On Fri, 2015-08-28 at 13:23 -0600, Chris Murphy wrote: > That's bad. It either needs to be fixed or it needs to come with a > warning if not outright removed from the repo. Exposing people's > Facebook credentials is not OK. So all you have to do to be > vulnerable > to this is use Shotwell with a network you can't vet or control or > trust. Naw, you're vulnerable on any network. ;) BGP and DNS attacks are hardly new or extraordinary things. Link, FWIW: https://bugzilla.gnome.org/show_bug.cgi?id=751709#c4 P.S. Note that it's still using WebKit1, which means it doesn't get security updates anymore. Like Evolution. And Empathy. -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
