If you are looking for release notes for next generation versions please click here
Pale Moon: Release notes 3.6 (discontinued)
Important: This branch of the browser is no longer maintained. Please download and install the Next Generation (current) version!
3.6.32 (June 2012)
- Fix for a stability problem in the graphics subsystem
- Improved performance of the graphics subsystem
- Fix for a potentially exploitable SVG crash
- Precautionary: Implement bugfix for Bug #723808
- Fix for a security vulnerability in URI handling
- Fix for potential security issues (out of range) in media streams
- Fix for SVG out-of-bounds access (CVE-2011-3658)
- Fix for an issue in OOPP error handling
- Update of the program icon to the new, cleaner style
- Update of the portable launcher
- Fix for a critical vulnerability in the libpng graphics library
- Fix for a stack checking crash
- Change to the program's identification (now reads "Pale
Moon 3") for easier identification of the two branches by software
libraries, updaters and AV
- Fix for a very very old crash bug that slipped under the radar @Mozilla
- Enforcement of RFC3986 for IPv6
- Update for the vorbis library
- Security fix: don't allow document.open() without a global script object
- Fix for caching of background images of elements that shouldn't be cached but still are
- DNS prefetching is now disabled by default to prevent router hangups
- Fix for browsing history not being saved in certain situations (Bug #705610)
- Security Fix for Entrust SubCA: 512-bit key issuance and other CPS violations
- Security Fix for old HTTP protocols on non-standard ports
- Important Performance Fix for Gecko (don't exclude from WPO) (Bug #413019)
Security fix for Asian character decoding getting out of sync.
update fixes issues with some sites that do a too strict check on
values passed in the UserAgent (e.g. Google+) as well as some minor
This update incorporates a number of security updates to the browser.
This includes fixes for some memory vulnerabilities and XSS exploits.
Considering the current performance and stability of Pale Moon 6.0.2,
it is recommended at this point for anyone running on a machine with a
CPU capable of SSE2 to switch to the next generation of the browser if
you are running Windows XP SP2 or later, except if your hardware is
particularly slow and may be impaired by the performance regression
cairo currently suffers from re: animated images. Pale Moon 3.6 will
see future stability and security updates, and potentially more
improvements in performance.
- Unification of the SSE (AthlonXP) and SSE2 (regular) builds
of Pale Moon v3. The current 3.6 browser will run on any CPU with SSE
capabilities, meaning Pentium-III/Pentium-IIIm or Athlon XP/MP, and
- Performance tweaks to the layout graphics libraries which should slightly increase graphics decoding and rendering speed.
- A few stability and security updates following the Firefox base code.
A security update seeing the following changes:
- Removed trust exceptions for certain certificates (bug 683449)
- Resolved an issue with gov.uk websites (bug 669792)
- Revoked permissions for the root certificate for DigiNotar in the built-in certificate store (bug 682927)
Update of the code base to the current branch code for Gecko 1.9.2 (3.6.20 milestone).
- Windows Vista and Windows 7: Set default browser works
correctly again - fixed the internal check so it won't complain about
not being the default browser when it is.
of the code base to the current branch code for Gecko 1.9.2 (3.6.18
milestone). This milestone is apparently kept off the wire by Mozilla.
In addition, some post-milestone bugfixes have been implemented,
- Minor cosmetic changes
- Floating point accuracy changed yet again to the more
precise model, based on feedback from users indicating that .15 worked
smoother. Apparently there are still more under the hood problems with
using the fast model globally.
Update of the code base to Firefox 3.6.17, this fixes a number of security issues and crashes.
- Change for network traffic over proxies to compensate for
older/poor proxies that can't handle HTTP pipelining. (pipelining
disabled by default when using a proxy)
Manual patch of a few things, including Mozilla's only patch for the .16 browser:
- SSL certificate threat band-aid for Comodo root CA compromise (Bug 642395)
- Memory leak fix + empty issuer name bug fix (Bug 644012)
- Switched back to global fast FP logic, with patch to prevent floating point inaccuracies in JS (20110305-FPBug)
- Fix for error when closing the last tab while not closing the window (Bug 563337)
- Vista/7 shell integration ("default browser") fixed. (20110408-SHBug)
- Program icon updated with a higher resolution logo image
Critical update to Gecko 22.214.171.124 to address incomplete loading of Java applets.
- Floating Point precision globally increased to address bug 20110305-FPBug.
- Easier access to graphical tab previews/selection/search with a small button on the right of the tab bar.
Updated the source code to Gecko 126.96.36.199. This fixes a little over 40 issues in total.
No other specific fixes or changes this release.
Updated the source code to Gecko 188.8.131.52. This fixes a number of security issues.
- Google Safebrowsing URLs updated to fix problematic downloading of the database updates for reported attack sites.
- Miscellaneous other Google Safebrowsing provider URLs fixed for smoother operation
- Dictionary download URL fixed
- Geolocation info page URL fixed
A new build machine with a fresh install of the environment has been
used for this release, with slightly more memory and a newer HDD than
the previous one and preventing unnecessary headaches due to the loudly
whining Maxtor drive that was used previously. It's still an old P4
machine but it performs a lot better. I would hereby like to thank all the generous donators to the Pale Moon project who have made this possible!
- Checking for updates to Pale Moon is now enabled by default. The checking frequency is once a week.
- Profiling phase slightly changed during building to potentially improve speed and efficiency further.
Manual patch of a security vulnerability listed as Bug 607222 and security announcement MFSA 2010-73 impacting visitors to compromised sites with exploit code specifically targeting this Mozilla vulnerability.
Updated the source code to Gecko 184.108.40.206. This fixes a few stability and security issues.
- "Manage search engines" -> "Get more..." link fixed
- Cosmetic: Changed a large number of occurrences of the "short name" into the more proper "full name"
Note that these changes are language pack specific, so will only be reflected in the US-English installation of Pale Moon.
the source code to Firefox 3.6.9. This fixes a number of
vulnerabilities and adds improved support for webmasters who want to
use browser-side methods to prevent so-called "clickjacking"
- The internal update checker has been re-introduced this
version. Automatic, periodic checking is still disabled since
server-side support for automatic update notifications and patching is
still incomplete at this point in time.
the problem when opening an internet shortcut or local HTML file giving
an error. This should also fix the situation where IE is opened
alongside Pale Moon due to aggressive handling of errors by IE as a
- Fixed the executable identification to read "Palemoon" once again instead of "-APPVERSION"
- Fixed a crash when saving web pages to harddisk
- Fixed installer text placeholders
- Further improved DNS handling
- Changed some internal URLs to match the revamped website
Updated the code base to Firefox 3.6.8. This fixes a number of critical bugs. (3.6.7+3.6.8)
- Add-ons window shows recommended add-ons again
- Browse add-ons link fixed
- Fixed crashes on some pages with heavy plugin use
DNS name lookups and name caching. Pale Moon will make DNS lookups less
often, lowering bandwidth use. (Thanks for the pointer, Jim!)
- Improved page rendering
- Add-ons window shows a longer list of add-ons when using search or the recommended list (10 instead of 5)
the code base to Firefox 3.6.6, this introduces OOPP ("Out Of Process
Plugin") functionality. A few selected plugins have been set to use
this functionality (most notably Apple Quicktime and Adobe Flash), but
most plugins will remain running as before. If these enabled/notorious
plugins become unresponsive, they will be terminated independently
after 20 seconds instead of completely locking up your browser.
Major changes this release:
If you run into any issues migrating your profile with the migration tool, please see the troubleshooting section for instructions how to manually copy your profile over.
- Pale Moon will no longer share its profile with Firefox. Too many people got confused by this fact.
If you are upgrading from an earlier Pale Moon version, your profiles will not be picked up automatically!
To migrate your profile (bookmarks, passwords, add-ons, etc.) to 3.6.6, USE THIS TOOL
- Pale Moon can now run side-by-side with Firefox.
- Cosmetic changes to the menu and other interface elements for a more consistent use of the browser name.
- Functional changes to the help menu.
The Add-on window doesn't list add-ons in the "Get add-ons" tab. The
"Browse all add-ons" link on that page sends the user to a 404 page on
the Mozilla Firefox add-ons page. This will be looked at for the next
release.For the time being, install add-ons directly from the web page:
Updated the code base to Firefox 3.6.3, this fixes an important security vulnerability.
- In certain circumstances, the browser would crash on some
systems due to the memory manager/MS runtime code. This has been fixed.
the code base to Firefox 3.6.2, this fixes a number of crashes and
other problems related to the underlying Firefox code.
Changes this release:
- The experimental parts of the HTML5 parser are disabled by
default, as it causes some problems with some sites (especially ones
using embedded plugins).Feel free to enable it with the about:config html5.enable
if you want to take advantage of advanced HTML5 rendering, but be aware
it's not flawless yet, and may display some pages incorrectly!
- On-download-completion AV scanner completely removed - it
would cause unnecessary delays, has a possible race condition and uses
up unneeded resources for "hanging" threads. With a proper AV resident
scanner, this kind of forced scanning should not be needed anyway -
it's a little paranoid.
- Performance fixes for flash-heavy sites.
- Performance fixes for advanced canvas rendering and streaming.
to what I said with 220.127.116.11 - There has not been a new code base
released in months (seems Mozilla is focusing solely on the next gen of
Firefox and don't care to fix existing problems), so this is a major
update with some added functionality on the existing stable Firefox 3.6
- Hitting Ctrl-Tab in a browser window with multiple tabs now opens graphical previews of the pages! Fancy fancy - see below for an example. Note: If you don't like this and want to go back to the way it was before, swapping to the next tab immediately with Ctrl-Tab, go to about:config and set browser.ctrlTab.previews to false
- Improvements to HTML5
- The acid3 test now gives Pale Moon a score of 95/100 - better than Firefox (scores 93) ;-) - see below for a screenshot.
- Pale Moon now identifies itself as more "Firefox-alike" by default. This will fix many issues people have had with websites.
- Disabled the "on download completion virus scanner" for the time being (can still be switched on, see Troubleshooting).
Some issues with it, like it triggering while there not being a
compatible AV scanner installed when running on XP (causes unnecessary
- Some cosmetic changes.
Ctrl-Tab graphical previews of pages - Click the preview image or simply hover and release the keys to switch!
The Acid3 testresult for Pale Moon 3.6.1
a lot of test runs for this one, to make sure the changes worked as
intended. This will be the last update until there is a major code
change release of the source code.
- Overall boost in speed - optimized the new memory manager and runtime core
- Changed the browser's full name internally from "Pale Moon project" to "Pale Moon" - it's nicer on the eyes
- Some minor cosmetic changes
- Overall major performance increase due to a change in build method
- SVG and Canvas rendering tweaked
A major update, with a lot of changes, please read the release notes in their entirety:
Updated the code base to Firefox 3.6-release.
- Completely redesigned the build environment.
The amount of changes because of this are significant. See the
technical details page for more in-depth information if you really,
really want it.
- Changed the memory manager used, which should increase performance.
- Enabled HTTP pipelining by default for increased
performance for pages with lots of elements
- Improved Windows Vista and Windows 7 compatibility
- you won't ever need this for normal browsing
- Removed wifi access point scanner engine
- Removed unnecessary logging
- Updated graphics and branding to accomodate code base changes
- Some other cosmetic changes
- Update of the Mozilla rendering engine to 1.9.2
- Built-in support for Personas - easily change the look of your browser
(also available as an add-on for older versions of Pale Moon)
- Open, native video in full screen
responsiveness, and startup time.
- Asynchronous scripting support
- Further support for downloadable fonts
- Support for new CSS attributes such as gradients,
background sizing, and pointer events
- Support for new DOM and HTML5 specifications, which allow
for more interactive web pages
I've worked around a major bug with history, bookmarks and the
bookmarks toolbar becoming inaccessible after
upgrading, as well as crashes with the download window. Hopefully
this workaround of some buggy code plaguing a number of Firefox users
(not just on all versions of Windows, but
confirmed on Mac too, at least) works for everyone using Pale Moon.
If, for some reason, you are still having problems with bookmarks or
the bookmarks toolbar or general slow loading of pages or crashes when
trying to download something after the upgrade, please check this
section of the troubleshooting page for potential solutions or revert
to 18.104.22.168 - Some official Firefox users seem to run into the same problems with
3.6, there's not much I can do about what seems to be caused by the
rewrite of Firefox for this version. It may take 1 or 2 point releases
before these kinks are worked out.
I've looked at the OpenGL implementation for incorporating native 3D in
canvas objects, but it has some problems yet, so it's not been included
in this release. This will possibly be added in a later release, but
for the moment is not very high priority.
- Antivirus and Pale Moon: Pale Moon 3.6 may crash
when you have a resident scanner active. The antivirus download
scanner is still a bit of an Achilles' heel of Pale Moon, I may
remove it from future releases if this remains an issue. If you use
Avast or another AV package that scans on download (browser
integration), please try disabling it if Pale Moon hangs/crashes when
up. This is in part due to the complete changeover of build environment
that was done and the quirks resulting from it (a lot has changed and
will need some trial and error to find the optimal combination of
components/settings again like before). This is being worked on as it may be causing a slight decrease in performance on some systems or some sites.
- Greasemonkey does not work with the current version. This should be fixed in the next release.
Release Notes 3.5 series
3.5.8 (27 Feb 2010)
A major update for the 3.5.x series browsers. Everyone running Pale Moon 3.5 browsers is recommended to upgrade to this version.
This browser is based on the Firefox 3.5.8 source code, released 17 Feb 2010.
- No more page stalls! I think I finally eliminated this problem for good.
- Using the experience gained from building 3.6 versions I've
incorporated similar optimizations into 3.5.8, this will see increase
in performance over earlier versions.
- Used PGO with a custom browse profile to further optimize speed and efficiency of the browser.
- Extension/add-on manager problems fixed
identification changed - this will fix a LOT of
problems with websites that use a too strict checking on specific
browsers (They will now see Pale Moon 3.5.8 as if it is Firefox 3.5).
You shouldn't need any manual changes of the useragent anymore to use
minor update to include some default network settings in the browser
when installed (most notably prefetching of links being disabled). This
should fix any page load
problems there were because of some problems with the underlying
Firefox code. Since the problem is hard to reproduce, there is no 100%
guarantee this will fix it if you suffer from page load problems on
some sites, but on the systems it was tested on, it seems to work
properly again, now.
- Updated the code base to Firefox 3.5.6 - this includes over
60 bugfixes and stability improvements.
- Removed the internal updater module - Pale Moon doesn't
have the server-side components for automatic updates, so this is
redundant. This also removes the "Check for updates" menu entry.
- Fixed the manual update check URL to point to the right
page (Pale Moon's homepage).
- Included some additional options for networking buffers.
Apart from improving overall networking performance this may also help
with some timing issues that were reported when trying to load pages.
Updated the code base to Firefox 3.5.5.
Created a palemoon-portable package! Take pale moon with you anywhere,
- Branding issues solved
- Main executable name problem solved. Installer updated
accordingly. No source modifications were necessary, after all.
- Some incorrect strings solved (localization problems with
hard-coded "Firefox" in error messages)
- Installer/uninstaller: In some cases, when Pale Moon and
Firefox are installed side-by-side, the uninstaller may remove
someone's profile bookmarks/plugins. The same goes for Firefox's
uninstaller when used in this situation.
Updated the code base to Firefox 3.5.4. (20-10-2009)
- Release notes URL (in the help menu) fixed
- Download scanner AV compiler problem fixed. Scanning
on-download for some AV suites now works exactly as intended.
- Aesthetical: main executable name is firefox.exe, not
palemoon.exe - Apparently this cannot be fixed at compile-time without
changing the source code, and I do not wish to deviate from the
official source of Firefox. I will look into this when I have time to
look at the packaging system for distribution and the installer. It is
First public release of the Pale Moon browser.
- Release notes URL (in the help menu) is incorrect
- Aesthetical: main executable name is firefox.exe, not