F-Droid on Nostr: We did the due-diligence to announce both the devs and the users. 'Known' is a strong ...
We did the due-diligence to announce both the devs and the users. 'Known' is a strong word, and we did not do any vulnerability proving for those ~130 apps.
Not all apps that have a dependency with a known vulnerability are vulnerable themselves.
The power of FOSS is the community around the open code, our 'many eyes' are needed in the packaging department, hope you and others are doing your part too.
Not all apps that have a dependency with a known vulnerability are vulnerable themselves.
The power of FOSS is the community around the open code, our 'many eyes' are needed in the packaging department, hope you and others are doing your part too.