CVE-2016-9079. The update also includes usability fixes.
*DiD stands for "Defense-in-Depth" and is a fix that does not apply to an actively exploitable vulnerability in Pale Moon but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.Details from the Release Notes:
- Fixed a crash in SVG, related to CVE-2016-9079, as a defense-in-depth measure.
- Enabled Firefox Compatibility mode by default for the useragent string.
Unfortunately too many websites (and especially the big players who should know better like Google, Apple and Microsoft) still require the "we must pretend to be Firefox if we want this site to work" status quo to be maintained, because people still insist on using useragent sniffing to determine "browser features", or even worse, discriminate against free choice of browser by flat-out refusing service (I'm looking at you, banking industry and cloud services!) when visiting websites just because companies don't want to provide assistance to any but users on the main 3.
HTML offers plenty of ways to do proper feature detection; site owners should use them.
Seriously people, it was a bad idea 20 years ago, and it's a worse idea in 2016.
- The built-in devtools are back, and with a facelift!
Thanks to some consistent community help, the built-in devtools, sorely missed by a number of our users, are back. They've received a code and style update and should be fully functional on the new platform. This was originally planned for 27.1, but it was decided to include this as soon as possible, not in the least to assist extension developers in their efforts to adapt to Pale Moon 27.
- Windows Vista/Windows 7/8/10/Server 2008 or later
- Windows Platform Update (Vista/7) strongly recommended
- A processor with SSE2 instruction support
- 256 MB of free RAM (512 MB or more recommended)
- At least 150 MB of free (uncompressed) disk space