• schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 month ago

    Wasn’t Fennec a couple of major revisions behind due to build issues, and one of said major revisions was a zero-day fix, so yeah, Fennec would be vulnerable.

    (I dumped it about two weeks ago once I noticed that it was behind the security patch curve.)

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 month ago

      Next time make a post 2 weeks ago. Best to voice concern over things you notice. The person who discovered the XZ backdoor did that and it caught a disaster.

      • schizo@forum.uncomfortable.business
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        Fennec being a delayed build has been a thing for years at this point: it’s a pain in the ass to get built and in f-droid. I mean, just google ‘fennec f-droid out of date’ and you’ll see people talking about this going back to 2020.

        I didn’t exactly find a stunning shocking unknown thing: Fennec is slow on builds, it got outdated, there was a zero-day in older Firefox versions, and so bam: there’s a security issue in Fennec.

        Might be worth adding the Firefox security RSS feed for anyone using Firefox or a derivative browser so that you’ve got the best information about issues like this.