![]() Fixed the Linux load throbber image to be properly encoded, to prevent flickering.Fixed several crashes and memory safety hazards.Added missing sanitization in exporting bookmarks to HTML.Added an extra check for the correct signature data type on certificates.Fixed an issue with mixed-content blocking.As such, some other issues like CVE-2017-7833 are already mitigated by us. Please note that the identity panel will always be able to help you on secure sites when IDNs are in use to notice potential spoofing, as opposed to relying on detection algorithms in the URL itself. Pale Moon will display these kinds of spoofed domains in punycode now in the actual address bar. Mitigated some domain name spoofing through IDN by using dotless-i and dotless-j with accents.This mitigates cookie-injection, which might help against "hidden" cookie tracking. Implemented the concept of so-called "cookie-averse document objects" which is a security&privacy measure that blocks certain web content from setting cookies.temporary permission issues due to backup, virus scanning or similar external processes). Fixed an issue in the case the preferences file in the profile would not be writable (e.g.Added some sanity checks on nsMozIconURI.Fixed a use-after-free when using focus().Fixed a buffer overflow using the computed size of canvas elements.Fixed an issue with invalid qcms transforms.For users who have (most likely accidentally) granted a system-wide waiver for opening these kinds of files without being prompted, this permission has been reset. Improved the security check for launching executable files (by association) on Windows from the browser. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |