If, like me, you’ve relied on Fennec as a more tolerable version of Firefox for Android, you may have gotten some bad news in the latest F-droid update cycle.
Fennec has fallen so far behind on updates that serious security patches implemented by Mozilla in Firefox haven’t been applied to the fork, and Fennec is therefore still breachable.
The developer responded two weeks ago that they were “short on time”, and there still isn’t a new, secure version available. This appears to be due to that recurring weak link in open source development: small teams, confronted by real life demands like time and money?
I have Mull installed 129.0.2 https://f-droid.org/repo/us.spotco.fennec_dos_21290220.apk
Should I uninstall?
Is there any way to export bookmarks from mull, so that I can uninstall it?
Honestly, just wait a little bit, both Fennec and Mull will get it sorted soon and you’ll see an update. If the vulnerability is worrying you that much, I’d honestly just download the standard Firefox APK for the time being and use it while waiting on Mull to update on fdroid. It likely won’t be more than a couple days.
There are newer builds sooner in the divestos repository https://divestos.org/pages/our_apps#repos
I used the Mozilla account sync thing that’s built in but it didn’t restore the extensions.
bookmarks and passwords seem to have copied over to the DivestOS one though.