Download Pale Moon 27.4

User-News

Von Unbekannter Krieger

Hinweis: Diese "User-News" wurde nicht von der Planet 3DNow! Redaktion veröffentlicht, sondern vom oben genannten Leser, der persönlich für den hier veröffentlichten Inhalt haftet.
Die nächste mittelgroße Aktualisierung für den Browser Pale Moon ist – nach relativ langer Funkstille von ca. zweieinhalb Monaten – verfügbar:
https://www.palemoon.org/releasenotes.shtml
27.4.0 (2017-07-12)

This is a major update to straighten out most of the media streamingissues, as well as adding the necessary enhancements, bugfixes andsecurity fixes to the browser.
Liste der Änderungen:
  • Completely re-worked the Media Source Extensions code tomake it spec compliant, and asynchronous as per specification for MSEwith MP4. This should fix playback problems on YouTube, Twitch, Vimeoand other sites that previously had some issues. A massive thank you toTravis for his tireless work on making this happen!
    Please note that MSE+WebM (disabled by default) is not using this newcode yet (planned for the next release), and as such there is atemporary set of things to keep in mind if you don't use defaultsettings:
    • If you have previously enabled MSE+WebM, this settingwill be reset when you update to avoid conflicting settings with theupdated MSE code.
    • We've added an extra setting in Options to disable theupdated MSE code (asynchronous use) in case you need to use WebM or areotherwise having issues with the updated code (please let us know inthat case).
    • Once again, the MSE+WebM and Asynchronous MSE use arecurrently mutually exclusive. You can have one or the other, not both,until we sort out the code for WebM. To enable MSE+WebM you will firsthave to disable Asynchronouse MSE in settings (otherwise the WebMsetting will be greyed out and disabled).
  • Added a control in options/preferences for HSTS and HPKPusage.
  • Changed HTML bookmark exports to write CRLF lineendings to the file on Windows.
  • Leveraged multi-core rendering for libVPX (VP8/VP9 WebMdecoding).
  • Fixed some issues accessing DeviantArt (useragent-sniffing).
  • Aligned CSS text-align with the spec.
  • Added a recovery module for browser initialization issues(e.g. when using a wrong language pack).
  • Fixed spurious console errors for XHR requests with certainhttp response codes.
  • Enabled v-sync aligned refresh for a smoother scrollingexperience.
  • Removed support for CSS XP-theme media queries.
  • Improved console error reporting.
  • Fixed resetting toolbars and controls from the safe modedialog.
  • Fixed bookmark recovery option from the safe mode dialog.
  • Fixed innerText getters for display:none elements.
  • Fixed a GL buffer crash that might occur with certaincombinations of drivers and hardware.
  • Added some more details to about:support.
  • Fixed a potential crash when the last audio device isremoved during playback.
  • Fixed a crash on about:support when windowless browsers arecreated.
  • Updated <select> elements to blank ifthe actively set value doesn't match any of the options.
  • Updated the interpretation of 2-digit years in date formatsto match other browsers:
    0-49 = 2000-2049, 50-99 = 1950-1999.
  • Added "q" units to CSS (quarter of amillimeter).
  • Added .origin property to blobs.
  • Fixed several minor layout issues.
  • Fixed disabled HTML elements not producing the proper JSevents.
  • Implemented web content handler blacklist according to thespec, allowing more than feeds to be registered.
  • Fixed a spec compliance issue with execCommand() on HTMLelements.
  • Fixed a problem with table borders being drawn uneven orbeing omitted when zooming the page.
  • Added devtools "filter URLs" option in the network panel.
  • Added visual sorting options to the Network inspector.
  • Added importing of login data from Chrome profiles onWindows (Chrome has to be closed first).
  • Added importing of tags from bookmark export files (HTMLformat).
  • Updated usage of SourceMap headers with the updated spec(SourceMap header, keeping X-SourceMap as a fallback).
  • Fixed several cases of wrongly-used negations in JS modules.
  • Added the auxclick mouse event.
  • Added a control to not autoplay video unless it is in view (media.block-play-until-visible).
  • Updatedthe Graphite font library to 1.3.10.
  • Updatedhow image and media elements respond to window size changes (responsivedesign).
  • Addedparsing and use of rotation meta data in video.
  • Fixedseveral crashes in a number of modules.
  • Fixedperformance regression for scaling large vector images (e.g. MSIEChalkboard test) \o/
  • Fixed someissues with notification icons.
  • Fixed someinternal errors with live bookmarks.
  • UpdatedSQLite to 3.19.3.
  • Fixedseveral reported issues with devtools (cli-cookies, cli help, copyingcURL, inspecting SVGs, element size calculations, etc.)
  • Fixed anissue where a server response was allowed to override add-ons'specified version ranges even for add-ons that have strictcompatibility (e.g. themes, language packs).
Security fixes:

  • Removed preloading of HPKP hosts and enabled HPKP headerenforcement.
  • Added support for TLS 1.3, the up-next secure connectionprotocol.
  • Fixed an issue with TLS 1.3 not supporting renegotiation bydesign.
  • Relaxed some restrictions for CSP to temporarily workaround web compatibility issues with the CSP-3 deprecated `child-src`directive.
  • Updated NSS to 3.28.5.1-PM to address some security issues.
  • Updated the installer selfextractor module to addressunsafe loading of libraries.
  • Changed the way certain resources are included to reduceeffectiveness of some common fingerprinting techniques. (e.g.browserleaks.org)
  • Fixed a regression in the display of security informationin the page info dialog for insecure content.
  • Fixed two potential issues with allocating memory forvideo. DiD
  • Fixed a potential issue with the network predictionalgorithm. DiD
  • Restricted the use of Aspirational scripts in IDNs toprevent domain spoofing, in anticipation of the UAX#31 update makingthis official.
  • Prevented a Mac font specific issue that could be abusedfor domain spoofing (CVE-2017-7763)
  • Fixed several potentially exploitable crashes.(CVE-2017-7751) (CVE-2017-7757) and some that do not have a CVEdesignation.
Wie immer werden Windows ab 7 und Linux-Distributionen, jeweils in x64- und x86-Fassung, unterstützt.
https://linux.palemoon.org/download/mainline/
https://palemoon.org/palemoon-win64.shtml
https://palemoon.org/palemoon-win32.shtml
https://addons.palemoon.org/language-packs/
https://palemoon.org/palemoon-portable.shtml

Für die Aktualisierung eines vorhandenen Pale Moon unter Windows, ob per internem Updater oder per Deinstallation der alten & Installation der neuen Version, empfehle ich, die Sprachdatei vor dem Browser selbst hochzustufen.
 
Zuletzt bearbeitet:
Oben Unten