Pale Moon v26.2.0 Released

Discussion in 'other software & services' started by hayc59, Apr 5, 2016.

  1. hayc59

    hayc59 Updates Team

    Joined:
    Oct 29, 2008
    Posts:
    2,133
    Location:
    R.I.P. Roger(roddy32)
    pale.png
    Pale Moon v26.2.0
    04.05.2016


    This is a major update and bugfix release.
    Linux versions will follow shortly when the Linux maintainer has time to publish those builds.


    Changes:
    • Implemented the URL API that's needed for a number of websites.
    • Changed internal keystroke handling within the spec to better align with generally expected behavior.
    • This should fix the infamous "backspace" issue on Facebook.
    • Web developers please note: calling preventDefault() in a "keydown" event handler will now prevent most keypress events from firing.
    • Linux: gstreamer 1.0 support has been implemented and enabled by default (hats off to Travis!)
    • From this version forward you will need to have gstreamer 1.0 libraries for video playback (0.10 is no longer supported).
    • Re-styled about:sessionrestore to use more available screen real estate for tab info.
    • Added an option to use the mousewheel for horizontal scrolling (mouse action value 4).
    (e.g. setting mousewheel.with_shift.action to 4 makes Shift+wheel scroll horizontally)
    • Bumped the maximum icon file size for search engine icons to 32 KB to cater to more common use of HiDPI icons.
    • Fixed some hard-coded branding strings in Sync still reading "Firefox", and similarly changed sync information URLs to point to our relevant pages.
    • Removed default profile bookmarks pointing to Firefox/Mozilla since the information there no longer applies to us.
    • Updated UA overrides and XSS configuration to deal with some problematic sites (e.g.: Google, Embedly)
    • Fixed several issues with the default theme causing problems with behavior due to styling (thanks, Antonius32) (Issue #384 and friends)
    • Fixed some miscellaneous issues in the internal jemalloc implementation.
    • Added a configure option to use the full jemalloc lib (jemalloc v3) if the builder so wishes (used for Linux, sys mallocs are not happy there either, so for our generic binaries we switched to this lib now)
    If you are a Linux maintainer for a specific distro, you should investigate if the system memory allocator works properly and doesn't cause memory leaks. In case of doubt or lack of time to test this it's recommended you switch to the jemalloc lib as well. To do this, combine --enable-jemalloc with --enable-jemalloc-lib in your mozconfig.
    • Worked around a crash caused by the XSS filter on some fora by bailing on too short and empty strings.
    • Fixed layout of reflowed comboboxes without enough space.
    • Fixed a crash related to flexboxes overflowing themselves. (Issue #396)
    • Added a simple implementation for Weak Messagelisteners. (Issue #399)
    • Fixed a crash for losing our cache entry while finishing up compression.
    (re-apply after unintentional back-out switching to Goanna)
    • Linux: Worked around driver bugs with Intel drivers that falsely report what they can support in max texture size.
    Portable only: Removed compression of the browser components library after some reports that in certain configurations and environments it was causing issues with the browser.
    Security fixes:
    • Updated the graphite font library to 1.3.7+ to solve CVE-2016-2796 and no less than 14 of its friends.
    • Updated NSS to 3.19.4.2-PM to address several vulnerabilities (UAF, heap overflow).
    • Updated libvorbis to a much more recent version to fix multiple issues.
    • Crash fix and DiD fixes by holding strong references to objects in suspect places in the HTML parser. (CVE-2016-1961) (ZDI-CAN-3574)
    • Fixed several out-of-bounds issues in the VP8 decoder.
    • Fixed a potentially exploitable crash in XML/XSLT handling.
    • Applied some Kung Fu to HTML animations and transitions to prevent memory hazards.
    • Fixed applicable Mozilla code vulnerabilities CVE-2016-1965, CVE-2016-1960 (ZDI-CAN-3545), CVE-2016-1966, and CVE-2016-1963.

    Download Links-Direct .EXE
    Atom/Windows XP optimized Pale Moon 26.2.0
    Pale Moon 26.2.0
    Pale Moon 26.2.0 x64
    Pale Moon Portable 26.2.0
     
  2. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    ESR cycle separate from FF.

    In contrast, WF follows the Mozilla ESR release cycle.
     
  3. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    What do you mean?
    Pale Moon does not follow Firefox release cycle because it is a separate browser. It now uses Goanna engine, a fork of Mozilla Gecko.
     
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Yup, that's exactly what I mean. PM has its own release cycle.

    Better for building a usable browser.

    Unlike Mozilla, which doesn't know what its doing and leaves its users in the lurch.
     
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    I updated thanks.
    Palemoon does not need to follow the firefox update cycle because it does not have all the junk which firefox seems to have nowadays.
     
  6. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    1,441
    Good thing, too!

    FF rewrote code to protect users from themselves. I find that insulting.

    As a mature human being, I should be allowed to decide whether a website isn't worth visiting.

    Mozilla has no right to make that decision for its users in the first place.
     
  7. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,982
    Location:
    Brasil
    So I installed this browser inside a sandbox, and when I first opened it I was bombarded with 7 cookies. Seriously, developers? :mad:

    Is there a way to prevent this at first launch except disconnecting myself from the web before launching it "for real"?
     
  8. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    You can control cookies prefs through the Privacy tab in the Pale Moon Options box or use
    about:config preference.

    All cookies are allowed. (Default) (0)
    Only cookies from the originating server are allowed. (1)
    No cookies are allowed. (2)
    Third-party cookies are allowed only if that site has stored cookies already from a previous
    visit. (3)

    about:config > network.cookie.cookieBehavior // set to the number above of your choice.

    NOTE: Latest version of Pale Moon is 26.4.0
     
  9. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,982
    Location:
    Brasil
    @KeyPer4Life Thanks but I got the cookies at first launch.
    I remembered I can use a "vendor.js" file to block cookies at first launch. But I decided to use Icecat at the end, it completely respects my privacy from the get-go.
     
  10. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,029
    Location:
    Lloegyr
  11. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,029
    Location:
    Lloegyr
  12. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    I would recommend anytime you install a new web browser to go through the settings/options
    while offline and change them if needed. Then connect to the Internet.

    Been using Pale Moon for many years and have had no problems with cookies.
    When I need to login to a website that requires a cookie then I allow it otherwise they
    are blocked in Pale Moon options.

    NOTE: There are no cookies when I first launch Pale Moon browser after changing settings.

    Test your browser for cookies at: https://www.grc.com/cookies/operation.htm

    Scroll down to bottom of page and select number [3] •• Cookie Forensics ••
     
  13. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    @amarildojr
    How do you create an IceCat icon in the desktop/panel/favourites that launches the browser?
    This is under Ubuntu Mate 16.04.
     
  14. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,982
    Location:
    Brasil
    @Joxx Yes.

    You can definitely compile it if you want, though that would make more sense if there is an actual repo for Ubuntu.
     
  15. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,982
    Location:
    Brasil
    For some reason I can't accept cookies from "whatsapp.net" and so I can't listen to audio sent to me.

    Here are a few screenshots: https://imgur.com/a/ztv30

    What could be happening?
     
Loading...