2019/07/26 Pale Moon 28.6.1 きてるっぱよ?
00:12
こんにちぱ かっぱだっぱ(o’Θ’o)ノ))
約二十日弱振りのアップデートだっぱ?**
Firefox派生タブブラウザ PaleMoonの話っぱの The Pale Moon Project homepage**https://www.palemoon.org/
前記事は2019/07/03 Pale Moon 28.6.0 昨日来たみたいっぱよ?(追記あり)
「フィンガーキャンバスプリント」の件で気になる人は2015/07/29 PaleMoon 25.6.0 来てたっぱね記事参照だの
(手動で必要な人はONにするように)
XPの人は、「Pale Moon forum • View topic - End of support for PM4XP」を参照の事**+最近のリリースに関係してPale Moon 26 and POSReady2009 - Pale Moon forumも参照の事Pale Moon 27.0.0からXP対応していないので注意
あと、しばらく前から「日本語化」が・・ Pale Moon - Add-ons - Language Packs ****http://addons.palemoon.org/language-packs/ リスト日本が入ってない状態になっているので Releases · JustOff/pale-moon-localization · GitHub **https://github.com/JustOff/pale-moon-localization/releases こっちから用意してあとは同じだのo(`・Θ・´)oウン!! リリースノートいわく・・Pale Moon - Release Notes
http://www.palemoon.org/releasenotes.shtml
v28.6.1 (2019-07-25)
This is security and bugfix update. Changes/fixes:
- Improved handling of FTP resource loading (allow save-as and cater to some FTP-based browsing).
- Added a preference (security.block_ftp_subresources) to allow users to completely bypass the blocking of FTP subresources if required for their environment, if the improvements made in this release do not suffice.
- Added blocking of authentication-locked cross-origin image subresources by default to prevent spurious auth prompts.A preference (network.auth.subresource-http-img-XO-auth) was added to allow users to bypass this blocking if required for their environment.
- Changed the behavior of file: URIs to treat each URI as a unique origin. This prevents cross-file access from scripting.A preference (security.fileuri.unique_origin) was added to allow users to relax this restriction if required for their environment.
- Implemented a revised version of http2PushedStream to address some thread safety issues.
- Aligned browser behavior with mainstream regarding inner window behavior when domain is manipulated.
- Backed out a 28.5.* patch for causing multiple issues in the UI and web content.
- Updated NSS to 3.41.2 (custom) to pick up several upstream fixes.
- Fixed a type confusion issue in JavaScript Arrays. (DiD)
- Added a fix for cross-thread access of Necko. (DiD)
- Added a port safety check for Alternative Services.
- Implemented fixes for applicable security issues: CVE-2019-11719, CVE-2019-11711, CVE-2019-11715, CVE-2019-11717, CVE-2019-11714 (DiD), CVE-2019-11729 (DiD), CVE-2019-11727 (DiD), CVE-2019-11730 (DiD), CVE-2019-11713 (DiD) and several networking and memory-safety hazards that do not have CVE numbers.
DiD This means that the fix is “Defense-in-Depth”: It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.
主にセキュリティ対策とバグ修正が中心のアップデートみたいっぱね? ブラウザからFTPサーバー開く人は最近は少なくなってるかもしれないけどその辺りの動作が重くならないように改善されて、名前をつけてファイルの保存等もできるようなった様子っぱ(´・Θ・`)
偽の認証を防ぐための処理の追加等も増えたけど 相性でうまくよく使うサイトが使えない時のためにsecurity.fileuri.unique_originから設定できる様子だの
大体そんな感じの様子なのでアップデートはお早めに忘れずにやりましょうっぱ(人Θ’o)
かっぱでしたっぱ♪