In the past, they’ve needed to “rebase” from Firefox at least twice, in part because their browser was not rendering or allowing users to correctly interact with sites. Can the relatively small group very ideological that works on it really keep up with the ever-evolving modern web and stay able to render all the modern websites people need to keep it as their primary browser? However, the big questions about their future, to me are:ġ. I think Pale Moon represents a good alternative to browser to some recent browser trends, and seems to serve a small but loyal audience. As always, it is advised to create a backup of the profile before the update is applied. Pale Moon users should consider installing the update as soon as possible as it includes security updates and other improvements. Added some sanity checks on nsMozIconURI.Fixed a use-after-free when using focus() (CVE-2018-12360).Fixed a buffer overflow using the computed size of canvas elements (CVE-2018-12359).Fixed an issue with invalid qcms transforms (CVE-2018-12366).For users who have (most likely accidentally) granted a system-wide waiver for opening these kinds of files without being prompted, this permission has been reset. Improved the security check for launching executable files (by association) on Windows from the browser.Fixed a potential vulnerability with plugins being redirected to different origins (CVE-2018-12364).
The new version of Pale Moon includes several security fixes and Defense-in-Depth changes: Pale Moon restricts web access to the moz-icon:// scheme because it "could potentially be abused to infringe the user's privacy". Last but not least, the new version does include a fix for the preference file not being writable.
0 kommentar(er)
