Pale Moon version 26.x.x

Status
Not open for further replies.

Exterminator

Community Manager
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Pale Moon 25.8.1

28 Nov 2015:
Pale Moon 25.8.1 has been released which is a small update to address some important stability/usability issues.

Changes in Pale Moon 25.8.1:
  • Fix for a crash that could occur at random since the update to 25.8.0.
  • Fix for CSP (Content Security Policy) to be more lenient towards the incorrect passing of full URLs with all sorts of parameters in the CSP header, leading to misinterpretation of the header and incorrectly blocking the loading of content.
Download: Pale Moon 25.8.1 | 20.4 MB (Freeware)
Download: Portable Pale Moon 25.8.1 | 22.2 MB
Download: Pale Moon 25.8.1 x64 | 23.6 MB
Download: Intel Atom & Windows XP optimized Pale Moon 25.8.1 | 19.1 MB
 

Petrovic

Level 64
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
Pale Moon 26.0.0, public beta 3
ftp://publicbeta:get@ftp.palemoon.org/beta3/palemoon-26.0.0b3.win32.installer.exe
ftp://publicbeta:get@ftp.palemoon.org/beta3/palemoon-26.0.0b3.win64.installer.exe

ftp://publicbeta:get@ftp.palemoon.org/beta3/palemoon-26.0.0b3.win32.zip
ftp://publicbeta:get@ftp.palemoon.org/beta3/palemoon-26.0.0b3.win64.zip

ftp://ftp.palemoon.org/beta3/
 
  • Like
Reactions: darko999 and XhenEd
Y

yigido

Thread author
26.3.1 (2016-06-25)
Changes/fixes:
  • Fixed an issue with new tab button theming on dark toolbars.
  • Reverted the useragent identification of Firefox compatibility mode to 38.9 to avoid WOFF2 font issues for sites that don't use proper font deployment as recommended by the W3C.
  • Added a site-specific override for Google fonts to make sure it always works even if not using Firefox compatibility mode.
    (workaround pending for a proper solution on Google's side)
  • Adjusted the "dark color" detection routine to switch text to white at higher relative contrast levels.
    This will more closely match Windows 10's "flip point" for different accent colors and is within the recommended range determined by the WCAG.
The Pale Moon Project homepage
 

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Anyone using this? What about its performance (x64) ?
Hello @yigido, having just updated it is performing well, and has not disappointed.:) It is a newly installed x64 on our Windows 10 system. Sync still does not recognize email as valid to start an account, and I've :eek:deleted our portable versiono_O which no longer opened in Sanboxie.
Update: Hooray! Sync worked today by accepted my entrys!:p
 
Last edited:
Y

yigido

Thread author
26.3.3 (2016-07-01)
Another small bugfix update to address some breaking issues. Sorry for the rapid-fire releases, everyone; this is not our intention.

Changes/fixes:
  • Fixed an additional issue found that could cause menu text on Windows 10 to be white-on-white (and therefore unreadable).
  • Fixed an issue with news feeds not showing up when embedded in web pages.
  • Removed recently-added parsing of the child-src content security policy directive, after some web compatibility issues with it came to light, as well as it becoming clear that the CSP spec will see it removed in favor of the previous directive for embedded content. This should fix some intermittent issues people have reported on e.g. the main google.com page and phpMyAdmin installations.
The Pale Moon Project homepage
 

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
26.4.0 (2016-08-17)
Changes/fixes:
  • Removed Google Search as a bundled search provider. If desired, you can manually install it (or other search engines) after the update by following the steps in the Manage Search Enginestopic.
  • Fixed the URL API to allow "stringification" of the object per specification. This should make a number of websites happy.
  • Added the ES6 string .includes() function in addition to the pre-existing .contains() function for checking if a string contains another string. The .contains() function is retained for compatibility with web and extension scripts that adhere to the ES6 pre-release specification up to and including RC3.
  • Fixed the calculation of standalone SVG embeds width and height, which should solve some reported issues with html5 graphs being displayed incorrectly.
  • Linux: improved memory allocation.
  • Updated the graphite font library to 1.3.9.
  • Added a blocking rule for F-Secure's 64-bit deepguard library to prevent crashes.
  • Updated the SQLite library to 3.13.0.
  • Download= properties of links are now honored from the context menu "Save" option.
  • Fixed a crash in the XSS filter.
  • Fixed a crash in the DOM error module.
  • Worked around a crash on Linux
  • Linux: Improved optimization and GCC6 compatibility (Note: compiling with GCC 6 is still not recommended and it may or may not work, depending on your environment)
Security fixes:
  • (CVE-2016-5251)Potential URL spoofing in the address bar.
  • (CVE-2016-0718) Context-dependent crash in expat 2.1.0.
  • (CVE-2016-5266) Outgoing dataTransfer items are not properly filtered.
  • Fixed potentially exploitable crash in the array splice implementation.
  • Fixed potentially exploitable crash caused by badly formatted ICO files.
  • (CVE-2016-5254) Heap-use-after-free in nsXULPopupManager::KeyDown
The Pale Moon Project homepage
 

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
26.4.1 (2016-09-12)
This is a minor bugfix and security release.

Changes/fixes:
  • Fixed a crash in the XSS filter.
  • Slightly changed the address bar shading on secure sites to be more subtle and easily-blended.
  • Fixed the occurrence of "null" titles in bookmarks dragged from special folders.
  • Fixed an error initializing the browser due to trying to restore scratchpad data from a stored session when having switched from a version with devtools to a version without devtools, and the previous version had scratchpad data saved.
  • Fixed some minor issues in scratchpad and gcli devtools.
Security fixes:
  • Updated the HSTS preload list to a much more updated source list, and performing our own checks on validity from now on to have the list be as accurate as possible.
  • Disabled Triple-DES cipher suites by default (mitigating SWEET32).
Portable-only: Changed the behavior to, by default, allow it to start a new copy or multiple copies without checking if Pale Moon is already running on the system. You will need separate profiles to run multiple browsers concurrently.

The Pale Moon Project homepage
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top