + -- Eric Dorland <eric@debian.org> Thu, 18 Nov 2004 22:16:28 -0500 + +mozilla-firefox (1.0-2) unstable; urgency=low + + * Changes by Mike Hommey + * The "don't do too much on the same day, it's bad for health" release. + * debian/firefox.js: Re-activated the extensions update service, and + removed the update url. + * browser/app/profile/firefox.js: Sync'ed with debian/firefox.js. + * debian/mozilla-firefox-dom-inspector.preinst: Removed old inspector.js + file. + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, + toolkit/mozapps/extensions/content/extensions.js: Disabled possibility + to update locked extensions and themes. Locked extensions being the + ones installed by the packaging system, they should be updated through + that. + * toolkit/mozapps/update/src/nsUpdateService.js.in: Disabled application + update functionnality. Firefox should be updated through the packaging + system. + * browser/components/prefwindow/content/pref-advanced.xul: Removed the + preferences panel item to activate application update, since it is + totally disabled. + * debian/mozilla-firefox-runner: Remove compatibility.ini instead of + compreg.dat. (Eric: This will cause a rebuild of the compreg.dat) + + * Changes by Eric Dorland: + * debian/mozilla-firefox.NEWS: Fix typos. + * README.Debian: + - Add note about application update being completely disabled. + - Fix path to XUL.mfsal + + -- Eric Dorland <eric@debian.org> Wed, 10 Nov 2004 22:56:22 -0500 + +mozilla-firefox (1.0-1) unstable; urgency=medium + + * New upstream release (Closes: #280449) + + * Changes by Mike Hommey: + * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply new patch + #164795 from bz#266835 + some tweaks as previously. This might lead to + encoding problems with the password, but it is supposed to be ASCII + anyway. + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Reworked the + previous patches so that the Extensions Manager shows extensions that + have been disabled due to version mismatch, and added a workaround so + that components registration works correctly. + * debian/update-mozilla-firefox-chrome: Removed part that is useless due + to last changes in the Extensions Manager. + * Make the inspector a real extension again: + - debian/inspector/00dom-inspector: File for + /var/lib/mozilla-firefox/extensions.d. + - debian/inspector/Uninstall: Uninstall file needed in extension + directory. + - debian/inspector/install.rdf: install.rdf taken from older versions, + and adapted to newer versions, adding registered chrome. + - debian/mozilla-firefox-dom-inspector.dirs: Removed. Everything will + be created by dh_install. + - debian/mozilla-firefox-dom-inspector.install: install + debian/inspector.rdf and most inspector files in the right place in + /usr/lib/mozilla-firefox/extensions/{641d8d09-7dda-4850-8228-ac0ab65e2ac9} + and /var/lib/mozilla-firefox + * Make the classic theme a real extension, even though it's still in + the main package: + - debian/theme/00classic: File for + /var/lib/mozilla-firefox/extensions.d. + - debian/theme/Uninstall: Uninstall file needed in extension + directory. + - debian/mozilla-firefox.install: Install all files in the right + place in + /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd} + - debian/mozilla-firefox.dirs: Removed creation of + /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/chrome, + it will be done by dh_install. + - browser/app/profile/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf.in: + Added chrome to be registered. + * Removed support for /var/lib/mozilla-firefox/chrome.d: + - debian/mozilla-firefox.dirs: Removed creation of the directory. + - debian/rules: Removed creation of files there, and put the + installed-chrome.txt, excluding inspector and classic theme stuff, + directly in /usr/lib/mozilla-firefox/chrome. + - debian/update-mozilla-firefox-chrome: Removed all + /var/lib/mozilla-firefox/chrome.d related stuff. + - debian/mozilla-firefox.links: Removed installed-chrome.txt link. + - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: disable + extensions that fail to install chrome. + * debian/mozilla-firefox-runner: Remove user profile compreg.dat at + launch time. + * Moved some files in /var/lib/mozilla-firefox: + - debian/mozilla-firefox.links: Add a symlink for Extensions.rdf + and components.ini, from /usr to /var. + - debian/mozilla-firefox.prerm: Don't remove files we don't + provide and remove files at their new locations. + - debian/mozilla-firefox.preinst: Remove + /var/lib/mozilla-firefox/installed-chrome.txt. + - debian/update-mozilla-firefox-chrome: Create links for + Extensions.rdf and components.ini after register call, and remove + components.ini before. + * Clean-up in files generated by update-mozilla-firefox-chrome: + - debian/mozilla-firefox.links: Put all the links generated by + update-mozilla-firefox-chrome into the package. + - debian/mozilla-firefox.prerm: Remove all /var files generated + in the remove target, and changed the way we clean-up + /var/lib/mozilla-firefox. + * debian/mozilla-firefox.install: Removed chromelist.txt. + * Add support for extensions preferences: + - debian/update-mozilla-firefox-chrome: Handle + /usr/lib/mozilla-firefox/defaults.ini file. + - debian/mozilla-firefox.links: Add a symlink to /var for + defaults.ini. + - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Added + defaults registration in -register command. + - mozilla-firefox-dom-inspector.install: Move inspector.js into + the appropriate extension specific directory. + * Move preferences back into /usr: + - debian/rules: Don't move the prefs into + /etc/mozilla-firefox/pref, and put the vendor thing into /usr + as well, and remove firefox-l10.js file. + - debian/mozilla-firefox.preinst: remove old prefs in /etc and + old symlink /usr/lib/mozilla-firefox/defaults/pref. + - debian/firefox.js: new Debian default preferences file. + - debian/mozilla-firefox.install: install firefox.js in + /etc/mozilla-firefox/pref. + - debian/mozilla-firefox.links: rename + /usr/lib/mozilla-firefox/defaults/pref symlink to + /usr/lib/mozilla-firefox/defaults/syspref. + - toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Added + a hook so that defaults/syspref gets registered in defaults.ini + after all other extensions preferences. + * debian/mozilla-firefox.preinst: only clean-up stuff if we are + upgrading from a version known to still have the files. Added some + more clean-up. + * debian/mozilla-firefox.install: Removed useless init.d. + * modules/libpref/src/init/all.js: Fixed all chrome URLs which refered to + mozilla stuff. + * debian/update-mozilla-firefox-chrome: Remove some more files before running + firefox-bin -register. + + * Changes by Eric Dorland: + * debian/mozilla-firefox.NEWS: Add warning about broken extension and + locale packages with this release. + * debian/mozilla-firefox-runner: Comment out warning about xprint, + xprint isn't necessarily needed for printing since postscript was + reenabled. (Closes: #279858) + + -- Eric Dorland <eric@debian.org> Wed, 10 Nov 2004 00:33:44 -0500 + +mozilla-firefox (0.99+1.0RC1-4) unstable; urgency=low + + * debian/mozilla-firefox-runner: + - Fixed to run properly with dash. (Closes: #279549). + - Fixed indentation. + - Added a basic debugger support. + * debian/mozilla-firefox.1: Added information about debugger options. + * debian/rules: Added a debug option to DEB_BUILD_OPTIONS. If you want to + build a fully gdb'able package, use DEB_BUILD_OPTIONS="noopt nostrip + debug" + * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply new patch from + bz#266835. + - Further change this patch to use Append rather than AppendLiteral, + which doesn't seem to exist. (ED) + + -- Mike Hommey <mh@glandium.org> Thu, 4 Nov 2004 22:01:51 +0900 + +mozilla-firefox (0.99+1.0RC1-3) unstable; urgency=low + + * netwerk/protocol/ftp/src/nsFtpConnectionThread.cpp: Apply patch from + bz#266835 to fix anonymous user password issue. (Closes: #226784) + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: (MH) + - Fully apply previous patches, which for some reason left a spurious code + line which made the extensions manager not like expired extensions + anymore. (Closes: #279140) + - Enhanced extensions manager so that the behaviour described in + https://bugzilla.mozilla.org/show_bug.cgi?id=247846#c14 *actually* + works. Extensions packagers are invited to move their chrome files + accordingly, and remove /var/lib/mozilla-firefox/chrome.d files so that + extensions chrome don't get registered when they are forced-disable due + to version mismatch or some other reason. + * debian/mozilla-firefox-runner: + - Fix some thinkos. (MH) + - Fix for loading files from the command line. (Closes: #279018) (MH) + - Removed setting --display from $DISPLAY, let it get it from the + environment, but pass --display if it is set. (Mike, + I'm worried this will screw up some session + managers, let me know what you think, we can revert it) + - Removed FIREFOX_OPEN_IN stuff, so that firefox now obeys to "open + links from other applications in" setting. (Closes: #279073) (MH) + - Enhanced command line parsing, and drop empty arguments. + (Closes: #279138) (MH) + - No need for a find to look for XUL.mfasl, we already have its + location from the path list taken from profiles.ini. (MH) + - Better detection of dsp wrapper, when FIREFOX_DSP=auto. + (Closes: #254611) (MH) + - Correctly open local files even when firefox was not previously + running. (Closes: #279018) (MH) + * debian/mozilla-firefox.1: (MH) + - Removed references to FIREFOX_OPEN_IN. + - Added the -safe-mode option. + * debian/mozilla-firefoxrc: Removed FIREFOX_OPEN_IN. (MH) + + -- Eric Dorland <eric@debian.org> Tue, 2 Nov 2004 00:46:28 -0500 + +mozilla-firefox (0.99+1.0RC1-2) unstable; urgency=medium + + * browser/app/profile/firefox.js: Disable browser update checking by + default. + * debian/mozilla-firefox-runner: Apply patch from Aurelien Jarno to fix + variable name typo. (Closes: #278844) + + -- Eric Dorland <eric@debian.org> Fri, 29 Oct 2004 23:50:59 -0400 + +mozilla-firefox (0.99+1.0RC1-1) unstable; urgency=medium + + * New upstream release. + * layout/xul/base/src/nsImageBoxFrame.{cpp,h}: Remove some conflicts + from a previous patch. + + -- Eric Dorland <eric@debian.org> Thu, 28 Oct 2004 23:33:46 -0400 + +mozilla-firefox (0.10.1+1.0PR-5) unstable; urgency=low + + * debian/rules: (MH) + - Use upstream extensions set. This will eventually get a + correct help menu and fix some yet undiscovered UI issues. + (Closes: #257946) + - Added support for DEB_BUILD_OPTIONS=noopt. + - Changed OPTFLAGS assignment. + - Remove whitespace characters in version number for UserAgent + branding. + - Install mozilla-firefox-runner into /usr/lib/mozilla-firefox/firefox + (Closes: #278477) + * debian/mozilla-firefox.links: (MH) + - Link /usr/bin/firefox and /usr/bin/mozilla-firefox to + /usr/lib/mozilla-firefox/firefox. + - Removed obsolete profile/US links. + * debian/mozilla-firefox.dirs: Create /etc/mozilla/profile instead of + /etc/mozilla/profile/US. (MH) + * toolkit/xre/nsAppRunner.cpp: Fix crash in nsCmdLineService::Initialize + when argc is changed by gtk (when treating gtk specific arguments) + (MH) + * debian/mozilla-firefox-runner (Changes by MH): + - Removed workaround for bug #122990. First, xmlterm is not an activated + extension, and secondly, if it still requires the TERM environment + variable, it is the user's duty to set it to whatever he wants, not + firefox's start script's. + - Removed the ulimit -c setting. First, it is set by default to 0 on a + newly installed debian, and secondly, it is user's choice to set it or + not if he needs to get core files. + - Removed unused shell variables. + - Removed unsetting AUDIODEV variable. If it still crashes, it does belong + to some other code than firefox. The AUDIODEV environment variable is + used nowhere in firefox code: + http://lxr.mozilla.org/aviarybranch/search?string=AUDIODEV + Note that there is a "A crash which occurred when AUDIODEV doesn't + contain "/" was fixed." log message in esound version 0.2.33 changes and + that the bug may have belonged there. + - Replaced ${HOME}/.mozilla-firefoxrc file by a ${HOME}/.mozilla/firefox/rc + file. The former is still supported, though, but will bring a warning + message. If both are present, only the latter is taken into account. + - Changed the way system and user FIREFOX_DSP and FIREFOX_OPEN_IN + variables are handled. First, use system values defined in + /etc/mozilla-firefox/mozilla-firefoxrc, then override with + ${HOME}/.mozilla/firefox/rc and then with runtime environment variables. + - Don't die when DISPLAY is not set. Display can be passed by --display + option, and if not set and needed (some options don't require it), + firefox will complain. + - Some shell code simplifications by using some coreutils. + - Added better command line parsing. + - Added verbosity mode. + - Removed setting of FONTCONFIG_PATH, /usr/lib/mozilla-firefox/res/Xft + doesn't exist + - Factorized localization detection. + * debian/mozilla-firefox.1 (MH): + - Made some clean-up between dashes and hyphens. + - Removed obsolete options and added new ones. + - Added informations about some debian specific stuff. + * debian/update-mozilla-firefox-chrome: Changed the way we move files to + /var/lib/mozilla-firefox. It will avoid creating files with a * in their + name whenever registration failed. (MH) + * debian/README.Debian: Update java instructions, tell them to just use + java-package. + + -- Eric Dorland <eric@debian.org> Thu, 28 Oct 2004 21:30:40 -0400 + +mozilla-firefox (0.10.1+1.0PR-4) unstable; urgency=medium + + * This release mostly courtesy Mike Hommey. + * layout/src/xul/base/src/nsImageBoxFrame.*: Backported patch from + bz#255372. (Closes: #278046) + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in: Force locking + globally installed extensions, that will prevent extensions packages + files to be unexpectedly removed by firefox. + * debian/control: Add Mike Hommey as an Uploader. + * debian/mozilla-firefox.install: Removed content-packs.jar which is + mozilla-browser specific. + * debian/mozilla-firefox.dirs: + - Remove leading /'s. + - Create + /usr/lib/mozilla-firefox/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd} + /chrome directory so that preview is shown in the Themes Manager. Yes, + this is stupid, but it is the way firefox wants it (and it's not even + created by make install, nor in the official binary tarball. It is + only created at run time, but you know what ? under *nix, a normal + user can't create that directory) (Closes: #276404) + * debian/rules: Add a /etc/mozilla-firefox/pref/vendor.js file adding + the debian package version to the UserAgent. (Closes: #268654) + * debian/README.Debian: Update java instructions. I'd love some more + definitive pointers. (Closes: #277983) + + -- Eric Dorland <eric@debian.org> Tue, 26 Oct 2004 00:11:48 -0400 + +mozilla-firefox (0.10.1+1.0PR-3) experimental; urgency=low + + * debian/control: + - Rename the mozilla-firefox-gnome-vfs package + mozilla-firefox-gnome-support since it does more than vfs. No + need for Replaces or anything, since it never actually made it to + the archive. + - Remove strict build dependencies on g++ and binutils, since the + fixed versions have hit sarge. + - Remove hppa build depends, since gcc has also been fixed there. + - Build-depend on libgnome2-dev and libgconf2-dev to build in more + gnome support. + - Have mozilla-firefox recommend it's gnome support. + * debian/rules: + - Remove hppa CC redefinitions. + - Exclude *gnome* not just *gnomevfs*. + - dh_install for gnome-support. + * debian/mozilla-firefox-gnome-vfs.*: Rename to + mozilla-firefox-gnome-support.*. + * debian/mozilla-firefox-gnome-support.install: Grab *gnome*, not just + *gnomevfs*. + + -- Eric Dorland <eric@debian.org> Thu, 21 Oct 2004 23:04:53 -0400 + +mozilla-firefox (0.10.1+1.0PR-2) experimental; urgency=low + + * debian/mozilla-firefox-runner: + - Patch from Sam Morris to handle cleanup of directories with + unusual names. + - Fix return value check, patch from rgselk. (Closes: #269690) + * debian/mozilla-firefox.1: List full path to firefox-bin. (Closes: + #275563) + * debian/rules: + - --with-gssapi=/usr, enable Negotiate extension. (Closes: + #274258) + - Enable gnomevfs support, + * debian/control: + - Build-depend on libkrb5-dev. + - Build-depend on libgnomevfs2-dev. + - New gnomevfs package, based on work by Mike Hommey. (Closes: + #262062) + * debian/mozilla-firefox-gnome-vfs.post{inst,rm}: Added, same as + corresponding files from mozilla-firefox-dom-inspector. + * debian/mozilla-firefox-gnome-vfs.install: Install gnomevfs components. + * browser/app/profile/firefox.js: Set + network.negotiate-auth.trusted-uris to https:// to enable the + negotiate extension over secure links. + * config/rules.mk: Tweak patch from Thiemo Seufer to include svg_doc in + non-optimization. (Closes: #273353) + + -- Eric Dorland <eric@debian.org> Sun, 17 Oct 2004 21:25:08 -0400 + +mozilla-firefox (0.10.1+1.0PR-1) experimental; urgency=critical + + * New upstream release, fixes security issue bz#259708. (Closes: + #274493) + + -- Eric Dorland <eric@debian.org> Sun, 3 Oct 2004 03:32:43 -0400 + +mozilla-firefox (0.10+1.0PR-1) experimental; urgency=low + + * New upstream release. (Closes: #273700, #267003) + * toolkit/mozapps/extensions/src/nsExtensionManager.js.in, + netwerk/dns/src/nsIDNService.cpp, + modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp, + gfx/src/windows/nsImageWin.cpp, gfx/src/shared/gfxImageFrame.cpp, + browser/app/profile/firefox.js: Resolve conflicts between my tree and + upstream. + * browser/app/Makefile.in: Fix $(DESTDIR) variable. + * accessible/src/atk/nsAccessibleWrap.cpp, + accessible/src/atk/nsAccessibleWrap.h: Apply patch from bugzilla for + alpha fix that's more likely to make it into CVS. + * debian/update-mozilla-firefox-chrome: Patch from Mike Hommey to make + update-mozilla-firefox-chrome more verbose on -v. + * debian/rules: + - Remove typeaheadfind for new find toolbar to work. (Mike Hommey) + (Closes: #267170) + - Changes to reflect new upstream files. + * debian/control: + - Remove build-depend on libcairo-dev. + - Build depend on libxt-dev, seems to be necessary now. (Closes: + #274311) + * debian/docs: Removed, as browser/README.html disappeared. (Mike Hommey) + * debian/mozilla-firefox.dirs: + - Changes to reflect new upstream files. + - Removed obsolete libnullplugin.so. + * debian/mozilla-firefox.install: + - Remove .jar's that aren't there anymore. + - Removed obsolete libnullplugin.so. + * debian/mozilla-firefox-dom-inspector.dirs, + debian/mozilla-firefox-dom-inspector.install, debian/rules: Upstream + doesn't consider DOM Inspector as a real extension, and do not provide + the appropriate files to make it appear in the extensions + manager. Removed all the extension related stuff in the package. (Mike + Hommey) + * other-licenses/libart_lgpl: Removed, was for SVG, no longer needed. + * modules/plugin/samples/default/unix/*: Reverted debian specific + changes, we don't want them in the diff since libnullplugin won't get + installed. + + -- Eric Dorland <eric@debian.org> Fri, 1 Oct 2004 18:50:46 -0400 + +mozilla-firefox (0.9.3-6) unstable; urgency=high + + * gfx/src/gtk/fontEncoding.properties: Uncomment symbol fonts. (Closes: + #272927) + * debian/control: Build-depend on binutils (>= 2.15-4) but only on mips + and mipsel. (Closes: #273353) + * configure.in, configure, rules.mk: Patch from Thiemo Seufer to + increase stability and performance on mips. (Closes: #272159) + * debian/mozilla-firefox-runner: Detect failure of ping() + better. (Closes: #267393) + * layout/html/document/src/html.css: Testing fix for xprint problems. + + -- Eric Dorland <eric@debian.org> Mon, 27 Sep 2004 17:07:37 -0400 + +mozilla-firefox (0.9.3-5) unstable; urgency=high + + * debian/update-mozilla-firefox-chrome: Apply another patch form Mike + Hommey to fix a few more issues in the script. (Closes: #271480) + * Fixes to Secunia security bugs, ported from bugzilla: + (Closes: #271888) + - browser/base/content/browser.js, + xpfe/communicator/resources/content/contentAreaDD.js: Fix for + drag and drop exploit, bz#250862. + - caps/include/nsScriptSecurityManager.h, caps/src/caps.properties, + caps/src/nsScriptSecurityManager.cpp: Fix for enablePrivilege + exploit, bz#253942. + - gfx/src/shared/gfxImageFrame.cpp, gfx/src/windows/nsImageWin.cpp, + modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp: Fix for various + overflows in the BMP code, bz#255067. + - netwerk/dns/src/nsIDNService.cpp: Fix for bug in non-ASCII + characters in domain names, bz#256316 + - content/xbl/src/nsXBLPrototypeHandler.cpp: Clipboard injection + fix, bz#257523. + + -- Eric Dorland <eric@debian.org> Thu, 16 Sep 2004 20:06:47 -0400 + +mozilla-firefox (0.9.3-4) unstable; urgency=high + + * Urgency high, go into testing dammit! + * Apply patch from Mike Hommey as -3.1, which wasn't actually + released. See below. (Closes: #271480) + * debian/rules: Patch from Matthew Mueller to fix underquoted + argument. (Closes: #271432) + * debian/control: Build depend on binutils (>= 2.15-3) with fixed mips + support. We still need a fixed gcc. + + -- Eric Dorland <eric@debian.org> Mon, 13 Sep 2004 20:41:27 -0400 + +mozilla-firefox (0.9.3-3.1) unstable; urgency=low + + * debian/rules: removed + /usr/lib/mozilla-firefox/defaults/profile/extensions/installed-extensions.txt + * debian/update-mozilla-firefox-chrome: + + Added a "verbose" mode. + + Added warning messages (only shown in verbose mode) about some + extensions specific issues. This is intended to be useful for extensions + maintainers. + + Check if the installed-extensions.txt file disappears, which tells if the + mozilla-firefox -register went ok. + * debian/update-mozilla-firefox-chrome.8: + + Fixed typos. + + Added reference to the -v option for the verbose mode. + * debian/mozilla-firefox-runner: enhanced the profile directory check. It + didn't work if the path indicated in the profiles.ini was not absolute. + + -- Mike Hommey <mh@glandium.org> Mon, 13 Sep 2004 20:31:21 +0900 + +mozilla-firefox (0.9.3-3) unstable; urgency=high + + * Acknowlege NMU from Mike Hommey. He did a fantastic job in porting a + large amount of fixes from upstream CVS. I owe him several large + beverages of his choice. (Closes: #259046, #259836) + * Port all of Mike's changes to my local CVS. + * debian/mozilla-firefox-runner: + - Pass command-line arguments to get_locale so they can actually + be used. (Closes: #240058) + - Apply patch from Mike Hommey to use the profiles.ini to find the + path to the profile to clean XUL.mfasl. (Closes: #267326) + * debian/update-mozilla-firefox-chrome: Patch from Mike Hommey to fix + some bashisms introduced by his NMU. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_mips.s, + xpcom/reflect/xptcall/src/md/unix/xptcinvoke_mips.cpp, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4, + xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s: Patch from + Thiemo Seufer to fix mips. This requires patches to gcc and binutils + to work and fully close #270621. + + -- Eric Dorland <eric@debian.org> Wed, 8 Sep 2004 21:13:35 -0400 + +mozilla-firefox (0.9.3-2.2) unstable; urgency=high + + * The "never edit the diff file unless you're sure nothing will be + missing" release. + * debian/mozilla-firefox.prerm: restore the uncut version. + * debian/control, debian/rules: Use gcc-3.2 to build on hppa, because of + toolchain bug #254549. + + -- Mike Hommey <mh@glandium.org> Mon, 23 Aug 2004 19:45:54 +0900 + +mozilla-firefox (0.9.3-2.1) unstable; urgency=high + + * Non Maintainer Upload for RC Fixes. + * Applied changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in + and toolkit/mozapps/extensions/locale/extensions.properties to solve some + issues with extensions management. (taken from CVS) + * Applied other changes to + toolkit/mozapps/extensions/src/nsExtensionManager.js.in, + toolkit/mozapps/extensions/public/nsIExtensionManager.idl and + mozilla/toolkit/xre/nsAppRunner.cpp to be able to use -register + instead of -list-global-items for extensions/components/chrome + registration through update-mozilla-firefox-chrome, thus not needing + Xvfb anymore (-register option doesn't require a X server). + (taken from CVS) + * Applied some more changes to + toolkit/mozapps/extensions/src/nsExtensionManager.js.in in order to + avoir overlayinfo deletion during extensions registration process. + (taken from CVS) + * Final changes to toolkit/mozapps/extensions/src/nsExtensionManager.js.in + to avoid registering out of date extensions so that firefox doesn't enter + a loop at startup when no profile was found, and to only write in the + installed-extensions-processed.txt file the list of actually installed + extensions. Note that for packaged extensions installing their files + directly into the chrome or components directories, that only means they + won't appear in the Extensions Manager. They will still be available in + the GUI. + * All these fixes improve the Extensions Manager. Closes: #259046. + * accessible/src/atk/nsAccessibleWrap.cpp, + accessible/src/atk/nsAccessibleWrap.h: fixed 32-bit abuse of gobject + (Steve Langasek). Closes: #259836. + * debian/control: Removed dependency upon xvfb. + * debian/update-mozilla-firefox-chrome: + + Removed use of Xvfb. + + Removed creation of a root default profile, but kept the fake home + hack to avoid creation of a .mozilla directory in root's home. + + Changed extensions handling so that the overall process is cleaner. + Extensions packages will have to move extensions {uid} directories + to /usr/lib/mozilla-firefox/extensions/, while the current location + is still supported for compatibility purpose (but is strongly not + recommended). + + Removed use of regxpcom and regchrome, since what they both do is + done by firefox-bin -register. + * debian/rules: force GnomeVFS support to be disabled. (Josselin Mouette) + * debian/README.Debian: + + Added a note about potential problems with packaged "old" extensions. + + Added a note about how to manually disable packaged extensions in user + profile. + + Removed some old notes that don't apply anymore. + * debian/mozilla-firefox-dom-inspector.install, debian/rules: Move + extensions files to /usr/lib/mozilla-firefox/extensions/ instead of + /usr/lib/mozilla-firefox/defaults/profile/extensions/. + * debian/mozilla-firefox.links: Move installed-extensions.txt symlink + from /usr/lib/mozilla-firefox/defaults/profile/extensions/ to + /usr/lib/mozilla-firefox/extensions/. + * debian/mozilla-firefox.prerm: More cleanup on removal of package. + + -- Mike Hommey <mh@glandium.org> Sun, 22 Aug 2004 21:43:47 +0900 + +mozilla-firefox (0.9.3-2) unstable; urgency=low + + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4: Comment out + NARGSAVE, like I did in 0.9.1-7, should fully fix #262571. + * debian/mozilla-firefox.preinst: Remove brace expansion + bashism. (Closes: #264200) + * debian/control: Depend on debianutils (>= 1.16) since we use mktemp + -d. (Closes: #263958) + * debian/mozilla-firefox-runner: Make -contentLocale COUNTRY, not + lang-COUNTRY. (Closes: #263940) + + -- Eric Dorland <eric@debian.org> Sun, 8 Aug 2004 23:41:02 -0400 + +mozilla-firefox (0.9.3-1) unstable; urgency=low + + * New upstream release. (Closes: #263193) + * debian/update-mozilla-firefox-chrome.8: Add manpage from Mark Suter + for update-mozilla-firefox-chrome.8. (Closes: #263149) + * debian/mozilla-firefox.manpages: Add update-mozilla-firefox-chrome.8. + * debian/control: Add build-deps on gcc-3.4 for amd64. (Closes: #262679) + + -- Eric Dorland <eric@debian.org> Wed, 4 Aug 2004 20:21:22 -0400 + +mozilla-firefox (0.9.1-7) unstable; urgency=low + + * debian/mozilla-firefox-runner: + - Reintroduce check for command-line arguments (I broke this last + release). (Closes: #262692, #262462, #262537, #262588, #262727) + - Allow overriding of -contentLocale and -UILocale. (Closes: + #240058) + * xpcom/reflect/xptcall/src/md/unix/xptcinvoke_asm_mips.s: Comment out + NARGSAVE reassignment, it is defined elsewhere. (Closes: #262571) + * debian/rules: Force amd64 to build with gcc 3.4. (Closes: #262679) + + -- Eric Dorland <eric@debian.org> Mon, 2 Aug 2004 10:16:46 -0400 + +mozilla-firefox (0.9.1-6) unstable; urgency=low + + * widget/src/gtk2/keysym2ucs.c: Patch from Eugeniy Meshcheryakov to + allow mozilla firefox to enter a ghe with upturn. (Closes: #261543) + * debian/mozilla-firefox-runner: + - Remove some mail and composer cruft. + - Add warning if DISPLAY is not set. (Closes: #261465) + + -- Eric Dorland <eric@debian.org> Thu, 29 Jul 2004 22:49:59 -0400 + +mozilla-firefox (0.9.1-5) unstable; urgency=low + + * debian/control: Goodbye mozilla-firebird transition package. + * debian/mozilla-firefox-runner: Add -a firefox flag when running + firefox-bin. (Closes: #259237) + * debian/mozilla-firefox.desktop: Add GenericName field. + * debian/update-mozilla-firefox-chrome: Fix quoting problem with + {*}. (Closes: #257243) + * debian/rules: + - Re-enable postscript printing support, since the security + issues turned out to be bogus. (Closes: #257628) + - Disable SVG support, it's still too broken to be usable. + (Closes: #259544) + + -- Eric Dorland <eric@debian.org> Sun, 18 Jul 2004 20:09:14 -0400 + +mozilla-firefox (0.9.1-4) unstable; urgency=low + + * The "Let's try unstable" release. There are still issues, but there + are issues with 0.8 as well, so no more point in waiting. + * debian/update-mozilla-firefox-chrome: + - Copy over empty Extensions.rdf file on update. (Closes: #257243) + - Increase sleep to 15 seconds, hopefully this will work on most + people's machines. + * My apologies to Mike Hommey for mispelling his name in last release. + + -- Eric Dorland <eric@debian.org> Sun, 11 Jul 2004 23:51:24 -0400 + +mozilla-firefox (0.9.1-3) experimental; urgency=low + + * Ok, I was wrong, we're still in experimental. I think we need to fix a + few more issues before getting this in unstable, like #257258, and + make sure the hacky extensions mechanism is more bullet-proof. + * debian/rules: --disable-installer, since we don't use it. + * debian/update-mozilla-firefox-chrome: + - Wait 8 seconds instead of 5 for the hack, might help some + people reporting problems. + - Remove ${LIBDIR}/extensions/{*}. I may move that to + /var/lib/mozilla-firefox eventually, but let's leave it for now. + * debian/mozilla-firefox.png.uu: Make a nicer png icon, based on the + about box graphic. + * debian/mozilla-firefox.preinst: Remove old config files in + /etc/mozilla-firefox/pref. (Closes: #257711, 257557) + * browser/app/profile: firefox.js: Revert change to app.version, + apparently it breaks extensions. (Closes: #257941) + + -- Eric Dorland <eric@debian.org> Wed, 7 Jul 2004 21:26:55 -0400 + +mozilla-firefox (0.9.1-2) experimental; urgency=low + + * The "Mike Homey, lord of the bugs" release. Thanks to Mike for being a + huge help with bug triage. That's right, help with bugs and your name + could have a prestigious place in the changelog. + * I'd like my next release to be to unstable, so let me know about + profile transition bugs, etc. + * debian/control: Build-depend on libcairo1-dev. + * debian/rules: Enable svg support using cairo renderer. (Closes: + #215990) + * debian/mozilla-firefox-xremote-client: Add -a firefox switch to make + the remote client find firefox only. Thanks Jonathan Black. (Closes: + #256967) + * debian/mozilla-firefox.desktop: Make comment Gnome HIG + compliant. (Closes: #257592) + * browser/app/profile/firefox.js: + - app.version = 0.9.1. + - Disable app updates by default. We're debian, we handle updates. + * debian/update-mozilla-firefox-chrome: + - Remove installed-extensions-processed.txt before regenerating. + (Closes: #257243) + - Take some, but not all advice from Alexandru Fomin. Improve Xvfb + and extension registration hacks. + + -- Eric Dorland <eric@debian.org> Sun, 4 Jul 2004 16:58:17 -0400 + +mozilla-firefox (0.9.1-1) experimental; urgency=low + + * New upstream release. + * config/autoconf.mk.in: Alright, /usr/lib/firefox-0.9 was a bad idea, + use /usr/lib/mozilla-firefox. Change all the instances + /usr/lib/firefox-0.9 back to /usr/lib/mozilla-firefox. I feel + silly. (Closes: #256991) + * debian/mozilla-firefox-runner: Actually check for the existence of the + .mozilla/firefox directory before trying to clean it. + * debian/update-mozilla-firefox-runner: + - Call firefox-bin, not firefox you silly goose. + - Use mozilla-firefox tempfile, not mozilla-browser. + - The horrible hackiness continues: For my previous hack to work, + I need to preseed a profile directory in the home directory I + create. Now things should work. (Closes: #256812) + + -- Eric Dorland <eric@debian.org> Thu, 1 Jul 2004 17:16:29 -0400 + +mozilla-firefox (0.9-1) experimental; urgency=low + + * New upstream release. There may be regressions from 0.8. (Closes: + #254522) + * widget/src/gtk/nsGtkMozRemoteHelper.cpp, + widget/src/gtk2/nsGtkMozRemoteHelper.cpp, + widget/src/xremoteclient/XRemoteClient.cpp: Fix previously applied to + fix -remote behaviour undone. Mozilla now includes the program name in + the properties to distinguish between various Mozilla apps. + * xpcom/reflect/xptcall/src/md/unix/Makefile.in: remove extra endif. + * dom/public/idl/core/nsIDOMNSDocument.idl: Reintroduce referrer + attribute that got lost somehow. + * content/events/src/nsEventStateManager.cpp: Fix a strange broken + function call to GetContainer. + + * debian/rules: + - Follow upstream and --enable-single-profile and + --disable-profilesharing. + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - --user-app-dir=.mozilla to jive with new location. + - Remove dom-inspector extension dir from the regular package. + * debian/control: Depend on xvfb for insane hack below. + * debian/mozilla-firefox.install: + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - Remove ipc dir, mozipcd. + - Add init.d, greprefs dirs. + * debian/mozilla-firefox.dirs: + - Add /var/lib/mozilla-firefox/extensions{,.d} + * debian/mozilla-firefox-dom-inspector.dirs: Add + /var/lib/mozilla-firefox/extensions.d. + * debian/mozilla-firefox-dom-inspector.install: + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - Install dom-inspector extension dir. + * debian/mozilla-firefox.links: + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - Link /usr/lib/mozilla-firefox to /usr/lib/firefox-0.9. + - Link installed-extensions.txt to our place in + /var/lib/mozilla-firefox. + * debian/mozilla-firefox-runner: + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - Fix xprintorg typo. (Closes: #255706) + - Search .mozilla/firefox for XUL.mfasl files. + * debian/mozilla-firefox-xremote-client: Replace + /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + * debian/update-mozilla-firefox-chrome: + - Replace /usr/lib/mozilla-firefox with /usr/lib/firefox-0.9. + - Capture return values from reg* commands on error, stolen + from mozilla source. + - Remove returns from check_running. + - Pull in snippets from /var/lib/mozilla-firefox/extensions.d + to generate installed-extensions.txt for new extensions mechanism. + - An insane hack, but necessary because of upstream: Launch a Xvfb + to run firefox to generate the necessary extension metadata. I've + been told this will not be necessary in the next version. + + -- Eric Dorland <eric@debian.org> Mon, 28 Jun 2004 23:40:59 -0400 + +mozilla-firefox (0.8-12) unstable; urgency=low + + * The "Last Chance Before 0.9" release. + * debian/mozilla-firefox-runner: Fix unescaped \n, thanks Olly + Betts. (Closes: #252436) + * debian/update-mozilla-firefox-chrome: Watch out for empty + LD_LIBRARY_PATH. Thanks George Cristian Birzan. (Closes: #254142) + * debian/README.Debian: Restructure and update a bit. + * debian/presubj: Add bug information from README.Debian for reportbug. + * debian/mozilla-firefox.install: Install the presubj. + + -- Eric Dorland <eric@debian.org> Mon, 14 Jun 2004 19:39:27 -0400 + +mozilla-firefox (0.8-11) unstable; urgency=low + + * Apply amd64 fix from #249211. + * debian/README.Debian: Shamelessly stole the java plugin installation + instructions from the mozilla package. (Closes: #243513) + * nsCommonWidget.cpp, nsCommonWidget.h, nsWindow.cpp: Apply patch (with + some hand massaging) from upstream bugzilla bug #209342 to fix initial + window placement. (Closes: #235209, 241519) + * nsprpub/pr/src/misc/prnetdb.c: Apply patch from Miquel van Smoorenburg + to prevent unless reverse DNS lookups. (Closes: #251978) + * debian/mozilla-firefox-runner: Apply patch from Jasper Spaans to fix + remote xprint printing. (Closes: #252072) + + -- Eric Dorland <eric@debian.org> Tue, 1 Jun 2004 23:12:36 -0400 + +mozilla-firefox (0.8-10) unstable; urgency=low + + * debian/mozilla-firefox.install: Don't install uuencoded file. (Closes: + #251441) + * debian/mozilla-firefox-runner: unset AUDIODEV which can cause + crashes. Thanks Christopher Armstrong. (Closes: #236231) + * update-mozilla-firefox-chrome: Port security fix from #249613 to + handle insecure tempfile creation. + * debian/rules: Following the advice of #247585 I'm disabling postscript + printing. Perhaps this will alleviate some of the other printing + problems. + + -- Eric Dorland <eric@debian.org> Sun, 30 May 2004 01:47:52 -0400 + +mozilla-firefox (0.8-9) unstable; urgency=low + + * debian/control: + - Suggest latex-xft-fonts for MathML fonts. Thanks Michael + JasonSmith. (Closes: #216925) + - Build depend on libx11-dev & libxp-dev instead of xlibs-dev to + reflect new X packages. + * widget/src/gtk2/nsWindow.cpp: Apply patch from Peter Colberg to ignore + unused mouse buttons. (Closes: #244305) + * debian/README.Debian: Document the fact that the loopback interface + has to be up and unfiltered for things to work right. + + -- Eric Dorland <eric@debian.org> Wed, 5 May 2004 23:30:42 -0400 + +mozilla-firefox (0.8-8) unstable; urgency=low + + * security/nss/lib/freebl/unix_rand.c: Remove code that called netstat + to gain so entropy. It's pretty useless on a Linux system. Thanks + Wichert. (Closes: #241200) + * debian/README.Debian: Add note about changing the button order in the + dialog boxes. (Closes: #240261) + * debian/control: Add dummy package for mozilla-firebird to smooth + upgrades. (Closes: #235577) + + -- Eric Dorland <eric@debian.org> Sat, 3 Apr 2004 16:19:34 -0500 + +mozilla-firefox (0.8-7) unstable; urgency=low + + * debian/mozilla-firefox-runner: + - Cleanup XUL.mfasl whenever firefox is run with no + command-line. (Closes: #238717) + - Add patch from Laurent Buffler to add config to allow + new tabs to be opened instead of new windows. (Closes: #239323) + * debian/mozilla-firefoxrc: Put the new FIREFOX_OPEN_IN variable in + there and document it's use. + + -- Eric Dorland <eric@debian.org> Sat, 27 Mar 2004 17:21:51 -0500 + +mozilla-firefox (0.8-6) unstable; urgency=low + + * debian/control: Build-depend on g++-3.3 (>= 3.3.3-4) to work around + broken 3.3.3-3 release. (Closes: #238318, #238241, #238441, #238523, + #238534) + * debian/rules: Install new small-firefox icon. + * debian/mozilla-firefox{.png, .xpm, -small.xpm}: Use the new DFSG-free + icons, the old pretty ones are trademarked and not DSFG-free. I know, + it's stupid. Complain to the Mozilla Foundation, not me. (Closes: + #234869) + + -- Eric Dorland <eric@debian.org> Sun, 21 Mar 2004 22:09:16 -0500 + +mozilla-firefox (0.8-5) unstable; urgency=low + + * Rebuild with g++-3.3 3.3.3-2 to work around broken g++. (Closes: + #238318) + + -- Eric Dorland <eric@debian.org> Wed, 17 Mar 2004 21:38:58 -0500 + +mozilla-firefox (0.8-4) unstable; urgency=low + + * debian/README.Debian: + - Tell people not to remove their ~/.firefox directory. Just move it + out of the way. (Closes: #235594) + - Add notes about the sound dsp. (Closes: #236678) + * debian/mozilla-firefox-runner: + - Don't redirect stderr. (Closes: #236160) + - Add get_locale code from Aurelien Jarno (Closes: #235521) + - Fix dsp auto-detection code. (Closes: #236678) + * debian/rules: Add default locale file. + * debian/mozilla-firefox.dirs: Add locales dir. + + * browser/app/profile/all.js, + content/events/src/nsEventStateManager.cpp, + modules/libpref/src/init/all.js, widget/public/nsGUIEvent.h, + widget/src/gtk/nsWidget.cpp: Reapply extended mouse events patch from + Derek Upham. (Closes: #235385, #230876) + * browser/base/content/browser-sets.inc: Make ESC stop animations + again. (Closes: #235474) + + -- Eric Dorland <eric@debian.org> Tue, 16 Mar 2004 00:31:19 -0500 + +mozilla-firefox (0.8-3) unstable; urgency=low + + * debian/mozilla.firefox.menu: Change the case of + mozilla-Firefox. (Closes: #234982, #234755) + * debian/NEWS.Debian: Move to debian/mozilla-firefox.NEWS so that it + actually gets installed. (Closes: #234700) + * debian/update-mozilla-firefox-chrome: Setup dummy home directory to + capture silly .firefox directory. (Closes: #234855) + * debian/mozilla-firefox.png.uu, debian/mozilla-firefox.xpm: Use the + new, pretty mozilla-firefox icons. (Closes: #234869) + * debian/rules: Install the pretty icon in the right places. + + -- Eric Dorland <eric@debian.org> Thu, 26 Feb 2004 21:10:27 -0500 + +mozilla-firefox (0.8-2) unstable; urgency=low + + * The "what he taketh, he giveth back" release. + * debian/rules: + - Disable the wallet extension, this really closes: #222447. + - Remove some more cruft left over from the patch system. + - Reinstall the dom-inspector. + * debian/control: Add the dom-inspector back, now that it is supported + upstream. + * debian/mozilla-firefox-dom-inspector.{install,dirs,postinst,postrm}: + Bring these files back. + * docshell/base/nsWebShell.cpp: Only do keyword lookup on when DNS + entries don't exist. (Closes: #233916, #218033, #211524) + + -- Eric Dorland <eric@debian.org> Mon, 23 Feb 2004 21:48:03 -0500 + +mozilla-firefox (0.8-1) unstable; urgency=low + + * The "Let's Change Our Name Every Other Day" release. + * New upstream release, mozilla-firebird has been renamed to + mozilla-firefox. Let's hope it lasts. (Closes: #231903, #222447) + * debian/mozilla-firebird.*: Renamed to debian/mozilla-firefox.*. + + * debian/README.Debian: Update for firefox, remove blurb about the + inspector. + * debian/NEWS.Debian: Explain how to move your configs over. I may make + this automatic if enough people complain, but I'm loathe to muck + around in pople's home directories. + + * debian/control: + - Rename the package. + - Tweak description to list Firefox's previous aliases. + - Remove conflicts on mozilla-firebird-dom-inspector. + + * debian/rules: + - s/firebird/firefox/g, s/MozillaFirebird/firebird/g. + - Comment out some old inspector code. + - Remove unused patch subsystem. + - Disable gtktest. We don't need no stinking tests. + - Remove disable plaintext editor line, not sure why it's there. + - Disable LDAP support. We don't use it. + - Remove executable bit on *.so files. + - Remove useless preference files. + - Exclude the inspector files. + - Don't remove installed-chrome, we don't install it anymore. + - user-app-dir = .firefox. (Closes: #212301) + - export MOZILLA_OFFICIAL for the build ID. (Closes: #231133) + + * debian/mozilla-firefox-runner: + - s/firebird/firefox/g. + - Remove composer and editor functions. + - Use .firefox directory. + + * debian/mozilla-firefox.install: + - s/firebird/firefox/g, s/MozillaFirebird/firefox/g. + - Don't install timebombgen. + - Install icons directory. + - Don't install installed-chrome.txt, we just remove it anyway. + + * debian/mozilla-firefox.desktop, debian/mozilla-firefox.dirs, + debian/mozilla-firefox.manpages, debian/mozilla-firefox.links, + debian/mozilla-firefox.menu, debian/mozilla-firefox.mime, + debian/mozilla-firefoxrc, debian/mozilla-firefox.postinst, + debian/mozilla-firefox.prerm, debian/update-mozilla-firefox-chrome, + debian/mozilla-firefox.1, debian/mozilla-firefox-xremote-client: + s/firebird/firefox/g, s/MozillaFirebird/firefox/g. + + * debian/mozilla-firefox.links: Link mozilla-firefox.1 to firefox.1. + + * debian/mozilla-firefox.preinst: Remove, at least with the rename I can + erase some of my previous blunders. + + * debian/mozilla-firefox.{png.uu,xpm}: Use the package icon. + + * browser/app/nsBrowserApp.cpp: Change package name to Firefox, so now + the ~/.firefox is used. (Closes: #196550) + + * browser/app/profile/all.js: Merge in autoscroll fixes. + * browser/base/content/browser-sets.inc: Merge in upstream stop button + fix. + * modules/plugin/samples/default/unix/nullplugin.c: Merge in removal of + commented code. + * nsprpub/pr/include/md/_linux.cfg, nsprpub/pr/include/md/_linux.h, + security/coreconf/Linux.mk: Merge in hppa build fixes from upstream. + * config/autoconf.mk.in: Install into /usr/lib/mozilla-firefox now. + * content/base/src/nsDocumentViewer.cpp: Remove redundant stop patch + since it has been merged upstream. + * content/events/src/nsEventStateManager.cpp, + modules/libpref/src/init/all.js, widget/src/gtk/nsWidget.cpp: Revert + back to upstream version. There was a patch here to add support for + extended mouse buttons, but I'm removing it since I don't trust that + it works in the new version correctly. Send me another patch if you + want this functionality back. + * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Revert this + back to upstream, I'm not sure which patches I applied to this file, + likely something to try and fix the double password prompt. + * widget/src/xremoteclient/XRemoteClient.cpp, + widget/src/xremoteclient/XRemoteClient.h: Revert to upstream version, + I believe it does the right thing now, but the patch I used does not + apppear to have been used. Restore the properties to _FIREFOX_* + though. + * widget/src/gtk/nsGtkMozRemoteHelper.cpp, + widget/src/gtk2/nsGtkMozRemoteHelper.cpp: Change the _FIREBIRD_* to + _FIREFOX_* here as well. + * content/base/src/nsDocument.cpp: Comment out nsDocument::GetDomConfig, + needed to get things to compile. + + -- Eric Dorland <eric@debian.org> Sun, 15 Feb 2004 21:28:45 -0500 + +mozilla-firebird (0.7-7) unstable; urgency=low + + * debian/mozilla-firebird-runner: Open a new window when loading a + regular file. (Closes: #228853) + + -- Eric Dorland <eric@debian.org> Thu, 29 Jan 2004 22:12:30 -0500 + +mozilla-firebird (0.7-6) unstable; urgency=medium + + * The "Indian-giver-christmas" release. + * Urgency medium since we're closing some critical bugs that need to get + in before a freeze. + * Completely remove mozilla-firebird-dom-browser. No one stepped up to + help fix it's brokeness in 0.7 and I don't use it or particularly care + about it. So it is no more. If someone steps up to take responsibility + I might put it back, but otherwise it may RIP. (Closes: #222085) + * debian/mozilla-firebird-runner: Remove XUL.mfasl uncoditionally + now. There is a corner case where this file is corrupted on upgrade + when firebird was running. This is a total hack, and not an elegant + solution, but at least it fixes the problem. (Closes: #224779, + #224323) + * debian/control: Conflict against old mozilla-firebird-dom-inspector + since it doesn't work anymore. + + -- Eric Dorland <eric@debian.org> Thu, 25 Dec 2003 15:54:21 -0500 + +mozilla-firebird (0.7-5) unstable; urgency=low + + * browser/base/content/browser-sets.inc: Patch to make ESC stop actually + work. (Closes: #223382) + * debian/rules: Turn down optimizations on sparc. (Closes: #223760) + + -- Eric Dorland <eric@debian.org> Sun, 14 Dec 2003 23:01:59 -0500 + +mozilla-firebird (0.7-4) unstable; urgency=low + + * The "All of Takuo's hard work really pays off" release. + * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: Patch from + upstream bugzilla (#220214) to fix double password prompt + problem. (Closes: #222696) + * xpcom/reflect/xptcall/src/md/unix/xptcstubs_asm_mips.s.m4: Stolen + patch from mozilla package to make mozilla-firebird build on + mips. (Closes: #222743) + * content/base/src/nsDocumentViewer.cpp: Port yet another patch to allow + the ESC key to stop animated gifs. (Closes: #223382) + + -- Eric Dorland <eric@debian.org> Mon, 8 Dec 2003 23:59:16 -0500 + +mozilla-firebird (0.7-3) unstable; urgency=low + + * debian/control: Add dependency on psmisc since we use fuser. Thanks + Daniel Schröter. + * widget/src/xremoteclient/XRemoteClient.{cpp,h}: Apply patch from + bugzilla to fix -remote behaviour on modern WMs. Thanks Nikolai + Prokoschenko. (Closes: #197632) + * nsprpub/pr/src/misc/prdtoa.c: Apply fix from mozilla package (#215067) + to fix building on arm. This is a partial fix to #222743. + * debian/patches: Remove these. Put everything in CVS. + + -- Eric Dorland <eric@debian.org> Fri, 5 Dec 2003 20:03:46 -0500 + +mozilla-firebird (0.7-2) unstable; urgency=low + + * Apply excellent patch from Alexander Sack <asac@jwsdot.com> to fix the + issues with mozilla running and firebird not starting. (Closes: + #216264) + * browser/app/profile/all.js: Set the default of "general.autoScroll" to + false because it annoyes me. (Closes: #221661) + + -- Eric Dorland <eric@debian.org> Wed, 19 Nov 2003 20:59:55 -0500 + +mozilla-firebird (0.7-1) unstable; urgency=low + + * New upstream release. (Closes: #216019) + * debian/patches/dom-inspector.diff: Remove, and apply directly into my + CVS. + * debian/patches/pref.diff: Removed, doesn't seem applicable anymore. + * debian/rules: export MOZ_FIREBIRD=1. + * debian/control: + - Change Chimera to Camino. (Closes: #220821) + - Fix typos in descriptions. (Closes: #218202) + - Add build-deps on m4. (Closes: #219681) + + -- Eric Dorland <eric@debian.org> Wed, 12 Nov 2003 23:01:35 -0500 + +mozilla-firebird (0.6.1-8) unstable; urgency=low + + * Apply patch to make forward and back buttons work on mice. (Closes: + #211606) + * debian/rules: Use -O optimization on alpha, so it will build + again. (Closes: #213603) + + -- Eric Dorland <eric@debian.org> Fri, 3 Oct 2003 00:07:44 -0400 + +mozilla-firebird (0.6.1-7) unstable; urgency=low + + * Rebuild with the latest and greatest from unstable. This seems to fix + the problems with bookmarks people were having, at least for me. No + idea why. Please reopen if this doesn't fix it for you. (Closes: + #209339, #211706, #211286, #211146, #212011) + + -- Eric Dorland <eric@debian.org> Mon, 22 Sep 2003 00:00:08 -0400 + +mozilla-firebird (0.6.1-6) unstable; urgency=low + + * Patch from Eric Wong <normalperson@yhbt.net> to make plugin requests + less annoying. (Closes: #196609) + * debian/rules: Stop building libart. + * debian/mozilla-firebird.links: Fix path to bookmarks file. (Partial + fix to #211286) + + -- Eric Dorland <eric@debian.org> Wed, 17 Sep 2003 20:22:56 -0400 + +mozilla-firebird (0.6.1-5) unstable; urgency=low + + * The "sorry Chris Gray" release. + * debian/rules: disable SVG. This was causing drag and drop to lock up + X and possibly fixes #208630. (Closes: #209371) + * debian/mozilla-firebird-runner: Remove XUL.mfasl if we have upgraded, + since it can cause problems. (Closes: #200073, #202130, #207351) + + -- Eric Dorland <eric@debian.org> Sat, 13 Sep 2003 20:15:37 -0400 + +mozilla-firebird (0.6.1-4) unstable; urgency=low + + * The "pleasing Chris Gray" release. + * other-licenses/libart_gpl: Add this library for svg. + * debian/rules: + - Enable svg. + - Move bookmarks.html file into /etc. (Closes: #207398) + * debian/mozilla-firebird.links: Add links back to files moved to /etc. + * security/coreconf/Linux2.6.mk: Add this as a copy of Linux2.5.mk to + get mozilla-firebird to build on 2.6. (Closes: #207821) + + -- Eric Dorland <eric@debian.org> Sun, 31 Aug 2003 04:40:30 -0400 + +mozilla-firebird (0.6.1-3) unstable; urgency=low + + * debian/mozilla-firebird.prerm: Remove mozilla alternative on + remove. (Closes: #205310) + * debian/debsearch.{gif.uu,src}: Debian search plugin graciously + contributed by Fergus McKenzie-Kay <Linux@NerdIT.com>. + * debian/rules: + - uudecode and clean up debsearch.gif.uu. + - Steal platform specific optimization code from mozilla + package. Thanks Brian Nelson. (Closes: #206309) + * debian/mozilla-firebird.install: Install the above files. + * debian/control: Update Standards-Version to 3.6.1. + + -- Eric Dorland <eric@debian.org> Sun, 24 Aug 2003 19:09:11 -0400 + +mozilla-firebird (0.6.1-2) unstable; urgency=low + + * The "Stop Pestering Me Already!" release. + * debian/control: Only recommend xprt-xprintorg, don't require + it. (Closes: #204176) + + -- Eric Dorland <eric@debian.org> Sun, 10 Aug 2003 20:00:11 -0400 + +mozilla-firebird (0.6.1-1) unstable; urgency=low + + * New upstream release. (Closes: #203518, #201203) + * debian/control: + - Standards-Version to 3.6.0. + - Don't provide www-browser anymore. (Closes: #201035) + - Depend on xprt-xprintorg so printing will work. (Closes: #202418) + * debian/mozilla-firebird.preinst: Remove www-browser alternative. + * debian/mozilla-firebird.postinst: Don't install www-browser alternative. + * debian/mozilla-firebird.prerm: Don't remove www-browser alternative + anymore. + * debian/README.Debian: Added note about configuration breaking on + upgrade. (Closes: #202130) + * debian/patches/classic.diff: Removed. Not sure what it's point was. + * debian/rules: Add --disable-pedantic to the configure options. + + -- Eric Dorland <eric@debian.org> Sun, 3 Aug 2003 14:58:12 -0400 + +mozilla-firebird (0.6-8) unstable; urgency=low + + * debian/patches/alpha-build-fix.diff: Steal patch from mozilla to allow + building on alpha. (Closes: #198638) + * debian/patches/hppa-build-fix.diff: Steal patch from mozilla to allow + building on hppa, clean it up so it applies cleanly. (Closes: #199068) + * debian/mozilla-firebird.png.uu: Added uuencoded nice png icon. + * debian/rules: Add code to decode and clean up the new icon file. + * debian/mozilla-firebird.install: Install new icon. + * debian/mozilla-firebird.desktop: Use the new icon. + + -- Eric Dorland <eric@debian.org> Fri, 27 Jun 2003 23:21:56 -0400 + +mozilla-firebird (0.6-7) unstable; urgency=low + + * debian/mozilla-firebird.1: Stole the mozilla manpage for my own + nefarious purposes. (Closes: #196638) + * debian/mozilla-firebird.postrm: Add slave links to the + mozilla-firebird manpage. (Closes: #197145) + * debian/mozilla-firebird-xremote-client: Set up the environment + properly so it returns correct information. (Closes: #197632) + * debian/mozilla-firebird.xpm: Added icon from + http://iconpacks.mozdev.org/phoenix/iconshots/flame48true.png to have + a nice menu icon. (Closes: #197565) + * Updated the README.Debian with some helpful bug reporting tips. + * debian/rules: Replaced dh_installmanpages with dh_installman. + + -- Eric Dorland <eric@debian.org> Sun, 22 Jun 2003 15:15:37 -0400 + +mozilla-firebird (0.6-6) unstable; urgency=low + + * debian/mozilla-firebird.postinst: Add priority 0 alternative on + mozilla. (Closes: #196444) + * debian/control: Add build-depends on libxrender-dev, libmng-dev, + libpng12-dev, libjpeg62-dev. + * debian/rules: + - Build with system jpeg, mng and png libs. + - Exclude inspector files from mozilla-firebird. + (Closes: #196432, #196509) + + -- Eric Dorland <eric@debian.org> Sat, 7 Jun 2003 15:19:23 -0400 + +mozilla-firebird (0.6-5) unstable; urgency=low + + * The "Mike Hommey is my homey" release. + * Thanks to Mike Hommey <mh@glandium.org> for his excellent work on this + version (it's 99% his), which I've shamelessly stolen. + * Added a README.Debian file. + * Added a separate mozilla-firebird-dom-inspector package. + * debian/patches/dom-inspector.diff: + - add DOM Inspector to Tools menu. (note: DOM Inspector is still + not very well integrated with Firebird) + - remove modern skin references. + * debian/patches/xpinstall.diff: remove unneeded chrome registrations + from xpinstall/packager/unix/browser.jst. + * debian/patches/classic.diff: remove + themes/classic/global/win/preview.gif from jar file and modify + preview image reference in rdf file to Preview.png. + * debian/patches/pref.diff: remove preview image constraints in + browser/components/prefwindow/skin/pref.css file to avoid deformation + of preview image in classic theme. + * debian/mozilla-firebird.preinst: added #DEBHELPER#. + * debian/mozilla-firebird.install: + - Don't install the modern.jar and embed-sample.jar files. + - Remove files related to dom-inspector. + * debian/rules: + - enabling xinerama support. + - disabling build of chatzilla and venkman. + - moved /var/lib/mozilla-firebird/chrome.d/99default to + /var/lib/mozilla-firebird/chrome.d/00all + - remove references to embed-sample.jar in + /var/lib/mozilla-firebird/chrome.d/00all + - Add some comments. + - Change == to =, for more strict /bin/sh's. + * debian/control: Build-Depend on libidl-dev (>= 0.8.0) because the + configure script requires at least this version. + * debian/copyright: Make this a real debian copyright file. + + -- Eric Dorland <eric@debian.org> Thu, 5 Jun 2003 01:00:32 -0400 + +mozilla-firebird (0.6-4) unstable; urgency=low + + * debian/rules: Change -O2 to -O for building on powerpc. + * debian/mozilla-firebird.preinst: Delete + /usr/lib/mozilla-firebird/defaults/pref on upgrade to facilitate + transition to prefs in /etc. Thanks to all who reported this. + + -- Eric Dorland <eric@debian.org> Tue, 27 May 2003 21:45:06 -0400 + +mozilla-firebird (0.6-3) unstable; urgency=low + + * First attempt at a debian upload. (Closes: #163270) + * debian/rules: + + Small fix to Mike Hommey's chrome patch. + + Suggestion from Bernhard R. Link to install + /usr/lib/mozilla-firebird/defaults/pref to + /etc/mozilla-firebird/pref + + Add dh_installmime call. + * debian/mozilla-firebird.mime: Install mime type handlers for firebird. + * debian/mozilla-firebird.links: Link + /usr/lib/mozilla-firebird/defaults/pref to /etc/mozilla-firebird/pref + * debian/mozilla-firebird.install: Don't install the inspector.jar. + + -- Eric Dorland <eric@debian.org> Mon, 26 May 2003 00:28:40 -0400 + +mozilla-firebird (0.6-2) unstable; urgency=low + + * debian/rules: + + Add --with-user-appdir=.mozilla-firebird, since it still + defaults to .phoenix. + + Don't use the ${prefix} variable, use /usr, since ${prefix} + doesn't seem to work. + + Use --without-system-nspr. + * debian/mozilla-firebird.install: + + Be picky about what chrome files we install, since there's + quite a few we don't need, and a bunch of empty dirs. + * Excellent patch from Mike Hommey <mh@glandium.org> to add a + update-mozilla-firebird-chrome script. + + -- Eric Dorland <eric@debian.org> Sat, 24 May 2003 13:00:44 -0400 + +mozilla-firebird (0.6-1) unstable; urgency=low + + * New upstream release. + * Renamed to mozilla-firebird. + * Changed phoenix to mozilla-firebird where appropriate. + * debian/mozilla-firebird.links: Add link mozilla-firebird to + MozillaFirebird. + * debian/control: + + Standars-Version to 3.5.10.0. + + Build-depend on gtk2 libs now. + + Build-depend on libidl-dev. + + Add Provides x-www-browser. + * debian/rules: + + Enable building with the gtk2 libs. + + Make mozilla-firebird-xremote-client executable in install target. + * debian/mozilla-firebird.desktop: Added gnome menu entry. + * debian/mozilla-firebird.{prerm,postinst}: Add alternatives to + www-browser and x-www-browser. + + -- Eric Dorland <eric@debian.org> Mon, 19 May 2003 20:43:39 -0400 + +phoenix (0.5-4) unstable; urgency=low + + * debian/control: Depend on fontconfig. + * debian/rules: Add source-tarball-from-cvs to build a orig tarball from + a checked out cvs tree. Now I can provide source package. And there + was much rejoicing. + + -- Eric Dorland <eric@debian.org> Fri, 17 Jan 2003 21:06:47 -0500 + +phoenix (0.5-3) unstable; urgency=low + + * debian/phoenix-xremote-client: Added to send remote commands to + phoenix. Just a wrapper that calls phoenix-bin -remote. + * debian/phoenix-runner: + + Use phoenix-xremote-client. + + Replace MOZILLA_DSP with PHOENIX_DSP. + * debian/phoenixrc: phoenix-runner uses this file to determine what dsp + to start. + * debian/phoenix.install: + + Install phoenix-xremote-client, and don't install + mozilla-xremote-client. + + Install phoenixrc. + + -- Eric Dorland <eric@debian.org> Mon, 23 Dec 2002 02:52:21 -0500 + +phoenix (0.5-2) unstable; urgency=low + + * debian/control: + + Add Provides: www-browser. + + Build-depend on libxft2-dev, libnspr-dev. + * debian/rules: + + Use xft and the system nspr. + + Install phoenix-runner. + * debian/phoenix-runner: Stolen from the mozilla package to run phoenix. + + -- Eric Dorland <eric@debian.org> Sat, 21 Dec 2002 02:03:11 -0500 + +phoenix (0.5-1) unstable; urgency=low + + * New upstream release. + * debian/phoenix.install: Fix paths to phoenix libs. + * debian/control: + + Standards-Version to 3.5.8 + + Improve build-deps. + * debian/rules: + + Have configure options here, no more .mozconfig. + + Steal some patch code from Colin. + * debian/patches/mozappdir.diff: Change the mozappdir. + + -- Eric Dorland <eric@debian.org> Mon, 9 Dec 2002 02:43:13 -0500 + +phoenix (0.4-3) unstable; urgency=low + + * debian/phoenix.menu: Add menu entry. + * Rebuild to fix libstdc++ dependency. + * .mozonfig: Disable more tests. + + -- Eric Dorland <eric@debian.org> Wed, 20 Nov 2002 19:13:18 -0500 + +phoenix (0.4-2) unstable; urgency=low + + * debian/control: + + Add build-depends. + + Fix section and description. + * .mozconfig: + + Use system zlib. + + -- Eric Dorland <eric@debian.org> Wed, 13 Nov 2002 19:03:52 -0500 + +phoenix (0.4-1) unstable; urgency=low + + * Initial release. + + -- Eric Dorland <eric@debian.org> Mon, 11 Nov 2002 23:09:41 -0500 |