Pale Moon Updates

[hayc59]

Pale Moon is an Open Source, Goanna-based web browser available for Microsoft Windows and Linux (with other operating systems in development), focusing on efficiency and ease of use. Make sure to get the most out of your browser!

Pale Moon offers you a browsing experience in a browser completely built from its own, independently developed source that has been forked off from Firefox/Mozilla code, with carefully selected features and optimizations to improve the browser's speed*, resource use, stability and user experience, while offering full customization and a growing collection of extensions and themes to make the browser truly your own.

Features:
• Highly optimized for modern processors
•100% Firefox sourced: As safe as the browser that has seen years of development.
• Uses slightly less memory because of disabled redundant and optional code
• Significant speed increases for page drawing and script processing
• Stability: experience fewer browser crashes.
• Support for SVG and Canvas, and downloadable fonts including WOFF
• Support for HTML5 and WebGL (v4+)
• Support for Firefox extensions (add-ons), themes and personas
• Support for OOPP (Out-of-process plugin execution)

Home Page

Edited February 21, 2017 by hayc59

[hayc59]

Pale Moon v28.16.0 Released (2020-11-24)

 

DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

Changes/fixes:

Aligned CSS tab-size with the specification and un-prefixed it.
Updated Brotli library to 1.0.9.
Updated JAR lib code.
Optimized UI code, resulting in smaller downloads and less space consumed on disk.
Changed the default Firefox Compatibility version number to 68.0 (since versions ending in .9 makes some frameworks unhappy, refusing access to users)
Cleaned up HPKP leftovers.
Disabled the DOM filesystem API by default.
Removed Phone Vibrator API.
Fixed an issue where the software uninstaller would not remove the program files it should.
Fixed a devtools crash related to timeline snapshots.
Fixed an issue in Skia that could cause unsafe memory access. DiD
Fixed several data race conditions. DiD
Fixed an XSS vulnerability where scripts could be executed when pasting data into on-line editors.
Linux: Fixed an overflow issue in freetype.
Security issues addressed: CVE-2020-26960, CVE-2020-26951, CVE-2020-26956, CVE-2020-15999 and several others that do not have a CVE designation.
Unified XUL Platform Mozilla Security Patch Summary: 4 fixed, 4 defense-in-depth, 3 rejected, 20 not applicable.

Implementation notes:

Windows binaries should all be properly code-signed again.
The uninstaller issue might only appear if you have not used the internal updater to update the browser after installation.
The DOM Filesystem and dir picker APIs are, in practice, not used on websites. We've disabled these web-exposed APIs because they are not entirely without potential risk, and intend to remove them in a future version unless there is a demonstrable need to keep them as optional (unsupported) APIs in the platform.
One of the rejected security patches deals with entering a single word in the address bar. Standard browser behavior in that situation is for browsers to do a normal network lookup of that word in case it is a LAN machine name (other browsers also do this) which may "leak" your entered search term to the LAN. If you want to avoid this, please always use the search box for entering web searches, as it's unambiguous what to do with single words in that case.

 

Download:

https://www.palemoon.org/download.shtml

Release Notes

Edited November 24, 2020 by hayc59