Ubuntu
wpewebkit package

  1. Bug #1970779
  2. Comment #19

Comment 19 for bug 1970779

Revision history for this message
Luís Infante da Câmara (luis220413) wrote : Re: Upgrade to 2.36.3 for Focal, Impish and Jammy

We can use cog for testing that the CVEs are fixed, if necessary. Due to the exception in comment #18, I believe that this bug can go through the security sponsoring process.

The snap https://snapcraft.io/wpe-webkit-mir-kiosk has been installed/used recently by a substantial number of users (according to the "Where people are using" map) and uses an outdated version of WPE WebKit (2.30.5), but still later than the version currently in 20.04: https://gitlab.com/glancr/wpe-webkit-snap/-/blob/main/snap/snapcraft.yaml#L167

Please publish patched packages immediately.