Your message dated Mon, 12 Jul 2021 20:59:08 +0200
with message-id <[email protected]>
and subject line Re: Bug#990940: release-notes: wpewebkit to be covered by
security support in bullseye
has caused the Debian Bug report #990940,
regarding release-notes: wpewebkit to be covered by security support in bullseye
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
990940: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990940
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release-notes
Severity: important
Tags: patch
Debian provides security support for the WebKitGTK browser engine
(source package: webkit2gtk). For bullseye we also want to support
wpewebkit, which is developed by the same team, follows a very similar
release schedule and numbering system, shares most of the code and
almost all CVEs fixes apply to both ports.
See #990754 for more details.
I'm attaching a patch for the release notes.
diff --git a/en/issues.dbk b/en/issues.dbk
index 5f177f54..9fb6861d 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -483,12 +483,13 @@ data =
${lookup{$local_part}lsearch{/some/path/$domain_data/aliases}}
source packages and the concern applies to all packages shipping
them. The concern also extends to web rendering engines not explicitly
mentioned here, with the exception of <systemitem
- role="source">webkit2gtk</systemitem>.</para></footnote> are included
in
- &releasename;, but not
- covered by security support. These browsers should not be used against
- untrusted websites.
- The <systemitem role="source">webkit2gtk</systemitem> source package
is
- covered by security support.
+ role="source">webkit2gtk</systemitem> and <systemitem
+ role="source">wpewebkit</systemitem>.</para></footnote> are included
in
+ &releasename;, but not covered by security support. These
+ browsers should not be used against untrusted websites.
+ The <systemitem role="source">webkit2gtk</systemitem> and
+ <systemitem role="source">wpewebkit</systemitem> source
+ packages are covered by security support.
</para>
<para>
For general web browser use we recommend Firefox or Chromium.
--- End Message ---
--- Begin Message ---
Hi
On 11-07-2021 23:40, Alberto Garcia wrote:
> On Sun, Jul 11, 2021 at 06:10:09PM +0100, Justin B Rye wrote:
>
>> If we can refer to "webkit" and "khtml" (in the previous line) and
>> "Firefox" and "Chromium" (below) without special markup, it's not
>> clear why we need make such a big deal about "*webkit2gtk*" and
>> "*wpewebkit*" being source package names. I would suggest just:
>>
>> mentioned here, with the exception of webkit2gtk and
>> the new wpewebkit.</para></footnote> are included in
>> &releasename;, but not covered by security support. These
>> browsers should not be used against untrusted websites.
>> The webkit2gtk and wpewebkit engines
>> <emphasis>are</emphasis> covered by security support.
>
> Ok, here's a new patch.
Thanks, pushed.
Paul
OpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---
