Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!



Results 1 to 2 of 2
Like Tree3Likes
  • 2 Post By sedna
  • 1 Post By zhanglin

Thread: Pale Moon 27.9.2 security update released

  1. #1
    sedna
    Guest sedna's Avatar

    Pale Moon 27.9.2 security update released

    Pale Moon 27.9.2 is the latest version of the web browser; it was released yesterday to the public and is already available via the web browser's automatic update functionality.

    The new version of Pale Moon fixes several security issues in previous versions of the web browser and improves stability as well.

    Existing Pale Moon users may select Pale Moon > Help > About Pale Moon to display the installed version of the browser. A click on the "check for updates" button checks for a new version which may be downloaded and installed automatically when found.

    Users may download Pale Moon from the official website as well if they prefer that.

    Pale Moon 27.9.2

    The security fixes matches patches that Mozilla released for Firefox ESR 52.8 and Firefox 60. Some security patches are not integrated because they might fix issues that Pale Moon is not affected by; this is the case for features that are not part of Pale Moon.

    Pale Moon shares code with the Firefox web browser, and it is usually the case that the Pale Moon team releases security updates for the browser shortly after Mozilla releases a new Firefox release with security updates.

    Pale Moon 27.9.2 addresses the following security issues:

    • (CVE-2018-5174) Moderate Prevent potential SmartScreen bypass on Windows 10. Affects Firefox on Windows 10 April 2018 Update machines only. Pale Moon (and Firefox) associated a flag with downloaded files that bypassed SmartScreen verification.
    • (CVE-2018-5173) Moderate Fixed an issue in the Downloads panel improperly rendering some Unicode characters, allowing for the file name to be spoofed. This could be used to obscure the file extension of potentially executable files from user view in the panel.
    • (CVE-2018-5177) Moderate Fixed a vulnerability in the XSLT component leading to a buffer overflow and crash if it occurs.
    • (CVE-2018-5159) High Fixed an integer overflow vulnerability in the Skia library resulting in possible out-of-bounds writes which could lead to a crash and potential exploit by web content.
    • (CVE-2018-5154) High Fixed a use-after-free vulnerability while enumerating attributes during SVG animations with clip paths that may result in a crash and exploit of the crash.
    • (CVE-2018-5178) Moderate Fixed a buffer overflow during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable extension in order to occur.

    Open the listings on Mozilla's Security site for additional information.

    Pale Moon 27.9.2 includes two additional improvements. The new version addressed several stability issues and memory safety hazards, and comes with changed language strings for softblocked items.
    kirill and zhanglin like this.

  2. #2
    Extreme User
    zhanglin's Avatar
    Reputation Points
    5940
    Reputation Power
    92
    Join Date
    Sep 2017
    Posts
    973
    Time Online
    29 d 14 h 53 m
    Avg. Time Online
    17 m
    Mentioned
    54 Post(s)
    Quoted
    80 Post(s)
    Liked
    625 times
    Feedbacks
    1 (100%)
    I have never heard of this browser. Thanks, now I know one more, @Xanadu
    sedna likes this.
    In my mind in my head this is where we all came from
    Dreams we had the love we shared this is what we're waiting for


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •