[tor-bugs] #20442 [Applications/Tor Browser]: Backport fix for CVE-2016-5279: local path disclosure after drag and drop (bug 1249522)

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Oct 24 07:18:27 UTC 2016


#20442: Backport fix for CVE-2016-5279: local path disclosure after drag and drop
(bug 1249522)
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  task                                 |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  TorBrowserTeam201610,                |  Actual Points:
  GeorgKoppen201610                              |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by gk):

 We want to have at least the following revisions backported:

 https://hg.mozilla.org/mozilla-central/rev/d4e621e02edc
 https://hg.mozilla.org/mozilla-central/rev/bb36d2769fe3

 I guess it can't hurt fixing the intermittently failing related test as
 well with

 https://hg.mozilla.org/releases/mozilla-beta/rev/7219e6b8ae72

--
Ticket URL: <https://troodi.torproject.org/projects/tor/ticket/20442#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list