> I would > like to know if Tor Browser 5.5.1 is vulnerable. Thanks Looks like it is:
https://gitweb.torproject.org/builders/tor-browser-bundle.git/commit/?id=7a36dbece35a307675f396a019dccf6e431efb44 That build corresponds to a branch which includes the commit that supposedly fixed bug 1246093, and this commit was only pushed less than 48 hours ago. NOTE: Torbutton's security slider at level "High" says "Some font rendering features are disabled" and "[...] The Graphite font rendering mechanism is disabled." It would be good to know if this prevents the vulnerability. > [1]: https://www.mozilla.org/en-US/security/advisories/mfsa2016-14/ > [2]: > http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html > [3]: > https://blog.torproject.org/blog/tor-browser-551-released#comment-155968 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk