Mull was fixed in the DivestOS repository as early as October 17th, but to do this you need to add to F-Droid and reinstall Mull.
Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
Or you can install directly from Divest via FFupdater, or from their github (I use Obtainium for that).
How do you use obtainium to download from their repo? I'm trying but can't seem to make it work.
When you got add the repo in Obtainium in the overrides section choose Fdroid Third party repo. Then in the app name field type mull
Thank you!
I apologize. I didn't see that my Obtainium was actually pulling from the fdroid repo. I was able to add it to Obtainium from the Divest repo: https://divestos.org/fdroid/official/us.spotco.fennec_dos_21320020.apk
But I really doubt that it will trigger updates, since it's tied to the current version apk.
I update my browsers and K9 via FFupdater, that's where my confusion came from. And I thank you for calling me our, I just removed Mull from my Obtainium.
Ah phew, was wondering why I hadn't even had the notification.
I get an incompatibility error after adding their repo to FDroid.
Signatures are different. Uninstall old FDroid version first
Thanks! Trying that now.
It is the recent use after free vuln actively exploited found in FF, which both Fennec and Mull relies as upstream. This compounds on changes made to Android NDK and the source of FF move into the monorepo, making them harder to build. Hence, they're still vulnerable to the attack.
found in Fx*
the source of Fx*
It's still waiting on a repackaging effort
https://gitlab.com/relan/fennecbuild/-/merge_requests/63
Looks like the latest hurdle is that Firefox is relying on some Google-specific variables being present, which fails on AOSP
Mull at least has been fixed in the divestOS repo. I can't speak to fennec as I don't use it.
The version in the f-droid main repo is behind because of Mozilla changing their repo system thus screwing with the build process and at least for now currently requiring a compiler that doesn't meet F-Droid's (IMO slightly ridiculous) standards for allowable software.
Thanks! Added their repo and reinstalled. Secure again. 😎
Mull is fine if you use the divestos repo directly, but the f-droid version is behind
Mull from divestos repo works fine! Use FFupdater to install it or link the fdroid repo to your fdroid
Had the same, promptly uninstalled, didnt find infos.