[tor-bugs] #6735 [Firefox Patch Issues]: TBB-Firefox leaks the OS and kernel version to Mozilla update servers
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Aug 30 03:18:42 UTC 2012
#6735: TBB-Firefox leaks the OS and kernel version to Mozilla update servers
----------------------------------+-----------------------------------------
Reporter: rransom | Owner: mikeperry
Type: defect | Status: new
Priority: major | Milestone:
Component: Firefox Patch Issues | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
‘echelon’ also reports that TBB-Firefox sends the OS and kernel version
when he/she/it opens the ‘About TorBrowser’ dialog:
{{{
2012-08-30 01:56:53 <echelon>
https://aus3.mozilla.org/update/3/Firefox/10.0.5/20120608001639/Linux_x86-gcc3
/en-
US/default/Linux%202.6.37.6-smp%20(GTK%202.24.4)/default/default/update.xml?force=1
}}}
(It probably shouldn't be connecting to that server at all, because an
update package containing an unpatched Firefox would make TBB completely
unsafe.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6735>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list