Corrine Posted March 23, 2022 Share Posted March 23, 2022 Following the recall of Pale Moon version 30, Pale Moon has been updated to version 29.4.5. This is a security update. Linux versions will follow shortly. Changes/fixes: Fixed several application crash scenarios. DiD Fixed a number of thread locking/mutex issues. DiD Fixed a leak of content types due to inconsistent error reporting. (CVE-2022-22760) Fixed an issue with iframe sandboxing not being properly applied. (CVE-2022-22759) Fixed a potential leak of bookmarks from the exported bookmarks file if it included a malicious bookmarklet. Fixed an issue with drag-and-drop. (CVE-2022-22756) Fixed a potential crash due to truncated WAV files. Fixed a memory safety issue with XSLT. (CVE-2022-26485) *DiD: This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered. Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads. Update To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates. Release Notes Release Cycle Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.