Pale Moon Version 33.7.2 Released with Security Updates

Started by Corrine, June 03, 2025, 12:04:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Corrine

June 03, 2025, 12:04:53 PM
Pale Moon has been updated to version 33.7.2.  This is a security update.

Changes/fixes:
  • Addressed PWN2OWN-2025-1 (out of bounds read or write in promise) DiD.
  • Addressed PWN2OWN-2025-2 (out of bounds read or write when using the ExtractLinearSum optimization) DiD.
  • Fixed potential unexpected behavior in embedded protobuf code. DiD.
  • Fixed an issue with potentially uninitialized contrast values when enhanced device contrast values can not be read from the O.S. DiD.
  • Fixed potential sanitization issues with devtools' "Copy as curl" feature. It should be noted that we do not currently offer cross-platform "curl" features, so this is another DiD for this release.

Notes:  *DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.
Print
Go Up Pages1
User actions