Discussion:
[core-updates] webkitgtk-2.4 and webkitgtk/gtk+-2 no longer needed?
Mark H Weaver
2018-04-15 03:26:55 UTC
Permalink
rekado pushed a commit to branch core-updates
in repository guix.
commit 53e66fbceb275262184ad44f60a5a8d4e7061fcb
Date: Thu Apr 12 20:37:54 2018 +0200
gnu: gnucash: Update to 3.0.
This commit removes the last reference to 'webkitgtk/gtk+-2', which in
turn contains the only reference to 'webkitgtk-2.4'. So, we could now
delete both of those packages from the 'core-updates' branch.

I would advocate removing them, since these old versions of webkitgtk
are no longer maintained and contain a large number of known remote code
execution vulnerabilities.

Are there any objections to removing them?

Mark
Ricardo Wurmus
2018-04-15 08:58:04 UTC
Permalink
Hi Mark,
Post by Mark H Weaver
rekado pushed a commit to branch core-updates
in repository guix.
commit 53e66fbceb275262184ad44f60a5a8d4e7061fcb
Date: Thu Apr 12 20:37:54 2018 +0200
gnu: gnucash: Update to 3.0.
This commit removes the last reference to 'webkitgtk/gtk+-2', which in
turn contains the only reference to 'webkitgtk-2.4'. So, we could now
delete both of those packages from the 'core-updates' branch.
I would advocate removing them, since these old versions of webkitgtk
are no longer maintained and contain a large number of known remote code
execution vulnerabilities.
Are there any objections to removing them?
No objections from me; please go ahead and remove them. Thanks!

--
Ricardo
Mark H Weaver
2018-04-17 06:22:16 UTC
Permalink
Post by Ricardo Wurmus
Post by Mark H Weaver
rekado pushed a commit to branch core-updates
in repository guix.
commit 53e66fbceb275262184ad44f60a5a8d4e7061fcb
Date: Thu Apr 12 20:37:54 2018 +0200
gnu: gnucash: Update to 3.0.
This commit removes the last reference to 'webkitgtk/gtk+-2', which in
turn contains the only reference to 'webkitgtk-2.4'. So, we could now
delete both of those packages from the 'core-updates' branch.
I would advocate removing them, since these old versions of webkitgtk
are no longer maintained and contain a large number of known remote code
execution vulnerabilities.
Are there any objections to removing them?
No objections from me; please go ahead and remove them. Thanks!
Done in commit 38039b4fa917c7516535167fb082ea63850ee578 on core-updates.

Thanks,
Mark

Loading...