[tor-talk] Javascript exploit
Georg Koppen
gk at torproject.org
Wed Nov 30 12:08:00 UTC 2016
Roger Dingledine:
> On Tue, Nov 29, 2016 at 09:55:23PM -0000, firstwatch at sigaint.org wrote:
>> This is an Javascript exploit
>
> Thanks. I pointed some folks on irc to this mail, and Daniel Veditz
> (Mozilla Security Team) said "the Firefox team was sent a copy of that
> this morning. We've found the bug being used and are working on a patch."
>
> So it sounds like the immediate next step is that Mozilla finishes their
> patch for it; then the step after that is a quick Tor Browser update. And
FWIW: We plan to release 6.0.7 with the patch Mozilla developed in a
couple of hours. Updates to the alpha and hardened series will we
provided as well thereafter.
Georg
> somewhere in there people will look at the bug and see whether they
> think it really does apply to Tor Browser.
>
> --Roger
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20161130/97f08b3f/attachment.sig>
More information about the tor-talk
mailing list