webkit and security topics
Koop Mast
kwm at rainbow-runner.nl
Fri Feb 5 21:23:02 UTC 2016
On 05/02/2016 22:07, Kurt Jaeger wrote:
> Hi!
>
> I've read this:
>
> https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/
Yeah that is a "nice" read.
>
> and try to understand how relevant this is for the ports tree.
> Seeing how often muy build host rebuilds the webkit stuff 8-},
> I assume it is relevant.
>
> If I look at http://webkitgtk.org/releases/ and find
> 2.11.4, while we have 2.4.9 -- what holds it back to 2.4.9 ?
>
The WebKit1 API was removed in 2.6 series, so we need to keep the old
versions around for it. They also bumped the API in WebKit2, which was
also present in the 2.4 series, although these changes are small and
should be easely ported. But that is only appliable for software already
using the WebKit2 API. So that is where www/webkit2gtk3 comes from.
The problem is that most ports still on webkit-gtk[23] use the old
WebKit1 API. From gnome land this is evolution. While upstream is
slowely working on fix that, evolution is a beast, so this complex task
takes time.
-Koop
More information about the freebsd-gnome
mailing list