Opened 11 months ago
Closed 3 months ago
#29049 closed enhancement (fixed)
Backport JS Poison Patch
Reported by: | tom | Owned by: | tbb-team |
---|---|---|---|
Priority: | Medium | Milestone: | |
Component: | Applications/Tor Browser | Version: | |
Severity: | Normal | Keywords: | tbb-security, TorBrowserTeam201903, GeorgKoppen201903, ff68-esr-will-have |
Cc: | Actual Points: | ||
Parent ID: | #28707 | Points: | |
Reviewer: | Sponsor: | Sponsor44-can |
Description
https://bugzilla.mozilla.org/show_bug.cgi?id=981991
This will make reading a freed object crash instead of succeeding.
Child Tickets
Change History (11)
comment:1 Changed 11 months ago by
Component: | - Select a component → Applications/Tor Browser |
---|---|
Owner: | set to tbb-team |
comment:2 Changed 11 months ago by
Keywords: | TorBrowserTeam201901 tbb-security added |
---|---|
Type: | defect → enhancement |
comment:3 Changed 10 months ago by
Keywords: | TorBrowserTeam201902 added; TorBrowserTeam201901 removed |
---|
comment:4 Changed 10 months ago by
Keywords: | GeorgKoppen201902 added |
---|
comment:5 Changed 9 months ago by
Keywords: | TorBrowserTeam201903 added; TorBrowserTeam201902 removed |
---|
Moving my tickets to March.
comment:6 Changed 9 months ago by
Keywords: | GeorgKoppen201903 added; GeorgKoppen201902 removed |
---|
Now for my keyword.
comment:8 Changed 9 months ago by
It seems we want to have at least https://bugzilla.mozilla.org/show_bug.cgi?id=1415852 as well for AlwaysPoison()
. This gets slightly more complicated than I had hoped. Thus, I am not sure whether we should actually backport that ourselves. I guess really cool would be an esr60 patch Mozilla folks working on those bugs do like.
comment:9 Changed 7 months ago by
Keywords: | ff68-esr-will-have added; tbb-8.5 removed |
---|
Whatever we do in the meantime we'll get this with ff68-esr
comment:11 Changed 3 months ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
9.0a6, which is about to get built, is based on ESR 68, so closing.
Moving tickets to February.