Roger Dingledine: > On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch@xxxxxxxxxxx wrote: >> This is an Javascript exploit > > Thanks. I pointed some folks on irc to this mail, and Daniel Veditz > (Mozilla Security Team) said "the Firefox team was sent a copy of that > this morning. We've found the bug being used and are working on a patch." > > So it sounds like the immediate next step is that Mozilla finishes their > patch for it; then the step after that is a quick Tor Browser update. And FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a couple of hours. Updates to the alpha and hardened series will we provided as well thereafter. Georg > somewhere in there people will look at the bug and see whether they > think it really does apply to Tor Browser. > > --Roger >
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk