Pale Moon: Release notes
24.4.2 (2014-04-02)A small bugfix release, and implementing OCSP-stapling for SSL connections.
- Added OCSP-stapling.
- Removed download status indicator from default set in status bar code to fix erroneous pop-up locations of the downloads panel.
- Fixed errors with synchronous OCSP-stapled calls.
- Reduced the timeout for OCSP requests to 2 seconds unless OCSP is required by the server.
- Added proper handling of fragment loading (Bug #s 895557&987140). security fix
- Updated status bar localizations: kn-IN and pt-PT.
A small security and bugfix release.
- Bugfix: the new status bar code in 24.4.0 had a bug, preventing
the downloads panel/window from opening when clicking on the download
status indicator. There may have been a few other, similar small usability bugs
in the same code that have now been fixed.
- Feature update: Selecting "Warn me when closing multiple
tabs" in the Options window will now apply both to closing a window and
closing other tabs in the tab bar.
- Bug #940714 - Add an RAII class to make synchronous raster image decoding safer.
- Bug #896268 - Use a stateless approach to synchronous image decoding. security fix
- Bug #982909 - Consistently use inner window when calling OpenJS. security fix
- Bug #982957 - Fix crash if certain sweeps run out of memory. security fix
- Bug #982906 - Remove option for security bypass in URI building. security fix
- Bug #982974 - Be paranoid about neutering ArrayBuffer objects. security fix
This update changes the new title behavior slightly and updates a lot of things under-the-hood.
Bugfixes ported over:
popular request: the new page title (when using the Pale Moon App
will now follow the operating system default alignment (in most cases),
meaning it will
align left on Windows Vista and Windows 7 by default instead of center.
If you want to hide the title or align it differently, please see the FAQ section on the forum.
- Updated status bar code to the latest "non-australis" version and license change to MPL 2.0
to bring it in line with the rest of the browser code, making it an
integral part of the source tree to streamline building (also for 3rd
- Changed the way Pale Moon handles file and protocol
associations. This will prevent interoperability issues if you have
both Firefox and Pale Moon installed on the same system. A side effect
is that Pale Moon will ask you (once) to make it the default browser
again when you install this update, because of the new associations to
- Changed the search default to DuckDuckGo.
- Added DuckDuckGo logo to about:home.
- Changed some things in the build system, back-end code and build configuration to improve overall performance of the browser.
- Switched to the use of a more compact browser filesystem layout, improving overall start-up speed.
- Precompiled script cache in the application, improving overall start-up speed at the expense of some disk space.
- Added MPS detection for non-windows operating systems (NSPR fallback method) instead of always "1".
- bug #968461 - Fix imgStatusTracker.h to build with gcc 4.4.
- bug #912322 - Make sure document.getAnonymous* is no longer available to web content.
- bug #894448 - Move IsChromeOrXBL to xpcpublic.h.
- bug #963198 - Don't mix up byte-size and array-length.
- bug #966311 - Calculate frame size for stereo wave.
- bug #958867 - Consistent OwningObject handling in IDBFactory::Create methods.
- bug #925747 - Patch file extraction cleanup.
- bug #942152 - Fix error handling on NSS I/O layer.
- bug #960145 - IonMonkey: Don't ignore OSR-like values when computing phi ranges.
- bug #965982 - Clean up client threads before I/O on shutdown.
- bug #950604 - Backport of a small typed array bugfix.
- bug #967341 - Fix up URI management.
- bug #963974 - Null mCurrentCompositeTask after calling Cancel() on it.
An update to implement TLS v1.2, implement a few new features and fix some minor bugs.
- New feature: Implemented the TLS v1.1 (RFC 4346) and TLS v1.2 (RFC 5246) protocols for improved https security.
- Changed the list of supported encryption ciphers and order
of preference to provide you with secure, speedy connections wherever
- New feature: Added CSS background-attachment:local
- New feature: Added dashed-line stroke support for canvas drawing (set/get/offset)
- Adjusted geolocation timings to prevent IP bans in testing mode and to give you a slightly faster response to the request.
- Adjusted the new window title position some more to account for edge cases.
- Fixed the installer to use the proper class for checking if Pale Moon is already installed/running.
- Security fix: bug #966021 - Fix load_truetype_table in the cairo dwrite font backend.
A minor bugfix release to address some issues with new code in 24.3.
- Fine-tuned the title-bar title text position to work a little better on Windows 8 systems.
- Fixed a problem with the classic download manager window
not opening and/or downloads not starting when using the classic
- Bug 945334 - Fix runnable pointer holding.
- Merged Linux-specific theme code into the source tree for the pm4linux project.
A fairly significant update with feature updates, bugfixes, and
Changes and bugfixes:
Bugfixes ported over:
- New build: Atom-optimized Pale Moon
After some thorough testing, the Atom/netbook builds are being released
as final. These builds are specifically made for PCs with Intel Atom
processors. More information can be found on the Atom builds page.
- New feature: the title has been brought back to the title bar
using the Application Menu (Pale Moon button), the title bar of the
browser window would be blank. Considering this is wasted space, the
page title will now be displayed in the title bar again (it's called a
title bar for a reason, after all!). Several different styles have been
implemented to cater to different OS version layouts.
- Removal of the services tab in the Add-on Manager
It will be visible
only if someone actually has a service extension installed (similar to
how language packs work)
- Improvement of UI consistency
Removal of illogical selective hiding of the
navigation bar and toolbars when in tabs-on-top mode (Add-ons manager,
permissions manager, etc.). Browser chrome will now never be hidden.
When using the classic downloads window, downloads in private windows
were not shown
If you use the classic downloads window and would open a Private
(PB) window, there was no easy way to see which downloads were done in
the PB window. When checking the downloads, it would open up the
(non-PB) classic downloads window which does not have downloads listed
from the PB session. This has been fixed, and PB windows will now open
a new tab in the PB window with the downloads from that private session.
Geolocation didn't work in Pale Moon
This was caused by the Firefox standard geolocation provider (Google
Inc.) now requiring an API key to request geolocation coordinates. Only
official Mozilla Firefox builds will have working geolocation from
Pale Moon has switched provider to IP-API.com to address this issue,
with the required re-write of code for the different type of request. More information on the forum.
- Bugfix: The "More information" link for blocked add-ons didn't work
Certain scaled fonts would have malformed letters
Vista and later with hardware acceleration enabled, certain letters of
some font families would become malformed and difficult to read because
of a Direct2D scaling issue. These fonts should now render sharp and
- Romanian has been added to the status bar localizations
- Bug 903274 - Have the search bar binding's initialization callback bail out if the binding is destroyed.
- Bug 951142 - Check for a close method to be present on the binding before invoking it.
- Bug 908915 - Fix compartment mismatch in shell decompileThis and disassemble functions.
- Bug 950909 - Forward native aggregation to the root XPCWrappedJS.
- Bug 937152 - Remove XPCWrappedJS::mMainThread and mMainThreadOnly.
- Bug 948134 - Fix "value is not defined" in PlacesDBUtils.jsm.
- Bug 822425 - Expose a few simple compartment assertions in jsfriendapi.
- Bug 932906 - Observer no longer called when using overlay
- Update of the NSS library to 3.15.4 RTM
- Bug 936808 - Serialize calls to PK11 routines in SSLServerCertVerification.
- Bug 945939 - Use the pre-split value when numbering values.
- Bug 911864 - Fix several XBL issues
- Bug 921470 - Remove hasFallbackStub_ check in resetMonitorStubChain.
- Bug 950590 - Use nsRefPtr for gfxFontGroup's reference to the user font set, and support changing it from canvas context.
- Bug 937697 - Simplify some BoundsCheckRange code.
- Bug 936056 - Be consistent about the thisobj we pass to getters.
- Bug 953114 - Fix GetElementIC typed array issue.
- Bug 937132 - SpiderMonkey: Check for overflows in LifoAlloc.
- Bug 932162 - Dispatch IndexedDB FileInfo releases to the main thread.
- Bug 951366 - Use AutoDetectInvalidation for disabled GetElement caches.
- Bug 950438 - IonMonkey: The intersection of two ranges that both contain NaN is not empty.
- Bug 950268 - Fix leak in nsCertTree::GetDispInfoAtIndex.
- Bug 932906 - Exempt Remote XUL from CanCreateWrapper checks.
- Bug 882933 - Copy treatAsRunOnce bit when cloning scripts, don't clone scripts unnecessarily for arrow lambdas.
Bug 901348 - Duplicate symbol errors building --with-intl-api.
- Bug 925896 - Properly reference session data
- Bug 943803 - Use monitor instead of mutex locking for raster images
- Bug 942164 - Use weak references to imgRequest consumers
- Bug 947592 - Streamline ReportLoadError.
Release notes for previous versions (unsupported)
You can find the release
notes for previous releases of Pale Moon on the Archived Versions Release Notes