Corrine Posted March 17, 2022 Share Posted March 17, 2022 Pale Moon has been updated to version 30.0.0. In addition to security fixes as well as extensive internal changes, of note is the following: Quote "Pale Moon is abandoning its own GUID (globally-unique identifier) and adopting Firefox's GUID instead to provide maximum compatibility with old and unmaintained Firefox extensions alongside those that are maintained on our add-ons site." Most notable user-facing/implementation changes: Implemented Global Privacy Control, taking the place of the unenforceable "DNT" (Do Not Track) signal. If you previously enabled DNT, then this preference will be adopted for Global Privacy Control (GPC). Through GPC, you indicate to websites that you do not want them to share or sell your data. "Default browser" controls in preferences has been moved to "General". Updated emoji support to Twemoji 13.1. Implemented Selection.setBaseAndExtent() for web compatibility. Implemented queueMicroTask() for web compatibility. Bugfixes, stability and security: Updated various in-tree libraries: cubeb, sqlite, cairo, ... Fixed an issue with the Linux desktop shortcut file to solve potential DE integration problems on common distributions. Fixed an issue with page and iframe content margins not being applied properly when passed as attributes instead of CSS. Ensured JavaScript and JSON files are always recognized as known MIME types so they can be opened appropriately from local sources. Fixed an issue with rapid loading and unloading of js modules causing browser crashes. Fixed an issue with tooltips being cut off at the end if containing exceedingly long unwrappable series of characters. Fixed several application crash scenarios. DiD Fixed a large number of thread locking/mutex issues. DiD Fixed a leak of content types due to inconsistent error reporting. (CVE-2022-22760) Fixed an issue with iframe sandboxing not being properly applied. (CVE-2022-22759) Fixed a potential leak of bookmarks from the exported bookmarks file if it included a malicious bookmarklet. Fixed an issue with drag-and-drop. (CVE-2022-22756) Fixed a potential crash due to truncated WAV files. Fixed a memory safety issue with XSLT. (CVE-2022-26485) *DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered. Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads. Update To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates. Release Notes Release Cycle]https://developer.palemoon.org/docs/release-engineering/]Release Cycle 1 Quote Link to comment Share on other sites More sharing options...
Corrine Posted March 20, 2022 Author Share Posted March 20, 2022 Unplanned outage by Moonchild: Quote As you may have noticed there has been an unplanned outage of all palemoon.org sites and services. Unfortunately this was caused by foul play at the hands of one of our own. I'll do a proper write-up of everything later, when I've gathered all the necessary data to make a coherent post explaining what happened. The additional result of the referenced "foul play" is that the website hosting the Pale Moon Add-on's page with extensions, themes, language packs, plugins and more is not available, having been removed by the former member of the Pale Moon team. 1 Quote Link to comment Share on other sites More sharing options...
Corrine Posted March 21, 2022 Author Share Posted March 21, 2022 Moonchild has provided information about the outage and extensions website in a long post at Outage post-mortem, and apologies. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.