Security/Sandbox/2016-10-20

From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

jimm

bobowen

  • bug 1309900 - Subframe history navigation logic gives false positives
    • on autoland.
  • bug 1147911 - Use a separate content process for file:// URLs
    • Making progress on test failures.
  • bug 1308259 - mozPrintCallback stopped producing vector output
    • landed - requested uplift.

haik

  • bug 1306508 - Whitelist the OS X $TMPDIR and reduce content process write access further
    • landed
  • bug 1310804 - Limit Mac remote printing to Nightly
    • landed - will request b51 uplift
  • bug 1303051 - Printing Issue: Page Setup not being respected since upgrade to 48.01 on Mac
    • e10s Mac printing issue, debugging
  • bug 1310165 - mozPrintCallback stopped producing vector output when printing via the parent.
    • Remote printing Mac issue, debugging

tedd

  • catching up on everything
  • bug 1104619 - remoting audio - working on the threading issue :/

handyman

  • bug 1241250 - Prezi frozen at loading on fresh profile with latest Nightly 64 bits
    • Fixed by Prezi
  • bug 1303361 - 64-bit Flash audio is not playing on Tidal
    • Issue appears rarely in 32-bit.
    • In communication with Tidal, trying to find the cause. They have not reproed.
  • bug 1307708 - Crash in mozilla::ipc::MessageChannel::WaitForInterruptNotify | mozilla::ipc::MessageChannel::Call | mozilla::plugins::PPluginModuleChild::CallGetKeyState
    • Dealing with a final permissions issue. Should have access today.
  • bug 1284897 - 64 bit Flash Player has storage permissions issues
    • Attempt to tie permissions to plugin instance failed. Calls to e.g. GetOpenFileName and NtOpenFile cannot be tracked to the plugin instance that caused them.
    • Wrapping up module-based (as opposed to instance-based) permission setup.

gcp

  • bug 1310119 - More perf regressions, or the same regression in more tests? Maybe want to reach out to talos to gather data.
  • Security bugs (video/IPC)
  • Some crashers: bug 1310116 wait4/waitpid
  • Sound initialization: bug 1309098 ALSA put also PA

jld

  • bug 1268733 - restore libmozsandbox to being a shared library, not statically linked into plugin-container
    • Waiting on r?(glandium) for build review (+ ELF footgun review)