Looks like a massive vulnerability has been discovered, basically affecting any apps with web browsing functionality. Was interested in seeing how this affects Sync (including the old Sync for Reddit app I guess too, which is still being used out there and won’t get any needed security patches).

It sounds like a fix should be in the Android OS security patch for October, but not sure if that protects individual apps at risk still

  • @[email protected]
    link
    fedilink
    English
    111 year ago

    Android has its own media player APIs, you just have to tell it what to play and give it a place in the UI for the player canvas. You can even design your own controls for it.

    When you open a webpage in Sync, that’s an embedded web browser also provided by Android.

    It’s unlikely that Sync links to libwebp directly.

    The Sync for Reddit app isn’t usable anymore as it can no longer access the Reddit API. All you get are errors when you try to use it now.

      • @TakingOnWaterOP
        link
        English
        31 year ago

        Yeah most of the old reddit browsers for Android seem to have a patch like this. Obviously they’re no longer intended for use by the developers, but for anyone using them it would probably be good to know whether they will be forever at risk to a vulnerability like this.

    • @TakingOnWaterOP
      link
      English
      41 year ago

      Thanks for the explanation! Hopefully that’s the case here then with Sync. Still hoping @[email protected] can confirm one way or another.