Opened 6 years ago

Closed 6 years ago

Last modified 13 days ago

#3906 closed defect (fixed)

TBB for Linux ships exploitable libpng

Reported by: rransom Owned by: erinn
Priority: Immediate Milestone: TorBrowserBundle 2.2.x-stable
Component: Applications/Tor bundles/installation Version:
Severity: Normal Keywords:
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We currently ship libpng 1.4.3 in TBB for Linux, which contains several disclosed security holes: https://lwn.net/Articles/456716/

Child Tickets

Change History (4)

comment:1 Changed 6 years ago by mikeperry

Component: Tor BrowserTor bundles/installation
Milestone: TorBrowserBundle 2.2.x-stable

comment:2 Changed 6 years ago by mikeperry

Owner: changed from helix to erinn
Status: newassigned

comment:3 Changed 6 years ago by erinn

Resolution: fixed
Status: assignedclosed

Fixed in 2.2.32-3. Closing.

comment:4 Changed 13 days ago by teor

Severity: Normal

Set all tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.