Pale Moon 27.8 released The developers of Pale Moon released two new versions of the browser in the past couple of days. Pale Moon 27.8.0 was released on March 2, 2018 and the follow-up release Pale Moon 27.8.1 on March 6, 2018. March 6, 2018 https://www.ghacks.net/2018/03/06/pale-moon-27-8-released/
Nice. Thanks Nice. Thanks @mood Palemoon is still solid on this end, fast and reliable with just enough security to keep it functioning without serious issue although ongoing stumbles will crop up now and then, but they get reported and bingo, another update and back to business.
Even the special build with XP is really OK: @mood There is a parameter in the "Firefox Resources Reader" that is highlighted. I wonder if it's possible to hide it? https://forum.palemoon.org/viewtopic.php?f=3&t=18803 ______________________________________________________ Pale Moon can not pass the test below: https://audiofingerprint.openwpm.com/
Pale Moon v27.9.0 Released (2018-04-17) Release Notes Download: x64 / x86 / portable / (Linux) Spoiler: Pale Moon v27.9.0 Changes/fixes Changes/fixes: Fixed a number of spec compliance issues in our media subsystem. Added a trailing slash to referrers when policy is set to fix some web compatibility issues. Fixed the property order in Object.getOwnPropertyNames(string) and others for web compatibility. Updated RegExp(RegExp object, flags) to the ES6 standard specification. Changed the embedded font from the no longer free EmojiOne to the open-licensed Twemoji (with additional fixes). This also further extends unicode support to Unicode 10 emoji(s). Please note that as a result, color emoji(s) will look different than before. Adjusted some things in our memory allocator code to provide, among other things, better allocation alignment on Windows. Made the attempt to migrate people from the old sync server domain name to the current one more aggressive. We will be retiring the old pmsync.palemoon.net Sync server address shortly to remove the need for us to maintain a security certificate for it; this preference migration should automatically put everyone on the correct server address (pmsync.palemoon.org) when upgrading. Made reading of the sessionstore synchronous, to speed up startup and prevent the homepage from being loaded when restoring a session. Added a fix to switch to the correct window/tab when a web notification is clicked. Changed the placeholder text to not include "Search" when all search functions from the address bar are disabled. Enabled the use of Skia for canvas on Linux and OSX. Worked around a potential cause for some non-standard bitmapped fonts ending up with incorrect line heights (I'm looking at you, Noto fonts!). Added a workaround for incorrectly-encoded JPEG-XR images with planar alpha. Ultimately, the jxrlib reference implementation should be fixed to encode according to spec. Aligned XCTO:nosniff allowed script MIME types with the updated spec. Improved the logic for storing vector images in the surface cache. Fixed character set handling for XMLHttpRequests.
Pale Moon 27.9.0 is out The Pale Moon team released an update for the stable version of the web browser yesterday that brings the version to 27.9.0. The new version is available through the web browser's automatic update functionality and as a standalone download. April 18, 2018 https://www.ghacks.net/2018/04/18/pale-moon-27-9-0-is-out/
@hayc59 New Moon 28 b2: Firefox 52.9.0 ESR: _____________________________________________________ Better to install New Moon 28.
Pale Moon v27.9.4 Released (2018-07-17) Release Notes Download: x64 / x86 / portable / (Linux) Spoiler: Changes, Fixes v27.9.4 Changes/fixes: Updated the useragent for addons.mozilla.org to work around their "Only with Firefox" discrimination preventing users from downloading themes, old versions of extensions, and other files with Pale Moon. Restricted web access to the moz-icon:// scheme that could potentially be abused to infringe the user's privacy. Prevented various location-based threats. DiD Fixed a potential vulnerability with plugins being redirected to different origins (CVE-2018-12364). Improved the security check for launching executable files (by association) on Windows from the browser. For users who have (most likely accidentally) granted a system-wide waiver for opening these kinds of files without being prompted, this permission has been reset. Fixed an issue with invalid qcms transforms (CVE-2018-12366). Fixed a buffer overflow using the computed size of canvas elements (CVE-2018-12359). Fixed a use-after-free when using focus() (CVE-2018-12360). Added some sanity checks on nsMozIconURI. DiD Fixed an issue in the case the preferences file in the profile would not be writable (e.g. temporary permission issues due to backup, virus scanning or similar external processes). DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.