Pale Moon has been updated to version 33.3.1. This is a minor security and bug fix update.
Changes/fixes:
- Backed out support for FFmpeg 7.0/libavcodec 61
(Linux) due to it causing a major regression in WebAudio (broken on all
platforms). This is being worked on to re-land at a later date.
- Restricted the NotifyPaintEvent interface
to chrome code only; there is no reason (other than potential
tracking/fingerprinting) to have this accessible from content.
- Fixed a potentially exploitable issue in JavaScript (FetchName).
- Fixed a code correctness issue in XPConnect when
creating sandboxes. DiD
- Added a warning for using externally handled usenet
protocols.
- Security issues addressed: CVE-2024-8383 and
CVE-2024-8381.
Notes:
*DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.
Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates.
Release Notes
Release Cycle
No comments:
Post a Comment