[Pkg-mozext-commits] [noscript] 03/04: Refresh upstream changelog

David Prévot taffit at moszumanska.debian.org
Thu Jan 9 15:42:04 UTC 2014 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository noscript.

commit a1946a047e68e3b1585b4bf1f3c2144349124f81
Author: David Prévot <taffit at debian.org>
Date:   Thu Jan 9 11:20:59 2014 -0400

    Refresh upstream changelog
---
 debian/upstream-changelog | 77 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)

diff --git a/debian/upstream-changelog b/debian/upstream-changelog
index edc1493..559ec72 100644
--- a/debian/upstream-changelog
+++ b/debian/upstream-changelog
@@ -1,5 +1,82 @@
 [+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic change
 
+
+v 2.6.8.11
+=========================================================================
+x [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa
+  for reporting)
+x [XSS] Abort, rather than filter, potential charset-based attacks (
+  thanks Masato Kinugawa for reporting)
+x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)
+
+x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
+  Kinugawa for reporting)
+x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
+  Kinugawa for reporting)
+x Adopted the Components.utils.blockScriptForGlobal() API where possible
+x [XSS] Further improvements in recursive link checks (thanks Masato
+  Kinugawa for reporting)
+x [XSS] Better checks for combined data/javascript URIs (thanks Masato
+  Kinugawa for reporting)
+x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
+  Kinugawa for reporting)
+x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
+x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)
+x [XSS] Stricter HTML checks on second-order data URI injections exactly
+  fitting whole URL attributes (thanks Masato Kinugawa for reporting)
+  
+v 2.6.8.11rc10
+=========================================================================
+x [XSS] Fixed new inline script blocking approach (in Firefox Nightly)
+  not triggering NOSCRIPT element fallbacks
+
+v 2.6.8.11rc9
+=========================================================================
+x [XSS] Fixed nested URL parsing optimization bug (thanks Masato Kinugawa
+  for reporting)
+
+v 2.6.8.11rc8
+=========================================================================
+x [XSS] Abort, rather than filter, potential charset-based attacks (
+  thanks Masato Kinugawa for reporting)
+x [XSS] Improved Ebay compatibility (thanks Markus Wienand for reporting)
+
+v 2.6.8.11rc7
+=========================================================================
+x [XSS] Fixed bad charset check regression from rc6 (thanks Masato
+  Kinugawa for reporting)
+
+v 2.6.8.11rc6
+=========================================================================
+x [XSS] Fixed bad charset checks not honoring exceptions (thanks Masato
+  Kinugawa for reporting)
+x Adopted the Components.utils.blockScriptForGlobal() API where possible
+
+v 2.6.8.11rc5
+=========================================================================
+x [XSS] Further improvements in recursive link checks (thanks Masato
+  Kinugawa for reporting)
+
+v 2.6.8.11rc4
+=========================================================================
+x [XSS] Better checks for combined data/javascript URIs (thanks Masato
+  Kinugawa for reporting)
+  
+v 2.6.8.11rc3
+=========================================================================
+x [XSS] Restored fuzzy HTML sniffing in nested data URI (thanks Masato
+  Kinugawa for reporting)
+
+v 2.6.8.11rc2
+=========================================================================
+x [XSS] Improved data URI checks (thanks Masato Kinugawa for reporting)
+x [XSS] Enhanced recursive link checks (Thanks PK Cano for reporting)
+
+v 2.6.8.11rc1
+=========================================================================
+x [XSS] Stricter HTML checks on second-order data URI injections exactly
+  fitting whole URL attributes (thanks Masato Kinugawa for reporting)
+  
 v 2.6.8.10
 =========================================================================
 x [XSS] Fixed regression causing Google Talk false positive (thanks

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/noscript.git

More information about the Pkg-mozext-commits mailing list