doublefree lovefromisrael The F-Droid build did not got an update for two month, which is not unexpectedly for the official F-Droid repo. The latest Mull version in the DivestOS Official repo is from this week.
IcyScroll lovefromisrael It seems that you have installed Mull browser from F-Droid repo which for some reason doesn't have updated builds for Mull. I advise you to uninstall it immediately. Browsers based od Firefox have revently had a 9.8 critical vulnerability that is known to be exploited in the wild. https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/#CVE-2024-9680 Firefox also has a really weak sandboxing on Android. I suggest using search function on this forum to learn more. After you are aware of the situation, if you decide that you still want to use Mull, get it from the Official DivestOS repository Mull there should be already patched against the recent vulnerability as the releases are much more frequent and rapid.
r134a I suppose u meant mull browser? As far as i remember reading here en there, the projects stance is to preferably not use gecko-based browsers (firefox, mull, ...) from a security perspective. This because of lack of sandboxing. Edit: on mobile.
Guillaume IcyScroll The article you shared corresponds to the correction of this flaw. This flaw is corrected.
lovefromisrael thank you i've uninstalled it now.. i'm not sure that i understand what is Official DivestOS repository or how it works.. can you explain to me?
DeletedUser87 lovefromisrael you need to add this repository to your F-Droid client (there is a list of repos in the settings somewhere): https://divestos.org/fdroid/official Repositories are required to provide the location of packages to F-Droid (since F-Droid doesn't have all apps by themselves unlike the Play Store for example).
Guillaume lovefromisrael In computer science security bugs are normal, if you uninstall an application every time a security flaw is discovered you will end up with an empty phone 😅
Ammako Guillaume not in OP's 2-month old build... and yes, it needs to be uninstalled, because you can't install the DivestOS-signed updated version over the F-Droid-signed ourdated one.
DeletedUser87 Guillaume if you don't uninstall with a 9.8 CVSS, that is also actively exploited, you must have a rather carefree life ;)