search

dnet / adsdroid

Unofficial AllDataSheet Android application
https://techblog.vsza.hu/posts/Unofficial_Android_app_for_alldatasheet.com.html
MIT License
29 stars 11 forks source link

The Fdroid Repo shows Known Vulnerability and Disabled Algorithm #18

Closed Crowned-Eagle closed 6 years ago

Crowned-Eagle commented 6 years ago

Please update the app to latest openssl and if I am not wrong md5 is disabled on frdoid as hashing alg

Please update these so that app will be more secure and I can install it without hesitation due to security risk.

Sent from my OnePlus5T using FastHub-Libre

dnet commented 6 years ago

The app doesn't use OpenSSL nor MD5 explicitly. Please notify F-droid to update their wording to prevent further misunderstandings.

ildar commented 6 years ago

@Crowned-Eagle , that might been true for pre-1.7 version. Now I don't see any warnings about that.

Crowned-Eagle commented 6 years ago

@ildar My Fdroid app still showing this warning.. I am using Android 8.1..

Sent from my OnePlus5T using FastHub-Libre

Crowned-Eagle commented 6 years ago

@dnet Okk.. Thanks for the reply.. I will contact Fdroid regarding this.. And will forward their reply to you.

Sent from my OnePlus5T using FastHub-Libre

ildar commented 6 years ago

The only explanation is that

  1. the information comes from F-Droid Archive.
  2. F-Droid client handles the situation incorrectly.

Then please, try turning off the Archive, check everything is right and report the wrong behavior to https://gitlab.com/fdroid/fdroiddata/issues