Pale Moon 25.6

Pale Moon

Pale Moon is a custom-built and optimized Firefox-based browser for Windows operating systems with current, high performance processors. It looks identical to the standard Firefox browser and supports Firefox extensions, themes and identities.

Features:

Highly optimized for modern processors
100% Firefox sourced: As safe as the browser that has seen years of development.
Uses slightly less memory because of disabled redundant and optional code
Significant speed increases for page drawing and script processing
Stability: experience fewer browser crashes.
Support for SVG and Canvas, and downloadable fonts including WOFF
Support for HTML5 and WebGL (v4+)
Support for Firefox extensions (add-ons), themes and personas
Support for OOPP (Out-of-process plugin execution)
Able to use existing Firefox bookmarks and settings with this migration tool

Pale Moon 25.6.0 fixes/changes:

Canvas anti-fingerprinting option: Pale Moon now includes the option to make canvas fingerprinting much more difficult. By setting the about:config preference canvas.poisondata to true, any data read back from canvas surfaces will be "poisoned" with humanly-imperceptible data changes. By default this is off, because it has a large performance impact on the routines reading this data.
Added a feature to allow icon fonts to be used even when users disallow the use of document-specified fonts. This should retain full navigation for icon-font heavy websites (no more dreaded "boxes" with hex codes) when custom text fonts are disabled.
Added a feature to prevent screen savers from kicking in when playing full-screen HTML5 video. This is currently not yet operational on Linux because of stability issues we've run into on that OS, but Windows should properly benefit from this change.
The "autocomplete=off" parameter for signon forms is now completely ignored by default, to keep the user in control of their browser's behavior and allowing credentials to be saved if wished. If you prefer the previous behavior, allowing a website to determine whether autocomplete should be allowed or not, then change the about:config preference signon.ignoreAutocomplete to false.
Reinstated the packaging of pre-compiled scripts in the browser. Hopefully this will fix the reports by some users who found that initial start-up after installation/upgrade of the browser was unacceptably slow. Unfortunately this means a slightly larger download/install size as a trade-off.
Added the option to use Chrome://../skin/ overrides, in effect allowing the use of "Icon themes"; toolbar icon replacements to customize your browser icons without the need for any CSS or full-blown theming.
Added a count for the number of matches in the find bar. it will now list the total number of matches found, and which match is the currently highlighted one.
Fixed the issue where highlighted words after finding and highlighting them all in a page would remain highlighted when closing the find bar.
Added support for CSP 'nonce' keywords (CSP 1.1/2.0). Please note that this is still experimental and may not work 100% as-expected. Please report any bugs you may find.
Aligned CSP more with the spec in terms of reporting and case-sensitivity of matches, and made it more app-friendly.
Added -moz-os-version selectors for @media CSS queries to simplify theming on different operating systems (esp. Windows).
Updated and improved several languages for the Status Bar code, and added Slovenian.
Fixed an issue in the internal updater window not showing proper language strings.
Fixed an issue where the unexpected use of "backface-visibility" on non-3D transformed elements (like the body) would break positioned elements on web pages.
Fixed text positioning in the combobox display area when a non-default height is set for the combobox.
Fixed a crash caused by bad Opus audio encoding in media files.
Fixed a crash when trying to measure memory in about:memory while playing video.
Fixed a rare crash in sLayersAccelerationPrefsInitialized
Fixed miscellaneous other crashes.
Fixed a DNS prefetching issue for the people using this feature.
Fixed an issue with single-word searches from the address bar when a proxy is in use.
Fixed a number of build issues on Linux when using system libs.
Added support for link-time optimization on newer Linux compilers.
Removed more telemetry code (ongoing project!).

Security fixes:

Fixed a memory safety bug due to a bad test in nsZipArchive.cpp (CVE-2015-2735).
Fixed a memory safety bug in nsZipArchive::BuildFileList (CVE-2015-2736).
Fixed a memory safety bug caused by an overflow in nsXMLHttpRequest::AppendToResponseText (CVE-2015-2740).
Fixed a Use After Free in CanonicalizeXPCOMParticipant (CVE-2015-2722).
Fixed off-main-thread nsIPrincipal use of various consumers in the tree (only grab the principal when needed).
Fixed an issue where an IPDL message was sent off the main thread.
Fixed a potentially exploitable TCPSocket crash due to a race condition.