4/14/2024 0 Comments Tor 12.5.5 free instal![]() ![]() Backport ESR 102.5 security fixes to 91.13-based Tor Browser Letterboxing bypass through secondary tab (popup/popunder.) Consider adding about:tor and others to the list of pages that do not need letterboxing Letterboxing is enabled in priviledged contexts too Update obfs4proxy to 0.0.14 in Tor Browser SameSite=Strict cookies could have been sent cross-site via intent URLs Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 Iframe contents could be rendered outside the iframe Symlinks may resolve to partially uninitialized buffers Cross-Site Tracing was possible via non-standard override headers ServiceWorker-intercepted requests bypassed SameSite cookie policy Fullscreen notification bypass via windowName Use-after-free in InputStream implementation Service Workers might have learned size of cross-origin media files ![]() In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |