Pale Moon has been updated to version 28.2.0, a major development release addressing performance, web compatibility, bugfixes, regressions and security vulnerabilities. In particular, security fixes have been implemented for CVE-2018-12381, CVE-2017-7797, a better fix for CVE-2018-12386 (DiD), CVE-2018-12401 (DiD), CVE-2018-12398, CVE-2018-12392, several Skia bugs, and several crashes and memory safety hazards that do not have a CVE number.
From the Release Notes:
Changes/fixes:
- Fixed a major performance issue with web workers.
- Fixed a rare crash on local networks with HTTP basic auth and unsupported cipher suites.
- Fixed a performance/timer issue when leaving the browser idle.
- Fixed an issue causing an empty dialog when launching executable files from the browser.
- Fixed an issue preventing making entries to disallow sites to store data for off-line use.
- Removed code to prevent extensions with binary components.
- Fixed an issue with common dialogs being sized incorrectly for their content.
- Fixed an issue with event handling on the tab bar that would cause frustrating behavior when trying to open/close tabs in rapid succession.
- Switched default behavior for scrolling when a context or
pop-up menu is open to allow scrolling, like in v27. This also affects
scrolling in very long menus, e.g. bookmarks.
- Added experimental Asynchronous Panning and Zooming (APZ) for desktop use.
- Re-enabled the use and parsing of ICC v4 color profiles.
- Removed telemetry code from the caching subsystem.
- Improved full-screen detection for suppressing status messages.
- Made all arguments passed to Init*Event() optional except the first for parity with other browsers.
- Cleaned up some internal installer code.
- Fixed making caret width configurable when dealing with CJK characters (regression).
- Fixed drawing of table borders consistently when zooming a page (regression).
- Exposed the "Save download location per site" pref in about:config.
- Improved media handling (ongoing).
- Added experimental support for AV1 in WebM videos (disabled
by default).
Note: this is for WebM only for now, so MP4 and MSE AV1 streams (e.g. YouTube) will not (yet) play. - Removed the (defunct and incomplete) in-browser translation code.
- Fixed an issue with CSS Grid layouts unnecessarily shrinking element blocks.
- Fixed notification settings menu entry (opes about:permissions with relevant data now).
- Fixed the launching of an undesirable background content process for capturing page thumbnails.
- Fixed a focus issue in the bookmark properties dialog.
- Changed the setting for reporting CSS errors to the console to false by default, to prevent unnecessary performance loss for recording this data.
- Added control mechanisms for Opportunistic Encryption (both for alternative services and upgrade-insecure-requests) in preferences, and disabled this by default due to potential security and privacy issues with this transitional technology.
- Updated the default reported Firefox version in Firefox
Compatibility Mode to prevent "too old Firefox" complaints on websites.
- Updated libnestegg, ffvpx, reader view components and several other modules from upstream.
- Implemented security fixes for CVE-2018-12381, CVE-2017-7797, a better fix for CVE-2018-12386 (DiD), CVE-2018-12401 (DiD), CVE-2018-12398, CVE-2018-12392, several Skia bugs, and several crashes and memory safety hazards that do not have a CVE number.
Update
To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates.Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment