[guardian-dev] Fwd: Re: [tor-talk] Javascript exploit
Nathan of Guardian
nathan at guardianproject.info
Wed Nov 30 10:01:42 EST 2016
We'll be doing a new release of Orfox with this as well.
----- Original message -----
From: Georg Koppen <gk at torproject.org>
To: tor-talk at lists.torproject.org
Subject: Re: [tor-talk] Javascript exploit
Date: Wed, 30 Nov 2016 12:08:00 +0000
Roger Dingledine:
> On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch at sigaint.org wrote:
>> This is an Javascript exploit
>
> Thanks. I pointed some folks on irc to this mail, and Daniel Veditz
> (Mozilla Security Team) said "the Firefox team was sent a copy of that
> this morning. We've found the bug being used and are working on a patch."
>
> So it sounds like the immediate next step is that Mozilla finishes their
> patch for it; then the step after that is a quick Tor Browser update. And
FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a
couple of hours. Updates to the alpha and hardened series will we
provided as well thereafter.
Georg
> somewhere in there people will look at the bug and see whether they
> think it really does apply to Tor Browser.
>
> --Roger
>
--
tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
--
Nathan of Guardian
nathan at guardianproject.info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20161130/64902d92/attachment.sig>
More information about the guardian-dev
mailing list