Linux
Welcome to c/linux!
Welcome to our thriving Linux community! Whether you're a seasoned Linux enthusiast or just starting your journey, we're excited to have you here. Explore, learn, and collaborate with like-minded individuals who share a passion for open-source software and the endless possibilities it offers. Together, let's dive into the world of Linux and embrace the power of freedom, customization, and innovation. Enjoy your stay and feel free to join the vibrant discussions that await you!
Rules:
-
Stay on topic: Posts and discussions should be related to Linux, open source software, and related technologies.
-
Be respectful: Treat fellow community members with respect and courtesy.
-
Quality over quantity: Share informative and thought-provoking content.
-
No spam or self-promotion: Avoid excessive self-promotion or spamming.
-
No NSFW adult content
-
Follow general lemmy guidelines.
view the rest of the comments
I heard it was shipping libraries that capture all clipboard data and sent it to foreign servers unencrypted, and that this was being defended in the buglist as a feature, so I might actually skip this one at least until the first or second batch of security updates rolls on.
For servers, it makes not much difference for me; where possible I either stick to Stable + Backports (which requires Backports in the first place) or jump right to Unstable.
Insane to say this without providing proof
The fediverse has literally linked the issue, there's a CVE and a Debian Bugs thread. Like, sure, not all bad news spread fast but to go from there to "insane" shows your primary platform is probably tiktok.
I’d still appreciate a link to your claim instead of accusing me of using platforms I don’t actually use, thanks.
You have a link where I can read more about this?
It's making the rounds on the Fediverse. Example. And the bugtracker shows this thread where the very first responses to the issue raised already promote leaking this data as a "feature".
Okay, so it's a program you have to specifically install, not a library and not installed by default.
Regardless, yeah it should not be doing that.
I mean, it's Debian. To a point I can understand it.
And, from what I can get from the thread, it's not really a problem that the package exists - rather that the software is packaged and distributed unpatched.
https://www.theregister.com/2025/08/08/stardict_leaky_app_of_week/