On 08/07/2015 02:33 PM, Jacob Appelbaum wrote:> By the exploit, as I understood things? I could be mistaken and > probably am mistaken. I've heard that the vulnerable code is in FF31 - > I haven't looked myself yet.
https://access.redhat.com/articles/1563163 Considering "all Red Hat products that use the Mozilla Firefox browser are affected by this issue", all the way to red hat 5, it might be possible that FF31 be vulnerable to the exploit. Looks like CVE-2015-4495 can be mitigted by disabling PDF.js so it's probably a good idea to go ahead and do that: PDF.js can be disabled as follows: 1. Type about:config in the Firefox address bar 2. Search for the pdfjs.disabled entry 3. Set the pdfjs.disabled entry to True _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
