[tbb-bugs] #30141 [Applications/Tor Browser]: Double-check exoplayer library for vulnerabilities
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 11 20:35:59 UTC 2019
#30141: Double-check exoplayer library for vulnerabilities
------------------------------------------+------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords: tbb-mobile
Actual Points: | Parent ID: #30139
Points: | Reviewer:
Sponsor: |
------------------------------------------+------------------------
The exoplayer library currently used (r2.4.0) is rather old (latest stable
is r2.9.6) and Mozilla has already found some defects with the help of
coverity that should get fixed (see:
https://bugzilla.mozilla.org/show_bug.cgi?id=1371247). There are potential
security bugs that got fixed between r2.4.0 and r2.9.6 that we should pick
up as well.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30141>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list