[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Javascript exploit



Roger Dingledine:
> On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch@xxxxxxxxxxx wrote:
>> This is an Javascript exploit
> 
> Thanks. I pointed some folks on irc to this mail, and Daniel Veditz
> (Mozilla Security Team) said "the Firefox team was sent a copy of that
> this morning. We've found the bug being used and are working on a patch."
> 
> So it sounds like the immediate next step is that Mozilla finishes their
> patch for it; then the step after that is a quick Tor Browser update. And

FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a
couple of hours. Updates to the alpha and hardened series will we
provided as well thereafter.

Georg

> somewhere in there people will look at the bug and see whether they
> think it really does apply to Tor Browser.
> 
> --Roger
> 


Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk