[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5477 [EFF-HTTPS Everywhere]: Surprising DOM origins before HTTPS-E/NoScript redirects have completed



#5477: Surprising DOM origins before HTTPS-E/NoScript redirects have completed
-------------------------------------+--------------------------------------
    Reporter:  Drugoy                |       Owner:  ma1            
        Type:  defect                |      Status:  reopened       
    Priority:  blocker               |   Milestone:                 
   Component:  EFF-HTTPS Everywhere  |     Version:                 
  Resolution:                        |    Keywords:  MikePerry201204
      Parent:                        |      Points:  7              
Actualpoints:  7                     |  
-------------------------------------+--------------------------------------
Changes (by Drugoy):

  * status:  closed => reopened
  * priority:  major => blocker
  * resolution:  fixed =>


Comment:

 This is a critical security vulnerability. 1.5 months have passed since I
 reported it. It is still not fixed (neither in 2.0.3 nor in 3.0.2.), and
 there are thousands of users that may get hacked.
 I think you don't give a ~~f~~care about users of your products and such
 critical vulnerabilities if you don't even test whether the bug is fixed
 or not.
 Well, you obviously are not that good as you pretend to be.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5477#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs