Security fixes:
- Updated NSPR to 4.15.
- Updated NSS to 3.31.1.
- Fixed a DoS issue using overly long Username in URL scheme (CVE-2017-7783)
- Fixed an issue where (cross domain) iframes could break scope (CVE-2017-7787)
- Fixed an issue in WindowsDllDetourPatcher (CVE-2017-7804)
- Fixed an issue with elliptic curve addition in mixed Jacobian-affine coordinates (CVE-2017-7781)
- Fixed a UAF in nsImageLoadingContent (CVE-2017-7784)
- Fixed a UAF in WebSockets (CVE-2017-7800)
- Fixed a heap-UAF in RelocateARIAOwnedIfNeeded (CVE-2017-7809) DiD (accessibility is disabled)
Changes/fixes:
- Fixed a number of crashes.
- Enabled the opt-in debugging feature to log SSL keys to a file in all builds.
- Added a fix for TLS 1.3 handshakes causing a browser hangup.
Handshakes should be considerably faster now and no longer stall in the wrong circumstances.
- Windows Vista/Windows 7/8/10/Server 2008 or later
- Windows Platform Update (Vista/7) strongly recommended
- A processor with SSE2 instruction support
- 256 MB of free RAM (512 MB or more recommended)
- At least 150 MB of free (uncompressed) disk space
Update
To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates.References:
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment