Proposal: remove insecure WebKitGTK+ packages for F27

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I propose we retire the webkitgtk and webkitgtk3 packages when
branching rawhide for F26 (expected to occur roughly February 2017),
and forbid unretiring them. All their dependencies would then be
removed from from Fedora according to the normal process shortly before
the release of F27 (excepted to occur May 2017). If nobody objects,
we'll carry out this plan shortly after the F26 branch point.


Question: Why retire these packages?
 
Answer: Affected applications that process untrusted input are
vulnerable to roughly 150 unfixed security vulnerabilities, the
overwhelming majority of which are remote code execution
vulnerabilities. The severity of this situation arguably outweighs the
benefit of keeping affected applications around.


Question: This sounds horrible, we should act soon. Why wait until F26?

Answer: Porting to the new WebKitGTK+ API is easy for many
applications, but for applications that use the DOM API it can be
expected to take some time, as this API has moved to the web process
and accessing it requires writing a web process extension. If we were
to use F25 as the deadline, there would not be sufficient time for
applications to be ported. Porting efforts should begin as soon as
possible.


Question: What if my application doesn't process untrusted input?

Answer: If you're sure your application never processes untrusted
input, it is a special flower. You should request a bundling exception
from FESCo if you do not intend to upgrade.


Question: You're horrible for proposing to remove my packages.

Answer: WebKit1 was deprecated in March 2013. Packages have had three
years to upgrade. It's clear at this point that this problem won't ever
be fixed without a hard deadline that is enforced. But this is a fair
point; it sucks a lot that compatibility is not offered here. Such is
the cost of free software....


Question: We usually allow compatibility libraries to exist
indefinitely. Why so strict with WebKit?

Answer: Our compatibility libraries do not usually have upwards of 150
unfixed remote code execution vulnerabilities. Backporting fixes is not
practical in this situation.


Question: But these packages are still included in RHEL. Isn't Red Hat
providing security updates?

Answer: No.


Question: Will you help port my packages to newer WebKit?

Answer: We'll answer questions, but unfortunately we can only provide
serious assistance to priority GNOME packages. evolution-data-server
threatens to take out gnome-shell if removed, for instance, which is
why we waited until the Evolution port is nearing completion to propose
this.


Question: What if my application depends on GTK+ 2?

Answer: You must first port to GTK+ 3, then port to WebKit2. You may
find it more practical to stop using WebKitGTK+.


Question: What if my application needs to work on Windows?

Answer: WebKit2 is not supported on Windows. You will need to either
commit to developing Windows support, or stop using WebKitGTK+.


Question: I hear QtWebKit is insecure too, why punish only GTK+ apps?

Answer: QtWebKit has not had security updates since ~2012 and so has
even more unfixed vulnerabilities. However, an unofficial effort is
underway to rebase QtWebKit on the upstream WebKit project. The plan is
to make regular QtWebKit releases based on the latest WebKitGTK+ stable
branch, meaning there should be regular security updates. This is still
a work in progress, but once completed, Fedora will be able to switch
upstreams and solve this issue without the need to port applications to
QtWebEngine. No such compatibility effort is planned for WebKitGTK+.


Question: Where can I view WebKitGTK+ security advisories?

Answer: http://webkitgtk.org/security.html


Question: Where can I learn more?

Answer: https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/


Question: What would be removed if this were to occur today?

Answer: If you read this far, please seriously look over these lists.
Some big name applications are included.

$ repoquery --whatrequires --recursive webkitgtk

Yum-utils package has been deprecated, use dnf instead.
See 'man yum2dnf' for more information.


GREYCstoration-gimp-0:2.8-22.fc24.x86_64
atril-0:1.14.1-1.fc24.x86_64
atril-caja-0:1.14.1-1.fc24.x86_64
atril-devel-0:1.14.1-1.fc24.i686
atril-devel-0:1.14.1-1.fc24.x86_64
atril-libs-0:1.14.1-1.fc24.i686
atril-libs-0:1.14.1-1.fc24.x86_64
atril-thumbnailer-0:1.14.1-1.fc24.x86_64
banshee-0:2.6.2-15.fc24.x86_64
banshee-community-extensions-0:2.4.0-14.fc24.x86_64
banshee-devel-0:2.6.2-15.fc24.i686
banshee-devel-0:2.6.2-15.fc24.x86_64
billiards-0:0.4.1-10.fc24.x86_64
claws-mail-plugins-0:3.13.2-2.fc24.x86_64
claws-mail-plugins-fancy-0:3.13.2-2.fc24.x86_64
compat-wxGTK3-gtk2-0:3.0.2-7.fc24.i686
compat-wxGTK3-gtk2-0:3.0.2-7.fc24.x86_64
compat-wxGTK3-gtk2-devel-0:3.0.2-7.fc24.i686
compat-wxGTK3-gtk2-devel-0:3.0.2-7.fc24.x86_64
compat-wxGTK3-gtk2-docs-0:3.0.2-7.fc24.noarch
compat-wxGTK3-gtk2-gl-0:3.0.2-7.fc24.i686
compat-wxGTK3-gtk2-gl-0:3.0.2-7.fc24.x86_64
compat-wxGTK3-gtk2-media-0:3.0.2-7.fc24.i686
compat-wxGTK3-gtk2-media-0:3.0.2-7.fc24.x86_64
conduit-0:0.3.17-12.fc24.noarch
dissy-0:10-5.fc24.noarch
fityk-0:1.3.0-8.fc24.i686
fityk-0:1.3.0-8.fc24.x86_64
fityk-devel-0:1.3.0-8.fc24.i686
fityk-devel-0:1.3.0-8.fc24.x86_64
gap-pkg-alnuth-0:3.0.0-6.fc24.noarch
gap-pkg-cryst-0:4.1.12-4.fc24.noarch
gap-pkg-crystcat-0:1.1.6-4.fc24.noarch
gap-pkg-nq-0:2.5.3-1.fc24.x86_64
gap-pkg-polenta-0:1.3.6-1.fc24.noarch
gap-pkg-polycyclic-0:2.11-6.fc24.noarch
gap-pkg-radiroot-0:2.7-5.fc24.noarch
geany-plugins-devhelp-0:1.27-1.fc24.x86_64
geany-plugins-geanypy-0:1.27-1.fc24.x86_64
geany-plugins-markdown-0:1.27-1.fc24.x86_64
geany-plugins-webhelper-0:1.27-1.fc24.x86_64
ghc-webkit-0:0.14.1.1-1.fc24.x86_64
ghc-webkit-devel-0:0.14.1.1-1.fc24.x86_64
gimp-2:2.8.16-1.fc24.1.x86_64
gimp-data-extras-0:2.0.2-13.fc24.noarch
gimp-dbp-0:1.1.9-9.fc24.x86_64
gimp-dds-plugin-0:3.0.1-5.fc24.x86_64
gimp-elsamuko-0:26-2.fc24.noarch
gimp-fourier-plugin-0:0.4.1-12.fc24.x86_64
gimp-gap-0:2.7.0-14.GITe75bd46.fc24.x86_64
gimp-help-0:2.8.2-5.fc24.noarch
gimp-help-browser-2:2.8.16-1.fc24.1.x86_64
gimp-help-ca-0:2.8.2-5.fc24.noarch
gimp-help-da-0:2.8.2-5.fc24.noarch
gimp-help-de-0:2.8.2-5.fc24.noarch
gimp-help-el-0:2.8.2-5.fc24.noarch
gimp-help-en_GB-0:2.8.2-5.fc24.noarch
gimp-help-es-0:2.8.2-5.fc24.noarch
gimp-help-fr-0:2.8.2-5.fc24.noarch
gimp-help-it-0:2.8.2-5.fc24.noarch
gimp-help-ja-0:2.8.2-5.fc24.noarch
gimp-help-ko-0:2.8.2-5.fc24.noarch
gimp-help-nl-0:2.8.2-5.fc24.noarch
gimp-help-nn-0:2.8.2-5.fc24.noarch
gimp-help-pt_BR-0:2.8.2-5.fc24.noarch
gimp-help-ru-0:2.8.2-5.fc24.noarch
gimp-help-sl-0:2.8.2-5.fc24.noarch
gimp-help-sv-0:2.8.2-5.fc24.noarch
gimp-help-zh_CN-0:2.8.2-5.fc24.noarch
gimp-high-pass-filter-0:1.2-6.fc24.noarch
gimp-lqr-plugin-0:0.7.2-4.fc24.x86_64
gimp-normalmap-0:1.2.3-12.fc24.x86_64
gimp-paint-studio-0:2.0-11.fc24.noarch
gimp-resynthesizer-0:0.16-14.fc24.x86_64
gimp-save-for-web-0:0.29.3-1.fc24.x86_64
gimp-separate+-0:0.5.8-16.fc24.x86_64
gimp-wavelet-denoise-plugin-0:0.3.1-9.fc24.x86_64
gimpfx-foundry-0:2.6.1-5.fc24.noarch
gmpc-0:11.8.16-11.fc24.x86_64
gmpc-devel-0:11.8.16-11.fc24.i686
gmpc-devel-0:11.8.16-11.fc24.x86_64
gmusicbrowser-0:1.1.15-2.fc24.noarch
gnucash-0:2.6.12-1.fc24.i686
gnucash-0:2.6.12-1.fc24.x86_64
gphpedit-0:0.9.98-0.11.RC1.fc24.x86_64
gpodder-0:3.9.0-1.fc24.noarch
gscribble-0:0.1.2-10.fc24.noarch
gtk-sharp-beans-0:2.14.0-17.fc24.x86_64
gtk-sharp-beans-devel-0:2.14.0-17.fc24.i686
gtk-sharp-beans-devel-0:2.14.0-17.fc24.x86_64
guitarix-0:0.35.0-2.fc24.x86_64
gutenprint-plugin-0:5.2.11-2.fc24.x86_64
gyachi-0:1.2.11-14.fc24.x86_64
gyachi-YMlike-theme-0:1.2.11-14.fc24.x86_64
gyachi-pidgy-theme-0:1.2.11-14.fc24.x86_64
gyachi-plugin-alsa-0:1.2.11-14.fc24.x86_64
gyachi-plugin-blowfish-0:1.2.11-14.fc24.x86_64
gyachi-plugin-gtkspell-0:1.2.11-14.fc24.x86_64
gyachi-plugin-libnotify-0:1.2.11-14.fc24.x86_64
gyachi-plugin-mcrypt-0:1.2.11-14.fc24.x86_64
gyachi-plugin-pulseaudio-0:1.2.11-14.fc24.x86_64
gyachi-recre8-theme-0:1.2.11-14.fc24.x86_64
icaro-0:1.0.4-3.fc24.noarch
kazehakase-0:0.5.8-20.svn3873_trunk.fc24.1.x86_64
kazehakase-webkit-0:0.5.8-20.svn3873_trunk.fc24.1.x86_64
kicad-1:4.0.2-2.fc24.x86_64
lekhonee-gnome-0:0.12-9.fc24.x86_64
lv2-guitarix-plugins-0:0.35.0-2.fc24.x86_64
midori-0:0.5.11-2.fc24.i686
midori-0:0.5.11-2.fc24.x86_64
mono-tools-0:4.2-2.fc24.x86_64
mono-tools-devel-0:4.2-2.fc24.i686
mono-tools-devel-0:4.2-2.fc24.x86_64
mono-tools-gendarme-0:4.2-2.fc24.x86_64
mono-tools-ilcontrast-0:4.2-2.fc24.x86_64
mono-tools-monodoc-0:4.2-2.fc24.x86_64
nested-0:1.2.2-17.fc24.noarch
osmo-0:0.2.12-0.8.svn924.fc24.3.x86_64
pari-gp-0:2.7.5-2.fc24.x86_64
perl-Gtk2-WebKit-0:0.09-14.fc24.x86_64
pywebkitgtk-0:1.1.8-11.fc24.x86_64
rednotebook-0:1.12-1.fc24.noarch
sagemath-0:6.8-10.fc24.i686
sagemath-0:6.8-10.fc24.x86_64
sagemath-core-0:6.8-10.fc24.x86_64
sagemath-data-0:6.8-10.fc24.noarch
sagemath-data-conway_polynomials-0:6.8-10.fc24.noarch
sagemath-data-elliptic_curves-0:6.8-10.fc24.noarch
sagemath-data-etc-0:6.8-10.fc24.noarch
sagemath-data-graphs-0:6.8-10.fc24.noarch
sagemath-data-polytopes_db-0:6.8-10.fc24.noarch
sagemath-notebook-0:6.8-10.fc24.x86_64
sagemath-rubiks-0:6.8-10.fc24.x86_64
sagemath-sagetex-0:6.8-10.fc24.x86_64
sparkleshare-0:1.2.0-4.fc23.x86_64
techne-0:0.2.3-18.fc24.x86_64
techtalk-pse-0:1.1.0-10.fc24.noarch
turpial-0:3.0-7.fc24.noarch
ufraw-gimp-0:0.22-1.fc24.x86_64
webkit-sharp-0:0.3-17.fc24.x86_64
webkit-sharp-devel-0:0.3-17.fc24.i686
webkit-sharp-devel-0:0.3-17.fc24.x86_64
webkitgtk-devel-0:2.4.11-1.fc24.i686
webkitgtk-devel-0:2.4.11-1.fc24.x86_64
webkitgtk-doc-0:2.4.11-1.fc24.noarch
wordgroupz-0:0.3.1-11.fc24.noarch
xiphos-gtk2-0:4.0.4-3.fc24.x86_64
xsane-gimp-0:0.999-20.fc24.x86_64


$ repoquery --whatrequires --recursive webkitgtk3

Yum-utils package has been deprecated, use dnf instead.
See 'man yum2dnf' for more information.


3Depict-0:0.0.18-6.fc24.x86_64
4Pane-0:4.0-1.fc24.x86_64
Mayavi-0:4.4.3-4.fc24.x86_64
PyPE-0:2.9.4-5.fc24.noarch
PythonCard-0:0.8.2-16.fc24.noarch
RunSnakeRun-0:2.0.4-4.fc24.noarch
ailurus-0:10.10.3-9.fc24.noarch
almanah-0:0.11.1-8.fc24.x86_64
audacity-0:2.1.2-4.fc24.x86_64
audacity-manual-0:2.1.2-4.fc24.noarch
audio-convert-mod-0:3.46.0b-10.fc24.noarch
autokey-gtk-0:0.90.4-8.fc24.noarch
autokey-qt-0:0.90.4-8.fc24.noarch
balsa-0:2.5.2-3.fc24.x86_64
batti-0:0.3.8-9.fc24.noarch
bibus-0:1.5.1-15.fc24.x86_64
bijiben-0:3.20.2-1.fc24.x86_64
bitlyclip-0:0.2.2-7.fc24.noarch
boinc-manager-0:7.6.22-4.fc24.x86_64
cairo-dock-plug-ins-webkit-0:3.4.1-7.fc24.x86_64
california-0:0.4.0-7.fc24.x86_64
congruity-0:18-10.fc24.noarch
coq-emacs-0:8.5pl1-1.fc24.noarch
couchdb-0:1.6.1-14.fc24.x86_64
cura-0:15.04.4-3.fc24.noarch
cura-lulzbot-0:19.12-1.fc24.noarch
cycle-0:0.3.1-21.fc24.noarch
decibel-audio-player-0:1.08-12.fc24.noarch
deluge-0:1.3.12-3.fc24.noarch
deluge-gtk-0:1.3.12-3.fc24.noarch
deluge-web-0:1.3.12-3.fc24.noarch
dwb-0:2015.10.09-2.20151009git.fc24.x86_64
earcandy-0:0.9-4.fc24.noarch
ejabberd-0:16.01-5.fc24.x86_64
ekiga-0:4.0.1-29.fc24.x86_64
emacs-1:25.0.94-1.fc24.x86_64
emacs-apel-0:10.8-10.fc24.noarch
emacs-auctex-0:11.89-3.fc24.noarch
emacs-auto-complete-0:1.3.1-9.fc24.noarch
emacs-auto-complete-el-0:1.3.1-9.fc24.noarch
emacs-bbdb-1:3.1.2-5.fc24.noarch
emacs-color-theme-0:6.6.0-11.fc24.noarch
emacs-color-theme-el-0:6.6.0-11.fc24.noarch
emacs-common-tuareg-0:2.0.10-0.2.1c837e26.fc24.noarch
emacs-ddskk-0:15.2-4.fc24.noarch
emacs-ebib-0:1.8.0-9.fc24.noarch
emacs-ebib-el-0:1.8.0-9.fc24.noarch
emacs-epix-0:1.2.16-1.fc24.noarch
emacs-erlang-0:18.3.3-1.fc24.noarch
emacs-erlang-el-0:18.3.3-1.fc24.noarch
emacs-erlang-lfe-0:1.0.2-1.fc24.noarch
emacs-erlang-lfe-el-0:1.0.2-1.fc24.noarch
emacs-ess-0:16.04-1.fc24.noarch
emacs-evil-0:1.2.9-1.fc24.noarch
emacs-gettext-0:0.19.7-4.fc24.noarch
emacs-gnu-smalltalk-0:3.2.5-10.fc24.noarch
emacs-gnu-smalltalk-el-0:3.2.5-10.fc24.noarch
emacs-goodies-0:35.8-5.fc24.noarch
emacs-goodies-el-0:35.8-5.fc24.noarch
emacs-goto-chg-0:1.6-2.fc24.noarch
emacs-gtypist-0:2.9.4-5.fc24.x86_64
emacs-haskell-mode-0:13.18-1.fc24.noarch
emacs-htmlize-0:1.34-12.fc24.noarch
emacs-htmlize-el-0:1.34-12.fc24.noarch
emacs-irsim-mode-0:0.1-14.fc24.noarch
emacs-irsim-mode-el-0:0.1-14.fc24.noarch
emacs-ledger-0:3.1.1-1.fc24.x86_64
emacs-ledger-el-0:3.1.1-1.fc24.noarch
emacs-lookup-0:1.4.1-13.fc24.noarch
emacs-lua-0:20151025-2.fc24.noarch
emacs-magit-0:1.2.2-3.fc24.noarch
emacs-magit-el-0:1.2.2-3.fc24.noarch
emacs-mew-0:6.7-2.fc24.x86_64
emacs-mmm-0:0.4.8-9.fc23.noarch
emacs-mmm-el-0:0.4.8-9.fc23.noarch
emacs-nesc-0:1.3.5-2.fc22.noarch
emacs-nesc-el-0:1.3.5-2.fc22.noarch
emacs-notmuch-0:0.21-3.fc24.noarch
emacs-php-mode-0:1.17.0-6.fc24.noarch
emacs-proofgeneral-0:4.2-5.fc24.noarch
emacs-proofgeneral-el-0:4.2-5.fc24.noarch
emacs-pydb-0:1.26-14.fc24.noarch
emacs-pymacs-0:0.25-7.fc24.noarch
emacs-pymacs-el-0:0.25-7.fc24.noarch
emacs-pyrex-0:0.9.9-10.fc24.noarch
emacs-riece-0:8.0.0-9.fc24.noarch
emacs-rinari-0:2.1-12.20100815git.fc24.noarch
emacs-rinari-el-0:2.1-12.20100815git.fc24.noarch
emacs-rpm-spec-mode-0:0.15-4.fc24.noarch
emacs-sdcc-0:3.5.0-6.fc24.x86_64
emacs-slime-1:2.12-4.fc24.noarch
emacs-slime-el-1:2.12-4.fc24.noarch
emacs-spice-mode-0:1.2.25-16.fc24.noarch
emacs-spice-mode-el-0:1.2.25-16.fc24.noarch
emacs-terminal-1:25.0.94-1.fc24.noarch
emacs-tuareg-0:2.0.10-0.2.1c837e26.fc24.noarch
emacs-undo-tree-0:0.6.4-2.fc24.noarch
emacs-verilog-mode-0:531-9.fc24.noarch
emacs-vm-0:8.1.2-12.fc24.x86_64
emacs-vregs-mode-0:1.470-10.fc24.noarch
emacs-w3m-0:1.4.531-0.5.20140421cvs.fc24.noarch
emacs-yaml-mode-0:0.0.12-3.fc24.noarch
emacspeak-0:40.0-5.fc24.x86_64
empathy-0:3.12.12-1.fc24.x86_64
erlang-0:18.3.3-1.fc24.x86_64
erlang-clique-0:0.3.5-2.fc24.x86_64
erlang-cluster_info-0:2.0.5-1.fc24.x86_64
erlang-common_test-0:18.3.3-1.fc24.x86_64
erlang-cuttlefish-0:2.0.6-1.fc24.x86_64
erlang-debugger-0:18.3.3-1.fc24.x86_64
erlang-dialyzer-0:18.3.3-1.fc24.x86_64
erlang-epgsql-0:3.1.0-2.fc24.x86_64
erlang-esdl-0:1.3.1-12.fc24.x86_64
erlang-et-0:18.3.3-1.fc24.x86_64
erlang-exometer_core-0:1.4-2.fc24.x86_64
erlang-ibrowse-0:4.2.4-2.fc24.x86_64
erlang-lager-0:3.2.0-1.fc24.x86_64
erlang-megaco-0:18.3.3-1.fc24.x86_64
erlang-merge_index-0:2.1-1.fc24.x86_64
erlang-observer-0:18.3.3-1.fc24.x86_64
erlang-rebar-0:2.6.1-10.fc24.x86_64
erlang-reltool-0:18.3.3-1.fc24.x86_64
erlang-riak_api-0:2.1.2-1.fc24.x86_64
erlang-riak_control-0:2.1.2-1.fc24.x86_64
erlang-riak_core-0:2.1.5-1.fc24.x86_64
erlang-riak_ensemble-0:2.1.2-1.fc24.x86_64
erlang-riak_kv-0:2.1.2-2.fc24.x86_64
erlang-riak_pipe-0:2.1.1-1.fc24.x86_64
erlang-riak_search-0:1.3.2-2.fc21.x86_64
erlang-riaknostic-0:2.1.3-5.fc24.x86_64
erlang-test_server-0:18.3.3-1.fc24.x86_64
erlang-typer-0:18.3.3-1.fc24.x86_64
erlang-webtool-0:18.3.3-1.fc24.x86_64
erlang-wx-0:18.3.3-1.fc24.x86_64
evolution-0:3.20.2-1.fc24.i686
evolution-0:3.20.2-1.fc24.x86_64
evolution-bogofilter-0:3.20.2-1.fc24.x86_64
evolution-data-server-0:3.20.2-1.fc24.i686
evolution-data-server-0:3.20.2-1.fc24.x86_64
evolution-data-server-devel-0:3.20.2-1.fc24.i686
evolution-data-server-devel-0:3.20.2-1.fc24.x86_64
evolution-data-server-tests-0:3.20.2-1.fc24.i686
evolution-data-server-tests-0:3.20.2-1.fc24.x86_64
evolution-devel-0:3.20.2-1.fc24.i686
evolution-devel-0:3.20.2-1.fc24.x86_64
evolution-devel-docs-0:3.20.2-1.fc24.noarch
evolution-ews-0:3.20.2-1.fc24.i686
evolution-ews-0:3.20.2-1.fc24.x86_64
evolution-help-0:3.20.2-1.fc24.noarch
evolution-mapi-0:3.20.1-1.fc24.i686
evolution-mapi-0:3.20.1-1.fc24.x86_64
evolution-mapi-devel-0:3.20.1-1.fc24.i686
evolution-mapi-devel-0:3.20.1-1.fc24.x86_64
evolution-perl-0:3.20.2-1.fc24.x86_64
evolution-pst-0:3.20.2-1.fc24.x86_64
evolution-rspam-0:0.6.0-13.fc24.x86_64
evolution-rss-1:0.3.95-7.fc24.x86_64
evolution-spamassassin-0:3.20.2-1.fc24.x86_64
evolution-tests-0:3.20.2-1.fc24.x86_64
fawkes-devenv-0:0.5.0-29.fc24.noarch
ffgtk-plugin-evolution-0:0.8.6-18.fc24.x86_64
filezilla-0:3.17.0.1-1.fc24.x86_64
fityk-0:1.3.0-8.fc24.i686
fityk-0:1.3.0-8.fc24.x86_64
fityk-devel-0:1.3.0-8.fc24.i686
fityk-devel-0:1.3.0-8.fc24.x86_64
flim-0:1.14.9-10.fc24.noarch
fmtools-tkradio-0:2.0.7-6.fc24.noarch
folks-1:0.11.2-5.fc24.i686
folks-1:0.11.2-5.fc24.x86_64
folks-devel-1:0.11.2-5.fc24.i686
folks-devel-1:0.11.2-5.fc24.x86_64
folks-tools-1:0.11.2-5.fc24.i686
folks-tools-1:0.11.2-5.fc24.x86_64
frama-c-emacs-0:1.12-4.fc24.noarch
freedink-0:108.4-3.fc24.x86_64
freedink-dfarc-0:3.12-4.fc24.x86_64
freedv-0:1.1-6.fc24.x86_64
fwbackups-0:1.43.5-2.fc24.noarch
gadget-0:0.0.3-16.fc24.noarch
gcl-emacs-0:2.6.12-5.fc24.noarch
gcl-emacs-el-0:2.6.12-5.fc24.noarch
gdm-1:3.20.1-1.fc24.i686
gdm-1:3.20.1-1.fc24.x86_64
gdm-devel-1:3.20.1-1.fc24.i686
gdm-devel-1:3.20.1-1.fc24.x86_64
geary-0:0.11.0-1.fc24.x86_64
giggle-0:0.7-22.fc24.i686
giggle-0:0.7-22.fc24.x86_64
giggle-devel-0:0.7-22.fc24.i686
giggle-devel-0:0.7-22.fc24.x86_64
gitso-0:0.6-13.fc24.noarch
glabels-0:3.2.1-8.fc24.x86_64
gnome-calendar-0:3.20.2-1.fc24.x86_64
gnome-classic-session-0:3.20.1-1.fc24.noarch
gnome-contacts-0:3.20.0-1.fc24.x86_64
gnome-initial-setup-0:3.20.1-1.fc24.x86_64
gnome-maps-0:3.20.1-1.fc24.i686
gnome-maps-0:3.20.1-1.fc24.x86_64
gnome-phone-manager-0:0.69-16.fc24.x86_64
gnome-phone-manager-telepathy-0:0.69-16.fc24.x86_64
gnome-shell-0:3.20.2-1.fc24.x86_64
gnome-shell-extension-alternate-tab-0:3.20.1-1.fc24.noarch
gnome-shell-extension-apps-menu-0:3.20.1-1.fc24.noarch
gnome-shell-extension-auto-move-windows-0:3.20.1-1.fc24.noarch
gnome-shell-extension-background-logo-0:3.20.0-1.fc24.noarch
gnome-shell-extension-calc-0:0-0.10.gite4f4ac5.fc24.noarch
gnome-shell-extension-common-0:3.20.1-1.fc24.noarch
gnome-shell-extension-drive-menu-0:3.20.1-1.fc24.noarch
gnome-shell-extension-fedmsg-0:0.1.9-15.fc24.noarch
gnome-shell-extension-gpaste-0:3.18.3-2.fc24.noarch
gnome-shell-extension-iok-0:0.20160405-1.fc24.noarch
gnome-shell-extension-launch-new-instance-0:3.20.1-1.fc24.noarch
gnome-shell-extension-native-window-placement-0:3.20.1-1.fc24.noarch
gnome-shell-extension-openweather-0:1-
0.18.20160325git8dd1696.fc24.noarch
gnome-shell-extension-panel-osd-0:1-0.13.20160325gite052ded.fc24.noarch
gnome-shell-extension-pidgin-0:0-0.20.gitfb9dbfd.fc24.x86_64
gnome-shell-extension-places-menu-0:3.20.1-1.fc24.noarch
gnome-shell-extension-pomodoro-0:0.11.3-1.fc24.x86_64
gnome-shell-extension-remove-bluetooth-icon-0:0.5.1-5.fc24.noarch
gnome-shell-extension-remove-volume-icon-0:0.5.1-5.fc24.noarch
gnome-shell-extension-screenshot-window-sizer-0:3.20.1-1.fc24.noarch
gnome-shell-extension-simple-dock-0:0.1-
0.20150505git25c94bc.fc24.2.noarch
gnome-shell-extension-user-theme-0:3.20.1-1.fc24.noarch
gnome-shell-extension-window-list-0:3.20.1-1.fc24.noarch
gnome-shell-extension-windowsNavigator-0:3.20.1-1.fc24.noarch
gnome-shell-extension-workspace-indicator-0:3.20.1-1.fc24.noarch
gnome-shell-theme-selene-0:3.4.0-11.fc24.noarch
gnome-todo-0:3.20.2-1.fc24.x86_64
gnome-tweak-tool-0:3.20.1-1.fc24.noarch
gnome-web-photo-0:0.10.5-9.fc24.x86_64
gnumed-0:1.4.8-6.fc24.noarch
gnumed-doc-0:1.4.8-6.fc24.noarch
gnumed-server-0:19.8-4.fc24.noarch
gnuradio-0:3.7.9.1-3.fc24.i686
gnuradio-0:3.7.9.1-3.fc24.x86_64
gnuradio-devel-0:3.7.9.1-3.fc24.i686
gnuradio-devel-0:3.7.9.1-3.fc24.x86_64
gnuradio-doc-0:3.7.9.1-3.fc24.noarch
gnuradio-examples-0:3.7.9.1-3.fc24.x86_64
gphotoframe-0:2.0.2-2.hg2084299dffb6.fc24.1.noarch
gphotoframe-gss-0:2.0.2-2.hg2084299dffb6.fc24.1.noarch
gqrx-0:2.5.3-3.fc24.x86_64
gr-air-modes-0:0-0.46.20160106git514414f6.fc24.i686
gr-air-modes-0:0-0.46.20160106git514414f6.fc24.x86_64
gr-air-modes-devel-0:0-0.46.20160106git514414f6.fc24.i686
gr-air-modes-devel-0:0-0.46.20160106git514414f6.fc24.x86_64
gr-air-modes-doc-0:0-0.46.20160106git514414f6.fc24.noarch
gr-fcdproplus-0:0-0.22.20140920git1edbe523.fc24.i686
gr-fcdproplus-0:0-0.22.20140920git1edbe523.fc24.x86_64
gr-fcdproplus-devel-0:0-0.22.20140920git1edbe523.fc24.i686
gr-fcdproplus-devel-0:0-0.22.20140920git1edbe523.fc24.x86_64
gr-fcdproplus-doc-0:0-0.22.20140920git1edbe523.fc24.noarch
gr-iqbal-0:0.37.2-19.fc24.i686
gr-iqbal-0:0.37.2-19.fc24.x86_64
gr-iqbal-devel-0:0.37.2-19.fc24.i686
gr-iqbal-devel-0:0.37.2-19.fc24.x86_64
gr-iqbal-doc-0:0.37.2-19.fc24.noarch
gr-osmosdr-0:0.1.3-18.20141023git42c66fdd.fc24.i686
gr-osmosdr-0:0.1.3-18.20141023git42c66fdd.fc24.x86_64
gr-osmosdr-devel-0:0.1.3-18.20141023git42c66fdd.fc24.i686
gr-osmosdr-devel-0:0.1.3-18.20141023git42c66fdd.fc24.x86_64
gr-osmosdr-doc-0:0.1.3-18.20141023git42c66fdd.fc24.noarch
gr-rds-0:0-0.21.20150513git201f32b.fc24.i686
gr-rds-0:0-0.21.20150513git201f32b.fc24.x86_64
gr-rds-devel-0:0-0.21.20150513git201f32b.fc24.i686
gr-rds-devel-0:0-0.21.20150513git201f32b.fc24.x86_64
gr-rds-doc-0:0-0.21.20150513git201f32b.fc24.noarch
grass-0:7.0.3-1.fc24.x86_64
gtg-0:0.3.1-10.fc24.noarch
gtkwhiteboard-0:1.3-11.fc24.noarch
guake-0:0.8.4-1.fc24.noarch
hugin-0:2016.0.0-1.fc24.i686
hugin-0:2016.0.0-1.fc24.x86_64
libopensync-plugin-evolution2-1:0.22-53.fc24.i686
libopensync-plugin-evolution2-1:0.22-53.fc24.x86_64
liferea-1:1.10.19-1.fc24.x86_64
londonlaw-0:0.3.0-0.3.pre2.fc24.noarch
mMass-0:5.5.0-17.fc24.x86_64
mailnag-0:1.2.0-1.fc24.noarch
memaker-0:20100110-10.fc24.noarch
metamorphose2-0:0.8.2-8.fc24.noarch
migemo-emacs-0:0.40-24.fc24.noarch
migemo-xemacs-0:0.40-24.fc24.noarch
mona-emacs-0:1.4r17-1.fc24.noarch
nautilus-phatch-0:0.2.7-24.fc24.noarch
nicotine+-0:1.2.16-12.fc24.noarch
notify-python-0:0.1.1-30.fc24.x86_64
ocaml-emacs-0:4.02.3-3.fc24.x86_64
openstv-0:1.7-6.fc24.noarch
ovirt-guest-agent-gdm-plugin-0:1.0.11-2.fc24.3.noarch
peppy-0:0.16.0-8.fc24.noarch
phatch-0:0.2.7-24.fc24.noarch
plater-0:2015.03.10-4.fc24.noarch
playonlinux-0:4.2.10-7.fc24.x86_64
poedit-0:1.8.7.1-1.fc24.x86_64
printrun-0:2015.03.10-4.fc24.x86_64
pronterface-0:2015.03.10-4.fc24.noarch
protobuf-emacs-0:2.6.1-4.fc24.x86_64
protobuf-emacs-el-0:2.6.1-4.fc24.x86_64
psgml-0:1.2.5-20.fc24.noarch
pulseaudio-gdm-hooks-0:8.0-6.fc24.x86_64
pyhoca-gui-0:0.5.0.5-2.fc24.noarch
pymol-wxpython-0:1.8-3.20151208svn4142.fc24.x86_64
pyobd-0:0.9.3-1.fc24.noarch
python-couchdbkit-0:0.6.5-5.fc24.noarch
python-envisage-0:4.4.0-3.fc24.noarch
python-ropemacs-0:0.7-6.fc24.noarch
python-squaremap-0:1.0.3-5.fc24.noarch
python2-apptools-0:4.4.0-3.fc24.noarch
python2-matplotlib-wx-0:1.5.1-3.fc24.x86_64
python2-pyface-0:5.0.0-9.fc24.noarch
python2-pyface-qt-0:5.0.0-9.fc24.noarch
python2-pyface-wx-0:5.0.0-9.fc24.noarch
python2-pyudev-wx-0:0.20.0-2.fc24.noarch
python2-traitsui-0:5.0.0-4.fc24.noarch
qgis-devel-0:2.14.0-2.fc24.i686
qgis-devel-0:2.14.0-2.fc24.x86_64
qgis-grass-0:2.14.0-2.fc24.i686
qgis-grass-0:2.14.0-2.fc24.x86_64
qgnomeplatform-0:0.1-5.fc24.i686
qgnomeplatform-0:0.1-5.fc24.x86_64
radiotray-0:0.7.3-6.fc24.noarch
rapid-photo-downloader-0:0.4.11-3.fc24.noarch
recutils-0:1.7-6.fc24.i686
recutils-0:1.7-6.fc24.x86_64
recutils-devel-0:1.7-6.fc24.i686
recutils-devel-0:1.7-6.fc24.x86_64
rubygem-webkit-gtk-0:3.0.8-1.fc24.noarch
rubygem-webkit-gtk-doc-0:3.0.8-1.fc24.noarch
rurple-0:1.0-0.13.rc3.fc24.noarch
saga-0:2.2.4-1.fc24.i686
saga-0:2.2.4-1.fc24.x86_64
saga-devel-0:2.2.4-1.fc24.i686
saga-devel-0:2.2.4-1.fc24.x86_64
saga-python-0:2.2.4-1.fc24.x86_64
seed-0:3.8.1-7.fc24.i686
seed-0:3.8.1-7.fc24.x86_64
seed-devel-0:3.8.1-7.fc24.i686
seed-devel-0:3.8.1-7.fc24.x86_64
seed-doc-0:3.8.1-7.fc24.noarch
sflphone-gnome-plugins-0:1.4.1-18.fc24.x86_64
shutter-0:0.93.1-2.fc24.noarch
sidc-gui-0:0.4-6.fc24.noarch
sk2py-0:0.1-14.fc24.noarch
soundconverter-0:2.1.6-2.fc24.noarch
spe-0:0.8.4.h-16.fc24.noarch
specto-0:0.4.1-9.fc24.noarch
sugar-browse-0:157.3-1.fc24.noarch
surf-0:0.7-1.fc24.x86_64
synce-gnome-0:0.11-12.fc24.noarch
syncevolution-1:1.5.1-9.fc24.x86_64
syncevolution-devel-1:1.5.1-9.fc24.i686
syncevolution-devel-1:1.5.1-9.fc24.x86_64
syncevolution-gtk-1:1.5.1-9.fc24.x86_64
syncevolution-libs-1:1.5.1-9.fc24.i686
syncevolution-libs-1:1.5.1-9.fc24.x86_64
syncevolution-libs-akonadi-1:1.5.1-9.fc24.x86_64
syncevolution-perl-1:1.5.1-9.fc24.x86_64
system-config-printer-0:1.5.7-8.fc24.x86_64
taskcoach-0:1.4.3-2.fc24.noarch
timeline-0:1.10.0-1.fc24.noarch
tmda-emacs-0:1.1.12-13.fc24.noarch
tsung-0:1.6.0-1.fc24.x86_64
turpial-0:3.0-7.fc24.noarch
uzbl-0:0-0.39.20120514git228bc38cbd.fc24.x86_64
uzbl-browser-0:0-0.39.20120514git228bc38cbd.fc24.x86_64
uzbl-core-0:0-0.39.20120514git228bc38cbd.fc24.x86_64
uzbl-defaults-0:0-0.39.20120514git228bc38cbd.fc24.x86_64
uzbl-tabbed-0:0-0.39.20120514git228bc38cbd.fc24.x86_64
vfrnav-0:20160212-3.fc24.i686
vfrnav-0:20160212-3.fc24.x86_64
vfrnav-utils-0:20160212-3.fc24.x86_64
vfrnav-validatorservice-0:20160212-3.fc24.x86_64
vfrnav-webservice-0:20160212-3.fc24.x86_64
vfrnav-wetterdl-0:20160212-3.fc24.x86_64
wammu-0:0.40-3.fc24.noarch
webkitgtk3-devel-0:2.4.11-1.fc24.i686
webkitgtk3-devel-0:2.4.11-1.fc24.x86_64
webkitgtk3-doc-0:2.4.11-1.fc24.noarch
why3-emacs-0:0.87.0-3.fc24.noarch
wicd-curses-0:1.7.3-2.fc23.noarch
wicd-gtk-0:1.7.3-2.fc23.noarch
wings-0:2.0.4-1.fc24.x86_64
winpdb-0:1.4.8-11.fc24.noarch
wuja-0:0.0.8-16.fc24.noarch
wxGTK3-0:3.0.2-19.fc24.i686
wxGTK3-0:3.0.2-19.fc24.x86_64
wxGTK3-devel-0:3.0.2-19.fc24.i686
wxGTK3-devel-0:3.0.2-19.fc24.x86_64
wxGTK3-docs-0:3.0.2-19.fc24.noarch
wxGTK3-gl-0:3.0.2-19.fc24.i686
wxGTK3-gl-0:3.0.2-19.fc24.x86_64
wxGTK3-media-0:3.0.2-19.fc24.i686
wxGTK3-media-0:3.0.2-19.fc24.x86_64
wxGTK3-xmldocs-0:3.0.2-19.fc24.noarch
wxGlade-0:0.7.2-1.fc24.noarch
wxMaxima-0:15.08.2-2.fc24.x86_64
wxPython-0:3.0.2.0-10.fc24.x86_64
wxPython-devel-0:3.0.2.0-10.fc24.i686
wxPython-devel-0:3.0.2.0-10.fc24.x86_64
wxPython-docs-0:3.0.2.0-10.fc24.noarch
wxsqlite3-0:3.3.2-0.1gitb05867d.fc24.i686
wxsqlite3-0:3.3.2-0.1gitb05867d.fc24.x86_64
wxsqlite3-devel-0:3.3.2-0.1gitb05867d.fc24.i686
wxsqlite3-devel-0:3.3.2-0.1gitb05867d.fc24.x86_64
xemacs-tuareg-0:2.0.10-0.2.1c837e26.fc24.noarch
xiphos-gtk3-0:4.0.4-3.fc24.x86_64
xylib-0:1.4-8.fc24.i686
xylib-0:1.4-8.fc24.x86_64
xylib-devel-0:1.4-8.fc24.i686
xylib-devel-0:1.4-8.fc24.x86_64
yaws-0:2.0-2.fc24.x86_64
yaws-devel-0:2.0-2.fc24.i686
yaws-devel-0:2.0-2.fc24.x86_64

Note that work is already in progress for some of the above. Active
porting efforts are underway for Evolution (which will take care of the
mass of evolution-data-server dependencies like gnome-shell and gdm),
Geary, and Liferea. There are also stalled porting efforts for inactive
projects like Empathy, Bijiben, and Midori; these efforts have
significant progress and could easily be resurrected.


Question: What if we're not willing to remove packages?

Answer: Well, then we'll just have to watch the count of unfixed remote
code execution vulnerabilities increase forever, because there's no
chance all of the above packages will be ported; we could set the
deadline 10 years in the future and it still wouldn't happen. If we
decide we're not willing to remove packages, I would suggest renaming
the WebKit packages to webkitgtk-insecure and webkitgtk3-insecure to
clarify the situation.


Question: :(

Answer: \_(ツ)_/


Michael
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux