Fedora Update Notification
2018-04-17 03:10:09.806609

Name        : mozilla-noscript
Product     : Fedora 28
Version     :
Release     : 1.fc28
URL         : http://noscript.net/
Summary     : JavaScript white list extension for Mozilla Firefox
Description :
The NoScript Firefox extension provides extra protection for Firefox.
It allows JavaScript, Java, Flash and other plug-ins to be executed only by
trusted web sites of your choice (e.g. your online bank) and additionally
provides Anti-XSS protection.

Update Information:

**NOTE**: All packaged Firefox add-ons are affected by Firefox bug
fedora#1508827 . A workaround is provided in the bug report. Please do not give
negative karma just because of that bug.  # Changes in 10.x (Quantum)  ##  * Fixed edge case CSP injection bug (thanks Rob Wu) * Optimized
dynamic script injection (thanks Rob Wu) * Fixed potential leak on dynamic
script injection (thanks   Rob Wu for report) * Now NoScript's UI on privileged
pages explains permissions   cannot be configured there, rather than bluntly
opening the   Options page (thanks Rob Wu for suggestion)  ##  * Fixed
script enablement status not correctly detected on   some pages rolling their
own CSP (causing NOSCRIPT element   and META refresh emulation not to be
triggered) * Fixed "Appearance" NoScript Options tab missing on Android * [XSS]
Fixed semicolon-separated JSON payloads DDOSing the   JSON-optimizer, e.g. with
syndication.twitter.com subframes   (thanks KonomiKitten and pal1000 for
reports) * [UI] Renamed "Scripts globally allowed (dangerous)" option   to "No
permissions enforcement (dangerous)" to better   reflect its actual effect *
[UI] Better feedback about "No permission enforcement" by   disabling the
"Preset customization" section and and the   "Per-site Permissions" tab * [UI]
Moved XSS-related options to the "Advanced" tab * Fixed disabled webgl breaking
feeds on script-enabled sites   (thanks pal1000 for reporting) * Enhanced
dynamic script injection if browser.contentScripts   API is available * Expanded
support for webgl canvas placeholders  # Changes in 5.x (Classic)  ##  *
Fixed edge case ABE Anon action loop with e10s enabled on   reload after new
rule (thanks barbaz for reporting) * Fixed JSON interactive view disabled by
cascading   restrictions (thanks jester for reporting) * Fixed ABE Anon action
loop with e10s enabled (thanks barbaz   for reporting)

  [ 1 ] Bug #1557592 - mozilla-noscript- is available

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade mozilla-noscript' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-le...@lists.fedoraproject.org

Reply via email to