Project

General

Profile

Security - 4.2 0002 - system browser vulnerability - CVE-2014-6041

Added by My Self over 9 years ago

Seems that the Replicant /system/app/browser(.apk) have to be affected, too:
https://community.rapid7.com/community/metasploit/blog/2014/09/15/major-android-bug-is-a-privacy-disaster-cve-2014-6041
Are there any plans to attend to that security flaw (in future Replicant releases)?

I for my part switched to another browser for a while:
https://f-droid.org/repository/browse/?fdfilter=lightning&fdid=acr.browser.lightning
but this doesn't help either:
https://github.com/anthonycr/Lightning-Browser/issues/123


Replies (3)

RE: Security - 4.2 0002 - system browser vulnerability? (CVE-2014-6041) - Added by Paul Kocialkowski over 9 years ago

Are there any plans to attend to that security flaw (in future Replicant releases)?

Please point me to a patch I can include in our tree to fix this particular issue.

RE: Security - 4.2 0002 - system browser vulnerability? (CVE-2014-6041) - Added by Paul Kocialkowski over 9 years ago

Thanks, those patches were applied to the tree and will be part of the next batch of Replicant 4.2 images!

    (1-3/3)