On Tue, 14 Mar 2017 14:52:19 +0100, Milan Crha wrote:
>Ah, right, different distributions can have it named differently. The
>name I used was from Fedora. I do not know Arch linux, but I recall
>some distro has it packaged as libwebkit2gtk-4.0 or something like
>that. The thing is that it's a WebKitGTK+ library providing gtk+ API
>for WebKit2 interface (also API).
Some information about Arch Linux's webkit related packages:
Arch Linux doesn't split to packages, IOW "foo" is "foo" and not "foo"
+ "libfoo" + "foo-dev" + "foo-docs" etc.. Debugging packages could be
build, but aren't provided at all.
This are all packages from official Arch repositories related to the
search term "webkit" [1], including packages with a description
mentioning "webkit", but the description is filtered by the piped grep.
There are CVE issues with webkit [2]. Sure, the CVE issues aren't
related to the spacebar, but users should be aware about those issues.
Due to the CVE issues Arch stopped building Claws with webkit [3].
Regards,
Ralf
[1]
[rocketmouse@archlinux ~]$ pacman -Ss webkit | grep -v " "
extra/epiphany 3.22.6-1 (gnome)
extra/kdewebkit 5.32.0-1 (kf5) [installed]
extra/qt5-webkit 5.8.0-1 (qt qt5) [installed]
extra/qt5-webkit-ng tp5-2
extra/webkit2gtk 2.14.5-1 [installed]
extra/webkitgtk 2.4.11-4 [installed]
extra/webkitgtk2 2.4.11-4 [installed]
community/gambas3-gb-qt5-webkit 3.9.2-2 (gambas3) [installed]
community/phantomjs 2.1.1-4
community/qutebrowser 0.10.1-1
community/surf 0.7+199+gda5290a-1
community/webkit2-sharp 2.10.9-1
[2]
[rocketmouse@archlinux ~]$ arch-audit | grep webkit
Package webkitgtk is affected by
["CVE-2017-2373", "CVE-2017-2371",
"CVE-2017-2369", "CVE-2017-2366", "CVE-2017-2365", "CVE-2017-2364",
"CVE-2017-2363", "CVE-2017-2362", "CVE-2017-2356", "CVE-2017-2355",
"CVE-2017-2354", "CVE-2017-2350"]. Critical risk!
Package webkitgtk2 is affected by
["CVE-2017-2373", "CVE-2017-2371",
"CVE-2017-2369", "CVE-2017-2366", "CVE-2017-2365", "CVE-2017-2364",
"CVE-2017-2363", "CVE-2017-2362", "CVE-2017-2356", "CVE-2017-2355",
"CVE-2017-2354", "CVE-2017-2350"]. Critical risk!
[3]
"2017-01-19 upgpkg: claws-mail 3.14.1-2 andyrtr
disable fancy html plugin - Arch is dropping outdated webkitgtk due to
CVEs
git-svn-id: file:///srv/repos/svn-packages/svn@286991
eb2447ed-0c53-47e4-bac8-5bc4a241df78" -
https://git.archlinux.org/svntogit/packages.git/log/trunk?h=packages/claws-mail&showmsg=1
_______________________________________________
evolution-list mailing list
evolution-list@gnome.org
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list
