[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] TBB lags behind as Firefox ESR 10.0.6 is released



https://www.mozilla.org/en-US/firefox/organizations/all.html

but there hasn't been any update yet for The Tor Browser Bundle, which
has a Tor Browser version of 10.0.5.

- https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html

Fixed in Firefox ESR 10.0.6
MFSA 2012-56 Code execution through javascript: URLs
MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
MFSA 2012-54 Clickjacking of certificate warning page
MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data
leakage
MFSA 2012-52 JSDependentString::undepend string conversion results in
memory corruption
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-46 XSS through data: URLs
MFSA 2012-45 Spoofing issue with location
MFSA 2012-44 Gecko memory corruption
MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)

0ff T0pic:

instead of working on stuff like this:
https://lists.torproject.org/pipermail/tor-reports/

they should create an official clear net discussion f0rum.

"The idea is to share more with the community and give people a chance to
ask questions directly of the people doing the work."

that is the purpose of a F0RUM, not another MAILING LIST used by the 1%.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk