[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28134 [Internal Services/Service - trac]: upgrade jQuery File Upload to 9.22.1 (CVE-2018-9206)

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #28134 [Internal Services/Service - trac]: upgrade jQuery File Upload to 9.22.1 (CVE-2018-9206)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 04 Feb 2019 23:31:48 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 04 Feb 2019 18:31:57 -0500
In-reply-to: <051.1261c559fd1488f0445aa51fcda78d20@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.1261c559fd1488f0445aa51fcda78d20@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#28134: upgrade jQuery File Upload to 9.22.1 (CVE-2018-9206)
----------------------------------------------+-------------------------
 Reporter:  traumschule                       |          Owner:  qbi
     Type:  defect                            |         Status:  closed
 Priority:  Immediate                         |      Milestone:
Component:  Internal Services/Service - trac  |        Version:
 Severity:  Normal                            |     Resolution:  invalid
 Keywords:                                    |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------
Changes (by qbi):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 Thanks for your report. As far as I see it we don't use `.htaccess` nor do
 we use the upload jQuery functionality. Thatswhy trac is not vulnerable.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28134#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #28685 [Applications/Tor Browser]: Tor Browser for Android needs a more dynamic Build ID
Next by Author: Re: [tor-bugs] #24196 [Applications/Tor Browser]: Updating 64bit users to the Windows 64 version
Previous by thread: Re: [tor-bugs] #28329 [Applications/Tor Browser]: Design TBA+Orbot configuration UI/UX
Next by thread: Re: [tor-bugs] #5179 [Core Tor/Tor]: Typo in crypto_hmac_sha256 documentation comment
Index(es):
- Author
- Thread