Skip to content
Sparkle Security Fix?
Got a problem with Viscosity or need help? Ask here!
It appears Viscosity uses Sparkle, and a version that's vulnerable to MITM attacks:
https://vulnsec.com/2016/osx-apps-vulnerabilities/
https://github.com/sparkle-project/Sparkle/issues/717
Code: Select all
You're not alone by a long shot, but considering this is security-related software, an update would be great.frankentosh:~ spork$ find /Applications -path '*Autoupdate.app/Contents/Info.plist' -exec echo {} \; -exec grep -A1 CFBundleShortVersionString '{}' \; | grep -v CFBundleShortVersionString
[...]
/Applications/Viscosity.app/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/Info.plist
<string>1.11.0</string>
[...]
https://vulnsec.com/2016/osx-apps-vulnerabilities/
https://github.com/sparkle-project/Sparkle/issues/717
Hi sporkman,
I need to stress that Viscosity is NOT vulnerable. For information please see:
https://www.sparklabs.com/forum/viewtop ... 2001#p5759
Cheers,
James
I need to stress that Viscosity is NOT vulnerable. For information please see:
https://www.sparklabs.com/forum/viewtop ... 2001#p5759
Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
3 posts
Page 1 of 1