Issue metadata
Sign in to add a comment
|
Security: Merge general javascript: UXSS fix to beta / stable |
||||||||||||||||||||||
Issue descriptionMarius landed https://crrev.com/783e19486cab2b7485b4a19c02a2eb0369f3b350, which prevents a whole class of problems from turning into UXSS. We should merge this into beta / stable, as I believe that this actually also blocks several other active UXSS bugs: 671102 and 673170 . Setting labels based on the already triaged UXSS bugs.
,
Dec 15 2016
,
Dec 15 2016
Please mark security bugs as fixed as soon as the fix lands, and before requesting merges. This update is based on the merge- labels applied to this issue. Please reopen if this update was incorrect. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 15 2016
Your change meets the bar and is auto-approved for M56 (branch: 2924)
,
Dec 16 2016
,
Dec 19 2016
Note: this was merged in https://codereview.chromium.org/2579213002/, but doesn't seem to be getting picked up by bugdroid for some reason.
,
Dec 19 2016
This is because Bugdroid takes the issue number from the commit description, and it points to the original bug: https://crbug.com/117226 Thanks for taking the time to merge, happy to see the mitigation released sooner! If you'd like to merge it to stable, please note that this patch depends on https://crrev.com/8a8505dc2c so that'd need to be uplifted first.
,
Dec 19 2016
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Dec 19 2016
,
Jan 24 2017
,
Mar 24 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by dcheng@chromium.org
, Dec 14 2016