Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: sajolida
CC: The Tails public development discussion list
Subject: Re: [Tails-dev] MFSA 2015-78 (aka. CVE-2015-4495) vs. Tails
Hi again,

intrigeri wrote (08 Aug 2015 09:24:48 GMT) :
> ... on the other hand, https://access.redhat.com/articles/1563163
> documents pdfjs.disabled=True as a mitigation. I trust RedHat security
> team to have verified that it indeed blocks exploitation.


I've documented the security hole + mitigation on
https://tails.boum.org/news/test_1.5-rc1/

Commit:
https://git-tails.immerda.ch/tails/commit/wiki/src/news/test_1.5-rc1.mdwn?id=af0bcb7138847e1ad8ba6d596309d391b92a7216

sajolida, please have a *quick* look (keep in mind that this will only
live 3 days, so there's probably no need to spend 25 minutes making
this as perfect as you would like ;)

Cheers,
--
intrigeri