Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
palemoon: update to 33.3.0
Important notes with this version:
* From this version forward, all 64-bit releases require a
processor with AVX capabilities! Please keep en eye on the forum
for announcements of 64-bit SSE builds by the community if you
are on particularly old or otherwise limited hardware that does
not support AVX.
* For Linux users: Starting with this version, our binaries are
built with gcc 11 on a still conservative but more modern build
platform (Oracle Linux 8). As a result, there may be some lib
incompatibilities if you are still running on a particularly old
distro for some reason. While we try to serve as broad of a Linux
base as possible with our binaries, our lowest common denominator
will occasionally shift to newer distros as a result of O.S. life
cycles, compiler capabilities and available libraries.
Changes/fixes:
* Implemented the bulk of the CSS "cascade layers" spec \
(@layer{}).
This implementation is not 100% complete yet, but should satisfy
common use of CSS cascade layers on the web.
* Implemented support for Sec-Fetch-* headers, implementing another
mechanism to deal with site security. See this part of the spec
for a primer on what this does.
* Added support for FFmpeg 7.0 / libavcodec 61 (Linux).
* Pale Moon will now look up hosts in DNS ahead of time to make
page navigation smoother. See implementation notes.
* Pale Moon will now block access to the reserved address 0.0.0.0
on non-Windows operating systems. See implementation notes.
* Dev: Aligned rounding behavior and precision ranges of toFixed
and related functions with the spec. See implementation notes.
* Dev: Aligned isTrusted for PostMessage and BroadcastChannel with
expected values on the web. See implementation notes.
* Dev: Added the navigator.webdriver attribute for web
compatibility (always false in Pale Moon as we do not support
browser automation APIs).
* Re-implemented the Durstenfeld shuffle for plugin enumeration
that was unfortunately dropped with one of our past rebases, to
strengthen fingerprinting resistance.
* Fixed an issue with character clusters (e.g. for text selection)
resulting from a regression surrounding our improvements for
emoji handling.
* Fixed an issue with setting DOM color values. DiD
* Slightly improved password form handling, detecting previously
unsupported field orders.
* Updated NSS to 3.90.4.
* Updated our emoji font to 15.1.2 (Unicode 15.1 with some
additional extras/updates).
* Code cleanup:
* Removed unused code related to the (incomplete) FoxEye
experiment.
* Removed support code for LibAV and (very) old versions of
FFmpeg. We require libavcodec 58 or later (FFmpeg 4.0+) from
this version forward (Linux).
* Removed click event dispatching code that is no longer
relevant.
* Cleaned up internal macro use in CSS code (this does not
impact any exposed APIs or code).
* Removed the hidden network.dns.disablePrefetchFromHTTPS
pref. DNS prefetching should not be treated differently for
http and https.
* Security issues addressed: CVE-2024-7531.
Implementation notes:
* Pale Moon will now pre-emptively look up the internet addresses
in DNS for website navigation (e.g. from links). This speeds up
navigation as there will be no delay for DNS lookups when users
navigate to a new host or domain from the visited page. Please
note that this only deals with DNS (i.e.: looking up the
addresses of websites in the domain name system) and Pale Moon
will not pre-emptively connect to the servers in question; it
will just have the addresses for them ready in case the user
decides to navigate to them.
For some people, this may still be seen as a privacy issue (e.g.
when the DNS server operated within an organization is tightly
monitored for "unwanted traffic") as it will regularly fire DNS
lookups for hosts or domains the user doesn't actually visit, so
if this is a concern for you and you wish to revert to our
previous behavior, go to Preferences -> Advanced -> tab
"Network", and uncheck "Prefetch DNS lookups".
* Pale Moon will no longer allow connecting to the "this machine"
special reserved address 0.0.0.0 (and IPv6 equivalents
[::]/[::0.0.0.0]) on operating systems other than Windows. This
is to mitigate potentially unrestricted access to local resources
on UNIX-like operating systems due to the way the network stack
operates there. If needed for your use case, you can control this
behavior through the preference network.dns.blockQuad0 -- if set
to true, any attempt to connect to the reserved addresses will
result in an error.
* We aligned behavior of number conversions with what is generally
expected on the web by mainstream browser engines and/or updated
specs. Specifically, toFixed no longer accepts negative precision
ranges, and toExponential will now round up at the midpoint in
the decimal significand.
* Initially, the mechanisms BroadcastChannel and MessagePort
implicitly called for dispatched events to not be trusted, but
since browsers marked them as trusted, this was in conflict with
the spec. Eventually, the spec for this was changed to make them
trusted in this case. Pale Moon now follows this behavior as
well.