[tbb-commits] [tor-browser-spec/master] Update FF78/87 audits

sysrqb at torproject.org sysrqb at torproject.org
Tue Apr 6 00:24:50 UTC 2021


commit 9e063f9d09855fb38770d06ea6b8afb00100e259
Author: Matthew Finkel <sysrqb at torproject.org>
Date:   Mon Apr 5 22:09:37 2021 +0000

    Update FF78/87 audits
---
 audits/FF78_NETWORK_AUDIT | 2 +-
 audits/FF87_NETWORK_AUDIT | 8 ++++----
 audits/code_audit.sh      | 2 ++
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/audits/FF78_NETWORK_AUDIT b/audits/FF78_NETWORK_AUDIT
index d73f450..6626dda 100644
--- a/audits/FF78_NETWORK_AUDIT
+++ b/audits/FF78_NETWORK_AUDIT
@@ -1,6 +1,6 @@
 Summary of findings: https://gitlab.torproject.org/tpo/applications/fenix/-/issues/34177
 
-`git diff 8da33f6c34c0ca5b1d7bca58ca86cb5e436333e8 bace0d2a46cabd36f5bdc738c000f15ae4a4225c`
+`git diff 8da33f6c34c0ca5b1d7bca58ca86cb5e436333e8 4735a392536150f49518c48aa9510cf313603b92`
 and then go over all the changes containing the
 above mentioned potentially dangerous calls and features. Grep the diff for
 the following strings and examine surrounding usage.
diff --git a/audits/FF87_NETWORK_AUDIT b/audits/FF87_NETWORK_AUDIT
index 8874897..fba3a86 100644
--- a/audits/FF87_NETWORK_AUDIT
+++ b/audits/FF87_NETWORK_AUDIT
@@ -1,7 +1,7 @@
 Start: fe9560804bef331ff346f3fd3b05e74122fdd30b # FIREFOX_86_0_BUILD2
-End:   1be3d58406ce4dd8af63a169482ae4ca1709d8e5 # FIREFOX_87_0b9_BUILD1
+End:   4068febfd76d9ec557591240d7496be42c27c17f # FIREFOX_87_0_BUILD3
 
-`git diff fe9560804bef331ff346f3fd3b05e74122fdd30b 1be3d58406ce4dd8af63a169482ae4ca1709d8e5`
+`git diff fe9560804bef331ff346f3fd3b05e74122fdd30b 4068febfd76d9ec557591240d7496be42c27c17f`
 and then go over all the changes containing the
 below mentioned potentially dangerous calls and features. Grep the diff for
 the following strings and examine surrounding usage.
@@ -120,7 +120,7 @@ End:   1ee6b32f3ee569036fdf1015cf7ffc01ded2860f # v71.0.0
 ============ Android Components Portion =============
 
 Start: 095c0ef007ada4dab8561bef69e43bf6db1d3298 # v72.0.15
-End:   ecccbf2da2b0572a1d600cce447d47f2eae0de9a # v73.0.3
+End:   bea80bbaccc431994a534a087b223563826ac256 # v73.0.11
 
 # FF87 (using `java_audit.sh`)
 # Commit 6edfec5fe464e4b1d0eb82ed8825526036d861c8
@@ -138,7 +138,7 @@ End:   ecccbf2da2b0572a1d600cce447d47f2eae0de9a # v73.0.3
 ============ Fenix Portion =============
 
 Start: db196d0e49eb0f69ab620856491deb8c4c7ccf57 # v86.1.0
-End:   82c8a64ca0b8bd5e6ea88395cba41c0db68d0a36 # v87.0.0-beta.4
+End:   9d91b8eeb9d287ee95937b5edfffde383982267a # v87.0.0-rc.1
 
 # FF87: (using `java_audit.sh`)
 #  - c9b8f57f96e9188746391885a065428df62f3ff9
diff --git a/audits/code_audit.sh b/audits/code_audit.sh
index 3586470..c7c0848 100755
--- a/audits/code_audit.sh
+++ b/audits/code_audit.sh
@@ -53,6 +53,8 @@ initialize_java_symbols() {
     KEYWORDS+=(AppLinksInterceptor)
     KEYWORDS+=(AppLinksUseCases)
     KEYWORDS+=(ActivityDelegate)
+    # Added in FF87 audit
+    KEYWORDS+=(AutofillService)
 }
 
 initialize_rust_symbols() {



More information about the tbb-commits mailing list