Pale Moon Version 33.1.0 Released with Security Updates

Started by Corrine, April 23, 2024, 01:16:06 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Corrine

Pale Moon has been updated to version 33.1.0.  This update is a development, stability, and security release.

New features:
  • Implemented support for single-use <link rel=preload> meta tag. This implementation allows use of it without specifying a second <link rel={type}> meta tag to actually load the linked document which was originally intended for this tag (to hint to a browser it should pre-load the document for fast painting).
  • Implemented CSP v3 keywords script-src-elem, script-src-attr, style-src-elem and style-src-attr.
  • Enabled the use of html5's <dialog> by default. While this is not yet a complete implementation, use of it in the wild dictated we enable this early. The implementation should functionally suffice for usage seen so far.
  • Added support for Emoji 15.1.
  • Implemented webkitURL legacy window alias for URL for web compatibility.
  • Implemented CSS shorthands margin-block, margin-inline, padding-block and padding-inline.
  • Added support for querying CPU capabilities (SSE2/AVX/AVX2) to the Navigator interface. For privacy reasons this is not exposed to the web, but can be used by extensions.

Changes/fixes:
  • Fixed broken mousewheel scrolling if building with --disable-npapi.
  • Fixed a minor issue with XUL tree display in some circumstances.
  • Dev: Aligned canvas Path2D.addPath with the updated spec. It now supports DOMMatrix as opposed to SVGMatrix.
  • Removed Stylo (Gecko Rust style system) leftovers from the source tree.
  • Fixed a few potential emoji display issues.
  • Fixed some issues with workers.
  • Fixed an issue with ctrl+c copying in devtools.
  • Fixed crashes when run under WINE because of its lack of support for IDXGIKeyedMutex.
  • Fixed a crash when dealing with a specific (unmaintained) extension.
  • Added .xrm-ms files to the executable warning list on Windows.
  • Added sanity checks on http/2 header sizes.
  • Fixed a potential issue in the JavaScript JIT compiler.
  • Pulled a few fixes from upstream for the OpenType Sanitizer.
  • Added a fix to avoid a potential issue when assigning a media data buffer.
  • Security issues addressed: CVE-2024-3863, CVE-2024-3302, CVE-2024-3857 DiD, CVE-2024-3859 and CVE-2024-3861 DiD.

Pale Moon includes both 32- and 64-bit versions for Windows: Pale Moon for Windows downloads.

Update: To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.

Release Notes
Release Cycle


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.