Boost For Lemmy

6985 readers

4 users here now

Community of the Android app Boost for Lemmy

founded 1 year ago

MODERATORS

rmayayo

Is Boost for Lemmy vulnerable to the webp exploit? (self.boostforlemmy)

submitted 11 months ago by DungFu to c/boostforlemmy

17 comments fedilink hide all child comments

What version of libwebp does Boost use and if it is currently vulnerable, when can we expect an update to fix this issue? The affected versions of libwebp are 0.5.0 to 1.3.1.

you are viewing a single comment's thread
view the rest of the comments

[–] atrielienz 2 points 11 months ago* (last edited 11 months ago)

I'm sure it can. The question is, will it. Part of the reason Google started updating apps on their side and removing feature updates from Android was because carriers and service providers weren't quick to update anything including security updates. It's one of the big selling points of the pixel line of phones. RCS is a very good example. The main cell providers did not want to take on RCS messaging and went as far as trying to make their own fork. They've done this with wallet apps back in the day as well.

https://9to5google.com/2019/10/25/us-carriers-rcs-android-initiative/

https://www.engadget.com/amp/2019-10-18-google-verizon-t-mobile-pixel-4-rcs-messaging.html

https://www.idropnews.com/news/att-t-mobile-and-verizon-have-given-up-on-their-imessage-killer/156434/