Pale Moon 25.4.0
» Changes: «
25.4.0 (2015-05-08)
IMPORTANT: If you use a language pack, make sure to update it to the latest version! We do have automatic updates enabled for language packs but please double-check that the version matches. If you are using an older language pack with this version of the browser, some dialog boxes may come up blank.
This is a major update - too much has changed for this little blurb to do it justice so please see below for the most important changes/fixes in this release:
Fixes/changes:
• Updated SQLite from 3.7.17 to v3.8.8.3, improving history/bookmark/etc. performance by up to 50% depending on operation
• Added a new "mixed-mode" state for HTTPS connections. Clarified mixed-mode connections with a mixed-mode padlock and better tooltips.
• Added a conditional partial shading to the URL bar and made it default (shading only on secure sites, no red shading at all by default).
• Dev: Fixed file system mode flags for *nix systems, to make executable files like scripts actually flagged as executable
• Added native IPv6 lookups to NSPR to solve IPv6-only and dual-stack setups in some situations
• Added a pref to control the unloading of idle plugins from memory and lowered the default "idle" time to 60 seconds before plugins are unloaded
• Fixed version strings for e.g. flash on Linux being displayed with commas instead of periods - this should also fix the incorrect "your plugin is vulnerable" message while being on the latest version
• Windows: Set the double-click/Ctrl+arrow word selection to not eat the space (only select the actual word)
• Android: DNS fix for VPN connections, preventing the "server not found" issues people have been reporting for certain VPN providers on mobile
• Updated a number of trusted root certificates, and distrusted the CNNIC root certificate by popular demand
• Linux: Worked around the slice memory allocator not being properly disabled on later GLib versions
• Android: updated the random number generator handling on later versions of Android
• Added fix to prevent spurious re-paints with plugins (performance/UX improvement)
• Removed the plugin check link from the Addons Manager, since it's no longer reliable and not officially available for browsers except Mozilla Firefox. (Bonus: no user profiling/tracking through optimizely!)
• Optimized the NSS callback for secure connections
• Updated the domains that are whitelisted for installation of extensions/themes/personas, streamlining the use of addons.palemoon.org
• Added personas support to titlebar text (adopt the lightweight theme's coloring/shading) in custom titlebar mode (Pale Moon appmenu/button)
• Added display of HTTPS protocol (SSL/TLS) to the page info window (thanks Travis!)
• Improved certificate display: Removed MD5 and added SHA256 fingerprint, and made them selectable/copyable
• Updated classification of secure connections: Classify any encryption with less than 128 bits or including RC4 (if manually enabled, see previous version notes) as weak.
• Dev: Added availability of the full ciphersuite string for use in extensions to the nsISSLStatus interface (nsISSLStatus.cipherSuite)
• Added MAKE_UNLINKABLE to the about: page redirector and added that as default for the reader mode on Android
• Removed the compilation and inclusion of a one-time-use pre-compiled startup cache in omni.ja, reducing overall application size significantly and avoiding a number of quirks of both the build process and the operation of the browser
• Fixed an NVIDIA specific GLX server vendor bug for pixmap depth and fbConfig depth
• Removed most telemetry code, reducing code complexity and wasted CPU
• Linux: Added OSS support (mutually exclusive with ALSA): configure with --enable-oss
• Made DNS caching a lot less aggressive to align the browser's behavior with the dynamic nature of the modern web.
• Removed Mozilla-specific parameters for searches. Search suggestions should now work again for Google searches
• Added the option to allow users to use a fixed (JSON) file-based geolocation response in favor of a GeoIP service.
• Dev: Improvements to Clang builds (thanks Axiomatic/BitVapor!). Clang is not currently producing stable builds on Linux, so please use GCC for that operating system.
• Linux: removed GnomeVFS that's no longer in use
• Fixed the "double padlock while loading a secure site" niggle in the UI
• Dev: added allowance of using -moz-appearance:none on drop-down lists to hide the arrow button (catering to custom styling of the control)
• Added some more ES6 math/number functions:
◦ Implemented Math.fround(x)
◦ Implemented Number.isSafeInteger(x)
◦ Implemented Math.clz32(x)
Security fixes:
• Fixed several memory safety hazards (UAF/DF/UU); applicable bugs covered by CVE-2015-0815 and CVE-2015-0815
• Fixed CVE-2015-0811 [qcms] heap info leak
• Fixed CVE-2015-0810 clickjacking attacks via a Flash object in conjunction with DIV elements
• Fixed CVE-2015-0801 a variant of CVE-2015-0818
• Fixed CVE-2015-0800 improve randomness of DNS resolver queries on Android
• Fixed CVE-2015-0798 access to privileged URLs through about: redirector
IMPORTANT: If you use a language pack, make sure to update it to the latest version! We do have automatic updates enabled for language packs but please double-check that the version matches. If you are using an older language pack with this version of the browser, some dialog boxes may come up blank.
This is a major update - too much has changed for this little blurb to do it justice so please see below for the most important changes/fixes in this release:
Fixes/changes:
• Updated SQLite from 3.7.17 to v3.8.8.3, improving history/bookmark/etc. performance by up to 50% depending on operation
• Added a new "mixed-mode" state for HTTPS connections. Clarified mixed-mode connections with a mixed-mode padlock and better tooltips.
• Added a conditional partial shading to the URL bar and made it default (shading only on secure sites, no red shading at all by default).
• Dev: Fixed file system mode flags for *nix systems, to make executable files like scripts actually flagged as executable
• Added native IPv6 lookups to NSPR to solve IPv6-only and dual-stack setups in some situations
• Added a pref to control the unloading of idle plugins from memory and lowered the default "idle" time to 60 seconds before plugins are unloaded
• Fixed version strings for e.g. flash on Linux being displayed with commas instead of periods - this should also fix the incorrect "your plugin is vulnerable" message while being on the latest version
• Windows: Set the double-click/Ctrl+arrow word selection to not eat the space (only select the actual word)
• Android: DNS fix for VPN connections, preventing the "server not found" issues people have been reporting for certain VPN providers on mobile
• Updated a number of trusted root certificates, and distrusted the CNNIC root certificate by popular demand
• Linux: Worked around the slice memory allocator not being properly disabled on later GLib versions
• Android: updated the random number generator handling on later versions of Android
• Added fix to prevent spurious re-paints with plugins (performance/UX improvement)
• Removed the plugin check link from the Addons Manager, since it's no longer reliable and not officially available for browsers except Mozilla Firefox. (Bonus: no user profiling/tracking through optimizely!)
• Optimized the NSS callback for secure connections
• Updated the domains that are whitelisted for installation of extensions/themes/personas, streamlining the use of addons.palemoon.org
• Added personas support to titlebar text (adopt the lightweight theme's coloring/shading) in custom titlebar mode (Pale Moon appmenu/button)
• Added display of HTTPS protocol (SSL/TLS) to the page info window (thanks Travis!)
• Improved certificate display: Removed MD5 and added SHA256 fingerprint, and made them selectable/copyable
• Updated classification of secure connections: Classify any encryption with less than 128 bits or including RC4 (if manually enabled, see previous version notes) as weak.
• Dev: Added availability of the full ciphersuite string for use in extensions to the nsISSLStatus interface (nsISSLStatus.cipherSuite)
• Added MAKE_UNLINKABLE to the about: page redirector and added that as default for the reader mode on Android
• Removed the compilation and inclusion of a one-time-use pre-compiled startup cache in omni.ja, reducing overall application size significantly and avoiding a number of quirks of both the build process and the operation of the browser
• Fixed an NVIDIA specific GLX server vendor bug for pixmap depth and fbConfig depth
• Removed most telemetry code, reducing code complexity and wasted CPU
• Linux: Added OSS support (mutually exclusive with ALSA): configure with --enable-oss
• Made DNS caching a lot less aggressive to align the browser's behavior with the dynamic nature of the modern web.
• Removed Mozilla-specific parameters for searches. Search suggestions should now work again for Google searches
• Added the option to allow users to use a fixed (JSON) file-based geolocation response in favor of a GeoIP service.
• Dev: Improvements to Clang builds (thanks Axiomatic/BitVapor!). Clang is not currently producing stable builds on Linux, so please use GCC for that operating system.
• Linux: removed GnomeVFS that's no longer in use
• Fixed the "double padlock while loading a secure site" niggle in the UI
• Dev: added allowance of using -moz-appearance:none on drop-down lists to hide the arrow button (catering to custom styling of the control)
• Added some more ES6 math/number functions:
◦ Implemented Math.fround(x)
◦ Implemented Number.isSafeInteger(x)
◦ Implemented Math.clz32(x)
Security fixes:
• Fixed several memory safety hazards (UAF/DF/UU); applicable bugs covered by CVE-2015-0815 and CVE-2015-0815
• Fixed CVE-2015-0811 [qcms] heap info leak
• Fixed CVE-2015-0810 clickjacking attacks via a Flash object in conjunction with DIV elements
• Fixed CVE-2015-0801 a variant of CVE-2015-0818
• Fixed CVE-2015-0800 improve randomness of DNS resolver queries on Android
• Fixed CVE-2015-0798 access to privileged URLs through about: redirector
»» Нажмите, для закрытия спойлера | Press to close the spoiler ««
Installer:
32-bit:
Размер: 17,69 МБ.
Скачать:
64-bit:
Размер: 20,88 МБ.
Скачать:
Portable:
32-bit:
Размер: 19,50 МБ.
Скачать:
64-bit:
Размер: 23,88 МБ.
Скачать:
Русский язык:
Размер: 301,4 КБ.
Скачать: