Hi,
I attached a patch that updates the debian/ folder for 5.0.5 (i.e. the
latest upstream version).
Cheers,
Julian
--
() ascii ribbon campaign - against html e-mail
/\- against proprietary attachments
diff --git a/debian/changelog b/debian/changelog
index 2f45431b..327d5097 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+mozilla-noscript (5.0.5-0.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * New upstream version 5.0.5 (Closes: #865279):
+- Refresh upstream changelog.
+- Refresh patch '0002-remove-websites-from-default-white-list.patch'.
+
+ -- Julian Wollrath Tue, 27 Jun 2017 08:41:59 +0200
+
mozilla-noscript (2.9.0.14-1) unstable; urgency=medium
* New upstream version 2.9.0.14
diff --git a/debian/control b/debian/control
index e2ab0a6d..39a90ce1 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Uploaders: Damyan Ivanov ,
Build-Depends: debhelper (>= 8), mozilla-devscripts, node-uglify
Standards-Version: 3.9.8
Homepage: http://noscript.net/
-Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-mozext/noscript.git
+Vcs-Browser: https://anonscm.debian.org/cgit/pkg-mozext/noscript.git
Vcs-Git: git://anonscm.debian.org/pkg-mozext/noscript.git
Package: xul-ext-noscript
diff --git a/debian/patches/0002-remove-websites-from-default-white-list.patch b/debian/patches/0002-remove-websites-from-default-white-list.patch
index d4cf61ba..c08cd3e0 100644
--- a/debian/patches/0002-remove-websites-from-default-white-list.patch
+++ b/debian/patches/0002-remove-websites-from-default-white-list.patch
@@ -13,13 +13,13 @@ Last-Update: 2013-09-22
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/defaults/preferences/noscript.js b/defaults/preferences/noscript.js
-index fecf70f..7a3f66c 100644
+index 42834681..aa3b8074 100644
--- a/defaults/preferences/noscript.js
+++ b/defaults/preferences/noscript.js
@@ -30,7 +30,7 @@ pref("noscript.showExternalFilters", true);
pref("noscript.showTempAllowPage", true);
pref("noscript.showAllowPage", true);
- pref("noscript.mandatory", "chrome: blob: mediasource: moz-extension: moz-safe-about: about: about:addons about:blocked about:crashes about:feeds about:home about:config about:neterror about:certerror about:memory about:plugins about:preferences about:privatebrowsing about:sessionrestore about:support resource: about:srcdoc");
+ pref("noscript.mandatory", "[System+Principal] chrome: blob: mediasource: moz-extension: moz-safe-about: about: about:addons about:blocked about:crashes about:feeds about:home about:config about:neterror about:certerror about:memory about:plugins about:preferences about:privatebrowsing about:sessionrestore about:support resource: about:srcdoc");
-pref("noscript.default", "about:blank about:pocket-signup about:pocket-saved addons.mozilla.org persona.org mozilla.net google.com gstatic.com ajax.googleapis.com maps.googleapis.com paypal.com paypalobjects.com securecode.com securesuite.net firstdata.com firstdata.lv yahoo.com yimg.com yahooapis.com youtube.com ytimg.com googlevideo.com netflix.com nflxext.com nflximg.com nflxvideo.net noscript.net hotmail.com passport.com passport.net passportimages.com live.com live.net outlook.com afx.ms gfx.ms sfx.ms wlxrs.com ajax.aspnetcdn.com bootstrapcdn.com code.jquery.com yandex.st tinymce.cachefly.net");
+pref("noscript.default", "about:blank");
diff --git a/debian/upstream-changelog b/debian/upstream-changelog
index 13508afd..56c79287 100644
--- a/debian/upstream-changelog
+++ b/debian/upstream-changelog
@@ -1,5 +1,422 @@
[+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic change
+v 5.0.5
+=
+x [XSS] Updated XSS filter with latest Gecko Atoms and ES
+ features (thanks Maxim Rupp for reporting)
++ [XSS] Added countermeasures against XSS vectors exploiting
+ Mavo-script template expressions (thanks Krzysztof Kotowicz
+ and Gareth Heyes for reporting)
+
+v 5.0.5rc12
+=
+x Fixed reported origins ordering glitch
+
+v 5.0.5rc11
+=
+x [XSS] Fixed regression in Mavo-script detection (thanks
+ Gareth Heyes for reporting)
+
+v 5.0.5rc10
+=
+x [XSS] Brutal crackdown on Mavo-script expressions (thanks
+ Gareth Heyes for reporting)
+
+v 5.0.5rc9
+=
+x [XSS] Improved handling of Mavo-script translation edge
+ cases (thanks Gareth Heyes for reporting)
+
+v 5.0.5rc8
+=
+x [XSS] More aggressive filter against Mavo-script madness
+ (thanks Gareth Heyes for reporting)
+
+v 5.0.5rc7
+=
+x [XSS] Fixed bug in Mavo-script countermeasures (thanks
+ Gareth Heyes for