thank you
Several vulnerabilities that affect every VPN product out there can be exploited by attackers to read user traffic,
is pop going to base on Lts moving forward, like mint, or its too early to say?
i mostly worried about keepass for vulnerabibity and virt-manger not getting the latest qemu/libvirt update... but i agree to you, these package aren;t that old.
Software are so behind in versions
| Software | Latest | Fedora Version | Pop! Version |
|--------------|-----------|------------|------------|
|---- | 44.0 | 44.1 | 42.0 |
|Gnucash | 5.3 | 5.2 | 4.8 |
|GIMP | 2.10.34 | 2.10.34 | 2.10.30 |
|------ | 1.3.1 | dnf 1.3.1 | 1.3.0 |
|Firewall Gufw | 22.04 | N/A | 22.04.0 |
|Timeshift | Master.mint21 (Mint) | dnf 22.11.2 | 21.09.1|
| | 22.06.6 (TeeJee) | | |
|KeepassXC | 2.7.6 | 2.7.6 | 2.6.6 |
| | | | affected by CVE-2023-35866 (upto 2.7.5) |
|Libreoffice | 7.6.0 (fast adopter) | 7.5.5.2 | 7.3.7.2 |
| | 7.5.5 (LTS) | | |
| Popsicle | 1.3.1 (github) | AppImage 1.3.1 | 1.3.2 |
| PDF Arranger | 1.10.0 | 1.10.0 | 1.8.2 |
| Virt Manager | 4.1.0 | 4.1.0 | 4.0.0 |
| Videos (totem) | 44.0 | 43.0 | 42.0 |
| Nautilus | 44.0 | 44.2.1 | 42.6 |
I am "not" using Flatpak on Pop!
Most of the cases, those software are from Ubuntu repositories.. would Pop!_OS consider building their own, or as some other people mentioned, rebase on something else?