Unverified Commit 9e063f9d authored by Matthew Finkel's avatar Matthew Finkel
Browse files

Update FF78/87 audits

parent 2d8705e6
Summary of findings: https://gitlab.torproject.org/tpo/applications/fenix/-/issues/34177
`git diff 8da33f6c34c0ca5b1d7bca58ca86cb5e436333e8 bace0d2a46cabd36f5bdc738c000f15ae4a4225c`
`git diff 8da33f6c34c0ca5b1d7bca58ca86cb5e436333e8 4735a392536150f49518c48aa9510cf313603b92`
and then go over all the changes containing the
above mentioned potentially dangerous calls and features. Grep the diff for
the following strings and examine surrounding usage.
......
Start: fe9560804bef331ff346f3fd3b05e74122fdd30b # FIREFOX_86_0_BUILD2
End: 1be3d58406ce4dd8af63a169482ae4ca1709d8e5 # FIREFOX_87_0b9_BUILD1
End: 4068febfd76d9ec557591240d7496be42c27c17f # FIREFOX_87_0_BUILD3
`git diff fe9560804bef331ff346f3fd3b05e74122fdd30b 1be3d58406ce4dd8af63a169482ae4ca1709d8e5`
`git diff fe9560804bef331ff346f3fd3b05e74122fdd30b 4068febfd76d9ec557591240d7496be42c27c17f`
and then go over all the changes containing the
below mentioned potentially dangerous calls and features. Grep the diff for
the following strings and examine surrounding usage.
......@@ -120,7 +120,7 @@ End: 1ee6b32f3ee569036fdf1015cf7ffc01ded2860f # v71.0.0
============ Android Components Portion =============
Start: 095c0ef007ada4dab8561bef69e43bf6db1d3298 # v72.0.15
End: ecccbf2da2b0572a1d600cce447d47f2eae0de9a # v73.0.3
End: bea80bbaccc431994a534a087b223563826ac256 # v73.0.11
# FF87 (using `java_audit.sh`)
# Commit 6edfec5fe464e4b1d0eb82ed8825526036d861c8
......@@ -138,7 +138,7 @@ End: ecccbf2da2b0572a1d600cce447d47f2eae0de9a # v73.0.3
============ Fenix Portion =============
Start: db196d0e49eb0f69ab620856491deb8c4c7ccf57 # v86.1.0
End: 82c8a64ca0b8bd5e6ea88395cba41c0db68d0a36 # v87.0.0-beta.4
End: 9d91b8eeb9d287ee95937b5edfffde383982267a # v87.0.0-rc.1
# FF87: (using `java_audit.sh`)
# - c9b8f57f96e9188746391885a065428df62f3ff9
......
......@@ -53,6 +53,8 @@ initialize_java_symbols() {
KEYWORDS+=(AppLinksInterceptor)
KEYWORDS+=(AppLinksUseCases)
KEYWORDS+=(ActivityDelegate)
# Added in FF87 audit
KEYWORDS+=(AutofillService)
}
initialize_rust_symbols() {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment