63
Vulnerability in Fennec
(lemmy.world)
F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
Matrix space | forum | IRC
Wasn't Fennec a couple of major revisions behind due to build issues, and one of said major revisions was a zero-day fix, so yeah, Fennec would be vulnerable.
(I dumped it about two weeks ago once I noticed that it was behind the security patch curve.)
Next time make a post 2 weeks ago. Best to voice concern over things you notice. The person who discovered the XZ backdoor did that and it caught a disaster.
Fennec being a delayed build has been a thing for years at this point: it's a pain in the ass to get built and in f-droid. I mean, just google 'fennec f-droid out of date' and you'll see people talking about this going back to 2020.
I didn't exactly find a stunning shocking unknown thing: Fennec is slow on builds, it got outdated, there was a zero-day in older Firefox versions, and so bam: there's a security issue in Fennec.
Might be worth adding the Firefox security RSS feed for anyone using Firefox or a derivative browser so that you've got the best information about issues like this.
So what do you use instead?
I just installed standard Firefox until they've sorted out their build issues.
From the Play store/Aurora, or is there another way? I remember an app on fdroid that would install different mozilla browsers but I can't find it
You're thinking of FFUpdater
That's the one. It doesn't come up when I search either firefox or mozilla
I'm not deGoogled, so I just did the play store version, so I'm not sure where else you might grab it.
APK Mirror?
Iceraven is one alternative worth considering.