[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Firefox security bug (proxy-bypass) in current TBBs

Thus spake unknown (unknown@xxxxxxxxx):

> > See https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
> > for the security advisory.

> Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux way):

Repasting my comment at
https://trac.torproject.org/projects/tor/ticket/5741#comment:21 here:

For people who use layered defenses: Please add iptables rules/AppArmor
rules/whatever rules that LOG violations so we can learn about them. We
are desperately in need of testers and auditors so this never happens in
production again. See also #3846 and consider signing up to test builds
in your hardened, auditing setups.

Mike Perry

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list