Hi again,
intrigeri wrote (08 Aug 2015 09:24:48 GMT) :
> ... on the other hand, https://access.redhat.com/articles/1563163
> documents pdfjs.disabled=True as a mitigation. I trust RedHat security
> team to have verified that it indeed blocks exploitation.
I've documented the security hole + mitigation on
https://tails.boum.org/news/test_1.5-rc1/
Commit:
https://git-tails.immerda.ch/tails/commit/wiki/src/news/test_1.5-rc1.mdwn?id=af0bcb7138847e1ad8ba6d596309d391b92a7216
sajolida, please have a *quick* look (keep in mind that this will only
live 3 days, so there's probably no need to spend 25 minutes making
this as perfect as you would like ;)
Cheers,
--
intrigeri