Custom Query (177 matches)
Results (1 - 100 of 177)
| Ticket | Summary | Keywords | Status | Owner | Type | Priority |
|---|---|---|---|---|---|---|
| #18037 | Should the user be allowed to specify FQDNs for HS TARGETs? | tor-hs, dns, maybe-bad-idea, security-risk, single-onion | new | defect | Low | |
| #5791 | Gather apparmor/selinux/seatbelt profiles for each component of TBB | tbb-security, apparmor | new | project | Medium | |
| #6948 | Shared memory for zygote mind meld | tbb-security, tbb-sandboxing | new | enhancement | Medium | |
| #7193 | Tor's sybil protection doesn't consider IPv6 | ipv6, intro, tor-dirauth, security, sybil, network-health, outreachy-ipv6, network-team-roadmap-2020Q1, 044-must | needs_revision | enhancement | Medium | |
| #7501 | Audit PDF.js | tbb-security | new | task | Medium | |
| #10394 | Torbrowser's updater updates HTTPS-everywhere | tbb-security, https-everywhere, TorBrowserTeam202006R | needs_review | task | Medium | |
| #10397 | Torbrowser's updater integrates additional protections from Thandy's threat model | tbb-security, tbb-update | new | project | Medium | |
| #10498 | Get only the NoScript we want to our users | tbb-security, noscript | new | defect | Medium | |
| #11397 | Keep using too-dirty circuits if no new circuit can be built? | tor-client needs-design security-relevant circuit-usage not-sure-if-good-idea | new | enhancement | Medium | |
| #11458 | A newer signing cert should innoculate us against older ones? | needs-proposal tor-client tor-dirauth security certificates | new | enhancement | Medium | |
| #12418 | TBBs with UBSan create lots of errors when running | tbb-security, TorBrowserTeam201711 | assigned | defect | Medium | |
| #12420 | Investigate deploying STACK to check for optimization-unstable code | tbb-security, TorBrowserTeam201711, GeorgKoppen201711 | new | task | Medium | |
| #12425 | Investigate setjmp/longjmp-based exception handling for Tor Browser on Windows | tbb-security | new | task | Medium | |
| #12429 | Enable Assertions in Tor Browser release builds | tbb-security, tbb-firefox-patch | new | enhancement | Medium | |
| #12500 | Add an option to upload hidden service descriptors some time after startup | tor-hs, easy, traffic-analysis, security, reviewer-was-teor-20190422 | new | enhancement | Medium | |
| #12820 | Test+Recommend Tor Browser with MS EMET (Enhanced Mitigation Experience Toolkit) | tbb-security, tbb-isec-report, GeorgKoppen201610, TorBrowserTeam201610, ff52-esr | assigned | project | Medium | |
| #12950 | Backport Windows ASLR forcing patch | tbb-security | new | task | Medium | |
| #13033 | Apply mixed content blocking patch? | tbb-security | new | task | Medium | |
| #13056 | Some stack canaries are still missing on Tor Browser binaries | tbb-security | new | defect | Medium | |
| #13065 | counter downgrade / stale mirror attacks on RecommendedTBBVersions - sign / verify tbb versions file | tbb-security, tbb-update | new | defect | Medium | |
| #13155 | I can use an extend cell to remotely determine whether two relays have a connection open | needs-insight needs-design security maybe-wontfix | new | defect | Medium | |
| #13367 | Rate limit gyroscope sampling frequency on FF mobile | tbb-security, tbb-fingerprinting, tbb-mobile | new | defect | Medium | |
| #13697 | Carry entropy across invocations | tor-relay rng security | new | enhancement | Medium | |
| #13703 | Adding doc/HARDENING | hardening, security, opsec, docs, lorax, tor-relay, tor-doc | accepted | enhancement | Medium | |
| #13730 | Make use of MAR files with more than one signature | tbb-security, tbb-update | new | enhancement | Medium | |
| #13912 | Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers) | security registers aesni memwipe tor-relay | new | defect | Medium | |
| #15514 | Trim the NoScript whitelist | tbb-security, noscript | assigned | defect | Medium | |
| #15660 | [feature suggestion] Need signal to totally switch to the new set of circuits | security needs-design tor-client | new | defect | Medium | |
| #15687 | Make Tor Browser work with AppLocker | tbb-security, tbb-usability-stoppoint-app | new | defect | Medium | |
| #15729 | Proposal: Hidden Service Revocation | tor-hs, tor-spec stalled security revocation | new | enhancement | Medium | |
| #15825 | webgl.disable-extensions true about:config setting may allow DoS and breaks websites | tbb-security, tbb-fingerprinting | new | defect | Medium | |
| #16894 | Check all logging output is appropriately escaped / escaped_safe_str_client | security, logging, lorax, intro | new | task | Medium | |
| #17091 | Support our own hotfix mechanism | tbb-security | new | defect | Medium | |
| #17216 | Make Tor Browser's updater work over Hidden Services | tor-hs, tbb-security, TorBrowserTeam201901, tbb-update | new | enhancement | Medium | |
| #17505 | UBSan is freezing Tor Browser | tbb-security, tbb-crash | needs_information | defect | Medium | |
| #17521 | Support capsicum(4) on FreeBSD | tor-relay, security, sandboxing, BSD, capsicum, 034-triage-20180328, 034-removed-20180328 | assigned | enhancement | Medium | |
| #17569 | Add uBlock Origin to the Tor Browser | new-addon, tbb-usability tbb-security, tbb-performance | reopened | defect | Medium | |
| #17579 | Split tor-gencert into "make cert" and "sign" portions | tor-relay key-management cli security | new | enhancement | Medium | |
| #18288 | Sign Tor Browser binaries on Windows (not just the setup executable) | tbb-security, tbb-usability | new | enhancement | Medium | |
| #18375 | HTTPSEverywhere/NoScript becomes disabled and not shown in about:addons after some launches. | tbb-security, noscript | new | defect | Medium | |
| #18497 | Check that MAR signing is done properly on the files available in the update responses | tbb-update, tbb-security | assigned | enhancement | Medium | |
| #18643 | Replace the most error-prone binary parsers with trunnel | tor-dos security tor-relay tor-client technical-debt parsing trunnel | new | enhancement | Medium | |
| #18644 | Replace our routerparse.c core with something machine-generated | tor-dos security tor-relay tor-client technical-debt parsing | new | task | Medium | |
| #18645 | Replace our http parser with something machine-generated | tor-dos security tor-relay tor-client technical-debt parsing | new | task | Medium | |
| #19162 | Make it even harder to become HSDir | tor-hs tor-dirauth prop224 security needs-design | accepted | defect | Medium | |
| #19280 | Replace or fork NoScript in the Tor Browser | tbb-security, noscript | reopened | project | Medium | |
| #19983 | Is openssl 1.1.0's "secure heap" feature useful for us? | tls openssl hardening security tor-relay tor-client | new | enhancement | Medium | |
| #20055 | Remove relays that fail to rotate onion keys from the consensus | tor-spec, tor-dirauth, security, key-rotation, network-health | new | enhancement | Medium | |
| #20146 | Firefox bug - (CVE-2016-5284) ESR-45/Tor Browser certificate pinning bypass for addons.mozilla.org and other built-in sites | tbb-security, tls | needs_review | defect | Medium | |
| #20212 | Tor can be forced to open too many circuits by embedding .onion resources | guard-discovery, TorBrowserTeam201803, 034-roadmap-proposed, security, tor-hs, 042-deferred-20190918 network-team-roadmap-2020Q1 | new | enhancement | Medium | |
| #20322 | SafeSEH support for mingw-w64 for Tor Browser on Windows | tbb-security, TorBrowserTeam201711, GeorgKoppen201711, tbb-rbm, gitlab-tb-tor-browser-build | new | defect | Medium | |
| #20326 | Tor Browser forgets HTTPS sometimes | tbb-security, https-everywhere | new | defect | Medium | |
| #20361 | Investigate CFI means for usage in Tor Browser | tbb-security, tbb-rbm, gitlab-tb-tor-browser-build | new | task | Medium | |
| #20744 | add 'media.source.enabled' only where JS is enabled in security settings | tbb-security-slider, tbb-usability-website | new | defect | Medium | |
| #20955 | Tor Browser memory hardening | tbb-security | new | defect | Medium | |
| #20957 | Get DieHarder working with Tor Browser | tbb-security | needs_revision | defect | Medium | |
| #20971 | Try building Tor Browser with SafeStack | tbb-security | new | defect | Medium | |
| #21030 | Test integration of PartitionAlloc/HardenedPartitionAlloc in Tor Browser | tbb-security | new | task | Medium | |
| #21153 | Changing the security level does not reload the page anymore | tbb-security-slider, tbb-usability | reopened | defect | Medium | |
| #21448 | Identify what build flags we should be using for security, and use them | tbb-security, tbb-rbm, gitlab-tb-tor-browser-build | new | defect | Medium | |
| #21601 | media.webaudio.enabled is not a thing anymore -- we should not govern it with our security slider | tbb-torbutton, tbb-security-slider, gitlab-tb-torbutton | new | defect | Medium | |
| #21908 | Tor Browser breaks response headers sometimes | tbb-security | new | defect | Medium | |
| #21983 | Should we do more to discourage custom prefs and nonstandard addons? | tbb-usability, tbb-security | new | defect | Medium | |
| #22000 | update OSX browser sandbox profile for e10s | ff52-esr, tbb-security, tbb-sandboxing, tbb-e10s, TorBrowserTeam201707 | new | defect | Medium | |
| #22315 | Make use of interceptor to protect memory on Windows (spin-off from #12426) | tbb-security | new | enhancement | Medium | |
| #22584 | More RWX memory pages for TBB on some Windows versions | tbb-security | assigned | defect | Medium | |
| #22660 | Guard against stack smashing attacks in tor with additional compiler options. | tor-hardening, security, review-group-19, 032-unreached, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 032-unreached-backport, 033-unreached-backport | needs_revision | defect | Medium | |
| #22788 | PDF.js overloads CPU when opening large PDFs on higher security slider levels | tbb-security-slider | new | defect | Medium | |
| #22917 | Use --disable-auto-import on mingw builds of TBB and tor | tbb-security | new | defect | Medium | |
| #22947 | Possible Security Issue (Information Disclosure) with Drupal on blog.torproject.org | security | needs_revision | defect | Medium | |
| #22963 | Make relay integrity digests harder to guess by padding cells with random bytes | security, 034-triage-20180328, 034-removed-20180328 | new | enhancement | Medium | |
| #22974 | NoScript (and Tor Browser) vulnerable to Mozilla Add-On Code Execution | tbb-security, noscript | new | defect | Medium | |
| #22981 | Don't block audio/video on https sites under Medium Security | tbb-usability, tbb-security-slider, ux-team | new | defect | Medium | |
| #22982 | Introduce a single "adjust security" toolbar button for security slider and noscript options | tbb-usability, tbb-security-slider, ux-team | new | defect | Medium | |
| #22985 | Can we simplify and clarify click-to-play of audio/video? | tbb-usability, tbb-security, ux-team | new | defect | Medium | |
| #23061 | crypto_rand_double() should produce all possible outputs on platforms with 32-bit int | fast-fix, tor-relay, security-low, privcount, review-group-22, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 035-roadmap-subtask, 035-triaged-in-20180711, 040-unreached-20190109 | new | defect | Medium | |
| #23113 | Manage DNS state better when "All nameservers have failed" | dns, security-low, 032-unreached | new | defect | Medium | |
| #23238 | Using Application Verifier Within Your Software Development Lifecycle | tbb-security | assigned | task | Medium | |
| #23323 | sample_laplace_distribution should produce a valid result on 0.0 | security-low, tor-relay, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport | new | defect | Medium | |
| #23357 | Build with non-Cross-DSO CFI | security, defence-in-depth, 033-triage-20180320, 033-removed-20180320 | needs_revision | enhancement | Medium | |
| #23362 | consider performing network operations in a dedicated process | tbb-security, tbb-sandboxing, ff78-esr | new | enhancement | Medium | |
| #23414 | rep_hist_format_hs_stats() should add noise, then round | tor-relay, security-low, privcount, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport | new | defect | Medium | |
| #23415 | sample_laplace_distribution() should take multiple random inputs | tor-relay, security-low, privcount, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport | new | defect | Medium | |
| #23658 | Improve content sandboxing Tor Browser users on Windows | tbb-security | new | project | Medium | |
| #23660 | Handle exceptions in content sandboxing code for Tor Browser on Windows properly | tbb-security | new | defect | Medium | |
| #24455 | messages out of order in the tor log due to stored logs | security-low, 033-triage-20180320, 033-removed-20180320 | new | defect | Medium | |
| #24509 | circuit_can_use_tap() should only allow TAP for v2 onion services | prop224, tor-hs, security-low, easy, intro, 034-triage-20180328, security 035-removed | new | defect | Medium | |
| #24570 | [Meta] Mitigations for DLL Injection | tbb-security | new | defect | Medium | |
| #25559 | Miscellaneous security- and privacy-related prefs for Tor Browser | tbb-security, ff60-esr | new | defect | Medium | |
| #25795 | Decide which settings to hide in Tor Browser | ux-team, tbb-security, tbb-fingerprinting | new | defect | Medium | |
| #25803 | Infinite restart loop when daemon crashes | systemd, tor-relay, security-low | new | defect | Medium | |
| #26685 | Add ed25519 id support for the hard-coded fallback and authority lists | fallback, tor-ed25519, tor-security | new | enhancement | Medium | |
| #26686 | Add ed25519 ids to the fallback whitelist | fallback, tor-ed25519, tor-security | new | enhancement | Medium | |
| #26687 | Output ed25519 IDs in the authority and fallback lists | fallback, tor-ed25519, tor-security | new | enhancement | Medium | |
| #26688 | Parse ed25519 IDs in the authority and fallback lists | fallback, tor-ed25519, tor-security | new | enhancement | Medium | |
| #27123 | Investigate PING/SETTINGS-related timing side-channels | tbb-security | new | defect | Medium | |
| #27143 | Look for parts of code that relies on non-trunnel code for binary wire format handling | trunnel wireformat heartbleed-safety security parsing | accepted | task | Medium | |
| #27194 | Reject protover extra commas in protover | extra-review, rust, security-low, consider-backport-if-needed, 035-backport, 041-backport, 042-backport, 043-backport, 032-unreached-backport, 035-deferred-20190115, 041-proposed, 033-unreached-backport, 040-unreached-backport, 044-must | needs_review | defect | Medium | |
| #27324 | Rework AUTHENTICATE cell parsing and remaining generation with trunnel | trunnel wireformat heartbleed-safety security parsing | accepted | enhancement | Medium | |
| #27326 | Replace packed_cell_t and supporting code with stuff generated by trunnel | trunnel wireformat heartbleed-safety security parsing | new | enhancement | Medium |
Note: See TracQuery
for help on using queries.
