Right now the only things browsers have done is disable SharedArrayBuffer (which is not in 52) and reduce timer precision (which TB has already done more than any other browser.)
Eventually there will be patches to consider backporting, but they don't exist yet.
-tom
On 6 January 2018 at 18:03, Nathan Freitas nathan@freitas.net wrote:
Not sure if there is an open ticket I should be monitoring, or a meeting I missed, but just saw the Firefox update to address Meltdown and Spectre: https://www.mozilla.org/en-US/firefox/57.0.4/releasenotes/
Are Tor Browser and Orfox vulnerable these attacks? Has this been covered somewhere else?
Thanks, and just figuring out if my week ahead is going to be spent on an urgent Orfox release or not!
+n _______________________________________________ tbb-dev mailing list tbb-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev