[guardian-dev] Fwd: Re: [tor-talk] Javascript exploit

Nathan of Guardian nathan at guardianproject.info
Wed Nov 30 10:06:33 EST 2016


Time for an Orfox release!

----- Original message -----
From: Georg Koppen <gk at torproject.org>
To: tor-talk at lists.torproject.org
Subject: Re: [tor-talk] Javascript exploit
Date: Wed, 30 Nov 2016 12:08:00 +0000

Roger Dingledine:
> On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch at sigaint.org wrote:
>> This is an Javascript exploit
> 
> Thanks. I pointed some folks on irc to this mail, and Daniel Veditz
> (Mozilla Security Team) said "the Firefox team was sent a copy of that
> this morning. We've found the bug being used and are working on a patch."
> 
> So it sounds like the immediate next step is that Mozilla finishes their
> patch for it; then the step after that is a quick Tor Browser update. And

FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a
couple of hours. Updates to the alpha and hardened series will we
provided as well thereafter.

Georg

> somewhere in there people will look at the bug and see whether they
> think it really does apply to Tor Browser.
> 
> --Roger
> 


-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


-- 
  Nathan of Guardian
  nathan at guardianproject.info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20161130/174b1356/attachment.sig>


More information about the guardian-dev mailing list