Pale Moon has been updated to version 25.6. This update includes critical security updates as well as numerous fixes/changes. It is strongly advised that this update be applied as soon as possible. To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window. Select About Pale Moon > Check for Updates.
Security fixes:
Fixes/changes:
A complete list of the fixes, changes and additions is available in the Release Notes.
Security fixes:
- Fixed a memory safety bug due to a bad test in nsZipArchive.cpp (CVE-2015-2735).
- Fixed a memory safety bug in nsZipArchive::BuildFileList (CVE-2015-2736).
- Fixed a memory safety bug caused by an overflow in nsXMLHttpRequest::AppendToResponseText (CVE-2015-2740).
- Fixed a Use After Free in CanonicalizeXPCOMParticipant (CVE-2015-2722).
- Fixed off-main-thread nsIPrincipal use of various consumers in the tree (only grab the principal when needed).
- Fixed an issue where an IPDL message was sent off the main thread.
- Fixed a potentially exploitable TCPSocket crash due to a race condition.
Fixes/changes:
A complete list of the fixes, changes and additions is available in the Release Notes.
Last edited: