Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Just pretend that all Flatpak apps were statically linked. Would you have the same complaints?

Yes. The work required to backport and test security fixes in any library or any other component in every stable release train of a flatpak (or a fat binary) is simply not being done.

Most upstreams barely handle vulnerabilities affecting #head.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: