it's true that zoom is currently getting a lot of attention. It all
started with the iOS application using Facebook SDK to provide login
through Facebook and their TOS/privacy statement.

That triggered a lot of (security) researchers who are currently sitting
at home like most people in western world with a lot of time. If
upstream will address all problems this will become one of the best
(free-)audited conference software available ;-)

For this discussion please keep in mind that there are multiple versions
for different platforms. Not every platform is affected by all reported

Regarding zoom and Gentoo: net-im/zoom doesn't require any special
handling in Gentoo. Package is not even marked stable. We have a lot of
vulnerable packages...

If problems will get confirmed for the available Linux version and
upstream won't provide a fix within ~12 months (depends on severity of
reported vulnerabilities) we maybe decide to last-rite or apply a mask
to force user awareness through forced unmask action in case they need
that software. But again, this software isn't special and doesn't
require further discussion from our P.O.V.

Thomas Deutschmann / Gentoo Security Team
fpr: C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to