[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #32896 [Applications/Tor Browser]: Keep track of security updates to parts of Tor Browser
#32896: Keep track of security updates to parts of Tor Browser
------------------------------------------+--------------------------
Reporter: gk | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords: tbb-security
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+--------------------------
Tor Browser is actually bundle containing a bunch of software pieces like
Firefox, Tor, NoScript, OpenSSL. For some of those pieces (like Firefox,
Tor, NoScript) there is a way to keep track of security issues and their
fixes, be it due to code inspection and notification or, kind of, due to
automatic updates as in the NoScript case. But that does not hold for
every piece of the bundle.
We should two things to have at least a better overview about potential
security issues we want to fix:
a) We need to come up with all the parts of the bundle parts we think we
should track for security issues.
b) We need to actually track those pieces.
Mozilla had a [https://github.com/mozilla-services/third-party-library-
alert third-party library alert] tjr worked on a while back, which we
might be able to look at for help.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32896>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs