[guardian-dev] Fwd: Re: [tor-talk] Javascript exploit

Nathan of Guardian nathan at guardianproject.info
Wed Nov 30 10:01:42 EST 2016

We'll be doing a new release of Orfox with this as well.

----- Original message -----
From: Georg Koppen <gk at torproject.org>
To: tor-talk at lists.torproject.org
Subject: Re: [tor-talk] Javascript exploit
Date: Wed, 30 Nov 2016 12:08:00 +0000

Roger Dingledine:
> On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch at sigaint.org wrote:
>> This is an Javascript exploit
> Thanks. I pointed some folks on irc to this mail, and Daniel Veditz
> (Mozilla Security Team) said "the Firefox team was sent a copy of that
> this morning. We've found the bug being used and are working on a patch."
> So it sounds like the immediate next step is that Mozilla finishes their
> patch for it; then the step after that is a quick Tor Browser update. And

FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a
couple of hours. Updates to the alpha and hardened series will we
provided as well thereafter.


> somewhere in there people will look at the bug and see whether they
> think it really does apply to Tor Browser.
> --Roger

tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to

  Nathan of Guardian
  nathan at guardianproject.info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20161130/64902d92/attachment.sig>

More information about the guardian-dev mailing list