Pale Moon 29.4.6 released!

Pale Moon releases and site news
(read-only)
User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 31996
Joined: 2011-08-28, 17:27
Location: Tranås, SE
Contact:

Pale Moon 29.4.6 released!

Unread post by Moonchild » 2022-04-12, 13:12

While we are still working on getting everything in order for a new milestone, security releases of course won't stop ;-)

This is a bugfix and security release to Pale Moon.

Changes/fixes:
  • Fixed a potential crash issue on bing.com.
  • Updated NSS to 3.52.4 to address security issues.
  • Fixed some thread locking issues. DiD
  • Worked around a Mesa driver bug that could cause crashes.
  • Fixed a potential resource access issue in devtools. DiD
  • Security issues with CVEs addressed: CVE-2022-1097, CVE-2022-28285 (DiD) and CVE-2022-28283 (DiD).
  • UXP Mozilla security patch summary: 1 fixed, 5 DiD, 2 rejected, 23 not applicable.
Linux versions will follow shortly!

General notes:
DiD: This means that a fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
Rejected security patches: This means that patches were theoretically applicable to our code but considered undesirable, which could be due to unwanted changes in behaviour, known regressions caused by the patches, or unnecessary risks for stability, security or privacy.
"You will observe with concern how long a useful truth may be known and exist before it is generally received and practiced on." -- Benjamin Franklin
"Compromise and collaboration lie at the heart of all great endeavours" -- Kassandra
Image

Post Reply