summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--libre/icecat/PKGBUILD8
-rw-r--r--libre/icecat/disable-crypto-hardening-settings.patch16
2 files changed, 12 insertions, 12 deletions
diff --git a/libre/icecat/PKGBUILD b/libre/icecat/PKGBUILD
index 1b01e7d9c..aafad8c03 100644
--- a/libre/icecat/PKGBUILD
+++ b/libre/icecat/PKGBUILD
@@ -14,9 +14,9 @@
_pgo=false
pkgname=icecat
-_pkgver=52.1.0-gnu1
+_pkgver=52.3.0-gnu1
pkgver=${_pkgver//-/_}
-pkgrel=2
+pkgrel=1
pkgdesc="GNU IceCat, the standalone web browser based on Mozilla Firefox."
arch=(i686 x86_64 armv7h)
@@ -45,7 +45,7 @@ source=(http://ftp.gnu.org/gnu/gnuzilla/${_pkgver%-*}/$pkgname-$_pkgver.tar.bz2{
disable-spoofSource-referer.patch
no-crmf.patch
no-neon.patch)
-sha256sums=('0beff2a04fdc1b56d274133cd22ff546fd609c929954132ff6bf1b800a5b24f3'
+sha256sums=('699ab2b41d4428ef5e360f3f33d98bc52723315cedac20bb03619846ca895302'
'SKIP'
'04952e0910c7c0d24faaa1ffa486dc3dae9f2c52548ff977858bec08ccb400f3'
'76a657a90371e637e7c4b371b71a15c85acafcece6277455e9ede84ffe104d3e'
@@ -54,7 +54,7 @@ sha256sums=('0beff2a04fdc1b56d274133cd22ff546fd609c929954132ff6bf1b800a5b24f3'
'5bdab2de5520fb4d3dbc453d9f73d20e0e077bf652bc780fc17184ba6c718a47'
'977aa49b940f1da049cefa2878a63ac6669a78e63e9d55bb11db7b8f8fb64c33'
'68e3a5b47c6d175cc95b98b069a15205f027cab83af9e075818d38610feb6213'
- '0166aa368420f0bf0aab064b2188e3d852b241efeeb27dee66df2bc15e84b83a'
+ 'bb1fc90d117c4a7810e202d23ff44a2dac11b675336533054b5a70dd8606df38'
'c50043266e69f5844e6dce9ea7193af79587dcaa66806932d7867281a176f03e'
'cf224d69e89f37f92202061669014b99fbf7b1fec38fd8ba9f957711fa095729'
'6d0c1c9ca28b20d206ce24ca84f4d4e3f5d062a2e9cb7445fcb6c2cfea959b4a')
diff --git a/libre/icecat/disable-crypto-hardening-settings.patch b/libre/icecat/disable-crypto-hardening-settings.patch
index 3c7dedd77..c6dfb1ac1 100644
--- a/libre/icecat/disable-crypto-hardening-settings.patch
+++ b/libre/icecat/disable-crypto-hardening-settings.patch
@@ -9,19 +9,19 @@ index 3308a22..6b81444 100644
-pref("security.tls.unrestricted_rc4_fallback", false);
-pref("security.tls.insecure_fallback_hosts.use_static_list", false);
-pref("security.tls.version.min", 1);
--pref("security.ssl.require_safe_negotiation", true);
+-pref("security.ssl.require_safe_negotiation", false);
-pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
-pref("security.ssl3.rsa_seed_sha", true);
-pref("security.OCSP.enabled", 1);
--pref("security.OCSP.require", true);
+-pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
+//pref("security.tls.unrestricted_rc4_fallback", false);
+//pref("security.tls.insecure_fallback_hosts.use_static_list", false);
+//pref("security.tls.version.min", 1);
-+//pref("security.ssl.require_safe_negotiation", true);
++//pref("security.ssl.require_safe_negotiation", false);
+//pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
+//pref("security.ssl3.rsa_seed_sha", true);
+//pref("security.OCSP.enabled", 1);
-+//pref("security.OCSP.require", true);
++//pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
// Disable channel updates
pref("app.update.enabled", false);
@@ -36,19 +36,19 @@ index bfc6cba..cfdeb22 100644
-pref("security.tls.unrestricted_rc4_fallback", false);
-pref("security.tls.insecure_fallback_hosts.use_static_list", false);
-pref("security.tls.version.min", 1);
--pref("security.ssl.require_safe_negotiation", true);
+-pref("security.ssl.require_safe_negotiation", false);
-pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
-pref("security.ssl3.rsa_seed_sha", true);
-pref("security.OCSP.enabled", 1);
--pref("security.OCSP.require", true);
+-pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
+//pref("security.tls.unrestricted_rc4_fallback", false);
+//pref("security.tls.insecure_fallback_hosts.use_static_list", false);
+//pref("security.tls.version.min", 1);
-+//pref("security.ssl.require_safe_negotiation", true);
++//pref("security.ssl.require_safe_negotiation", false);
+//pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
+//pref("security.ssl3.rsa_seed_sha", true);
+//pref("security.OCSP.enabled", 1);
-+//pref("security.OCSP.require", true);
++//pref("security.OCSP.require", false); // set to false otherwise it breaks captive portal usage
// Disable channel updates
pref("app.update.enabled", false);