- Added detection for dark system themes on Windows 10 and re-worked Windows 10 specific theming to better integrate into the OS and provide more clarity.
- HTML5 media controls have been reworked to a horizontal volume control on all media, including HTML5 audio that was previously without an element-control for volume.
- Default HTML5 media volume preference added as media.default_volume -- fractional, default 1.0 (=100%).
- String.prototype.match() and .replace() are now fully spec compliant.
- NSPR and NSS now correctly no longer enforce IA32 architecture compatibility, getting the advantage of SSE2 like the rest of the code.
- Worked around crashes in the XSS filter when navigating back in history due to document fragments.
- Instated a hard minimum of 10,000 places entries regardless of free disk space and total memory to prevent undesired expiration of history. That is around 16MB for an average entry size, which should be sane enough even on low-memory machines.
- Fixed a typo in networking code introduced in 26.2.2 that would cause issues on some sites due to adding extra forward slashes to the URL.
- Fixed a number of memory safety hazards and potentially exploitable crashes.
- Fixed CVE-2016-2821 Use-after-free in the mozilla::dom::Element class
- Fixed netaddr deserialization for AF_UNSPEC and AF_LOCAL.
- Fixed a memory overrun error in the VP8 encoder. DiD
- Fixed non-threadsafe re-use of pixman images to prevent potential race conditions. DiD
- Fixed CVE-2016-2825 Partial Same Origin Policy violation
DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to an actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.