Your message dated Sun, 06 Aug 2017 00:32:34 +0200 with message-id <1501972354.4866.3.ca...@scientia.net> and subject line Re: Bug#864791: Acknowledgement (firefox-esr: OAtab order cannot be changed with TabMixPlus) has caused the Debian Bug report #864791, regarding firefox-esr: OAtab order cannot be changed with TabMixPlus to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 864791: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864791 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: firefox-esr Version: 52.2.0esr-1 Severity: normal Hi. Since the upgrade to 52, the order of tabs cannot be changed anymore when the TabMixPlus extension is active. Not sure if this is an issue in FF or TMP, though. Cheers, Chris. -- Package-specific info: -- Extensions information Name: Adblock Plus Location: /usr/share/xul-ext/adblock-plus Package: xul-ext-adblock-plus Status: enabled Name: Application Update Service Helper Location: ${PROFILE_EXTENSIONS}/aushel...@mozilla.org.xpi Status: enabled Name: Certificate Patrol Location: /usr/share/xul-ext/certificatepatrol Package: xul-ext-certificatepatrol Status: user-disabled Name: Classic Theme Restorer Location: /usr/share/xul-ext/classic-theme-restorer Package: xul-ext-classic-theme-restorer Status: user-disabled Name: Cookie Monster Location: /usr/share/xul-ext/cookie-monster Package: xul-ext-cookie-monster Status: enabled Name: Default theme Location: /usr/lib/firefox-esr/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi Package: firefox-esr Status: enabled Name: DownThemAll! Location: /usr/share/xul-ext/downthemall Package: xul-ext-downthemall Status: enabled Name: Firebug Location: /usr/share/xul-ext/firebug Package: xul-ext-firebug Status: user-disabled Name: FirePath Location: /usr/share/xul-ext/firexpath Package: xul-ext-firexpath Status: enabled Name: Flashblock Location: /usr/share/xul-ext/flashblock Package: xul-ext-flashblock Status: enabled Name: FoxyProxy Standard Location: /usr/share/xul-ext/foxyproxy-standard Package: xul-ext-foxyproxy-standard Status: enabled Name: HTTPS Everywhere Location: /usr/share/xul-ext/https-everywhere Package: xul-ext-https-everywhere Status: enabled Name: Lightbeam Location: /usr/share/xul-ext/lightbeam Package: xul-ext-lightbeam Status: enabled Name: Live HTTP headers(Fixed By Danyial.com) Location: /usr/share/xul-ext/livehttpheaders Package: xul-ext-livehttpheaders Status: enabled Name: Multi-process staged rollout Location: ${PROFILE_EXTENSIONS}/e10sroll...@mozilla.org.xpi Status: enabled Name: NoScript Location: /usr/share/xul-ext/noscript Package: xul-ext-noscript Status: enabled Name: Pocket Location: ${PROFILE_EXTENSIONS}/fire...@getpocket.com.xpi Status: enabled Name: SearchLoad Options Location: /usr/share/xul-ext/searchload-options Package: xul-ext-searchload-options Status: enabled Name: Status-4-Evar Location: /usr/share/xul-ext/status4evar Package: xul-ext-status4evar Status: enabled Name: Tab Mix Plus Location: /usr/share/xul-ext/tabmixplus Package: xul-ext-tabmixplus Status: enabled Name: User Agent Switcher Location: /usr/share/xul-ext/useragentswitcher Package: xul-ext-useragentswitcher Status: enabled Name: Web Compat Location: ${PROFILE_EXTENSIONS}/webcom...@mozilla.org.xpi Status: enabled Name: Web Developer Location: /usr/share/xul-ext/webdeveloper Package: xul-ext-webdeveloper Status: enabled Name: Y U no validate Location: /usr/share/xul-ext/y-u-no-validate Package: xul-ext-y-u-no-validate Status: enabled -- Plugins information Name: Shockwave Flash Location: /usr/lib/gnash/libgnashplugin.so Package: browser-plugin-gnash Status: enabled -- Addons package information ii browser-plugin 0.8.11~git20 amd64 GNU Shockwave Flash (SWF) player ii firefox-esr 52.2.0esr-1 amd64 Mozilla Firefox web browser - Ext ii xul-ext-adbloc 2.7.3+dfsg-1 all advertisement blocking extension ii xul-ext-certif 2.0.14-5 all Certificate Monitor for Iceweasel ii xul-ext-classi 1.5.9-1 all customize the new Firefox interfa ii xul-ext-cookie 1.3.0.5-1 all manage cookies in a whitelist-bas ii xul-ext-downth 3.0.7-1 all Firefox extension with advanced d ii xul-ext-firebu 2.0.17-1 all web development plugin for Firefo ii xul-ext-firexp 0.9.7.1-3 all extension for Firebug to edit, in ii xul-ext-flashb 1.5.20-2 all Mozilla extension to block Adobe ii xul-ext-foxypr 4.5.6-debian all advanced proxy management tool fo ii xul-ext-https- 5.2.8-1 all extension to force the use of HTT ii xul-ext-lightb 1.3.1+dfsg-1 all visualize sites that may be track ii xul-ext-liveht 0.17.1-2 all add information about HTTP header ii xul-ext-noscri 2.9.0.14-1 all permissions manager for Firefox ii xul-ext-search 0.8.0-3 all tweak the searchbar's functionali ii xul-ext-status 2016.10.11.0 all Status bar widgets and progress i ii xul-ext-tabmix 0.5.0.1-1 all add dozens of new capabilities to ii xul-ext-userag 0.7.3-3 all Firefox addon that allows the use ii xul-ext-webdev 1.2.5+repack all web developer extension ii xul-ext-y-u-no 2013052407-3 all browser extension to make securit -- System Information: Debian Release: 9.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages firefox-esr depends on: ii debianutils 4.8.1.1 ii fontconfig 2.11.0-6.7+b1 ii libasound2 1.1.3-5 ii libatk1.0-0 2.22.0-1 ii libc6 2.24-11 ii libcairo-gobject2 1.14.8-1 ii libcairo2 1.14.8-1 ii libdbus-1-3 1.10.18-1 ii libdbus-glib-1-2 0.108-2 ii libevent-2.0-5 2.0.21-stable-3 ii libffi6 3.2.1-6 ii libfontconfig1 2.11.0-6.7+b1 ii libfreetype6 2.6.3-3.2 ii libgcc1 1:6.3.0-18 ii libgdk-pixbuf2.0-0 2.36.5-2 ii libglib2.0-0 2.50.3-2 ii libgtk-3-0 3.22.12-1 ii libgtk2.0-0 2.24.31-2 ii libhunspell-1.4-0 1.4.1-2+b2 ii libjsoncpp1 1.7.4-3 ii libpango-1.0-0 1.40.5-1 ii libsqlite3-0 3.16.2-5 ii libstartup-notification0 0.12-4+b2 ii libstdc++6 6.3.0-18 ii libvpx4 1.6.1-3 ii libx11-6 2:1.6.4-3 ii libx11-xcb1 2:1.6.4-3 ii libxcb-shm0 1.12-1 ii libxcb1 1.12-1 ii libxcomposite1 1:0.4.4-2 ii libxdamage1 1:1.1.4-2+b3 ii libxext6 2:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxrender1 1:0.9.10-1 ii libxt6 1:1.1.5-1 ii procps 2:3.3.12-3 ii zlib1g 1:1.2.8.dfsg-5 firefox-esr recommends no packages. Versions of packages firefox-esr suggests: ii fonts-lmodern 2.004.5-3 ii fonts-stix [otf-stix] 1.1.1-4 ii libcanberra0 0.30-3 ii libgssapi-krb5-2 1.15-1 pn mozplugger <none> -- Configuration Files: /etc/firefox-esr/firefox-esr.js changed: // This is the Debian specific preferences file for Firefox // You can make any change in here, it is the purpose of this file. // You can, with this file and all files present in the // /etc/firefox-esr directory, override any preference you can see in // about:config. // // Note that lockPref is allowed in these preferences files if you // don't want users to be able to override some preferences. // Use LANG environment variable to choose locale pref("intl.locale.matchOS", true); // Disable default browser checking. pref("browser.shell.checkDefaultBrowser", false); // Avoid openh264 being downloaded. pref("media.gmp-manager.url.override", "data:text/plain,"); // Disable openh264. pref("media.gmp-gmpopenh264.enabled", false); // Disable WideVine pref("media.gmp-widevinecdm.enabled", false); pref("media.gmp-widevinecdm.visible", false); // Default to classic view for about:newtab sticky_pref("browser.newtabpage.enhanced", false); pref("media.gmp-provider.enabled", false); pref("media.gmp-manager.certs.1.commonName", "invalid"); pref("media.gmp-manager.certs.1.issuerName", "CN=scientia.net,O=scientia.net,C=DE"); pref("media.gmp-manager.certs.2.commonName", "invalid"); pref("media.gmp-manager.certs.2.issuerName", "CN=scientia.net,O=scientia.net,C=DE"); pref("media.gmp-manager.url", "https://invalid.localhost/"); pref("media.gmp-manager.cert.requireBuiltIn", true); pref("media.fragmented-mp4.gmp.enabled", false); pref("media.gmp.insecure.allow", false); pref("media.eme.enabled", false); pref("media.eme.apiVisible", false); pref("media.gmp-eme-adobe.enabled", false); pref("browser.eme.ui.enabled", false); pref("pdfjs.disabled", true); pref("security.ssl.require_safe_negotiation", true); pref("security.ssl.treat_unsafe_negotiation_as_broken", true); pref("security.tls.unrestricted_rc4_fallback", false); pref("security.tls.insecure_fallback_hosts", ""); pref("security.tls.insecure_fallback_hosts.use_static_list", false); pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); pref("security.ssl3.rsa_rc4_128_md5", false); pref("security.ssl3.rsa_rc4_128_sha", false); pref("security.ssl3.rsa_des_ede3_sha", false); pref("security.OCSP.enabled", 1); pref("security.OCSP.require", true); pref("browser.send_pings", false); pref("browser.send_pings.max_per_link", 0); pref("browser.send_pings.require_same_host", true); pref("media.peerconnection.enabled", false); pref("media.peerconnection.video.enabled", false); pref("media.navigator.enabled", false); pref("media.navigator.permission.disabled", false); pref("media.navigator.video.enabled", false); pref("media.getusermedia.browser.enabled", false); pref("media.getusermedia.audiocapture.enabled", false); pref("media.getusermedia.screensharing.enabled", false); pref("media.getusermedia.screensharing.allow_on_old_platforms", false); pref("media.getusermedia.screensharing.allowed_domains", "invalid.localhost"); pref("media.webspeech.recognition.enable", false); pref("dom.imagecapture.enabled", false); pref("canvas.capturestream.enabled", false); pref("loop.enabled", false); pref("loop.textChat.enabled", false); pref("offline-apps.allow_by_default", false); pref("keyword.enabled", false); //do not guess URIs // //Reason: Privacy, Security // Guessing the URI may lead the user to a wrong host, which in turn // could have effects on security. // For example: Consider a host “software” is available in a safe VPN or // intranet, where people download trusted software. If such // an address is completed to for example “software.com” // because “software” isn’t reachable, it may easily lead // to a wrong and possibly malicious host. pref("browser.fixup.alternate.enabled", false); pref("browser.fixup.hide_user_pass", true); pref("browser.fixup.alternate.suffix", ".invalid"); pref("experiments.enabled", false); pref("experiments.supported", false); pref("network.allow-experiments", false); pref("extensions.getAddons.cache.enabled", false); pref("security.mixed_content.block_active_content", false); pref("security.mixed_content.block_display_content", false); pref("plugins.click_to_play", true); pref("dom.event.contextmenu.enabled", false); pref("network.proxy.socks_remote_dns", true); pref("app.update.auto", false); pref("extensions.update.enabled", false); pref("extensions.update.autoUpdateDefault", false); pref("full-screen-api.allow-trusted-requests-only", true); //disable “Pocket” // //Reason: Privacy, Security // Pocket is an inherent privacy leak, security may be compromised for // example by storing sensitive data in Pocket. //Note: According to some reports, it may be necessary to additionally remove // the Pocket icon from Firefox’ toolbars. pref("browser.pocket.enabled", false); //disable “Mozilla Pishing And Malware Protection” (which is actually mostly //“Google Safe Browsing”) // //Reason: Privacy, Security // This may send any visited URI (which includes any pre-fetched URIs) as // well as meta-data (including hashsums) of any downloaded files to // “Mozilla and/or its partners”. // The actual security benefit seems to be disputed by many security // experts. //Note: While parts of this is configurable via Firfox’ preferences it seems // that this “feature” cannot be fully disabled there. //Note: Apparently there is/was a feature that just downloaded lists of // suspicious sites/files and matched against these (which would be safe), // but according two Mozilla’s own documentation this isn’t guaranteed and // it actually seems that the options therefore have already changed their // semantics over time. Therefore, it is disabled completely. pref("browser.safebrowsing.enabled", false); pref("browser.safebrowsing.malware.enabled", false); pref("browser.safebrowsing.downloads.enabled", false); pref("browser.safebrowsing.downloads.remote.enabled", false); pref("browser.safebrowsing.phishing.enabled", false); //try to render the “Social API” and social network integration disfunctional // //Reason: Privacy, Security // It shouldn’t be necessary for social networks to have more // functionality and control over the browser than “normal” websites, // which makes this quite suspicious from a security and privacy point of // view. //Note: There once seemed to be options to “fully” disable this which where // however dropped. This makes the whole “feature” even more suspicious. pref("social.directories", "https://invalid.localhost/"); pref("social.whitelist", "https://invalid.localhost/"); pref("social.shareDirectory", "https://invalid.localhost/"); pref("social.remote-install.enabled", false); pref("social.share.activationPanelEnabled", false); pref("social.toast-notifications.enabled", false); //disable sensor probing // //Reason: Privacy, Security // It's unclear what this actually exactly does as Mozilla doesn’t // document it properly. // However, no “sensor” (which could perhaps even include microphones or // cameras) information should be read out by a browser. pref("device.sensors.enabled", false); //disable camera face detection // //Reason: Privacy // It may be helpful to find and kill Jason Bourne (if he was using // Firefox) but apart from that there is no reason why a browser should // ever has access to a camera and thus no reason either why faces should // be detected. pref("camera.control.face_detection.enabled", false); pref("datareporting.healthreport.service.enabled", false); pref("datareporting.healthreport.uploadEnabled", false); pref("datareporting.policy.dataSubmissionEnabled", false); pref("datareporting.policy.dataSubmissionEnabled.v2", false); pref("toolkit.telemetry.enabled", false); pref("toolkit.telemetry.unified", false); pref("toolkit.telemetry.unifiedIsOptIn", true); pref("toolkit.telemetry.archive.enabled", false); pref("toolkit.telemetry.server", "https://invalid.localhost/"); pref("geo.wifi.logging.enabled", false); pref("security.ssl.errorReporting.automatic", false); pref("browser.newtabpage.directory.ping", "https://invalid.localhost/"); pref("browser.newtabpage.directory.source", "https://invalid.localhost/"); pref("browser.aboutHomeSnippets.updateUrl", "data:text/html,"); pref("extensions.webservice.discoverURL", "data:text/plain,disabled via the option extensions.webservice.discoverURL"); pref("breakpad.reportURL", "https://invalid.localhost/"); pref("browser.selfsupport.url", "https://invalid.localhost/"); pref("media.autoplay.enabled", false); pref("dom.event.clipboardevents.enabled", false); pref("dom.battery.enabled", false); //pref("", false); //pref("", false); //TODO: //privacy.trackingprotection.enabled //beacon.enabled //datareporting.* //security.xpconnect.plugin.unrestricted //network.dns.get-ttl //dom.keyboardevent.code.enabled //browser.search.update //geo.enabled //geo.wifi.uri //security.ssl.enable_false_start //media.video_stats.enabled //extensions.blocklist.enabled //media.gmp.trial-create.enabled //media.gmp-manager.cert.checkAttributes //accelerometer.enabled //signon.schemeUpgrades => das ist VERMUTLICH die option die kontrolliert, dass ein HTTP Basic Auth password das für eine http url gespeichert wurde auch für nen https login benutzt wird... aber evtl können wir das eh "on" lassen, da es evtl. gar kein security problem ist //sollen wir web assembly deaktivieren? Wenn ja sind das vermutlich relevante settings //javascript.options.wasm //javascript.options.wasm_baselinejit //network.dns.disablePrefetch //network.prefetch-next //network.http.speculative-parallel-limit=0 //network.dnsCacheExpiration //network.dnsCacheExpirationGracePeriod //network.http.sendRefererHeader //network.http.referer.XOriginPolicy //network.http.referer.spoofSource //network.http.referer.trimmingPolicy //pref("network.websocket.max-message-size", 1); //dom.storage.enabled //dom.storage.default_quota //browser.search.suggest.enabled //webgl.disabled //webgl.disable-extensions //security.tls.version.min //browser.fixup.dns_first_for_single_words //dom.allow_cut_copy => hidden property, erscheint nicht per default in about:config obwohl sie da ist //****************************************************************************** //*** User Settings *** //****************************************************************************** pref("browser.cache.disk.enable", false); pref("browser.cache.disk_cache_ssl", false); pref("browser.urlbar.unifiedcomplete", false); //configureable via Preferences pref("privacy.donottrackheader.enabled", true); //****************************************************************************** //*** Interesting *** //****************************************************************************** //browser.zoom.siteSpecific //not needed, because not active due to another setting //security.ssl.errorReporting.enabled (because of: security.ssl.errorReporting.automatic) //****************************************************************************** //*** Locked Prefs *** //****************************************************************************** // Es gibt wohl nen bug, dass ab dem ersten lock_pref alle anderen gesetzten Prefs nicht mehr gelesen werden lock_pref("app.update.enabled", false); -- no debconf information
--- End Message ---
--- Begin Message ---Hey David. On Sat, 2017-08-05 at 14:11 -0400, David Prévot wrote: > Can you please confirm if this issue is fixed with the latest version > (0.5.0.3-1). I was not bitten myself with it and the set of addons > currently installed on my development box… Seems that the new version fixes all issues (well except that the FF windows open always with the size being one vertical half of the screen and I'm not even sure whether this is TM+ related)... but the tab- moving works, and the too-large-tabs in the (non ESR) firefox package also works now. Thanks for the upload :-) Cheers, Chris.smime.p7s
Description: S/MIME cryptographic signature
--- End Message ---