Custom Query (173 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (1 - 100 of 173)

1 2
Ticket Summary Keywords Status Owner Type Priority
#1299 Tor should verify signatures before parsing tor-security, tor-crypto, tor-client, parse, safety, 035-removed-20180711 new defect Medium
#2340 protect users against freeze, replay and version-rollback attacks tbb-security assigned tbb-team defect Very High
#4280 build changes for TBB tbb-security, apparmor assigned tbb-team defect Medium
#7148 Even better parameter voting protocol needs-proposal, tor-dirauth security new defect High
#10498 Noscript. Path of trust. tbb-security, noscript reopened erinn defect Medium
#12089 BridgedDB can be forced to email arbitrary email addresses bridgedb-email, security, ex-sponsor-19 assigned defect High
#12418 TBBs with UBSan create lots of errors when running tbb-security, TorBrowserTeam201711 assigned tbb-team defect Medium
#12736 DLL hijacking vulnerability in TBB tbb-security, TorBrowserTeam201608 new tbb-team defect High
#13056 Some stack canaries are still missing on Tor Browser binaries tbb-security needs_information tbb-team defect Medium
#13065 counter downgrade / stale mirror attacks on RecommendedTBBVersions - sign / verify tbb versions file tbb-security, tbb-update new tbb-team defect Medium
#13155 I can use an extend cell to remotely determine whether two relays have a connection open needs-insight needs-design security maybe-wontfix new defect Medium
#13367 Rate limit gyroscope sampling frequency on FF mobile tbb-security, tbb-fingerprinting, tbb-mobile new tbb-team defect Medium
#13893 Torbrowser crashes on start when using MS EMET 5.x tbb-security, tbb-crash, tbb-usability-stoppoint-app, fuck-mingw-gcc, GeorgKoppen201609, TorBrowserTeam201610, ff52-esr reopened gk defect High
#13912 Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers) security registers aesni memwipe tor-relay new defect Medium
#14985 NoScript Clickjacking warning when clicking on embedded content tbb-security, noscript new tbb-team defect High
#15470 cannot edit the certificates in Tor browser, tbb-security, CNNIC reopened tbb-team defect Very High
#15514 Trim the NoScript whitelist tbb-security, noscript assigned tbb-team defect Medium
#15660 [feature suggestion] Need signal to totally switch to the new set of circuits security needs-design tor-client new defect Medium
#15687 Make Tor Browser work with AppLocker tbb-security, tbb-usability-stoppoint-app new tbb-team defect Medium
#15825 webgl.disable-extensions true about:config setting may allow DoS and breaks websites tbb-security, tbb-fingerprinting new tbb-team defect Medium
#16926 Multiple OS: Tor Browser leaks domains to system DNS management. tbb-security new tbb-team defect Very High
#17091 Support our own hotfix mechanism tbb-security new tbb-team defect Medium
#17505 UBSan is freezing Tor Browser tbb-security, tbb-crash needs_information tbb-team defect Medium
#17569 Add uBlock Origin to the Tor Browser new-addon, tbb-usability tbb-security, tbb-performance reopened tbb-team defect Medium
#17901 Tor would bind ControlPort to public ip address if it has no localhost interface tor-control misconfiguration security easy new defect High
#18037 Should the user be allowed to specify FQDNs for HS TARGETs? tor-hs, dns, maybe-bad-idea, security-risk, single-onion new defect Low
#18375 HTTPSEverywhere/NoScript becomes disabled and not shown in about:addons after some launches. tbb-security, noscript new tbb-team defect Medium
#19162 Make it even harder to become HSDir tor-hs tor-dirauth prop224 security needs-design accepted arma defect Medium
#20146 Firefox bug - (CVE-2016-5284) ESR-45/Tor Browser certificate pinning bypass for addons.mozilla.org and other built-in sites tbb-security, tls needs_review tbb-team defect Medium
#20322 SafeSEH support for mingw-w64 for Tor Browser on Windows tbb-security, TorBrowserTeam201711, GeorgKoppen201711, tbb-rbm new tbb-team defect Medium
#20326 Tor Browser forgets HTTPS sometimes tbb-security, https-everywhere new tbb-team defect Medium
#20744 add 'media.source.enabled' only where JS is enabled in security settings tbb-security-slider, tbb-usability-website new tbb-team defect Medium
#20955 Tor Browser memory hardening tbb-security new tbb-team defect Medium
#20957 Get DieHarder working with Tor Browser tbb-security needs_revision tbb-team defect Medium
#20971 Try building Tor Browser with SafeStack tbb-security new tbb-team defect Medium
#21004 "JavaScript is disabled by default on all non-HTTPS sites" option shouldn't block JS on hidden services tbb-security-slider, noscript new tbb-team defect Medium
#21009 sandboxed OSX browser hangs if printing is attempted tbb-security, tbb-sandboxing assigned mcs defect High
#21153 Changing the security level does not reload the page anymore tbb-security-slider, tbb-usability reopened tbb-team defect Medium
#21448 Identify what build flags we should be using for security, and use them tbb-security, tbb-rbm new tbb-team defect Medium
#21601 media.webaudio.enabled is not a thing anymore -- we should not govern it with our security slider tbb-torbutton, tbb-security-slider new tbb-team defect Medium
#21908 Tor Browser breaks response headers sometimes tbb-security new tbb-team defect Medium
#21983 Should we do more to discourage custom prefs and nonstandard addons? tbb-usability, tbb-security new tbb-team defect Medium
#22000 update OSX browser sandbox profile for e10s ff52-esr, tbb-security, tbb-sandboxing, tbb-e10s, TorBrowserTeam201707 new tbb-team defect Medium
#22584 More RWX memory pages for TBB on some Windows versions tbb-security assigned tom defect Medium
#22660 Guard against stack smashing attacks in tor with additional compiler options. tor-hardening, security, 029-backport, review-group-19, 032-unreached, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 032-unreached-backport, 033-unreached-backport needs_revision defect Medium
#22788 PDF.js overloads CPU when opening large PDFs on higher security slider levels tbb-security-slider new tbb-team defect Medium
#22917 Use --disable-auto-import on mingw builds of TBB and tor tbb-security new tbb-team defect Medium
#22947 Possible Security Issue (Information Disclosure) with Drupal on blog.torproject.org security needs_revision hiro defect Medium
#22971 The XPI signing mechanism needs to use different hash functions. tbb-security, ff60-esr new tbb-team defect High
#22974 NoScript (and Tor Browser) vulnerable to Mozilla Add-On Code Execution tbb-security, noscript new tbb-team defect Medium
#22981 Don't block audio/video on https sites under Medium Security tbb-usability, tbb-security-slider, ux-team new tbb-team defect Medium
#22982 Introduce a single "adjust security" toolbar button for security slider and noscript options tbb-usability, tbb-security-slider, ux-team new tbb-team defect Medium
#22985 Can we simplify and clarify click-to-play of audio/video? tbb-usability, tbb-security, ux-team new tbb-team defect Medium
#23061 crypto_rand_double() should produce all possible outputs on platforms with 32-bit int fast-fix, tor-relay, security-low, privcount, 029-backport, review-group-22, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 035-roadmap-subtask, 035-triaged-in-20180711, 040-unreached-20190109 assigned defect Medium
#23113 Manage DNS state better when "All nameservers have failed" dns, security-low, 032-unreached new defect Medium
#23323 sample_laplace_distribution should produce a valid result on 0.0 security-low, tor-relay, 029-backport, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport assigned defect Medium
#23414 rep_hist_format_hs_stats() should add noise, then round tor-relay, security-low, privcount, 029-backport, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport assigned defect Medium
#23415 sample_laplace_distribution() should take multiple random inputs tor-relay, security-low, privcount, 029-backport, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport assigned defect Medium
#23660 Handle exceptions in content sandboxing code for Tor Browser on Windows properly tbb-security new tbb-team defect Medium
#23664 Deal with UUID for content sandbox temp folder on Windows and Mac tbb-security, tbb-disk-leak new tbb-team defect High
#24455 messages out of order in the tor log due to stored logs security-low, 033-triage-20180320, 033-removed-20180320 new defect Medium
#24509 circuit_can_use_tap() should only allow TAP for v2 onion services prop224, tor-hs, security-low, easy, intro, 034-triage-20180328, security 035-removed assigned defect Medium
#24570 [Meta] Mitigations for DLL Injection tbb-security new tbb-team defect Medium
#25559 Miscellaneous security- and privacy-related prefs for Tor Browser tbb-security, ff60-esr new tbb-team defect Medium
#25568 hs: Lookup failure cache when introducing to an intro point security, tor-hs, 034-triage-20180328, 034-removed-20180328, 035-backport-maybe, 040-backport-maybe, 041-backport-maybe, 042-backport-maybe needs_review neel defect Medium
#25795 Decide which settings to hide in Tor Browser ux-team, tbb-security, tbb-fingerprinting new tbb-team defect Medium
#25803 Infinite restart loop when daemon crashes systemd, tor-relay, security-low new defect Medium
#26294 attacker can force intro point rotation by ddos tor-hs, tor-dos, network-team-roadmap-august, security merge_ready asn defect Medium
#26517 When I have security setting set to "Safest" and I open NoScrip's preferences and click reset, TorBrowser still says Security setting "Safest" even though many sites are now whitelisted ff60-esr, tbb-security-slider, noscript new tbb-team defect High
#26553 Sign our own extensions in Tor Browser ff60-esr, tbb-security, AffectsTails, TorBrowserTeam201904, GeorgKoppen201904 new tbb-team defect High
#27123 Investigate PING/SETTINGS-related timing side-channels tbb-security new tbb-team defect Medium
#27194 Reject protover extra commas in protover needs-consensus-method, rust, security-low, 029-backport, 035-backport, 040-backport, 041-backport, 032-unreached-backport, 035-deferred-20190115, 041-proposed, 033-unreached-backport needs_revision defect Medium
#27515 video placeholder didn't work in Tor browser 8.0 on highest security level tbb-8.0-issues, tbb-regression, tbb-security-slider, noscript needs_information tbb-team defect Medium
#27518 firefox tries to access system's snapd profile tbb-security, tbb-8.0-issues, tbb-regression new tbb-team defect Medium
#27607 Enabling SVG sets security slider back to "Safer" tbb-security-slider, tbb-8.0-issues, tbb-regression, tbb-8.0.1-can new tbb-team defect Medium
#29148 Backport the distrust of Symantec, GeoTrust, RapidSSL, Thawte, Verisign certificates tbb-security new tbb-team defect Medium
#29174 Onion service can do self-reachability tests to detect overwhelmed guards guard, hidden, service, security, 041-longterm new defect Medium
#29506 <noscript> tag doesn't work when JS is blocked by security slider at Safer tbb-security-slider, ux-team, noscript new tbb-team defect Medium
#29583 HSv3: Faulty cross-certs in introduction point keys (allows naive onionbalance for v3s) tor-hs, scaling, onionbalance, 040-backport, 035-backport, needs-proposal, network-team-roadmap-september, security, 041-longterm, 041-deferred-20190530 new defect High
#29607 2019 Q1: Denial of service on v2 and v3 onion service tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2, security, 041-longterm, 041-deferred-20190530, 042-deferred-20190918 needs_information pidgin defect Immediate
#29614 Use SHA-256 algorithm for Windows authenticode timestamping tbb-security, tbb-8.5, GeorgKoppen201907, TorBrowserTeam201907 new tbb-team defect Medium
#29917 Safest security level breaks reader view buttons tbb-security-slider new tbb-team defect Medium
#29927 Tor protocol errors causing silent dropped cells tor-hs, diagnostic, mystery, security new defect High
#31001 Undefined behavior in tor_vasprintf() hackerone, bug-bounty, security-low, unlikely-crash, 029-backport, 035-backport, 040-backport, 041-backport, dgoulet-merge, consider-backport-after-0421 merge_ready nickm defect Medium
#31022 Tor's windows "--service install" should warn if it installs on a global writeable path hackerone, bug-bounty, security, 042-should assigned ahf defect Medium
#31183 Situational symlink attacks on ControlPortWriteToFile etc. hackerone, bug-bounty, security, 041-backport?, 042-deferred-20190918 new defect Medium
#31297 How to enable sound on translate.google.com on Safer? noscript, tbb-usability-website, tbb-security-slider new tbb-team defect Medium
#31466 Consider demoting ".exit is disabled" log message to info bug-bounty, hackerone, tor-security?, 042-should 029-backport? 035-backport 040-backport 041-backport BugSmashFund dgoulet-merge merge_ready nickm defect Medium
#31507 Change the client default to AvoidDiskWrites 1 security-low new defect Medium
#31524 GETINFO bw-event-cache spike value(s) in it 042-should, security-low assigned teor defect Medium
#31569 Revert #4427 to be on par with Fennec ESR68 and avoid regressions ff68-esr, tbb-security, tbb-parity, tbb-mobile new tbb-team defect Medium
#31716 Harden obfs4proxy.exe shipped with Tor Browser tbb-rbm, tbb-security new tbb-team defect Medium
#31749 Security level popup should not open with middle or right click tbb-security-slider, tbb-9.0, TorBrowserTeam201910 assigned pospeselr defect Medium
#31752 Security Slider button stops working sometimes tbb-security-slider new tbb-team defect Medium
#31961 'Learn more' links on security settings are not working tbb-security-slider, TorBrowserTeam201910, tbb-9.0 assigned tbb-team defect High
#4152 Implement Bottom Up Randomization (Windows platform) tbb-security assigned tbb-team enhancement Medium
#5222 Intelligently use capabilities/privileges and drop what we don't need for Mac OS X security tor-client osx needs-insight needs-design assigned enhancement High
#6948 Shared memory for zygote mind meld tbb-security new tbb-team enhancement Medium
#7193 Tor's sybil protection doesn't consider IPv6 ipv6, intro, tor-dirauth security sybil new enhancement Medium
#11096 Randomize MAC address before start of Tor tbb-security assigned tbb-team enhancement Medium
1 2
Note: See TracQuery for help on using queries.