[tor-bugs] #22974 [Applications/Tor Browser]: NoScript (and Tor Browser) vulnerable to Mozilla Add-On Code Execution
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 7 10:39:18 UTC 2017
#22974: NoScript (and Tor Browser) vulnerable to Mozilla Add-On Code Execution
--------------------------------------+--------------------------
Reporter: tom | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by cypherpunks):
FF57 is just right around the corner (a week) and it may be time to lock
the NoScript update with the next TB update since:
https://forums.informaction.com/viewtopic.php?f=7&t=23173&start=30#p90133
> Unfortunately some APIs have been deferred by the Firefox team to 58.
> NoScript will be released as a WebExtension for Firefox 57 with all the
major functionalities but some limitations (mostly related to features
used by the Tor Browser, which require the still missing APIs), while
feature parity with "legacy" NoScript will be guaranteed only when the Tor
Browser gets its next major upgrade, i.e. in March 2018 when it will be
based on Firefox 59.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22974#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list