Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #20442
Closed (moved) (moved)
Open
Created Oct 24, 2016 by Georg Koppen@gk

Backport fix for CVE-2016-5279: local path disclosure after drag and drop (bug 1249522)

The fix for CVE-2016-5279 got not backported to ESR45, probably as it did not seem critical enough to Mozilla. I think a fix might fit into Tor Browser pretty well, though (thanks to nicoo for pointing to this bug).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking