Pale Moon Version 26.0.0 Milestone Release!

Corrine

Corrine

Administrator,
Microsoft MVP,
Security Analyst
Staff member
Joined
Feb 22, 2012
Posts
12,393
Location
Upstate, NY
Pale Moon has been updated to version 26.0.0. This is a milestone update as Pale Moon is now building on the new Goanna engine instead of Gecko.

Note: Although there has been extensive testing of this release, it is still possible to run into some website compatibility issues (usually because of websites doing useragent sniffing) and some sites displaying a mobile version if they do not recognize or incorrectly recognize the new browser engine. Please always try contacting the webmasters first before posting support requests at the Pale Moon Forums, since this is usually not something Pale Moon developers can assist with.

Please refer to the extensive Release Notes for the security updates and changes to Pale Moon with this release.
 
Pale Moon has been updated to version 26.0.2. The update is described as a bugfix, security and web compatibility release.

Web compatibility issues with Youtube, Netflix and other sites were included in the changes/fixes. For information on additionally included fixes/changes, see the Release Notes.

Note that two of the security fixes are described as "DiD" which stands for "Defense-in-Depth". These changes do not apply to any actively exploitable vulnerabilities in Pale Moon. Rather the updates are to prevent future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.
 
Pale Moon has been updated to version 26.0.3. It is a small but important update addressing two issues:

  • Changed our cookie gate to allow cookie names with spaces in them, to improve web compatibility. Restricting cookies to address CVE-2016-1939 also blacklisted a "grey" character (being 0x20, or the space character) in cookie names, causing some issues with some websites. This also affected Firefox who will be releasing a similar compatibility update soon.
    Critical note: if your site uses cookie names with spaces in them, please consider moving away from doing that so you are no longer in the "grey" area of cookie behavior.
  • Changed the configuration of our XSS filter to address some known, harmless filter hits that have been reported.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top