[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Torbutton 1.1.13-alpha released

To: or-talk@xxxxxxxx
Subject: Torbutton 1.1.13-alpha released
From: Mike Perry <mikeperry@xxxxxxxxxx>
Date: Sun, 3 Feb 2008 13:46:29 -0800
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 03 Feb 2008 16:46:37 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.2.2i

Version 1.1.13 of the development series of the Torbutton Firefox
Extension has been released at https://torbutton.torproject.org/dev/

This release features a couple of important security fixes to work
around two Firefox bugs. Firefox bug 409737 allows pages to still
execute some javascript after Tor has been toggled, and Firefox bug
401296 allows plugins to be loaded via direct links and
meta-refreshes.

Here is the complete changelog:
 * bugfix: Implement workarounds to disable Javascript network access 
   for Firefox Bug 409737
 * bugfix: Improved plugin-disabling workarounds for Firefox Bug
   401296 
 * misc: Set network.protocol-handler.warn-external.* to warn on
   external app handlers during Tor usage
 * misc: Disable browser.safebrowsing.enabled during Tor usage since
   it retrieves some information in plaintext.
 * misc: Disable browser.send_pings.
 * misc: Block Javascript back/forward manipulation if Tor is enabled
 * new: Option to clear HTTP auth on Tor toggle

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpHLmNwQHMAE.pgp
Description: PGP signature

Prev by Author: Re: Tor slow no matter what I do.
Next by Author: Re: Maybe Firfox isn't the best choice for privacy?
Previous by thread: Re: A root-server for about 30EUR for an exitnode?
Next by thread: xB Browser 2.0.0.11a released
Index(es):
- Author
- Thread