List of known security problems with old SpiderMonkey code base? #499
Comments
|
I am not aware of any such list. I am not sure if this would sufficiently cover your inquiry about security, but there is an old discussion from the time just before adopting the SpiderMonkey FF4 version we use now. Check out the posts by Jens and make sure to not miss the later ones too. The measures taken to minimize risks are also discussed (white listing of executable methods etc.). Link to discussion: https://bugzilla.redhat.com/show_bug.cgi?id=459211 |
|
[AnotherCommander]
I am not aware of any such list.
OK. I take this to mean no structured security tracking has taken place
with the embedded copy in the last 8-12 years, then. :)
I am not sure if this would sufficiently cover your inquiry about
security, but there is an old discussion from the time just before
adopting the SpiderMonkey FF4 version we use now. Check out the posts
by Jens and make sure to not miss the later ones too. The measures
taken to minimize risks are also discussed (white listing of
executable methods etc.).
Link to discussion: https://bugzilla.redhat.com/show_bug.cgi?id=459211
Thank you. Quite useful reading. :)
…--
Happy yhacking
Petter Reinholdtsen
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there a list of known security issues with the embedded SpiderMonkey code base used by ooline, ref https://github.com/OoliteProject/spidermonkey-ff4/ ? It seem to have been untouched for 8-12 years. I have been able to locate
https://security-tracker.debian.org/tracker/CVE-2019-11750 myself, but am unsure if there are others.
The text was updated successfully, but these errors were encountered: