Pale Moon version 28.9.3 has been released. The update is a security update.
The update includes DiD ("Defense-in-Depth") updates. A DiD update is s a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
From the Release Notes
- Fixed a potential vulnerability in the zip file reader. DiD
- Fixed a potential vulnerability in the JavaScript JIT compiler related to aliases. DiD
- Ported several upstream devtools fixes (addresses CVE-2020-12392 and CVE-2020-12393).
- Improved memory safety of some WebAudio calls.
- Improved memory safety in the XUL window destructor. DiD
- Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 Defense-in-depth, 16 not applicable.
Linux versions for this update will follow shortly.
Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Click About Pale Moon and Check for Updates.
Release Notes
No comments:
Post a Comment
Neither spam nor comments containing vulgarities will be approved.