DescriptionVulnerability reported at
https://bugzilla.mozilla.org/show_bug.cgi?id=1125389#c6 which you may
not be able to see.
See https://code.google.com/p/google-caja/issues/detail?id=1954
This bug is non-disclosed, causes loss of isolation, and has no known
workaround. Thus, this CL, once submitted, will prevent Caja and SES
from running on FF35, which is the current release. If this bug
becomes public or we are aware that it is being exploited, we should
release immediately anyway. Otherwise, I suggest we wait until FF36 is
released, which is currently expected on 2/23/2015.
At that point Google still considers FF35 a supported browser, until
FF37 is released. So submitting this CL after the FF36 release will
cause Caja and SES not to run on a Google supported browser.
Patch Set 1 #Patch Set 2 : Detects a FF35 bug that allows non-extensible objects to be changed. #Patch Set 3 : Detects a FF35 bug that allows non-extensible objects to be changed. #
Total comments: 2
Patch Set 4 : Detects a FF35 bug that allows non-extensible objects to be changed. #Patch Set 5 : Detects a FF35 bug that allows non-extensible objects to be changed. #Patch Set 6 : Detects a FF35 bug that allows non-extensible objects to be changed. #Patch Set 7 : Detects a FF35 bug that allows non-extensible objects to be changed. #Patch Set 8 : Detects a FF35 bug that allows non-extensible objects to be changed. #
Total comments: 10
Patch Set 9 : Detects a FF35 bug that allows non-extensible objects to be changed. #
MessagesTotal messages: 23
|