tag 771262 - moreinfo thanks On Fri, Nov 28, 2014 at 07:18:09PM +0000, Jonathan Wiltshire wrote: > Control: tag -1 moreinfo > > On Fri, Nov 28, 2014 at 10:46:34AM +0900, Mike Hommey wrote: > > There is going to be a (mostly) security update of iceweasel early next > > week. > > Please allow it in Jessie (the same package will make it to wheezy through > > stable-security, as usual). > > Please ping this bug and remove the moreinfo tag when it's in sid. A bug we > can't deal with is in the way, and we don't have the capacity to keep > checking.
Following is an updated non-upstream interdiff. The only difference from the previous one is a couple pref change to avoid the obnoxious Firefox- branded things on the homepage, like the video that's currently for the 10 years of Firefox. diff --git a/debian/branding/firefox-branding.js b/debian/branding/firefox-branding.js index eccbddf..75bfb22 100644 --- a/debian/branding/firefox-branding.js +++ b/debian/branding/firefox-branding.js @@ -1,3 +1,5 @@ +lockPref("browser.startup.homepage_override.mstone", "ignore"); +pref("browser.aboutHomeSnippets.updateUrl", "data:text/html,"); pref("startup.homepage_override_url",""); pref("startup.homepage_welcome_url",""); pref("app.releaseNotesURL", "http://mozilla.debian.net/%LOCALE%/%APP%/%VERSION%/releasenotes/"); diff --git a/debian/browser.mozconfig.in b/debian/browser.mozconfig.in index 1e1604c..8144e59 100644 --- a/debian/browser.mozconfig.in +++ b/debian/browser.mozconfig.in @@ -2,6 +2,7 @@ # packages for Debian or a derivative. . $topsrcdir/browser/config/mozconfig ac_add_options --enable-release +ac_add_options --enable-unified-compilation ac_add_options --prefix=/usr ac_add_options --enable-default-toolkit=cairo-gtk2 ac_add_options --enable-pango diff --git a/debian/changelog b/debian/changelog index 07b1f47..b59e7bb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,20 @@ +iceweasel (31.3.0esr-1) unstable; urgency=medium + + * New upstream release. + * Fixes for mfsa2014-{83,85,87-88}, also known as: + CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593, + CVE-2014-1594. + + * debian/browser.mozconfig.in: Revert change from release 31.2.0esr-3, + because it made no difference. + * debian/branding/firefox-branding.js: + - Set browser.startup.homepage_override.mstone to "ignore". + - Set browser.aboutHomeSnippets.updateUrl to "data:text/html,", which + disables downloading snippets from Mozilla servers and resets previously + downloaded snippets after a day. Closes: #721689. + + -- Mike Hommey <gland...@debian.org> Tue, 02 Dec 2014 22:46:00 -0800 + iceweasel (31.2.0esr-3) unstable; urgency=medium * debian/changelog: Add missing entries for 27.0.1-1. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141203165827.ga3...@glandium.org