Opened 3 years ago

Closed 3 years ago

#20442 closed task (fixed)

Backport fix for CVE-2016-5279: local path disclosure after drag and drop (bug 1249522)

Reported by: gk Owned by: tbb-team
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords: TorBrowserTeam201610R, GeorgKoppen201610
Cc: nicoo Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

The fix for CVE-2016-5279 got not backported to ESR45, probably as it did not seem critical enough to Mozilla. I think a fix might fit into Tor Browser pretty well, though (thanks to nicoo for pointing to this bug).

Child Tickets

Change History (5)

comment:1 Changed 3 years ago by gk

We want to have at least the following revisions backported:

https://hg.mozilla.org/mozilla-central/rev/d4e621e02edc
https://hg.mozilla.org/mozilla-central/rev/bb36d2769fe3

I guess it can't hurt fixing the intermittently failing related test as well with

https://hg.mozilla.org/releases/mozilla-beta/rev/7219e6b8ae72

comment:2 Changed 3 years ago by nicoo

Cc: nicoo added

comment:3 Changed 3 years ago by gk

Keywords: TorBrowserTeam201610R added; TorBrowserTeam201610 removed
Status: newneeds_review

bug_20442 (https://gitweb.torproject.org/user/gk/tor-browser.git/log/?h=bug_20442) in my public tor-browser repo has the backport up for review (three patches). I built it for all three platforms and tested the Linux variant.

comment:4 Changed 3 years ago by mcs

r=brade, r=mcs
Kathy and I did not test these patches, but they look okay.

comment:5 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Thanks, applied tor-browser-45.4.0esr-6.5-1 (commits 3bfc8bc8ea3a87010c2203f752af19b29bf4c0b2, dc9533fe8ec258aff8bf7c99c9d20586e6f58e5a and 0aa148499aaa1748036e9e89567c6e709dd16dbc).

Note: See TracTickets for help on using tickets.