[Pkg-mozext-maintainers] Bug#865279: xul-ext-noscript: new upstream version supporting e10s available

[Julian Wollrath]

Hi,

I attached a patch that updates the debian/ folder for 5.0.5 (i.e. the
latest upstream version).


Cheers,
Julian

-- 
 ()  ascii ribbon campaign - against html e-mail 
 /\- against proprietary attachments
diff --git a/debian/changelog b/debian/changelog
index 2f45431b..327d5097 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+mozilla-noscript (5.0.5-0.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * New upstream version 5.0.5 (Closes: #865279):
+- Refresh upstream changelog.
+- Refresh patch '0002-remove-websites-from-default-white-list.patch'.
+
+ -- Julian Wollrath   Tue, 27 Jun 2017 08:41:59 +0200
+
 mozilla-noscript (2.9.0.14-1) unstable; urgency=medium
 
   * New upstream version 2.9.0.14
diff --git a/debian/control b/debian/control
index e2ab0a6d..39a90ce1 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Uploaders: Damyan Ivanov ,
 Build-Depends: debhelper (>= 8), mozilla-devscripts, node-uglify
 Standards-Version: 3.9.8
 Homepage: http://noscript.net/
-Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-mozext/noscript.git
+Vcs-Browser: https://anonscm.debian.org/cgit/pkg-mozext/noscript.git
 Vcs-Git: git://anonscm.debian.org/pkg-mozext/noscript.git
 
 Package: xul-ext-noscript
diff --git a/debian/patches/0002-remove-websites-from-default-white-list.patch b/debian/patches/0002-remove-websites-from-default-white-list.patch
index d4cf61ba..c08cd3e0 100644
--- a/debian/patches/0002-remove-websites-from-default-white-list.patch
+++ b/debian/patches/0002-remove-websites-from-default-white-list.patch
@@ -13,13 +13,13 @@ Last-Update: 2013-09-22
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/defaults/preferences/noscript.js b/defaults/preferences/noscript.js
-index fecf70f..7a3f66c 100644
+index 42834681..aa3b8074 100644
 --- a/defaults/preferences/noscript.js
 +++ b/defaults/preferences/noscript.js
 @@ -30,7 +30,7 @@ pref("noscript.showExternalFilters", true);
  pref("noscript.showTempAllowPage", true);
  pref("noscript.showAllowPage", true);
- pref("noscript.mandatory", "chrome: blob: mediasource: moz-extension: moz-safe-about: about: about:addons about:blocked about:crashes about:feeds about:home about:config about:neterror about:certerror about:memory about:plugins about:preferences about:privatebrowsing about:sessionrestore about:support resource: about:srcdoc");
+ pref("noscript.mandatory", "[System+Principal] chrome: blob: mediasource: moz-extension: moz-safe-about: about: about:addons about:blocked about:crashes about:feeds about:home about:config about:neterror about:certerror about:memory about:plugins about:preferences about:privatebrowsing about:sessionrestore about:support resource: about:srcdoc");
 -pref("noscript.default", "about:blank about:pocket-signup about:pocket-saved addons.mozilla.org persona.org mozilla.net google.com gstatic.com ajax.googleapis.com  maps.googleapis.com paypal.com paypalobjects.com securecode.com securesuite.net firstdata.com firstdata.lv yahoo.com yimg.com yahooapis.com youtube.com ytimg.com googlevideo.com netflix.com nflxext.com nflximg.com nflxvideo.net noscript.net hotmail.com passport.com passport.net passportimages.com live.com live.net outlook.com afx.ms gfx.ms sfx.ms wlxrs.com ajax.aspnetcdn.com bootstrapcdn.com code.jquery.com yandex.st tinymce.cachefly.net");
 +pref("noscript.default", "about:blank");
  
diff --git a/debian/upstream-changelog b/debian/upstream-changelog
index 13508afd..56c79287 100644
--- a/debian/upstream-changelog
+++ b/debian/upstream-changelog
@@ -1,5 +1,422 @@
 [+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic change
 
+v 5.0.5
+=
+x [XSS] Updated XSS filter with latest Gecko Atoms and ES
+  features (thanks Maxim Rupp for reporting)
++ [XSS] Added countermeasures against XSS vectors exploiting
+  Mavo-script template expressions (thanks Krzysztof Kotowicz
+  and Gareth Heyes for reporting)
+
+v 5.0.5rc12
+=
+x Fixed reported origins ordering glitch
+
+v 5.0.5rc11
+=
+x [XSS] Fixed regression in Mavo-script detection (thanks
+  Gareth Heyes for reporting)
+
+v 5.0.5rc10
+=
+x [XSS] Brutal crackdown on Mavo-script expressions (thanks
+  Gareth Heyes for reporting)
+
+v 5.0.5rc9
+=
+x [XSS] Improved handling of Mavo-script translation edge
+  cases (thanks Gareth Heyes for reporting)
+
+v 5.0.5rc8
+=
+x [XSS] More aggressive filter against Mavo-script madness
+  (thanks Gareth Heyes for reporting)
+
+v 5.0.5rc7
+=
+x [XSS] Fixed bug in Mavo-script countermeasures (thanks
+  Gareth Heyes for

[Pkg-mozext-maintainers] Bug#865279: xul-ext-noscript: new upstream version supporting e10s available

[Ansgar Burchardt]

Package: xul-ext-noscript
Version: 2.9.0.14-1
Severity: wishlist

There are several new upstream releases.  Of interest to me is that
newer versions of noscript support e10s, starting with 2.9.5:

+ Full e10s compatibility

Please update the package.

Ansgar

___
Pkg-mozext-maintainers mailing list
Pkg-mozext-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mozext-maintainers