[Pkg-mozext-commits] [SCM] mozilla noscript extension branch, master, updated. debian/2.6.5.9-1

Jérémy Bobbio lunar at debian.org
Fri Mar 15 19:25:17 UTC 2013 

The following commit has been merged in the master branch:
commit 419f658c69df8fd61f99781d6bd37cf5688d4dec
Author: Jérémy Bobbio <lunar at debian.org>
Date:   Fri Mar 15 18:56:41 2013 +0000

    Refresh upstream changelog

diff --git a/debian/upstream-changelog b/debian/upstream-changelog
index 64c931d..e6cd2fc 100644
--- a/debian/upstream-changelog
+++ b/debian/upstream-changelog
@@ -1,5 +1,91 @@
 [+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic change
 
+v 2.6.5.9
+=========================================================================
+x Fixed outlook.com UI broken in Nightly by work-around for bug 677050
+  (thanks Raùl Duràn of Microsoft for troubleshooting help)
+- Removed STS support for Gecko >= 4, which provides built-in HSTS
+x Work around for multiple object creation causing UI inconsistencies
+  (thanks al_9x for reporting)
+x [XSS] Work-around for false positives caused by Gecko >= 18 changes in
+  Function.prototype.toSource() (thanks yahoo mail user for report)
+  
+v 2.6.5.9rc3
+=========================================================================
+x Fixed outlook.com UI broken in Nightly by work-around for bug 677050
+  (thanks Raùl Duràn of Microsoft for troubleshooting help)
+
+v 2.6.5.9rc2
+=========================================================================
+- Removed STS support for Gecko >= 4, which provides built-in HSTS
+x Work around for multiple object creation causing UI inconsistencies
+  (thanks al_9x for reporting)
+
+v 2.6.5.9rc1
+=========================================================================
+x [XSS] Work-around for false positives caused by Gecko >= 18 changes in
+  Function.prototype.toSource() (thanks yahoo mail user for report)
+  
+v 2.6.5.8
+=========================================================================
++ Automatic Google Analytics web bugs blocking if google-analytics.com is
+  not whitelisted
++ "Mark as untrusted" button on the site info page (thanks SwissBIT for
+  RFE)
++ "Allow"/"Forbid"/"Mark as untrusted" icons on the site info buttons
+x Inclusion type checks exception for yandex.st
+x [XSS] Exception for requests across *.photobucket.com subdomains, which
+  may legitimately contain syntactically valid Javascript fragments
+  (thanks RAJAH235 for reporting)
+  
+v 2.6.5.8rc4
+=========================================================================
+x Fixed "Mark as Untrusted" button on the "Site Info" page not working
+  properly (thanks SwissBIT for reporting)
+  
+v 2.6.5.8rc3
+=========================================================================
+x Fixed Google Analytics cross-site checks breaking GMail composition
+  window (thanks Michael Mischurow for reporting)
+
+v 2.6.5.8rc2
+=========================================================================
++ Automatic Google Analytics web bugs blocking if google-analytics.com is
+  not whitelisted
++ "Mark as untrusted" button on the site info page (thanks SwissBIT for
+  RFE)
++ "Allow"/"Forbid"/"Mark as untrusted" icons on the site info buttons
+x Inclusion type checks exception for yandex.st
+
+v 2.6.5.8rc1
+=========================================================================
+x [XSS] Exception for requests across *.photobucket.com subdomains, which
+  may legitimately contain syntactically valid Javascript fragments
+  (thanks RAJAH235 for reporting)
+  
+v 2.6.5.7
+=========================================================================
+x Made "Yes, remove all protections" the default button in the removal
+  warning dialog
+x [XSS] Fixed post-response encoding checks applied to UTF-8 pages too
+  (thanks Masato Kinugawa for reporting)
+x [XSS] Removed host redirection chance on XSS-vulnerable pages (thanks
+  Masato Kinugawa for reporting)
+
+  
+v 2.6.5.7rc2
+=========================================================================
+x Made "Yes, remove all protections" the default button in the removal
+  warning dialog
+
+v 2.6.5.7rc1
+=========================================================================
+x [XSS] Fixed post-response encoding checks applied to UTF-8 pages too
+  (thanks Masato Kinugawa for reporting)
+x [XSS] Removed host redirection chance on XSS-vulnerable pages (thanks
+  Masato Kinugawa for reporting)
+
+  
 v 2.6.5.6
 =========================================================================
 x [XSS] Smarter syntax check optimization, removes harmful side effect

-- 
mozilla noscript extension

More information about the Pkg-mozext-commits mailing list