Pale Moon Version 31.3.1 Released with Security Updates

Started by Corrine, November 01, 2022, 01:00:33 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Corrine

Pale Moon has been updated to version 31.3.1.  This is a security and compatibility update.

Changes/Fixes:

  • Added detection suport for the newly-released MacOS 13 (Ventura).
  • Fixed a potential heap Use-After-Free risk in Expat. (CVE-2022-40674) DiD
  • Fixed potentially undefined behavior in our thread locking code. DiD
  • Fixed a potentially exploitable crash in the refresh driver.
  • Fixed potentially undefined behavior when base-64 decoding. DiD
  • Implemented a texture size cap for WebGL to prevent potential issues with some graphics drivers. DiD
  • Updated site-specific overrides to address issues with ZoHo.
  • UXP Mozilla security patch summary: 1 fixed, 2 DiD, 6 not applicable.

*DiD This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

**Rejected security patches: This means that patches were theoretically applicable to our code but considered undesirable, which could be due to unwanted changes in behavior, known regressions caused by the patches, or unnecessary risks for stability, security or privacy.

Pale Moon includes both 32- and 64-bit versions for Windows:  Pale Moon for Windows downloads.

Update:  To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.