Salta al contenuto principale

mastodon - Collegamento all'originale
As with any other app, we flagged Fennec and Mull with KnownVuln until the app is updated. Contributors fixed the issues that delayed versions 130 and later. Stand by for the build.
in reply to F-Droid

๐ŸŒœ๐ŸŒฑ๐“”๐Ÿ„๐Ÿ˜€โŽ
mastodon - Collegamento all'originale
๐ŸŒœ๐ŸŒฑ๐“”๐Ÿ„๐Ÿ˜€โŽ

FYI latest Mull build from #divestos repo is at version 131

divestos.org/misc/ffa-dates.txโ€ฆ

#DivestOS
in reply to ๐ŸŒœ๐ŸŒฑ๐“”๐Ÿ„๐Ÿ˜€โŽ

F-Droid
mastodon - Collegamento all'originale
F-Droid
@cretox We'we mentioned why 130 could not be built sooner back in f-droid.org/2024/09/26/twif.htโ€ฆ so having all these issue overlap was unfortunate. How was that saying, 'when it rains, it pours'? ๐Ÿ˜€'

Statuses updated and a keyboard | F-Droid - Free and Open Source Android App Repository

This Week in F-DroidTWIF curated on Thursday, 26 Sep 2024, Week 39Community NewsF-Droid Build Status was updated to 5.6.4 and no one will get this update. Wh...
f-droid.org
@๐ŸŒœ๐ŸŒฑ๐“”๐Ÿ„๐Ÿ˜€โŽ
in reply to F-Droid

Marek
mastodon - Collegamento all'originale
Marek
Mull from the DivestOS repo seems to be fixed already. It seems to be due to F-Droid, because the delivery of the patched versions takes too long.
in reply to Marek

F-Droid
mastodon - Collegamento all'originale
F-Droid
@mark22k Note that the DivestOS developer helps with both Fennec and Mull in F-Droid, but they built the app for their own repo with the missing binaries taken from Mozilla. At F-Droid we need to build those ourselves, and that took time to setup.
@Marek
in reply to F-Droid

met
mastodon - Collegamento all'originale
met
The UX is a bit weird. Recommends to uninstall Fennec immediately due to a vulnerability, but doesn't have a link to/explanation of the vulnerability as far as I can tell.
in reply to met

Sertonix
mastodon - Collegamento all'originale
Sertonix
@met
@fdroidorg
It would also be nice if F-Droid would mention mitigations that don't require uninstalling Fennec. I would guess that in this case not using Fennec would be enough.
@F-Droid @met
in reply to Sertonix

F-Droid
mastodon - Collegamento all'originale
F-Droid
@sertonix @met There are no mitigations as far as we know, besides the usual advice of not browsing shady sites and using uBlock. Also note that the warning message is rather generic, so that users notice and ask for more info. We can discuss a better text in our Forum if need be.
@met @Sertonix
in reply to F-Droid

Philipp :geeko: :natenom:
mastodon - Collegamento all'originale
Philipp :geeko: :natenom:

> Contributors fixed the issues

@fdroidorg Aren't there 11 threads still open on gitlab.com/relan/fennecbuild/-โ€ฆ ?


Fennec 131.0.0 (!63) ยท Merge requests ยท relan / fennecbuild ยท GitLab

metadata: https://gitlab.com/divested-mobile/mull-fenix/-/blob/master/-fdroiddata/metadata/us.spotco.fennec_dos.
GitLab
@F-Droid
in reply to F-Droid

Lioh
mastodon - Collegamento all'originale
Lioh
thanks for pointing that out, even though the message in F-Droid is somewhat misleading and might indicate that Fennec in general should be uninstalled and not only the specific vuln version. Also a note that it can be reinstalled once the updated version is available would have been nice. Like that it has caused quite some hassle in the community.
in reply to F-Droid

AbuMubarak
mastodon - Collegamento all'originale
AbuMubarak

I appreciate all of what Fdroid does. But the warning implied some kind of virus or malware

Akin to screaming fire in a crowded theatre

in reply to F-Droid

baurio
mastodon - Collegamento all'originale
baurio
so many people want to have updates, but so less people want to participate in. ๐Ÿ˜ฎ
โ‡ง