Unread post
by Moonchild » 2019-03-23, 13:21
As per usual, I always port all applicable sec patches across from Mozilla (or write my own to address applicable vulnerabilities) the moment I'm granted access to the relevant sec bugs that remain hidden from the public.
Note: all applicable patches. Far from everything applies to UXP or Pale Moon. For example: "sandbox escapes" are related to the e10s "sandbox", and that is a big N/A for us because we don't use e10s and don't even have this sandbox code anymore (which, by the way, was misconstrued by opponents of our direction as "removing essential security" -- they either didn't understand that the code was specifically for electrolysis, or chose to ignore that fact to get more sensationalist points).
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite