Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

MX 17 Repository: The Pale Moon Browser Thread

Message
Author
User avatar
Eadwine Rose
Forum Veteran
Forum Veteran
Posts: 6246
Joined: Wed Jul 12, 2006 2:10 am

Re: MX 17 Repository: The Pale Moon Browser Thread

#51 Post by Eadwine Rose » Mon May 14, 2018 4:30 am

I cannot off the bat remember the forum limits but you can also try uploading them to an external host, that will likely sort this out for now.
MX-17.1_x64 Horizon 3-2018 * 4.15.0-1-amd64 ext4 Xfce 4.12.3 * AMD Asus M4A785TD-V EVO AM3 * ASUS GF GT640-1GD5-L NVIDIA 384.130 * AMD Proc. Athl II X4 635, sAM3 * HDA ATI SB VT1708S An * 2x4Gb DDR3 1600 Kingst * 22" Samsung SyncM P2250 * HP Envy5030

User avatar
Eadwine Rose
Forum Veteran
Forum Veteran
Posts: 6246
Joined: Wed Jul 12, 2006 2:10 am

Re: MX 17 Repository: The Pale Moon Browser Thread

#52 Post by Eadwine Rose » Mon May 14, 2018 4:44 am

Ah.. went on a search and found this:

The maximum file size for attachments is 256K for both private and public posts.
The maximum number of attachments per post is 3 for public posts, and 1 for private posts.
MX-17.1_x64 Horizon 3-2018 * 4.15.0-1-amd64 ext4 Xfce 4.12.3 * AMD Asus M4A785TD-V EVO AM3 * ASUS GF GT640-1GD5-L NVIDIA 384.130 * AMD Proc. Athl II X4 635, sAM3 * HDA ATI SB VT1708S An * 2x4Gb DDR3 1600 Kingst * 22" Samsung SyncM P2250 * HP Envy5030

User avatar
Gordon Cooper
Forum Guide
Forum Guide
Posts: 2145
Joined: Mon Nov 21, 2011 5:50 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#53 Post by Gordon Cooper » Mon May 14, 2018 4:48 am

And to add a bit more. This is a world wide group. In some places the bandwidth is narrow, so the forum's rules on file file size and attachments are set to recognise this limitation.
Homebrew64 bit Intel duo core 2 GB RAM, 120 GB Kingston SSD, Seagate1TB.
Primary OS : MX-17.1 64bit. Also MX17, Kubuntu14.04 & Puppy 6.3.
Dell9010, MX-17.1, Win7

User avatar
fehlix
Forum Guide
Forum Guide
Posts: 2380
Joined: Wed Apr 11, 2018 5:09 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#54 Post by fehlix » Mon May 14, 2018 5:51 am

@linwinux, two questions:
Is you'r computer dual-boot'ng with Windows?
Have you set BIOS-time to local time?
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

linwinux

Re: MX 17 Repository: The Pale Moon Browser Thread

#55 Post by linwinux » Mon May 14, 2018 6:29 am

The 6 core AMD machine is a dual-boot setup with windows 7. But I haven't booted into Windows 7 for a month or even longer. Because of our VPN service I'm using the boot into systemd though, perhaps that makes a difference? My understanding is that Mint utilizes systemd as well and I've never had issues like this with Mint for around 3+ years. The other system, the dual-core Acer is strictly an MX system, nothing else on it.

User avatar
fehlix
Forum Guide
Forum Guide
Posts: 2380
Joined: Wed Apr 11, 2018 5:09 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#56 Post by fehlix » Mon May 14, 2018 7:41 am

@linwinux: Will this strange behavior happens also without VPN? I.e. you could boot non-systemd without VPN and see how palemoon behaves and whether your screen-saver issue shows up again. Only an idea...
Gigabyte Z77M-D3H, Intel Xeon E3-1240 V2 (Quad core), 32GB RAM,
GeForce GTX 770, Samsung SSD 850 EVO 500GB, Seagate Barracuda 4TB

linwinux

Re: MX 17 Repository: The Pale Moon Browser Thread

#57 Post by linwinux » Mon May 14, 2018 9:56 am

The Acer system does not boot into systemd and there is no VPN either. My system boots into systemd, but this has happened with vpn disabled as well as enabled.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16986
Joined: Fri Dec 15, 2006 8:07 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#58 Post by Stevo » Tue May 22, 2018 8:31 pm

Pale Moon 27.9.2 is now in the main repo.

This is a security and stability update.
Changes/fixes:

We changed the language strings for softblocked items so people will cry less when we do our job.
(CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10.
(CVE-2018-5173) Fixed an issue in the Downloads panel improperly rendering some Unicode characters, allowing for the file name to be spoofed. This could be used to obscure the file extension of potentially executable files from user view in the panel.
(CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a buffer overflow and crash if it occurs.
(CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia library resulting in possible out-of-bounds writes.
(CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating attributes during SVG animations with clip paths.
(CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable extension in order to occur.
Fixed several stability issues (crashes) and memory safety hazards.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16986
Joined: Fri Dec 15, 2006 8:07 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#59 Post by Stevo » Wed Jun 13, 2018 5:42 pm

Pale Moon has been updated to security release 27.9.3 in the main repo:
Changes/fixes:

(CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to that report, the libopus maintainers state they don't believe remote code execution was possible, so this was not a critical patch.
Fixed an issue with task counting in JS GC.
Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks to Berk Cem Göksel for reporting).

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16986
Joined: Fri Dec 15, 2006 8:07 pm

Re: MX 17 Repository: The Pale Moon Browser Thread

#60 Post by Stevo » Tue Jul 17, 2018 10:54 pm

Now updated to 27.9.4 in the main repo:

- Updated the useragent for addons.mozilla.org to work around their "Only
with Firefox" discrimination preventing users from downloading themes, old
versions of extensions, and other files with Pale Moon.
- Restricted web access to the moz-icon:// scheme that could potentially be
abused to infringe the user's privacy.
- Prevented various location-based threats. DiD
- Fixed a potential vulnerability with plugins being redirected to different
origins (CVE-2018-12364).
- Improved the security check for launching executable files
(by association) on Windows from the browser. For users who have (most
likely accidentally) granted a system-wide waiver for opening these kinds
of files without being prompted, this permission has been reset.
- Fixed an issue with invalid qcms transforms (CVE-2018-12366).
- Fixed a buffer overflow using the computed size of canvas elements
(CVE-2018-12359).
- Fixed a use-after-free when using focus() (CVE-2018-12360).
- Added some sanity checks on nsMozIconURI. DiD
- Fixed an issue in the case the preferences file in the profile would not be
writable (e.g. temporary permission issues due to backup, virus scanning or
similar external processes).

Post Reply

Return to “Package Requests/Status - MX 17”