Summary: | Fancy plugin uses insecure webkitgtk+ 2 library | ||
---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | waldner |
Component: | Plugins/Fancy | Assignee: | users |
Status: | CLOSED FIXED | ||
Severity: | enhancement | CC: | alexander, arthur.huillet, flammie, simon.legner, yuri.zero |
Priority: | P3 | ||
Version: | 3.14.1 | ||
Hardware: | PC | ||
OS: | Linux |
Description
waldner
2017-01-20 17:45:52 UTC
There is a similar movement at the Fedora Project: Proposal: remove insecure WebKitGTK+ packages for F27 https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/AKVB363GFCHHJ5MTHGVYHYT6NLLTF5VM/ Gentoo removed the plugin too: https://bugs.gentoo.org/show_bug.cgi?id=608612 Arch Linux is now offering dillo as a replacement, which however in my opinion is far inferior. FWIW, the corresponding Debian bug: https://bugs.debian.org/790199 As of version 17.10/19 October 2017, the fancy plugin is no longer available in Ubuntu, because of this issue. Downstream bug: https://bugs.launchpad.net/ubuntu/+source/claws-mail/+bug/1724999 Hi all, This bug has has a non-negligible effect on my productivity. Although I'm not an experienced C/Gtk dev, purely out of idleness I started poking at this to see how much work was involved. Incomplete code is at: https://github.com/khaeru/claws/pull/1 I think this can be closed now... |