mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-11-14 01:32:11 +00:00
update tor uplift: 13 new cves
This commit is contained in:
parent
21af06925a
commit
509332550f
1 changed files with 1 additions and 1 deletions
|
@ -13,5 +13,5 @@ On <time datetime="2022-06-28">2022-06-28</time>, Firefox 102 ESR was released.
|
||||||
|
|
||||||
The first stable release of the Tor Browser based on 102 ESR hasn't yet shipped (it's close; [an alpha version is available](https://blog.torproject.org/new-alpha-release-tor-browser-120a2/)). Seven years into the Tor uplift, the Tor Project isn't able to keep up with the Firefox ESR release calendar. I don't think the Tor Uplift will succeed at getting the Tor Browser to track Firefox's stable channel; at best, it's keeping the Tor Browser from falling too far behind ESR.
|
The first stable release of the Tor Browser based on 102 ESR hasn't yet shipped (it's close; [an alpha version is available](https://blog.torproject.org/new-alpha-release-tor-browser-120a2/)). Seven years into the Tor uplift, the Tor Project isn't able to keep up with the Firefox ESR release calendar. I don't think the Tor Uplift will succeed at getting the Tor Browser to track Firefox's stable channel; at best, it's keeping the Tor Browser from falling too far behind ESR.
|
||||||
|
|
||||||
<ins>Update <time>2022-11-22</time>: Almost <time datetime="P148D">five months</time> since Firefox 102 became the latest ESR, over <time datetime="P63D">two months</time> since Firefox 91 ESR reached end-of-life, the latest stable Tor Browser release (11.5.7) is still based on Firefox 91 ESR. [Five CVEs fixes from v102 were backported](https://blog.torproject.org/new-release-tor-browser-1154/). It's reasonable to assume that v91 has issues of its own that won't be addressed. Until the v102-based 12.x hits stable: if you don't use "safest", you might want to re-consider that with this information in mind.</ins>
|
<ins>Update <time>2022-11-24</time>: <time datetime="P150D">five months</time> since Firefox 102 became the latest ESR, over <time datetime="P65D">two months</time> since Firefox 91 ESR reached end-of-life, the latest stable Tor Browser desktop release (11.5.8) is still based on Firefox 91 ESR. [Five CVEs fixes from v102 were backported](https://blog.torproject.org/new-release-tor-browser-1154/) a while ago, and [another 13 were backported this week](http://www.timpi.com/); the situation is worse on Android. It's reasonable to assume that v91 has issues of its own that won't be addressed. Until the v102-based 12.x hits stable: if you don't use "safest", you might want to re-consider that with this information in mind.</ins>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue