Pale Moon 28.2.0

Fixed a major performance issue with web workers.
Fixed a rare crash on local networks with HTTP basic auth and unsupported cipher suites.
Fixed a performance/timer issue when leaving the browser idle.
Fixed an issue causing an empty dialog when launching executable files from the browser.
Fixed an issue preventing making entries to disallow sites to store data for off-line use.
Removed code to prevent extensions with binary components.
Fixed an issue with common dialogs being sized incorrectly for their content.
Fixed an issue with event handling on the tab bar that would cause frustrating behavior when trying to open/close tabs in rapid succession.
Switched default behavior for scrolling when a context or pop-up menu is open to allow scrolling, like in v27. This also affects scrolling in very long menus, e.g. bookmarks.
Added experimental Asynchronous Panning and Zooming (APZ) for desktop use.
Re-enabled the use and parsing of ICC v4 color profiles.
Removed telemetry code from the caching subsystem.
Improved full-screen detection for suppressing status messages.
Made all arguments passed to Init*Event() optional except the first for parity with other browsers.
Cleaned up some internal installer code.
Fixed making caret width configurable when dealing with CJK characters (regression).
Fixed drawing of table borders consistently when zooming a page (regression).
Exposed the "Save download location per site" pref in about:config.
Improved media handling (ongoing).
Added experimental support for AV1 in WebM videos (disabled by default).
Note: this is for WebM only for now, so MP4 and MSE AV1 streams (e.g. YouTube) will not (yet) play.
Removed the (defunct and incomplete) in-browser translation code.
Fixed an issue with CSS Grid layouts unnecessarily shrinking element blocks.
Fixed notification settings menu entry (opes about:permissions with relevant data now).
Fixed the launching of an undesirable background content process for capturing page thumbnails.
Fixed a focus issue in the bookmark properties dialog.
Changed the setting for reporting CSS errors to the console to false by default, to prevent unnecessary performance loss for recording this data.
Added control mechanisms for Opportunistic Encryption (both for alternative services and upgrade-insecure-requests) in preferences, and disabled this by default due to potential security and privacy issues with this transitional technology.
Updated the default reported Firefox version in Firefox Compatibility Mode to prevent "too old Firefox" complaints on websites.
Updated libnestegg, ffvpx, reader view components and several other modules from upstream.
Implemented security fixes for CVE-2018-12381, CVE-2017-7797, a better fix for CVE-2018-12386 (DiD), CVE-2018-12401 (DiD), CVE-2018-12398, CVE-2018-12392, several Skia bugs, and several crashes and memory safety hazards that do not have a CVE number.