Tuesday, November 05, 2024

Pale Moon Version 33.4.1 Released with Security Update

 Pale MoonPale Moon has been updated to version 33.4.1.  This is a minor security and bug fix update.

Changes/fixes:

  • Added a processor check to the 64-bit installer for Windows to check for AVX.
    Note: this check does not work on Window 7/8/8.1 and will allow installations on non-AVX processors there.
    Note: if you are running Windows 10 before build 2004 (before 20H1), this check may fail on AVX-capable CPUs and prevent installation.
  • Improved handling of multipart/mixed documents. (CVE-2024-10461 and CVE-2016-2816) DiD
  • Addressed CVE-2024-10463.

    Notes:  *DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

    Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

    Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

    Release Notes
    Release Cycle

    Home
    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Monday, November 04, 2024

    Mozilla Firefox Version 132.0.1 Released with Updates

      Mozilla sent Firefox Version 131.0.3 to the Release Channel.

    Fixed

    • Fixed issues causing intermittent video playback problems on some sites. (Bug 1928484Bug 1928798).
    • Fixed an issue causing themes to reset to default after restarting Firefox, in particular when using the Firefox Color add-on. (Bug 1928082).

    Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox".  Mac users need to select "About Firefox" from the Firefox menu.  For non-English versions, Fully Localized Versions are available for download.

    Release Notes


    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...

    Tuesday, October 29, 2024

    Mozilla Firefox Version 132.0 Released with Security Updates

      FirefoxMozilla sent Firefox Version 132.0 to the release channel.  

    The update includes nine security updates of which two (2) are rated high, six (6) are rated moderate, and three (3) are rated low.

    High

    #

    #CVE-2024-10458: Permission leak via embed or object elements
    #CVE-2024-10459: Use-after-free in layout with accessibility

    Moderate

    #CVE-2024-10460: Confusing display of origin for external protocol handler prompt
    #CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response
    #CVE-2024-10462: Origin of permission prompt could be spoofed by long URL
    #CVE-2024-10463: Cross origin video frame leak
    #CVE-2024-10468: Race conditions in IndexedDB
    #CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4

    Low

    #CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser
    #CVE-2024-10465: Clipboard "paste" button persisted across tabs#CVE-2024-10466: DOM push subscription message could hang Firefox
    #CVE-2024-10466: DOM push subscription message could hang Firefox

    New

    • Microsoft PlayReady encrypted media playback is now being rolled out to select sites on Windows. Through this support, we are gradually rolling out a 1080p baseline and 4K Ultra HD support with key streaming partners. An added benefit is that viewers get less battery drain and better performance when streaming their favorite movies and shows.
    • A tab preview is now displayed when hovering the mouse over background tabs, making it easier to locate the desired tab without needing to switch tabs.
    • Wide Color Gamut WebGL is now available for Windows and macOS users! With this support, Firefox is bringing a richer, more vivid range of colors to the videos, games, and images on your screen. This implementation currently supports wider color (P3) profiles in 8-bit.
    • WebRender hardware accelerated rendering is now enabled for most SVG filter primitives, improving performance for certain graphics-heavy content. Accelerated filters are feBlend, feColorMatrix, feComponentTransfer, feComposite, feDropShadow, feFlood, feGaussianBlur, feMerge and feOffset.
    • Added support for macOS’ new screen and window sharing selection features on macOS 15 and later. Support for macOS 14 will be added in a future release.
    • The macOS session resume feature has been enhanced. Firefox will now automatically relaunch if it was open before a system restart, like after an OS update.
    • Firefox now blocks third-party cookie access when Enhanced Tracking Protection's Strict mode is enabled.
      Fixed:
      • Fixed an issue where Copy and Paste context menu items intermittently were not enabled when expected.
      Changed:


      • As a follow-up to our work to upgrade mixed content starting with Firefox 127, HTTP-favicons will now also be blocked if they can not be received over HTTPS instead
      • The Copy Without Site Tracking option is now grayed out when no known tracking parameters are found within the link. Additionally, more tracking parameter support has been added for websites such as LinkedIn and Shopee. Please report tracking parameters that aren't removed by filing a bug in Bugzilla.

      Update: To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

      References


      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...