Pale Moon 27.x.x Released

Status
Not open for further replies.

XhenEd

Level 28
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
From: Pale Moon - Release Notes

27.5.1 (2017-10-10)

This is a security and stability update to the browser, as well as fixing some issues users have indicated.

  • Changed the default Windows 10 styling when no accent color is aplied to black-on-white.
  • Changed the theme styling on Windows 10 when the system window frame is used (menu bar enabled) to use the window manager background directly, preventing visual lag updating the window color when it changes.
  • Updated user agent overrides for DropBox, YouTube and Yahoo to work around user agent sniffing issues.
  • Fixed a crash in the media subsystem.
  • Fixed a regression where video playback hardware acceleration was disabled incorrectly on some systems.
  • Updated libhyphen to the latest upstream code to fix a security issue.
  • Updated NSPR to 4.16-RTM with a patch to un-bust building on win64.
  • Updated NSS to 3.32.1-RTM.
  • Worked around some more issues with Mac fonts (CVE-2017-7825).
  • Fixed a potential rooting hazard in NPAPI plugin code. DiD
  • Fixed a potential reference issue in JavaScript arrays. DiD
DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.

The Pale Moon Project homepage
Pale Moon Windows 32-bit downloads
Pale Moon Windows 64-bit downloads
Pale Moon for Linux - Your browser, your way!
Pale Moon - portable!
 

XhenEd

Level 28
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
From: Pale Moon - Release Notes
27.6.0 (2017-11-07)
This is a major development update.

  • Dropped support for Direct2D 1.0 to avoid font rendering issues. Windows installations not capable of using Direct2D 1.1 will now fall back to software rendering. As a result, fonts may look different from this version onwards if you are on Windows Vista or Windows 7. Users on Windows 7 affected by this should install the Platform Update to re-enable Direct2D.
  • Updated the Brotli decoder library, and enabled support for Brotli HTTP content-encoding by default.
  • Added notifications to inform users about WebExtensions not being supported if they try to install them (as opposed to "extension is corrupt")
  • Added a number of DOM childNode convenience functions. This should fix some lazy-loading frameworks.
    (enjoy your LOLcats again!)
  • Changed automatic updates over to the new infrastructure.
  • Added extra proxy settings in Options, covering DNS lookups through SOCKS v5 and automatic proxy authentication with known credentials.
  • Added a selectable fallback character encoding of UTF-8 and fallback to UTF-8 as a last effort. (Issue #1423)
  • Improved timing of canplay and canplaythrough firing to work around a potential race condition locking up queued video playback.
  • Improved upmixing of mono sound for multi-channel setups.
  • Fixed a parallelization issue with the KISS-FFT library causing CPU-deadlocked threads (Issue #1425)
  • Fixed "Remove from history" function from the downloads panel.
  • Forced focus on the address bar in new windows if the content is a blank/empty document.
  • Fixed the dropmarker in the address bar to allow the suggestions to be closed with a click.
  • Further cleaned up the status bar code.
  • Disabled window.showModalDialog; it's been removed from the spec 2 years ago and has potential abuse issues (modal dialogs block the UI)
  • Fixed image decoder calls to make sure the image load event doesn't fire prematurely.
  • Updated LibPNG to 1.6.28, and enabled faster SSE2 decoding.
  • Updated WOFF2 code from upstream.
  • Updated the zlib compression library.
  • Made general improvements to internal code structure and spec adherence.
  • Fixed an issue with certain command-line parameters being used.
  • Updated the default theme to improve consistency and contrast of toolbar and download buttons.
  • Increased the default duration of notification pop-ups and made them configurable.
  • Improved handling of audio-visual media (ongoing).
  • Fixed an issue in CSS where elements would sometimes reflow to the next line even with sufficient visual space.
  • Aligned the implementation of for(let x=y;;) loops with the final ES6 specification.
  • Fixed the selection system inside of a nested contenteditable element being broken.
  • Fixed Windows 10 detection for blocklisting graphics drivers.
  • Enabled pasting of clipboard data in documents without an editor element to improve web compatibility.
  • Fixed the uninstallation routine of restartless add-ons.
  • Fixed the handling of unimplemented functions in the console API.
  • Updated the Facebook user-agent to enable otherwise vendor-restricted functionality.
  • Updated the SVG scaling cache limit to be more lenient for larger SVG images at a small performance trade-off, working around some sites' design issues.
  • Added an option to clear Site Connectivity Data (delete history).
  • Removed stale entries from the HSTS preload list, and improved generation/processing of it.
  • Removed undesired certificate issuer organization to common name fallback (if issuer org is empty).
  • Added pretty-printing for ECDSA-SHA224, 256, 384 and 512 hashed certificate signatures.
  • Worked around some more issues with broken Apple fonts.

The Pale Moon Project homepage
Pale Moon Windows 64-bit downloads
Pale Moon Windows 32-bit downloads
Pale Moon for Linux - Your browser, your way!
Pale Moon - portable!
 

XhenEd

Level 28
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
@XhenEd Will they use the last features and improvements from firefox?or don't?
The short answer is "No". :)

Just like what Pale Moon developers would say, Pale Moon is not Firefox and will never be. :cool:
If features have to be introduced, it would be because Pale Moon developers have deemed them good for the users. :)

I think, currently, they're trying to preserve the old platform of Mozilla, so that development with it can still proceed even though Mozilla already abandoned it for the new platform. :)
 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,782
Thanks for the answer and explanations!seems interesting! gonna install it :notworthy:
 
  • Like
Reactions: XhenEd

XhenEd

Level 28
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 1, 2014
1,708
From: Pale Moon - Release Notes

27.6.1 (2017-11-15)

This is a minor bugfix release to address some pressing issues people have reported.

  • Fixed a regression with new windows (opening two windows from the command-line or file association, focus issues on new windows, not loading the home page in a new window, etc.)
  • Aligned XHR with the currect spec to allow withCredentials.
  • Fixed an input element focus issue within handlers.
  • Fixed the processing of all-padding HTTP/2 frames to prevent rare HTTP/2 hangups.
  • Updated CitiBank override to work around their login issues.
  • Updated Netflix override to a community-supplied one that seems to satisfy their arbitrary restrictions better.

The Pale Moon Project homepage
Pale Moon Windows 32-bit downloads
Pale Moon Windows 64-bit downloads
Pale Moon - portable!
Pale Moon for Linux - Your browser, your way!
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top