Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Firefox
Pale Moon 28.9.0.1 (64-bit)
Message
<blockquote data-quote="DDE_Server" data-source="post: 868277" data-attributes="member: 65727"><p><span style="font-size: 18px"><strong>28.9.0.1 (2020-03-25)</strong></span></p><p>This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users.</p><p><span style="font-size: 18px"><strong>v28.9.0 (2020-03-24)</strong></span></p><p>This is a major development update.</p><p></p><p>New features:</p><ul> <li data-xf-list-type="ul">Implemented asynchronous iterators (await iterator.next() and for await loops) (ES2018)</li> <li data-xf-list-type="ul">Implemented promise-based media playback.</li> <li data-xf-list-type="ul">Implemented non-standard legacy CSSStyleSheet rules functions.</li> <li data-xf-list-type="ul">Implemented the html5 <dialog> element. To switch this on, flip dom.dialog_element.enabled to true.</li> <li data-xf-list-type="ul">Implemented the optional hiding of pinned tabs in CtrlTab/AllTab panes. (controlled through the preferences browser.ctrlTab.hidePinnedTabs and browser.allTabs.hidePinnedTabs)</li> <li data-xf-list-type="ul">Added 1.25x playback speed to html media elements.</li> <li data-xf-list-type="ul">Added a hidden pref (browser.places.smartBookmarks.max) to control the sizes of default smart bookmarks categories.</li> </ul><p>Changes/fixes:</p><ul> <li data-xf-list-type="ul">Aligned document.open() with the overhauled specification.</li> <li data-xf-list-type="ul">Aligned the way DOM styles are computed with mainstream browser behavior.</li> <li data-xf-list-type="ul">Removed the (unused) DOM promise implementation.</li> <li data-xf-list-type="ul">Enabled seeking to next frame in media files.</li> <li data-xf-list-type="ul">Enabled dynamic UA updates for emergency use.</li> <li data-xf-list-type="ul">Implemented rule processing stub for font-variation-settings.</li> <li data-xf-list-type="ul">Increased the maximum XML nesting depth to 2048 levels for extreme corner cases and to conservatively align with other browsers.</li> <li data-xf-list-type="ul">Improved the privacy of geolocation lookup calls, with thanks to a generous service donation from <a href="https://ip-api.com/" target="_blank">ip-api.com</a></li> <li data-xf-list-type="ul">Improved reporting of the operating system in site-specific user-agent overrides.</li> <li data-xf-list-type="ul">Improved table drawing performance again after the rewrite for sticky positioning making it slower.</li> <li data-xf-list-type="ul">Updated CSP processing to allow custom scheme wildcards to be specified without a port.</li> <li data-xf-list-type="ul">Aligned the behavior of outlines with other browsers when dealing with CSS-repositioned elements.</li> <li data-xf-list-type="ul">Changed the way hardware acceleration is controlled from the application.</li> <li data-xf-list-type="ul">Changed the default monospace font for main languages from Courier New to Consolas.<br /> This provides a more balanced font for fixed-width text that is slightly more condensed and more in line with the naturally compacter variable-width fonts used everywhere else.</li> <li data-xf-list-type="ul">Changed the browser's behavior when restoring tabs from previous sessions. To prevent stale pages, it will now by default perform a "soft refresh" of the page instead of drawing it purely from cache without checking if the page needs updating. If you prefer the old behavior, set browser.sessionstore.cache_behavior to 0 in about:config.</li> <li data-xf-list-type="ul">Updated NSPR to 4.24 and NSS to ~3.48.1-RTM, removing the previous custom patch level with NSS being able to support custom rounds for DBM now.<br /> For extensive release notes with all NSS changes, see <a href="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases" target="_blank">NSS_Releases</a></li> <li data-xf-list-type="ul">Implemented an NSS performance optimization for Master Password use with limited effect.</li> <li data-xf-list-type="ul">Fixed some potential crashing scenarios with WebGL on Linux.</li> <li data-xf-list-type="ul">Completely removed showModalDialog.</li> <li data-xf-list-type="ul">Disabled some logging in production builds.</li> <li data-xf-list-type="ul">Removed various gadgeteering/redundant/dead DOM APIs (casting/presentation, FlyWeb)</li> <li data-xf-list-type="ul">Removed support for a number of critical libraries being system-supplied.</li> <li data-xf-list-type="ul">Removed "Copy raw data" button from the troubleshooting information page, since it's never used by us in that format, and users mistakenly keep using it instead of copying text.</li> <li data-xf-list-type="ul">Removed a bunch of Android and iOS support code.</li> <li data-xf-list-type="ul">Fixed an issue with form elements sometimes being incorrectly disabled.</li> <li data-xf-list-type="ul">Fixed several crashes.</li> <li data-xf-list-type="ul">Fixed an issue with Captive Portal detection sometimes firing even when disabled by the user.</li> <li data-xf-list-type="ul">Performed various tree-wide code cleanups.</li> <li data-xf-list-type="ul">Backed out a large code cleanup patch for causing subtle issues in website operation (e.g. WordPress). This will have to be revisited later; the reintroduced code is not in use in practice.</li> <li data-xf-list-type="ul">Cleaned up the application updater code.</li> </ul><p>Security-related fixes:</p><ul> <li data-xf-list-type="ul">Fixed a potential pointer issue in cubeb. DiD</li> <li data-xf-list-type="ul">Disabled allowing remote jar: URIs by default for security reasons. If you need this functionality for your non-standard environment, you can enable it with the preference network.jar.block-remote-files, but please consider moving away from this method of providing web-based applications.</li> <li data-xf-list-type="ul">Removed a potentially dangerous and otherwise ineffective optimization from the JavaScript engine.</li> <li data-xf-list-type="ul">Fixed unwanted behavior where created/focused pop-up windows could potentially cover the DOM fullscreen notification, hiding it from users. (CVE-2020-6810)</li> <li data-xf-list-type="ul">Fixed an issue where copying data as a curl request from developer tools would not properly escape parameters. (CVE-2020-6811)</li> <li data-xf-list-type="ul">Updated our sctp library code with several upstream fixes.</li> <li data-xf-list-type="ul">Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable.</li> </ul><p>Release Notes: <a href="https://www.palemoon.org/releasenotes.shtml" target="_blank">Pale Moon - Release Notes</a></p><p>Download: <a href="https://www.palemoon.org/download.shtml" target="_blank">Pale Moon for Windows downloads</a></p></blockquote><p></p>
[QUOTE="DDE_Server, post: 868277, member: 65727"] [SIZE=5][B]28.9.0.1 (2020-03-25)[/B][/SIZE] This is a small update to address a breaking issue with user-agent override strings, causing problems on certain websites for a number of our users. [SIZE=5][B]v28.9.0 (2020-03-24)[/B][/SIZE] This is a major development update. New features: [LIST] [*]Implemented asynchronous iterators (await iterator.next() and for await loops) (ES2018) [*]Implemented promise-based media playback. [*]Implemented non-standard legacy CSSStyleSheet rules functions. [*]Implemented the html5 <dialog> element. To switch this on, flip dom.dialog_element.enabled to true. [*]Implemented the optional hiding of pinned tabs in CtrlTab/AllTab panes. (controlled through the preferences browser.ctrlTab.hidePinnedTabs and browser.allTabs.hidePinnedTabs) [*]Added 1.25x playback speed to html media elements. [*]Added a hidden pref (browser.places.smartBookmarks.max) to control the sizes of default smart bookmarks categories. [/LIST] Changes/fixes: [LIST] [*]Aligned document.open() with the overhauled specification. [*]Aligned the way DOM styles are computed with mainstream browser behavior. [*]Removed the (unused) DOM promise implementation. [*]Enabled seeking to next frame in media files. [*]Enabled dynamic UA updates for emergency use. [*]Implemented rule processing stub for font-variation-settings. [*]Increased the maximum XML nesting depth to 2048 levels for extreme corner cases and to conservatively align with other browsers. [*]Improved the privacy of geolocation lookup calls, with thanks to a generous service donation from [URL='https://ip-api.com/']ip-api.com[/URL] [*]Improved reporting of the operating system in site-specific user-agent overrides. [*]Improved table drawing performance again after the rewrite for sticky positioning making it slower. [*]Updated CSP processing to allow custom scheme wildcards to be specified without a port. [*]Aligned the behavior of outlines with other browsers when dealing with CSS-repositioned elements. [*]Changed the way hardware acceleration is controlled from the application. [*]Changed the default monospace font for main languages from Courier New to Consolas. This provides a more balanced font for fixed-width text that is slightly more condensed and more in line with the naturally compacter variable-width fonts used everywhere else. [*]Changed the browser's behavior when restoring tabs from previous sessions. To prevent stale pages, it will now by default perform a "soft refresh" of the page instead of drawing it purely from cache without checking if the page needs updating. If you prefer the old behavior, set browser.sessionstore.cache_behavior to 0 in about:config. [*]Updated NSPR to 4.24 and NSS to ~3.48.1-RTM, removing the previous custom patch level with NSS being able to support custom rounds for DBM now. For extensive release notes with all NSS changes, see [URL='https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases']NSS_Releases[/URL] [*]Implemented an NSS performance optimization for Master Password use with limited effect. [*]Fixed some potential crashing scenarios with WebGL on Linux. [*]Completely removed showModalDialog. [*]Disabled some logging in production builds. [*]Removed various gadgeteering/redundant/dead DOM APIs (casting/presentation, FlyWeb) [*]Removed support for a number of critical libraries being system-supplied. [*]Removed "Copy raw data" button from the troubleshooting information page, since it's never used by us in that format, and users mistakenly keep using it instead of copying text. [*]Removed a bunch of Android and iOS support code. [*]Fixed an issue with form elements sometimes being incorrectly disabled. [*]Fixed several crashes. [*]Fixed an issue with Captive Portal detection sometimes firing even when disabled by the user. [*]Performed various tree-wide code cleanups. [*]Backed out a large code cleanup patch for causing subtle issues in website operation (e.g. WordPress). This will have to be revisited later; the reintroduced code is not in use in practice. [*]Cleaned up the application updater code. [/LIST] Security-related fixes: [LIST] [*]Fixed a potential pointer issue in cubeb. DiD [*]Disabled allowing remote jar: URIs by default for security reasons. If you need this functionality for your non-standard environment, you can enable it with the preference network.jar.block-remote-files, but please consider moving away from this method of providing web-based applications. [*]Removed a potentially dangerous and otherwise ineffective optimization from the JavaScript engine. [*]Fixed unwanted behavior where created/focused pop-up windows could potentially cover the DOM fullscreen notification, hiding it from users. (CVE-2020-6810) [*]Fixed an issue where copying data as a curl request from developer tools would not properly escape parameters. (CVE-2020-6811) [*]Updated our sctp library code with several upstream fixes. [*]Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 3 already mitigated, 1 rejected, 11 not applicable. [/LIST] Release Notes: [URL="https://www.palemoon.org/releasenotes.shtml"]Pale Moon - Release Notes[/URL] Download: [URL="https://www.palemoon.org/download.shtml"]Pale Moon for Windows downloads[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top