LINKDING
Login
Shared bookmarks
Sort by
Added ↑
Added ↓
Title ↑
Title ↓
Apply
Tags
Sparkle Updater Framework HTTP man-in-the-middle vulnerability
#.blogit
#marked
#security
#sparkle
|
An obvious (in retrospect) vulnerability in apps that use Sparkle for automatic updates (most apps outside of the MAS). The fix is pretty easy for developers, and as of Marked 2.5.4 (which is [available now](http://marked2app.com)) all of the updates and release notes are served over HTTPS. You can find additional details on the issue at [Vulnerable Security](https://vulnsec.com/2016/osx-apps-vulnerabilities/).
8 years ago
|
View
Shared by
ttscoff
Previous
1
Next
User
Everyone
ttscoff
Apply
Tags
-.blogit
-marked
-security
s
parkle
