[tor-bugs] #20772 [Applications/Tor Browser]: src="data:< ; base64 images rendered when "Show images"="Blocked"

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 28 23:36:27 UTC 2016


#20772: src="data:<;base64 images rendered when "Show images"="Blocked"
--------------------------------------+------------------------------
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_review
 Priority:  High                      |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Critical                  |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+------------------------------
Changes (by cypherpunks):

 * status:  new => needs_review
 * priority:  Medium => High
 * severity:  Normal => Critical


Comment:

 In light of all the past attacks on images, the length of time zero days
 can exist, the increased security focus of TBB compared to Firefox, the
 fact that Mozilla have all but markrd this WONTFIX (despite patches being
 provided, and the fact that soon it will be legal to hack everyone on
 Earth without restriction, might you possibly reconsider leaving this to
 Mozilla?

 Even if all you say is "pull requests welcome", that's far better than
 "WONTFIX". The patches in the Mozilla bug you linked to probably work as-
 is in TBB, but compiling a custom TBB would stand out eay to much. I beg
 you, please consider including one of the patches from
 https://bugzilla.mozilla.org/show_bug.cgi?id=331257

 Systems are routinely compromised by images; http://search.us-
 cert.gov/search?utf8=%E2%9C%93&input-form=advanced&affiliate=us-cert
 &query-or=JPEG+GIF+PNG+BMP&per-page=10&filter=off&x=31&y=9 therefor
 raising priority. Please forgive my stubborness on this, it just seems
 extremely dangerous.

 I can't compile it to test but the patches in the Mozilla thread lokely
 just need a brief review and merge, I hope.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20772#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list