Except this issue was a Firefox issue, fixed in ESR 17.0.7 and which we had posted an advisory for six weeks ago today. So, yes, you're asking Tor to copy and paste Firefox advisories. The issue wasn't a Tor-specific issue except that the way it was being spread targeted the TBB. It was a Firefox security issue, fixed in the last release. The people affected are those who hadn't gotten current.
Al -- Al Billings http://makehacklearn.org On Tuesday, August 6, 2013 at 2:45 AM, Nadim Kobeissi wrote: > > Nadim you seem confused by how this works. Tor doesn't need to issue > > advisories for Firefox issues. We, at Mozilla, already issue them. Perhaps > > they can link to them clearly but if you want to know about security issues > > Mozilla fixes in Firefox, you're best served by reading Mozilla advisories. > > There's not much point in duplicating them on a second site. Tor would be > > better served by writing advisories for its own, unique, security fixes. > > > Tor doesn't need to issue advisories for Firefox issues. Tor needs to issue > advisories for Tor Browser issues, and not five weeks later when s**t hits > the fan. > I really don't think one can reasonably disagree with the above statement. > Tor Browser is a Firefox fork. > > > > > > > > > > > >
-- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
