Fedora 17 Update: mozilla-https-everywhere-3.0.2-1.fc17
updates at fedoraproject.org
updates at fedoraproject.org
Mon Oct 22 02:05:06 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-16634
2012-10-22 01:19:25
--------------------------------------------------------------------------------
Name : mozilla-https-everywhere
Product : Fedora 17
Version : 3.0.2
Release : 1.fc17
URL : https://eff.org/https-everywhere
Summary : HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey
Description :
HTTPS Everywhere is a Firefox extension produced as a collaboration between
The Tor Project and the Electronic Frontier Foundation. It encrypts your
communications with a number of major websites.
Many sites on the web offer some limited support for encryption over HTTPS,
but make it difficult to use. For instance, they may default to unencrypted
HTTP, or fill encrypted pages with links that go back to the unencrypted site.
The HTTPS Everywhere extension fixes these problems by rewriting all requests
to these sites to HTTPS.
--------------------------------------------------------------------------------
Update Information:
* Some fixes that should have shipped in 3.0.1, but actually didn't:
European Southern Observatory, Indeed, LibriVox
* New fixes:
Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer
(fix / reenable), Optical Society, IMDB, Facebook, EzineArticles,
Broadband Reports, Apache, Akamai (exclude Zynga content to prevent
breakage of some Zynga games), Costco
* Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory,
IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo,
Shannon Health, O'Reilly Media
https://trac.torproject.org/projects/tor/ticket/7080
https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html
* Disable broken: Springer
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html
* Updated translations: Basque, Hungarian, Traditional Chinese
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
* Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory,
IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo,
Shannon Health, O'Reilly Media
https://trac.torproject.org/projects/tor/ticket/7080
https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html
* Disable broken: Springer
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html
* Updated translations: Basque, Hungarian, Traditional Chinese
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations.
Update to upstream 3.0.1. remove a lot of off-by-default rulesets due to overhead. Add hundreds of new rulesets. Fix some broken ones. New translations.
--------------------------------------------------------------------------------
ChangeLog:
* Sun Oct 21 2012 Russell Golden <niveusluna at niveusluna.org - 3.0.2-1
- Some fixes that should have shipped in 3.0.1, but actually didn't:
European Southern Observatory, Indeed, LibriVox
- New fixes:
Microsoft (Bing login button), ZeniMax, Ubuntuone, TrueCrypt, Springer
(fix / reenable), Optical Society, IMDB, Facebook, EzineArticles,
Broadband Reports, Apache, Akamai (exclude Zynga content to prevent
breakage of some Zynga games), Costco
* Mon Oct 15 2012 Russell Golden <niveusluna at niveusluna.org> - 3.0.1-1
- Fixes: adition.com, Akamai/SVTplay.se, Bahn.de, European Southern Observatory,
IEEE, Indeed, Java, Librivox, Pinterest, New York Times, Springer, Vimeo,
Shannon Health, O'Reilly Media
https://trac.torproject.org/projects/tor/ticket/7080
https://mail1.eff.org/pipermail/https-everywhere/2012-October/001583.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001339.html
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001343.html
- Disable broken: Springer
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001340.html
- Updated translations: Basque, Hungarian, Traditional Chinese
* Fri Oct 12 2012 Russell Golden <niveusluna at niveusluna.org> - 3.0.0-2
- Replace "firefox" in EPEL builds with "firefox >= 3.5" for EL
users who think updates are for sissies and/or voiding support
contracts with proprietary vendors. They can't use this if their
Firefox install is older than 3.5 anyway, so what's the harm?
* Tue Oct 9 2012 Russell Golden <niveusluna at niveusluna.org> - 3.0.0-1
- Since version 2.x:
- 1,455 new active rulesets
- UI improvements:
-- right-click to view ruleset source in the config window
-- translate some untranslated menus
-- better icons in a few places (breaking/redirecting rules,
context button)
- Numerous improvements to the SSL Observatory internals, including cached
submissions on hostile networks, better Tor and Convergence integration,
and a new setting to control self-signed cert submission
- New translations: Basque, Czech, Danish, French, Greek, Hungarian,
Italian, Korean, Malaysian, Polish, Slovak, Turkish,
Traditional Chinese
- Relative to 3.0development.8:
- Only promote the Decentralized SSL Observatory to 5% of non-Tor users
- Update the SSL Observatory whitelist of common cert chains
- Fixes, mostly in the CDN/media playback department:
Akamai/CNN, GO.com/ABC, AWS/Amazon Zeitgeist MP3 player,
AWS/Spiegel.tv, Technology Review, Cloudfront/Tunein,
Akamai/Discovery Channel, Beyond Security, OCaml, Gentoo,
Nokia, Widgetbox.com, Squarespace
https://trac.torproject.org/projects/tor/ticket/4199
https://trac.torproject.org/projects/tor/ticket/6871
https://trac.torproject.org/projects/tor/ticket/6992
https://trac.torproject.org/projects/tor/ticket/7000
https://trac.torproject.org/projects/tor/ticket/7020
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-October/001324.html
- Disable buggy: Web.de, AJC.com, Feross, Bestofmedia
- Remove a lot of off-by-default rulesets from the code, since they have
some costs in terms of startup speed and RAM usage
* Thu Sep 27 2012 Russell Golden <niveusluna at niveusluna.org> - 2.2.3-1
- Workaround for breakage in Amazon Look Inside the Book (via Cloudfront)
-- https://trac.torproject.org/projects/tor/ticket/6848
- Fix logout for AOL users
- Other fixes: PassThePopcorn, WhatCD, Antispam.de, RFCeditor,
-- Weatherspark / GoogleMaps
- Disable broken: SVT.se
* Thu Sep 6 2012 Russell Golden <niveusluna at niveusluna.org> - 2.2.2-1
- Fix a bug that was preventing settings from persisting:
https://trac.torproject.org/projects/tor/ticket/6653
- Fixes and improvements: Lenovo, YahooNew, Pirate Party, OpenDNS, Wordpress
https://trac.torproject.org/projects/tor/ticket/6604
https://mail1.eff.org/pipermail/https-everywhere-rules/2012-August/001267.html
- Disable broken rulesets: FAZ, Playboy, Mapquest, Imgur, F-Secure
* Fri Aug 17 2012 Russell Golden <niveusluna at niveusluna.org> - 2.2.1-1
- Update to upstream 2.2.1. Hopefully this one will actually work.
* Fri Aug 17 2012 Russell Golden <niveusluna at niveusluna.org> - 2.1-5
- Add appManaged flag to prevent update in user profile directories
- prompted by release of badly broken 2.2 upstream
* Fri Aug 17 2012 Russell Golden <niveusluna at niveusluna.org> - 2.2-2
- Prevent ruleset bugs from crashing the UI
-- https://trac.torproject.org/projects/tor/ticket/6280
- Fix the enable/disable button in Firefox 14
-- https://trac.torproject.org/projects/tor/ticket/6212
- Fix a nasty bug in the optional "Search www.google.com" ruleset:
-- https://gitweb.torproject.org/https-everywhere.git/commitdiff/50ca41a1e189ef8383781f803e51ec7a06688a3b
- Disable buggy/broken: ZDNet, Globe and Mail, Blip.tv, Governo Portugês,
-- Alton Towers, McAfee :( :( :(
- Fixes: Yandex, Wikipedia, PirateParty, JBoss, Gentoo
- Hopefully the last 2.x release before 3.0 stable
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jul 2 2012 Russell Golden <niveusluna at niveusluna.org> - 2.1-3
- Change Requires to require firefox on all RHEL versions
* Sun Jun 24 2012 Russell Golden <niveusluna at niveusluna.org> - 2.1-2
- Fix context menu breakage when URIs lack a host
- Fixes: CiteULike, MozillaMessaging, Yandex, Demonoid, Pirate Party,
-- Gentoo, NYTimes, Microsoft, Wikipedia, Lenovo
-- https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001189.html
-- https://trac.torproject.org/projects/tor/ticket/6091
-- https://mail1.eff.org/pipermail/https-everywhere-rules/2012-June/001190.html
-- https://mail1.eff.org/pipermail/https-everywhere-rules/2012-May/001186.html
-- https://mail1.eff.org/pipermail/https-everywhere/2012-May/001433.html
- Disable broken: MarketWatch, Disqus, Magento, Lavasoft, Project Syndicate,
-- Typepad/Say Media
-- https://trac.torproject.org/projects/tor/ticket/5899
-- https://trac.torproject.org/projects/tor/ticket/5496
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mozilla-https-everywhere' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list