#22974: NoScript (and Tor Browser) vulnerable to Mozilla Add-On Code Execution --------------------------------------+-------------------------- Reporter: tom | Owner: tbb-team Type: defect | Status: new Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------------------+--------------------------
Comment (by cypherpunks): Replying to [comment:2 gk]: > That's the plan. We'll start with HTTPS-Everywhere (hopefully soon, #10394 is the ticket for that) and do the same with NoScript afterwards. I'm all for that, but how will you deal with HTTPS-Everywhere ruleset updates? In many cases, some sites may break with HTTPS-E and have subsequent ruleset updates that fix them. With one HTTPS-E update corresponding to a TB release, it would mean that for quiet some time (~2 months) some sites may be broken with TB. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22974#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs