On Tue, Oct 10, 2017 at 4:45 PM, Morten Linderud <foxboron@xxxxxxxxxxxxx> wrote: > On Tue, Oct 10, 2017 at 04:34:35PM -0400, Eric Blau wrote: >> >> While it is true that webkitgtk2 has security vulnerabilities and >> should not be used for web browsing, web apps, etc., gnucash merely >> uses it to generate reports based on your own data. As such, it's >> likely not vulnerable to the same security issues as other web >> applications based on it. >> >> I know the developers are in the process of migrating away from it, >> but until that time, I think it should be supported and not dropped >> for the above reason. >> > > webkitgtk2 would have do be added back to the repos for this to happen, and that > won't happen. It was a big deal to remove it in the first place. > > https://www.archlinux.org/todo/phasing-out-webkitgtk2/ OK, thanks for the response. It's a shame that gnucash is lumped with other packages with real attacks possible against them, but I understand why it had to be done. Hopefully gnucash can migrate off webkitgtk2 quickly and make it back in to the repos. -Eric
