-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-16124 2012-10-15 17:31:52 --------------------------------------------------------------------------------
Name : mozilla-https-everywhere Product : Fedora 18 Version : 3.0.1 Release : 1.fc18 URL : https://eff.org/https-everywhere Summary : HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey Description : HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to use. For instance, they may default to unencrypted HTTP, or fill encrypted pages with links that go back to the unencrypted site. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS. -------------------------------------------------------------------------------- Update Information: * Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory, IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo, Shannon Health, O'Reilly Media https://trac.torproject.org/projects/tor/ticket/7080 https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html * Disable broken: Springer https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html * Updated translations: Basque, Hungarian, Traditional Chinese - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage - Since version 2.x: - 1,455 new active rulesets - UI improvements: -- right-click to view ruleset source in the config window -- translate some untranslated menus -- better icons in a few places (breaking/redirecting rules, context button) - Numerous improvements to the SSL Observatory internals, including cached submissions on hostile networks, better Tor and Convergence integration, and a new setting to control self-signed cert submission - New translations: Basque, Czech, Danish, French, Greek, Hungarian, Italian, Korean, Malaysian, Polish, Slovak, Turkish, Traditional Chinese - Relative to 3.0development.8: - Only promote the Decentralized SSL Observatory to 5% of non-Tor users - Update the SSL Observatory whitelist of common cert chains - Fixes, mostly in the CDN/media playback department: Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player, AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein, Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo, Nokia, Widgetbox.com, Squarespace https://trac.torproject.org/projects/tor/ticket/4199 https://trac.torproject.org/projects/tor/ticket/6871 https://trac.torproject.org/projects/tor/ticket/6992 https://trac.torproject.org/projects/tor/ticket/7000 https://trac.torproject.org/projects/tor/ticket/7020 https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html - Disable buggy: Web.de, AJC.com, Feross, Bestofmedia - Remove a lot of off-by-default rulesets from the code, since they have some costs in terms of startup speed and RAM usage -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mozilla-https-everywhere' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
