Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.
Breaking News

Log In

Log In

Create Account  |  Retrieve Password

Gift a Subscription
Why Gift

Site News

Join our Folding@Home team:
Main F@H site
Our team page

Funding Goal
For 6-month period:
2022-07-01 to 2022-12-31
 (All amounts are estimated)
Base Goal:
$3500.00
Currently:
$438.92
12.5%

Covers transactions:
2022-07-02 10:17:28 ..
2022-10-05 12:33:58 UTC
(SPIDs: [1838..1866])
Last Update:
2022-10-05 14:04:11 UTC --fnord666

Support us: Subscribe Here
and buy SoylentNews Swag

We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

Tor Browser 13.0.13 Unscheduled Emergency Release

posted by janrinok on Sunday March 24 2024, @12:58PM   Printer-friendly
Security

An Anonymous Coward writes:

https://blog.torproject.org/new-release-tor-browser-13013/

"This is an unscheduled emergency release with important security updates to Firefox for Desktop platforms. Android is unaffected."

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

Mozilla Foundation Security Advisory 2024-16
Security Vulnerabilities fixed in Firefox ESR 115.9.1

Announced
March 22, 2024

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

CVE-2024-29944: Privileged JavaScript Execution via Event Handlers

Impact critical

Description

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox.

Tails 6.0 is affected. Please update Tails 6.0 to the current version when they release it.

Original Submission