Opened 7 years ago

Closed 6 years ago

#10515 closed enhancement (fixed)

Compile Firefox with buffer overflow protection

Reported by: bastik Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: tbb-security, needs-triage
Cc: tom@…, intrigeri Actual Points:
Parent ID: #10065 Points:
Reviewer: Sponsor:

Description

It appears like Firefox.exe is not compiled with buffer overflow protection enabled.

https://en.wikipedia.org/wiki/Buffer_overflow_protection

Browsers have holes, and this is better than relying on being fast enough when it comes to upgrades.

Child Tickets

Change History (7)

comment:1 Changed 7 years ago by gk

Parent ID: #10065

comment:2 Changed 7 years ago by mikeperry

Keywords: tbb-security added

comment:3 Changed 6 years ago by tom

Cc: tom@… added

comment:4 Changed 6 years ago by erinn

Keywords: needs-triage added

comment:5 Changed 6 years ago by erinn

Component: Tor bundles/installationTor Browser
Owner: changed from erinn to tbb-team

comment:6 Changed 6 years ago by intrigeri

Cc: intrigeri added

comment:7 Changed 6 years ago by mikeperry

Resolution: fixed
Status: newclosed

I believe we fixed this in 4.0-alpha-2.

Note: See TracTickets for help on using tickets.