http://cdn-www.airliners.net/aviation-photos/photos/1/0/0/0863001.jpghttp://upload.wikimedia.org/wikipedia/commons/thumb/a/ad/Orka1.JPG/800px-Orka1.JPG
На работе palemoon завалялся, скрин во вложении. C favicon'ами точно такая же история.
Посмотрите на последнию версию в http://git.altlinux.org/tasks/148648/. Если всё нормально, то пойдёт в p7, z c Андреем договорился.
Ссылка для теста
25.7.2 (2015-10-02)This is a stability update, addressing 2 critical hangs: Fixed a critical hang caused by recursive reloads that might happen in iframes if its hash changed. Fixed a critical hang caused by lazy-loading of stylesheets through a specific web programming technique as advocated by Google's PageSpeed.25.7.1 (2015-09-28)This is a security, stability and web-compatibility update. This also marks a security update for the Android version of Pale Moon to keep users of the otherwise currently unmaintained OS updated regarding known security vulnerabilities.Fixes/changes: Code cleanup: Removed the majority of remaining telemetry code (including the data reporting back-end and health report) to prevent a few issues with partially removed code in earlier versions. Fixed a crash due to handling of bogus URIs passed to CSS style filters (e.g. whatsapp's web interface). Permitted spec-breaking syntax in Regex character classes, allowing ranges that would be permitted per the grammar rules in the spec but not necessarily following the syntax rules. This impacts a good number of (also higher profile) sites that use invalid ranges in regular expressions (e.g. Cisco's networking academy site, Yahoo Fantasy Football). Fixed a crash due to the newly introduced WASAPI handling of audio channel mapping that doesn't like actual surround hardware setups (e.g. playing a video with quadraphonic audio on a 4-speaker setup). Fixed an issue where site-specific dictionary selections would be written to content preferences without the user's action, potentially overwriting or clearing a previously-chosen dictionary. Added support for drag and drop of local files from sources which use text/uri-lists. (Some Linux flavors/file managers) Updated libnestegg to the most current version. Fixed an issue where setting the location to an empty string could cause a reload loop.Security fixes: Changed the jemalloc poison address to something that is not a NOP-slide. DiD Fixed a memory safety hazard in ConvertDialogOptions (CVE-2015-4521) Fixed a buffer overflow/crash hazard in the VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE (CVE-2015-7179) Fixed an overflow/crash hazard in the XULContentSinkImpl::AddText function (CVE-2015-7175) Fixed a stack buffer overread hazard in the ICC v4 profile parser (CVE-2015-4504) Fixed an HTMLVideoElement Use-After-Free Remote Code Execution 0-day vulnerability (ZDI-CAN-3176) (CVE-2015-4509) Fixed a potentially exploitable crash in nsXBLService::GetBinding Fixed a memory safety hazard in nsAttrAndChildArray::GrowBy (CVE-2015-7174) Fixed a memory safety hazard for callers of nsUnicodeToUTF8::GetMaxLength (CVE-2015-4522) Fixed a heap buffer overflow/crash hazard caused by invalid WebM headers (CVE-2015-4511)DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to an actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.
Fixed an HTMLVideoElement Use-After-Free Remote Code Execution 0-day vulnerability (ZDI-CAN-3176) (CVE-2015-4509)
25.7.3 (2015-10-14)This is a usability update needed due to the fact that Mozilla has shut down they key exchange (J-PAKE) server along with the old Sync servers. This was unexpected and required us to set up our own key server (testing indicates this works as-expected, but please do report any issues on the forum) - which also required reconfiguration of the browser.Please note that older versions of the browser will no longer be able to link devices to a sync account using the 12-character code since it requires a Mozilla server no longer present. If you need this functionality, you must update to this version or later.
