Can I get more info on why these are showing up? I’ve never seen such a thing on F-Droid before.

  • @[email protected]
    link
    fedilink
    202 months ago

    Are these two from the same maintainer? If not, considering that they both use Firefox Android as their base, does this mean there is a vulnerability in Firefox Android?

    • @[email protected]
      link
      fedilink
      322 months ago

      There was and it was fixed by the looks of it. Guessing these apps have not urgently pulled the fixes in and released an update, so F-droid is urging people not to use the apps until so

      • @[email protected]
        link
        fedilink
        English
        112 months ago

        they pulled the fixes, but couldn’t build because google fucked up the NDK. my other comment has more details

    • @kitnaht
      link
      21
      edit-2
      2 months ago

      Yes, there was a remote code execution vulnerability in the CSS engine of firefox a little while ago. If you’re on desktop version 131 or lower, update to 131.0.3 when possible. I don’t know how the versioning works for the Android versions here…

      • Redjard
        link
        fedilink
        112 months ago

        173? What happened to firefox versions? We just started the 130s

          • Redjard
            link
            fedilink
            92 months ago

            Yeah that seems about right.

            I don’t know how the versioning works for the Android versions here…

            Android has the same versions as desktop here, which is why there is no differentiation. The main chunk of firefox is platform independent (and even used in thunderbird too).

            So any firefox android app and fork thereof needs that version 131.0.3+ too (unless it is esr which is 128 currently).