[tor-talk] Firefox security bug (proxy-bypass) in current TBBs
Mike Perry
mikeperry at torproject.org
Thu May 3 20:21:04 UTC 2012
Thus spake unknown (unknown at pgpru.com):
> > See https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs
> > for the security advisory.
> Any potential DNS-leakage can be prevented with iptables (Debian GNU/Linux way):
Repasting my comment at
https://trac.torproject.org/projects/tor/ticket/5741#comment:21 here:
For people who use layered defenses: Please add iptables rules/AppArmor
rules/whatever rules that LOG violations so we can learn about them. We
are desperately in need of testers and auditors so this never happens in
production again. See also #3846 and consider signing up to test builds
in your hardened, auditing setups.
--
Mike Perry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20120503/b640ce89/attachment.pgp>
More information about the tor-talk
mailing list