Palemoon update to v26.

Status
Not open for further replies.
silversurfer

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,168
Last edited:
  • Like
Reactions: tonibalas, Venustus, darko999 and 3 others
Rishi

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
upload_2016-1-26_20-12-14.png
thanks guys! @Amiga500 and @silversurfer
 
  • Like
Reactions: Venustus, darko999, frogboy and 2 others
darko999

darko999

Level 17
Verified
Well-known
Oct 2, 2014
805
Wow Actually faster than v25, running very good here heh!

little edit info:

Usually I want the most that my browser is capable of running smooth for a while, I mean at least a year of stability. And it will always depend on what are your system specifications in relation with the performance of your browser. In my case, my machine likes Pale Moon a lot, I have a lot of tabs open and a lot of RAM USAGE on my pc on heavy load times 80%+ of RAM already in use, then Pale Moon behaves like a boss with no crashes, no freezes. I tried Cyberfox x64 AMD version a couple of times but I'm just unlucky to be forced to leave it due to a few crashes on half a year. It may be specific issues with my computer specs and or with my installed software, but I'm lucky that Pale Moon works better for me, where Cyberfox will run better for others, both are great in my opinion. Pale Moon is a bit more customizable tho, that's my opinion heh.
 
Last edited:
  • Like
Reactions: tonibalas, silversurfer, Amiga500 and 1 other person
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.0.3 (2016-02-05)
This is a small bugfix release:
  • Changed our cookie gate to allow cookie names with spaces in them, to improve web compatibility.
    Critical note: if your site uses cookie names with spaces in them, please consider moving away from doing that so you are no longer in the "grey" area of cookie behavior.
  • Changed the configuration of our XSS filter to address some known, harmless filter hits that have been reported.
The Pale Moon Project homepage
 
  • Like
Reactions: darko999, tonibalas and Rishi
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.1.0 (2016-02-16)
This is a web compatibility, stability and bugfix release.

Changes/fixes:
  • Disabled our ES6 Promise implementation introduced in 26.0 since there were some severe issues with its implementation that caused a lot of inexplicable failures on websites. This means that some sites that insist on using Promises without checking availability and that do not provide sufficient web client compatibility by way of server-side libraries or polyfills will currently not work as-intended. Apologies for any inconvenience this may cause; providing a perfectly-working implementation will be our top priority going forward.
  • Improved website compatibility with many sites and web applications by making our cookie gate less strict.
  • Fixed web compatibility with Google Hangouts and Yahoo Calendar.
  • Changed the memory allocator on Windows platforms to a much more modern full-library implementation of jemalloc, with miscellaneous additional fixes. This should give comparable speed to the system one and will allocate free memory more dynamically. This should fix issues like "huge animated gif choking" and inexplicable pauses when using many tabs, scrolling (extremely) long pages, or viewing media.
  • Fixed a few rare crashing issues on Windows due to the build process.
  • Reduced so-called "jank" on inner frame scrolling reflows.
  • Extension compatibility: partial implementation of Firefox 26 download js modules as shims; this should make more Firefox extensions compatible with us out-of-the-box. (Thanks, Chaoskagami!)
  • Added a "superstop" key combination (Shift+Esc) that will stop all (foreground and background) network activity, stop animated gifs, etc. even after the page itself has fully loaded (and the stop button not being available) - some web applications may not like this if you use it since it will also cancel XHR requests, etc.
  • Updated NTLM authentication, deprecating v1 and adding a proper v2 implementation (Thanks, Trava90!)
  • Updated the default theme to tweak/improve it some more (Thanks, Antonius32!)
Security fixes:
  • Updated the Graphite2 font library to 1.3.5+ to fix a number of vulnerabilities (and some font bugs).
The Pale Moon Project homepage
 
  • Like
Reactions: Rishi, tonibalas and silversurfer
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.1.1 (2016-02-24)
This is a bugfix release to improve stability and extension compatibility.

Changes/fixes:
  • Fixed a few oversights in the Firefox extension compatibility changes in 26.1.0 that should improve compatibility with a number of Firefox extensions.
  • Changed memory handling to (hopefully) address the memory inflation issues some people have experienced with 26.1.0.
  • Updated YouTube compatibility, which should once again allow users to choose between Flash and HTML5 players on YouTube.
The Pale Moon Project homepage
 
  • Like
Reactions: silversurfer and Rishi
Rishi

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
Thanks for the update, the add-ons compatibility has really increased I could not help notice more official extensions available now.
 
  • Like
Reactions: LAGUN
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.2.0 (2016-04-05)
This is a major update and bugfix release.

Changes:
  • Implemented the URL API that's needed for a number of websites.
  • Changed internal keystroke handling within the spec to better align with generally expected behavior.
    This should fix the infamous "backspace" issue on Facebook.
    Web developers please note: calling preventDefault() in a "keydown" event handler will now prevent most keypress events from firing.
  • Linux: gstreamer 1.0 support has been implemented and enabled by default (hats off to Travis!)
    From this version forward you will need to have gstreamer 1.0 libraries for video playback (0.10 is no longer supported).
  • Re-styled about:sessionrestore to use more available screen real estate for tab info.
  • Added an option to use the mousewheel for horizontal scrolling (mouse action value 4).
    (e.g. setting mousewheel.with_shift.action to 4 makes Shift+wheel scroll horizontally)
  • Bumped max icon size for search engine icons to 32 KB to cater to more common use of HiDPI icons.
  • Fixed some hard-coded branding strings in Sync still reading "Firefox", and similarly changed sync information URLs to point to our relevant pages.
  • Removed default profile bookmarks pointing to Firefox/Mozilla since the information there no longer applies to us.
  • Updated UA overrides and XSS configuration to deal with some problematic sites (e.g.: Google, Embedly)
  • Fixed several issues with the default theme causing problems with behavior due to styling (thanks, Antonius32) (Issue #384 and friends)
  • Fixed some miscellaneous issues in the internal jemalloc implementation.
  • Added a configure option to use the full jemalloc lib (jemalloc v3) if the builder so wishes (used for Linux, sys mallocs are not happy there either, so for our generic binaries we switched to this lib now)
  • Worked around a crash caused by the XSS filter on some fora by bailing on too short and empty strings.
  • Fixed layout of reflowed comboboxes without enough space.
  • Fixed a crash related to flexboxes overflowing themselves. (Issue #396)
  • Added a simple implementation for Weak Messagelisteners. (Issue #399)
  • Fixed a crash for losing our cache entry while finishing up compression.
    (re-apply after unintentional back-out switching to Goanna)
  • Linux: Worked around driver bugs with Intel drivers that falsely report what they can support in max texture size.
  • Portable only: Removed compression of the browser components library after some reports that in certain configurations and environments it was causing issues with the browser.
Security fixes:
  • Updated the graphite font library to 1.3.7+ to solve CVE-2016-2796 and no less than 14 of its friends.
  • Updated NSS to 3.19.4.2-PM to address several vulnerabilities (UAF, heap overflow).
  • Updated libvorbis to a much more recent version to fix multiple issues.
  • Crash fix and DiD fixes by holding strong references to objects in suspect places in the HTML parser. (CVE-2016-1961) (ZDI-CAN-3574)
  • Fixed several out-of-bounds issues in the VP8 decoder.
  • Fixed a potentially exploitable crash in XML/XSLT handling.
  • Applied some Kung Fu to HTML animations and transitions to prevent memory hazards.
  • Fixed applicable Mozilla code vulnerabilities CVE-2016-1965, CVE-2016-1960 (ZDI-CAN-3545), CVE-2016-1966, and CVE-2016-1963.
The Pale Moon Project homepage
 
  • Like
Reactions: darko999, silversurfer and Rishi
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.2.2 (2016-05-10) & Android 25.9.2
This is mainly a security update.

Changes/fixes:
  • Added a detection routine for dark window colors on Windows 8 and later (system themes using dark window frames) to better adapt to dark system colors. Theme developers can take advantage of this by checking for darkwindowframe="true" on #main-window in CSS selectors.
  • CSS classes prefixed with "--" no longer stop parsing of the selectors.
  • Several crash fixes.
Security fixes:
  • Made GC suppression more aggressive to prevent issues when actually out of memory.
  • Fixed a memory safety hazard in jpeg decoding.
  • Fixed a potentially exploitable crash when using bi-directional text.
  • Updated NSS to 3.19.4.2-PM, fixing CVE-2016-1938 among other things.
The Pale Moon Project homepage
 
  • Like
Reactions: tonibalas, darko999, XhenEd and 2 others
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.3.0 (2016-06-21)
Changes/fixes:
  • Added detection for dark system themes on Windows 10 and re-worked Windows 10 specific theming to better integrate into the OS and provide more clarity.
  • HTML5 media controls have been reworked to a horizontal volume control on all media, including HTML5 audio that was previously without an element-control for volume.
  • Default HTML5 media volume preference added as media.default_volume -- fractional, default 1.0 (=100%).
  • String.prototype.match() and .replace() are now fully spec compliant.
  • NSPR and NSS now correctly no longer enforce IA32 architecture compatibility, getting the advantage of SSE2 like the rest of the code.
  • Worked around crashes in the XSS filter when navigating back in history due to document fragments.
  • Instated a hard minimum of 10,000 places entries regardless of free disk space and total memory to prevent undesired expiration of history. That is around 16MB for an average entry size, which should be sane enough even on low-memory machines.
  • Fixed a typo in networking code introduced in 26.2.2 that would cause issues on some sites due to adding extra forward slashes to the URL.
Security fixes:
  • Fixed a number of memory safety hazards and potentially exploitable crashes.
  • Fixed CVE-2016-2821 Use-after-free in the mozilla::dom::Element class
  • Fixed netaddr deserialization for AF_UNSPEC and AF_LOCAL.
  • Fixed a memory overrun error in the VP8 encoder. DiD
  • Fixed non-threadsafe re-use of pixman images to prevent potential race conditions. DiD
  • Fixed CVE-2016-2825 Partial Same Origin Policy violation
DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to an actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.

The Pale Moon Project homepage
 
  • Like
Reactions: silversurfer, darko999, XhenEd and 2 others
LAGUN

LAGUN

Level 10
Verified
Well-known
Mar 31, 2014
467
Pale Moon: Release notes
26.3.1 (2016-06-25)
Changes/fixes:
  • Fixed an issue with new tab button theming on dark toolbars.
  • Reverted the useragent identification of Firefox compatibility mode to 38.9 to avoid WOFF2 font issues for sites that don't use proper font deployment as recommended by the W3C.
  • Added a site-specific override for Google fonts to make sure it always works even if not using Firefox compatibility mode.
    (workaround pending for a proper solution on Google's side)
  • Adjusted the "dark color" detection routine to switch text to white at higher relative contrast levels.
    This will more closely match Windows 10's "flip point" for different accent colors and is within the recommended range determined by the WCAG.
www.palemoon.org/
 
  • Like
Reactions: darko999, silversurfer and frogboy
Status
Not open for further replies.

Similar threads

vtqhtr413
    • Like
    • Thanks
    • +Reputation
New Update Windows 11 Moment 5 Update Available for Download
Replies
4
Views
759
Windows 11
LennyFox
L
Ink
    • Wow
    • Like
Technology Google Play System Update for January 2024 breaks Pixels storage access
Replies
8
Views
530
Technology News
Moonhorse
Moonhorse
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The January 2024 Security Update Review
Replies
2
Views
1,269
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top