Your message dated Sat, 15 Apr 2023 10:15:08 -0300
with message-id
<CA+QPbz1yHdqKNb9NLwLkfBKnqBMmjSC9=ksm9h+o_-0gyme...@mail.gmail.com>
and subject line Re: Bug#1034364: kde-baseapps depends on konqueror which is
not security maintained
has caused the Debian Bug report #1034364,
regarding kde-baseapps depends on konqueror which is not security maintained
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1034364: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034364
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: kde-baseapps
Version: 4:22.12.3+5.142
Severity: important
Dear Maintainers,
consider removing konqueror from the depencies of kde-baseapps.
Rationale:
kde-baseapps for version 5:111 (stable) and 5:142 (unstable) depends on
konqueror
but konqueror depends on
libqt5webenginecore5
source package is
qtwebengine-opensource-src
which according to
https://salsa.debian.org/debian/debian-security-support/-/blob/573b1a3f35208754bdf50a2af03f6c1b8c066a8b/security-support-limited
is not security maintained:
"qtwebengine-opensource-src No security support upstream and
backports not feasible, only for use on trusted content"
If this information is still correct,
konqueror should not be recommended or depended on
as user should by default get a system which is reasonable secure.
Thanks
Bernhard
--- End Message ---
--- Begin Message ---
Hi!
On Thu, 13 Apr 2023 at 14:15, Bernhard Reiter <bernh...@intevation.de> wrote:
>
> Package: kde-baseapps
> Version: 4:22.12.3+5.142
> Severity: important
>
> Dear Maintainers,
>
> consider removing konqueror from the depencies of kde-baseapps.
No :-)
> Rationale:
>
> kde-baseapps for version 5:111 (stable) and 5:142 (unstable) depends on
> konqueror
> but konqueror depends on
> libqt5webenginecore5
> source package is
> qtwebengine-opensource-src
> which according to
> https://salsa.debian.org/debian/debian-security-support/-/blob/573b1a3f35208754bdf50a2af03f6c1b8c066a8b/security-support-limited
> is not security maintained:
> "qtwebengine-opensource-src No security support upstream and
> backports not feasible, only for use on trusted content"
>
> If this information is still correct,
> konqueror should not be recommended or depended on
> as user should by default get a system which is reasonable secure.
If we follow that reasoning we shouldn't be shipping Plasma at all, as
many things use Qt5's webengine. Sad as it is, this is the problem
with web engines.
I'm closing this bug as invalid, but non the less thanks for your
feedback, it's always appreciated :-)
--
Lisandro Damián Nicanor Pérez Meyer
https://perezmeyer.com.ar/
--- End Message ---
