WebKit Addressing security issues
Kevin Fenzi
kevin at scrye.com
Wed Nov 24 05:03:51 UTC 2010
On Tue, 23 Nov 2010 22:09:43 -0500 (EST)
Huzaifa Sidhpurwala <huzaifas at redhat.com> wrote:
> Hi All,
>
> I have been hanging around this list for some time, but this is my
> first post. I work for Red Hat Security Response team, and have
> recently taken over WebKit security from Vincent. I am also a member
> of upstream WebKit Security Group.
>
> For some time we have been trying to get WebKit-Gtk issues fixed
> upstream, [And as you know they have impact on other variants as
> well]. Releases 1.2.4 and 1.2.5 of WebKit-Gtk were mainly to address
> security fixes.
>
> However for some time, we have had no response from upstream folks. I
> think they are pretty busy with other stuff, which is quite
> understandable. The downside of that being the fact that we have a
> lot of open security issues not fixed in Webkit-Gtk and other
> variants as well.
>
> I was wondering if Fedora WebKit SIG could help in this matter,
> perhaps engage with upstream, back port security fixes or even ask
> for git commit access so that we could commit these fixes directly,
> So that the WebKit SIG and the Fedora community would take leadership
> in getting these issues fixed.
>
> What do you think about this?
I think this is a great idea, but I sadly don't have time to devote to
it right now. ;(
Hopefully some folks will be able to work on it and help out...
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/webkit/attachments/20101123/74e8e9be/attachment.bin
More information about the WebKit
mailing list