Hans-Christoph Steiner 02b2090e53 check repo index timestamps to prevent rollback attacks
A hacked fdroid server could "replay" old index.jar files known to have
apps with vulnerabilities in it.  That provides a long window of time for
exploiting that vulnerability.  By checking that the timestamp of an update
is never older than the current index, this attack is prevented.
2016-05-20 12:04:36 +02:00
..