search

SimpleMobileTools / Simple-File-Manager

Easy app for managing your files without ads, respecting your privacy & security
https://www.simplemobiletools.com
GNU General Public License v3.0
1.49k stars 379 forks source link

F-Droid still showing the vulnerability warning on 6.14.4 #662

Closed vocux closed 1 year ago

vocux commented 1 year ago

Hey, I just updated to 6.14.4 but the vulnerability warning persists, it is also still shown on the app info page that the app is vulnerable. Am I the only one? Maybe it's something to do with F-Droid though and it just needs some time to update

plegrand1 commented 1 year ago

Same for me even after clearing all data from fdroid app

DaijoubuKun commented 1 year ago

I checked this app in the Google Play Store (https://play.google.com/store/apps/details?id=com.simplemobiletools.filemanager.pro) and it is not showing as having any vulnerability, but I have seen apps get past Google's security scanner before.

Also, in F-Droid I see new permissions, but I don't know if those are for this version, or any recent version. It would be nice to know in the changelog when new permissions are needed.

tibbi commented 1 year ago

where do you see the warnings?

kizm0 commented 1 year ago

where do you see the warnings?

https://f-droid.org/en/packages/com.simplemobiletools.filemanager.pro/

Section "Anti-Feature"

tibbi commented 1 year ago

guess they havent rechecked it

gbdomubpkm commented 1 year ago

Hello. How does this app have vulnerabilities? Is it susceptible to being hacked or having data leaks? F-Droid's warning, which even advises to uninstall the app just installed, is not at all reassuring !! Can you explain the nature of the problem with F-Droid ? ... and if there is no risk, that the warnings do not appear! I like this app and i don't understand the problem. Regards

tibbi commented 1 year ago

There is nothing dangerous in the app. Guess f-droid just marked the previous version with it and now automatically marks all new versions too, until changed manually. Will contact them.

lipici commented 1 year ago

Every version of any app is checked manually by them. Thats what they said on telegram group.

tibbi commented 1 year ago

ah no, they definitely arent checking it manually. Anyway, it should be fixed soon as per https://gitlab.com/fdroid/fdroiddata/-/merge_requests/11496#note_1208626843

lipici commented 1 year ago

So you are saying anyone can upload anything on f -droid ? Wow. I need to talk with them again to clarify. On telegram group they told me they verify every version before they uploading.

tibbi commented 1 year ago

You seem to be mixing 2 things here. New app uploading and existing app updating.

vocux commented 1 year ago

By the way, the warning is now gone. 👍