Page MenuHomePhabricator

consider removal of deactivation of TBB's internal updater because upstream fixed the issue
Closed, ResolvedPublic


There was an security issue with TBB's native updater:

The Tor Project has fixed this in TBB version 4.5a3. (As per blog post.)

Forum discussion:,807.0.html

If 4.5a3 is the new stable at next Whonix release, then the patch mechanism to deactivate TBB's internal updater (function tb_run_function tb_patch_internal_updater_disable_maybe) should be deactivated.

Event Timeline

Patrick raised the priority of this task from to Normal.
Patrick updated the task description. (Show Details)
Patrick added subscribers: Patrick, HulaHoop.

<Patrick> do you have an ETA or roadmap when TBB alpha becomes TBB stable?
<GeKo> 4.5 becomes stable in around 2 weeks
<GeKo> it might not contain all the things we have in the current alpha though
<GeKo> but as far as I currently see only the code for #14429 might not make it
-zwiebelbot/#tor- tor#14429: Automated rounding of content window dimensions -

Patrick claimed this task.

Found an elegant solution to get this done right now.

removed deactivation of TBB internal updater for TBB versions equal or higher than 4.5 because upstream fixed the security issue: