Pale Moon 28.4.1 released!

Pale Moon releases and site news
(read-only)
Locked
User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 27394
Joined: 2011-08-28, 17:27
Location: 58°2'16"N 14°58'31"E
Contact:

Pale Moon 28.4.1 released!

Post by Moonchild » 2019-03-27, 12:44

This is a bugfix and security update.

Changes/Fixes:
  • Fixed hover state arrows on some controls.
  • Fixed potential denial-of-service issues involving FTP (loading of subresources and spamming errors).
  • Disabled Microsoft Family Safety (Win 8.1) by default. This prevents security issues as a result of a local MitM setup.
  • Added several site-specific overrides (Firefox Send and polyfill.io) to work around website UA-sniffing isues.
  • Implemented the origin-clean algorithm for controlling access to image resources.
  • Cleaned up the helper application service code.
  • Ported applicable security fixes from Mozilla (CVE-2019-9791, CVE-2019-9792, CVE-2019-9796, CVE-2019-9801, CVE-2019-9793, CVE-2019-9794, CVE-2019-9808 and ZDI-CAN-8368).
  • Implemented several defense-in-depth measures (for CVE-2019-9790, CVE-2019-9797, CVE-2019-9804, and a JavaScript issue).
  • Fixed several memory safety hazards and crashes.
  • Binaries are now code-signed again (including the setup program for the installer).
"There will be times when the position you advocate, no matter how well framed and supported, will not be accepted by the public simply because you are who you are." -- Merrill Rose
Image

Locked