Post #1160

My brand new project, Android Debloat List, is created not only to catalogue potential apps that might be disabled, uninstalled or replaced with FOSS alternatives but also to warn users about the potential danger of using certain system apps. As part of this effort, I’ll also be recording vulnerabilities for system apps. To report a vulnerability, create a new issue with the following information: 1. Package name along with its name/label 2. CVD/CVE (or if not supported, link to the vulnerability) 3. Affected versions (either a list or a range) using version name (optional) and version code 4. Optional comments 5. How it should be dealt (update, remove, replace with alternative, keep due to potential issues) Why? Because vulnerabilities do not show up in almost any AV software. [I’m currently taking a break from FOSS development, I’ll create an issue template for it when I’ll be back in the next month.]