Custom Query (177 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (101 - 177 of 177)

1 2
Ticket Summary Keywords Status Owner Type Priority
#29148 Backport the distrust of Symantec, GeoTrust, RapidSSL, Thawte, Verisign certificates tbb-security new tbb-team defect Medium
#29506 <noscript> tag doesn't work when JS is blocked by security slider at Safer tbb-security-slider, ux-team, noscript new tbb-team defect Medium
#29790 Add build option to store profile in HOME directory tbb-security needs_information tbb-team task Medium
#29803 Trust Tor Project domain in NoScript when TorButton security level is changed noscript, tbb-security-slider new tbb-team enhancement Medium
#29917 Safest security level breaks reader view buttons tbb-security-slider new tbb-team defect Medium
#31297 How to enable sound on translate.google.com on Safer? noscript, tbb-usability-website, tbb-security-slider new tbb-team defect Medium
#31440 consider using Hardened Malloc for better security in TBB tbb-security new tbb-team enhancement Medium
#31569 Revert #4427 to be on par with Fennec ESR68 and avoid regressions ff68-esr, tbb-security, tbb-parity, tbb-mobile new tbb-team defect Medium
#31716 Harden obfs4proxy.exe shipped with Tor Browser tbb-rbm, tbb-security, gitlab-tb-tor-browser-build new tbb-team defect Medium
#31905 Sign dmg images (not just their contents) tbb-security, tbb-sign, TorBrowserTeamTriaged new tbb-team enhancement Medium
#32379 Use RLBox for sandboxing third-party libraries tbb-security, GeorgKoppen202006 new tbb-team project Medium
#32425 SVG icons are blocked in the video player in Safest security setting tbb-security-slider new tbb-team defect Medium
#32469 Keep an eye on potential omni.ja signing tbb-security, ff78-esr, TorBrowserTeamTriaged new tbb-team defect Medium
#32504 Harden our macOS builds tbb-security, tbb-sign, GeorgKoppen201911 new tbb-team defect Medium
#32506 Move to different entitlements files for parent and child processes tbb-security, tbb-sign, GeorgKoppen201911 new tbb-team defect Medium
#32507 Move closer to the way Mozilla is signing macOS bundles tbb-security, tbb-sign, GeorgKoppen201911 new tbb-team defect Medium
#32523 Consider building tor-browser-build containers with Bitcoin Core's Guix-based system tbb-rbm, tbb-security, TorBrowserTeamTriaged, gitlab-tb-tor-browser-build new tbb-team enhancement Medium
#32896 Keep track of security updates to parts of Tor Browser tbb-security new tbb-team enhancement Medium
#32898 Get rid of binary blobs in source code/toolchains we use/build for building Tor Browser tbb-rbm, tbb-security, gitlab-tb-tor-browser-build new tbb-team task Medium
#33390 Consider Open in Browser addon new-addon, tbb-usability, tbb-security, TorBrowserTeamTriaged, ux-team new tbb-team enhancement Medium
#33410 Use RLBox for sandboxing Graphite on macOS tbb-security, GeorgKoppen202006, TorBrowserTeam202006 needs_revision tbb-team task Medium
#34398 Harden our code signing on macOS for ESR 78 tbb-security, tbb-sign, GeorgKoppen201911, ff78-esr, gitlab-tb-tor-browser-build new tbb-team task Medium
#22584 More RWX memory pages for TBB on some Windows versions tbb-security assigned tom defect Medium
#5221 Intelligently use capabilities/privileges and drop what we don't need for Windows security tor-client windows needs-insight needs-design new project High
#7148 Even better parameter voting protocol needs-proposal, tor-dirauth security new defect High
#7193 Tor's sybil protection doesn't consider IPv6 ipv6, intro, tor-dirauth, security, sybil, network-health, outreachy-ipv6, network-team-roadmap-2020Q1, 044-must needs_revision enhancement Medium
#17901 Tor would bind ControlPort to public ip address if it has no localhost interface tor-control misconfiguration security easy new defect High
#18645 Replace our http parser with something machine-generated tor-dos security tor-relay tor-client technical-debt parsing new task Medium
#5222 Intelligently use capabilities/privileges and drop what we don't need for Mac OS X security tor-client osx needs-insight needs-design new enhancement High
#11397 Keep using too-dirty circuits if no new circuit can be built? tor-client needs-design security-relevant circuit-usage not-sure-if-good-idea new enhancement Medium
#11458 A newer signing cert should innoculate us against older ones? needs-proposal tor-client tor-dirauth security certificates new enhancement Medium
#12089 BridgedDB can be forced to email arbitrary email addresses bridgedb-email, security, ex-sponsor-19 new defect High
#12500 Add an option to upload hidden service descriptors some time after startup tor-hs, easy, traffic-analysis, security, reviewer-was-teor-20190422 new enhancement Medium
#13155 I can use an extend cell to remotely determine whether two relays have a connection open needs-insight needs-design security maybe-wontfix new defect Medium
#13444 "GhostNode" - support relays that cannot accept incoming connections. anomity, circuit, torrc, security, needs-proposal research-program new project High
#13697 Carry entropy across invocations tor-relay rng security new enhancement Medium
#13753 Validate is_canonical more thoroughly tor-relay, security, tor-sponsorS-orphan new enhancement High
#13912 Key Security: Zeroing Buffers Is Insufficient (AES-NI leaves keys in SSE registers) security registers aesni memwipe tor-relay new defect Medium
#15660 [feature suggestion] Need signal to totally switch to the new set of circuits security needs-design tor-client new defect Medium
#16894 Check all logging output is appropriately escaped / escaped_safe_str_client security, logging, lorax, intro new task Medium
#17579 Split tor-gencert into "make cert" and "sign" portions tor-relay key-management cli security new enhancement Medium
#18037 Should the user be allowed to specify FQDNs for HS TARGETs? tor-hs, dns, maybe-bad-idea, security-risk, single-onion new defect Low
#18346 Separate the various roles that directory authorities play, from a configuration POV prop257, dirauth, tor-dos, security, needs-design new enhancement High
#18643 Replace the most error-prone binary parsers with trunnel tor-dos security tor-relay tor-client technical-debt parsing trunnel new enhancement Medium
#18644 Replace our routerparse.c core with something machine-generated tor-dos security tor-relay tor-client technical-debt parsing new task Medium
#19983 Is openssl 1.1.0's "secure heap" feature useful for us? tls openssl hardening security tor-relay tor-client new enhancement Medium
#20055 Remove relays that fail to rotate onion keys from the consensus tor-spec, tor-dirauth, security, key-rotation, network-health new enhancement Medium
#21478 Extend HTTP fuzzer so it fuzzes the POST handler functions fuzz tor-relay security new enhancement High
#22660 Guard against stack smashing attacks in tor with additional compiler options. tor-hardening, security, review-group-19, 032-unreached, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 032-unreached-backport, 033-unreached-backport needs_revision defect Medium
#22963 Make relay integrity digests harder to guess by padding cells with random bytes security, 034-triage-20180328, 034-removed-20180328 new enhancement Medium
#23061 crypto_rand_double() should produce all possible outputs on platforms with 32-bit int fast-fix, tor-relay, security-low, privcount, review-group-22, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport, 035-roadmap-subtask, 035-triaged-in-20180711, 040-unreached-20190109 new defect Medium
#23113 Manage DNS state better when "All nameservers have failed" dns, security-low, 032-unreached new defect Medium
#23323 sample_laplace_distribution should produce a valid result on 0.0 security-low, tor-relay, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport new defect Medium
#23357 Build with non-Cross-DSO CFI security, defence-in-depth, 033-triage-20180320, 033-removed-20180320 needs_revision enhancement Medium
#23414 rep_hist_format_hs_stats() should add noise, then round tor-relay, security-low, privcount, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport new defect Medium
#23415 sample_laplace_distribution() should take multiple random inputs tor-relay, security-low, privcount, 026-backport-maybe, 034-triage-20180328, 034-removed-20180328, 031-unreached-backport new defect Medium
#24455 messages out of order in the tor log due to stored logs security-low, 033-triage-20180320, 033-removed-20180320 new defect Medium
#24509 circuit_can_use_tap() should only allow TAP for v2 onion services prop224, tor-hs, security-low, easy, intro, 034-triage-20180328, security 035-removed new defect Medium
#25803 Infinite restart loop when daemon crashes systemd, tor-relay, security-low new defect Medium
#26685 Add ed25519 id support for the hard-coded fallback and authority lists fallback, tor-ed25519, tor-security new enhancement Medium
#26686 Add ed25519 ids to the fallback whitelist fallback, tor-ed25519, tor-security new enhancement Medium
#26687 Output ed25519 IDs in the authority and fallback lists fallback, tor-ed25519, tor-security new enhancement Medium
#26688 Parse ed25519 IDs in the authority and fallback lists fallback, tor-ed25519, tor-security new enhancement Medium
#27194 Reject protover extra commas in protover extra-review, rust, security-low, consider-backport-if-needed, 035-backport, 041-backport, 042-backport, 043-backport, 032-unreached-backport, 035-deferred-20190115, 041-proposed, 033-unreached-backport, 040-unreached-backport, 044-must needs_review defect Medium
#27326 Replace packed_cell_t and supporting code with stuff generated by trunnel trunnel wireformat heartbleed-safety security parsing new enhancement Medium
#27327 Parse and generate CREATE, CREATE_FAST and CREATED cell wire format with trunnel trunnel wireformat heartbleed-safety security parsing new enhancement Medium
#27328 Rework EXTEND and EXTENDED cells with trunnel trunnel wireformat heartbleed-safety security parsing new enhancement Medium
#27329 Rework RELAY cell wire format handling with trunnel trunnel wireformat heartbleed-safety security parsing new enhancement Medium
#27921 apparent DOS / impairment-of-service against FallbackDirs using DIR requests, please evaluate for possible mitigation tor-dos, 040-roadmap-proposed, postfreeze-ok, security, 040-deferred-20190220 new enhancement Medium
#29174 Onion service can do self-reachability tests to detect overwhelmed guards guard, hidden, service, security, 041-longterm new defect Medium
#29583 HSv3: Faulty cross-certs in introduction point keys (allows naive onionbalance for v3s) tor-hs, scaling, onionbalance, 040-backport, 035-backport, needs-proposal, security, 041-longterm, 041-deferred-20190530 new defect High
#29927 Tor protocol errors causing silent dropped cells tor-hs, diagnostic, mystery, security new defect High
#31183 Situational symlink attacks on ControlPortWriteToFile etc. hackerone, bug-bounty, security, 041-backport?, 042-deferred-20190918 new defect Medium
#31507 Change the client default to AvoidDiskWrites 1, or otherwise make disk writes less frequent. security-low, 043-deferred new defect Medium
#33237 Prop 312: 3.2.2. Stop Directory Authorities Resolving *Port Hostnames prop312, tor-dirauth, security-low new defect Medium
#33239 Prop 312: 3.2.3 Limit Directory Authority Addresses to Address and ORPort prop312, tor-dirauth, security-low, 044-deferred assigned enhancement Medium
#33889 Functions with char* arguments are dangerous when used with casting security, memory-safety, 044-can new defect Medium
1 2
Note: See TracQuery for help on using queries.