Regarding
https://f-droid.org/en/packages/org.mozilla.klar/ (latest as of posting: 8.4.0 (241) - Added on 2020-06-15)
it says below: “This app contains a known security vulnerability”.
Is this because it’s not the latest version, or why does it say that?
1 Like
Also strange/inconsistent: From the Klar page given above, following the “Known Vulnerability” link, then following the link to “list of apps with known vulnerability”, only muPdf (2 versions) is on the list; Klar is not.
https://f-droid.org/wiki/page/Category:Apps_with_KnownVuln_antifeature
1 Like
No, the metadata does not have KnownVuln for 8.4.0, must be some other error… report this to fdroid-website
For the record: it doesn’t happen just on the website: my F-Droid app list the KnownVul antifeature for Firefox Klar in the official repo for a while.
Is it a leftover from the January vulnerability? I remember it took F-Droid a long time to publish a new version b/c of Mozilla’s crappy code or smth. I ended up switching to Mozilla’s own APK’s. I’ve noticed F-Droid’s Klar was eventually updated.
FWIW 8.4.0 is not the most recent version, but definitely newer than the fix for January’s vulnerability that affected all FF versions, desktop & mobile.
Yes and we had the updated AntiFeatures icons added in the meantime
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.