Fedora 12 Update: mozilla-noscript-1.9.9.81-1.fc12

updates at fedoraproject.org updates at fedoraproject.org
Mon Jun 7 22:32:54 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-9266
2010-05-31 17:41:53
--------------------------------------------------------------------------------

Name        : mozilla-noscript
Product     : Fedora 12
Version     : 1.9.9.81
Release     : 1.fc12
URL         : http://noscript.net/
Summary     : JavaScript white list extension for Mozilla Firefox
Description :
The NoScript Firefox extension provides extra protection for Firefox.
It allows JavaScript, Java, Flash and other plug-ins to be executed only by
trusted web sites of your choice (e.g. your online bank) and additionally
provides Anti-XSS protection.

--------------------------------------------------------------------------------
Update Information:

[+] new feature, [x] bug fix, [-] removed feature, [=] repackaging or cosmetic
change    v 1.9.9.81
==========================================================================  +
Experimental blocking of page refreshes happening inside untrusted    unfocused
tabs, should provide protection against Aviv Raff's scriptless    "tabnabbing"
variant. Enabled by default, can be controlled through the
noscript.forbidBGRefresh about:config integer preference:    0 - no blocking
1 - block refreshes on untrusted unfocused tabs    2 - block refreshes on
trusted unfocused tabs    3 - block refreshes on both trusted and untrusted
unfocused tab    Address patterns matching pages which shouldn't be affected can
be    listed in the noscript.forbidBGRefresh.exceptions preference  x Fixed XSS
false positive in new 3.7 add-ons manager  x Fixed meta-refresh URL parsing
mismatch  x Fixed import script surrogates being broken by a 1.9.9.79 regression
v 1.9.9.80
==========================================================================  x
Fixed "Partially allowed scripts" icon shown instead of the "Scripts    allowed
but some objects blocked" one when the blocked objects' domains    are not
whitelisted for scripting (thanks al_9x for reporting)  x Fixed "Scripts allowed
but some objects blocked" icon not being used for    blocked web fonts (thanks
Alan Baxter for reporting)  x (ABE) Deny on INCLUSION don't trigger a
notification even if the blocked    request is for a subdocument (the blocking
is logged in the Console, use    SUB if user-facing notification is needed)  x
Fixed privileged XMLHttpRequests for untrusted resources being blocked    if
HTTP redirections occurred (thanks mari for reporting)  + Better compatibility
with IronPort web-based tools (thanks Ron Collins    for reporting)    v
1.9.9.79
==========================================================================  x
Script surrogates whose source starts with the '!' get executed on    pages
where scripts are disabled (on document DOM completion, rather    than before
HTML parsing starts like regular surrogates)    v 1.9.9.78
==========================================================================  x
Redirect cache for scripts and XBL only  x Fixed cross-site CSS being blocked
under some circumstances (e.g.    on Flicker and Yahoo)    v 1.9.9.77
==========================================================================  +
ABE INCLUSION(type1, type2, type3...) pseudo-method allows rules to take
request type (e.g. SCRIPT vs CSS) in account  + ABE SELF+ (same domain) and
SELF++ (same base domain) pseudo-origins  x Fixed iconic feedback
inconsistencies when untrusted blocked objects    are mixed with full-trusted
content (tanks al_9x for reporting)  x Fixed Injection Checker false positives
on some kinds of complex nested    URLs (thanks Sirdarckcat for reporting)  x
Tweaked ClearClick for Disqus compatibility (thanks John for reporting)    v
1.9.9.76
==========================================================================  x
Fixed broken menu on Minefield when External Filters are enabled (thanks
linuser for reporting)  x Fixed about: URL not being shown in NoScript menu
(thanks al_9x for    reporting)  x Removed minor strict warnings on Minefield
v 1.9.9.75
==========================================================================  x
Redirected site caching now skips plugin content  x Removed __parent__ usages
for Minefield compatibility  x Removed some strict warnings (thanks timeless for
reporting)
--------------------------------------------------------------------------------
ChangeLog:

* Fri May 28 2010 Thomas Spura <tomspur at fedoraproject.org> - 1.9.9.81-1
- new version
* Mon May 24 2010 Thomas Spura <tomspur at fedoraproject.org> - 1.9.9.79-1
- new version
* Sun May 16 2010 Thomas Spura <tomspur at fedoraproject.org> - 1.9.9.74-1
- new version
- renew patch
* Thu Apr 22 2010 Thomas Spura <tomspur at fedoraproject.org> - 1.9.9.69-1
- new version
* Mon Apr 19 2010 Thomas Spura <tomspur at fedoraproject.org> - 1.9.9.66-1
- new version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #593247 - mozilla-noscript-1.9.9.81 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=593247
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mozilla-noscript' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list