[tbb-bugs] #25147 [Applications/Tor Browser]: Backport of fix shipped in Firefox 58.0.1?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 5 13:34:08 UTC 2018
#25147: Backport of fix shipped in Firefox 58.0.1?
------------------------------------------+--------------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
| TorBrowserTeam201802
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+--------------------------------
We could think about backporting the sec-critical fix shipped in Firefox
58.0.1:
https://hg.mozilla.org/releases/mozilla-
release/rev/c2db4a50dc5c93b44852d9a5201f7ec062ecc6cb
ESR 52 got audited and this issue was not found there. We could use the
backport as a defense-in-depth as it closes out a whole attack vector. The
patch is largish, though.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25147>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list