The developer who submitted the bug fix writes: "Given that this bug is present means apparently that nobody ever tested the keepassxc code with address sanitizer. at least one pull request that KeePassXC has accepted is a fix for a security issue created by a feature that KeePassXC added on top of KeePassX. I brought up what appears to be an example of this in a previous comment:
Risks with switching from X to XC, then, is that new vulnerabilities have been introduced to XC since the forking. My understanding is that KeePassXC is a fork of KeePassX, which has been around a while and, I believe, is well regarded.
I've also been wondering about this for a few months- I asked a similar question here and here and got a few potentially helpful responses.
0 kommentar(er)
