[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5477 [EFF-HTTPS Everywhere]: Surprising DOM origins before HTTPS-E/NoScript redirects have completed

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5477 [EFF-HTTPS Everywhere]: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 08 May 2012 07:18:53 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 08 May 2012 03:19:09 -0400
In-reply-to: <046.ae2ee838b13caea9348aa964fae75ba1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.ae2ee838b13caea9348aa964fae75ba1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5477: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
-------------------------------------+--------------------------------------
    Reporter:  Drugoy                |       Owner:  ma1            
        Type:  defect                |      Status:  reopened       
    Priority:  blocker               |   Milestone:                 
   Component:  EFF-HTTPS Everywhere  |     Version:                 
  Resolution:                        |    Keywords:  MikePerry201204
      Parent:                        |      Points:  7              
Actualpoints:  7                     |  
-------------------------------------+--------------------------------------
Changes (by Drugoy):

  * status:  closed => reopened
  * priority:  major => blocker
  * resolution:  fixed =>


Comment:

 This is a critical security vulnerability. 1.5 months have passed since I
 reported it. It is still not fixed (neither in 2.0.3 nor in 3.0.2.), and
 there are thousands of users that may get hacked.
 I think you don't give a ~~f~~care about users of your products and such
 critical vulnerabilities if you don't even test whether the bug is fixed
 or not.
 Well, you obviously are not that good as you pretend to be.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5477#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5803 [Tor bundles/installation]: Vidalia Relay Bundle MS Win 7 64-bit installer - Vidalia can't launch Tor.exe
Next by Author: Re: [tor-bugs] #5803 [Tor bundles/installation]: Vidalia Relay Bundle MS Win 7 64-bit installer - Vidalia can't launch Tor.exe
Previous by thread: Re: [tor-bugs] #5804 [EFF-HTTPS Everywhere]: pandora broke in https-everywhere-2.0.3
Next by thread: Re: [tor-bugs] #5477 [EFF-HTTPS Everywhere]: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
Index(es):
- Author
- Thread