Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

M12/MX 14 Community Repo: The Pale Moon Browser Thread

News about updates on package status for CR packages compiled for MEPIS 12.0
Message
Author
User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16155
Joined: Fri Dec 15, 2006 8:07 pm

Re: M12/MX 14 Community Repo: The Pale Moon Browser Thread

#81 Post by Stevo » Wed Nov 22, 2017 3:47 pm

Minor bugfix release 27.6.1 has landed in the main repository.
Changes/fixes:

Fixed a regression with new windows (opening two windows from the command-line or file association, focus issues on new windows, not loading the home page in a new window, etc.)
Aligned XHR with the currect spec to allow withCredentials.
Fixed an input element focus issue within handlers.
Fixed the processing of all-padding HTTP/2 frames to prevent rare HTTP/2 hangups.
Updated CitiBank override to work around their login issues.
Updated Netflix override to a community-supplied one that seems to satisfy their arbitrary restrictions better.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16155
Joined: Fri Dec 15, 2006 8:07 pm

Re: M12/MX 14 Community Repo: The Pale Moon Browser Thread

#82 Post by Stevo » Thu Nov 30, 2017 4:21 pm

Minor security/bugfix update 27.6.2 is now in the main repository:
Changes/fixes:

Implemented the concept of so-called "cookie-averse document objects" which is a security&privacy measure that blocks certain web content from setting cookies. This mitigates cookie-injection, which might help against "hidden" cookie tracking.
Mitigated some domain name spoofing through IDN by using dotless-i and dotless-j with accents. (CVE-2017-7832)
Pale Moon will display these kinds of spoofed domains in punycode now in the actual address bar.
Please note that the identity panel will always be able to help you on secure sites when IDNs are in use to notice potential spoofing, as opposed to relying on detection algorithms in the URL itself. As such, some other issues like CVE-2017-7833 are already mitigated by us.
Fixed an issue with mixed-content blocking. (CVE-2017-7835)
Added an extra check for the correct signature data type on certificates.
Added missing sanitization in exporting bookmarks to HTML. (CVE-2017-7840)
Fixed several crashes and memory safety hazards.

User avatar
Stevo
Forum Veteran
Forum Veteran
Posts: 16155
Joined: Fri Dec 15, 2006 8:07 pm

Re: M12/MX 14 Community Repo: The Pale Moon Browser Thread

#83 Post by Stevo » Wed Jan 17, 2018 3:55 pm

Though 27.7.0 has been released, I no longer have the MEPIS 12 64-bit build environments on my laptop.

But I am still maintaining a MEPIS 12/MX 14 compatible repository for Debian Wheezy until its end of life on the OBS:

https://forum.palemoon.org/viewtopic.php?f=37&t=11466

Post Reply

Return to “Package Status - 12.0 Beta”