Backport off-by-one fix in 1352073

As a defense in depth we should backport the off-by-one error fix in https://bugzilla.mozilla.org/show_bug.cgi?id=1352073.

added GeorgKoppen201804 TorBrowserTeam201804R component::applications/tor browser owner::tbb-team priority::medium resolution::fixed severity::normal status::closed type::enhancement labels

See bug_25973 (https://gitweb.torproject.org/user/gk/tor-browser.git/commit/?h=bug_25973&id=67a38d1ab3375e9d094160f966559296c6e25f7d) in my public repo for the backport.

Trac:
Keywords: TorBrowserTeam201804 deleted, TorBrowserTeam201804R added
Status: new to needs_review

r=brade, r=mcs

Thanks. Cherry-picked onto tor-browser-52.7.3esr-7.5-1 (6d4dc3e0fc543ac39393ab474409406ad9552b96) and tor-browser-52.7.3esr-8.0-1 (833b057519dcd6c62ac3f16cff93b17311c6a4c4).

Trac:
Status: needs_review to closed
Resolution: N/A to fixed

Trac:
Keywords: N/A deleted, tbb-backported added

Trac:
Keywords: tbb-backported deleted, N/A added

Don't you feel something is wrong with backporting only now what was fixed in Firefox 54?

Replying to cypherpunks:

Don't you feel something is wrong with backporting only now what was fixed in Firefox 54?

Not necessarily as a backport depends on a number of factors. In this particular case, though, yes, we could have tried harder to get the necessary info earlier to ship this defense-in-depth earlier to Tor Browser users.

Replying to gk:

Replying to cypherpunks:

Don't you feel something is wrong with backporting only now what was fixed in Firefox 54?

Not necessarily as a backport depends on a number of factors. In this particular case, though, yes, we could have tried harder to get the necessary info earlier to ship this defense-in-depth earlier to Tor Browser users. It is a good practice to analyze every release of upstream for possible backports as linux distros do. That would be the case for android version anyway.

closed

moved to tpo/applications/tor-browser#25973 (closed)