Konstantinos Xynos
daniel:// stenberg://Friends don't let friends disable TLS server verification. (#curl is used, but the check is explicitly disabled by the app)
https://www.ush.it/2025/11/14/multiple-vulnerabilities-gosign-desktop-remote-code-execution/
"Without valid TLS and manifest signing, an attacker can replace both the package and its hash, fully bypassing the security mechanism."
Eslam Family🕊️❤️@bagder Hello dear, I hope you are well. Could you please help me and boost my posts?🥺🙏🙏
Adam@bagder "After this call [with vendor], the vendor ceased all communication, failed to provide
any further updates, and did not respond to subsequent contact
attempts.
On 2025-11-04, the fix was released publicly without any announcement
from the vendor and without honoring the request to include a changelog
acknowledgment"
Fritz Adalis