Sparkle vulnerability and list of safe apps (Updated!)

Published on February 15, 2016 in Articles — 1 min read
Tags:

Many OS X apps use Sparkle as update library.

Recently a vulnerability in the software has been discovered. Affected apps are those using a vulnerable version of Sparkle on an unencrypted HTTP connection to receive data from their update servers. Those apps are subject to man-in-the-middle attacks that could install malicious code.

You can read more about this security issue on ArsTecnica.

List of safe apps (Updated!)

In alphabetical order, the minimum safe versions of apps using Sparkle.

App name / Safe since / Notes

Post constantly updated as I discover new safe versions.


Related links

  • https://github.com/sparkle-project/Sparkle/issues/717


Comments

Got some words you want to share? Tell me!