Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libolm deprecation and possible security vulnerablity #780

Open
tusooa opened this issue Aug 2, 2024 · 4 comments
Open

libolm deprecation and possible security vulnerablity #780

tusooa opened this issue Aug 2, 2024 · 4 comments
Labels
E2EE End-to-end encryption is affected security Security- or privacy-related issue

Comments

@tusooa
Copy link

tusooa commented Aug 2, 2024

Describe the bug
libolm is now deprecated and is likely to have security vulnerabilities ( https://furry.engineer/@soatok/112879830539550564 ).

To Reproduce
N/A

Expected behavior
N/A

Is it environment-specific?
No

Additional context
Nheko-Reborn/nheko#1786
@tusooa tusooa changed the title libolm deprecation libolm deprecation and possible security vulnerablity Aug 2, 2024
@aaronraimist aaronraimist added E2EE End-to-end encryption is affected security Security- or privacy-related issue labels Aug 2, 2024
@KitsuneRal
Copy link
Member

KitsuneRal commented Aug 2, 2024
edited
Loading

The linked Fediverse discussion smells a bit too much like sensationalism. That the development focus has shifted to vodozemac is not a news for anyone who's following at least somewhat on the ecosystem.

@KitsuneRal KitsuneRal moved this to 0.10(?) - To Do in libQuotient 1 Aug 2, 2024
@KitsuneRal
Copy link
Member

That said - thanks for trying to fix vodozemac bindings, that will certainly be helpful, and I'm sure we'll find a way to keep them in order.

@emilazy emilazy mentioned this issue Aug 14, 2024
Merged
13 tasks
@k3-cat k3-cat mentioned this issue Oct 5, 2024
Open
1 task
@dreirund
Copy link

Ahoj,

https://furry.engineer/@soatok/112879830539550564

I just wanted to read this, but it now gives an HTTP error 404 "Not Found".

Can you quote the original message?

@bugQ
Copy link

bugQ commented Dec 3, 2024

It was mostly just a preliminary announcement for this blog post: https://soatok.blog/2024/08/14/security-issues-in-matrixs-olm-library/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
E2EE End-to-end encryption is affected security Security- or privacy-related issue
Projects
libQuotient 1
Status: 0.10(?) - To Do
Milestone
No milestone
Development

No branches or pull requests
5 participants
@bugQ @tusooa @dreirund @aaronraimist @KitsuneRal