• Arthur BesseOPMA
      link
      fedilink
      arrow-up
      2
      ·
      2 years ago

      GPA. GNU Privacy assistant.

      what makes you pick this, of all programs? just because it hasn’t had a release in four years?

      Skimming the commit log one can see it certainly has had some bugs, and given that it is written in C it is reasonable to assume it has had some security-relevant ones. (eg, i’m not certain but this commit from a few months prior to the latest release looks like it could be fixing an actually exploitable bug?)

      Currently there are 13 commits newer than the latest release. From a quick glance none appear to be obviously fixing security bugs (i guess there will be a new release when they next find some) but there are actually as-yet unreleased commits there fixing bugs… such as this one, made two days after the last release, which fixes searching being left-anchored.