On Tue, 23 Nov 2010 22:09:43 -0500 (EST)
Huzaifa Sidhpurwala <huzaifas(a)redhat.com> wrote:
Hi All,
I have been hanging around this list for some time, but this is my
first post. I work for Red Hat Security Response team, and have
recently taken over WebKit security from Vincent. I am also a member
of upstream WebKit Security Group.
For some time we have been trying to get WebKit-Gtk issues fixed
upstream, [And as you know they have impact on other variants as
well]. Releases 1.2.4 and 1.2.5 of WebKit-Gtk were mainly to address
security fixes.
However for some time, we have had no response from upstream folks. I
think they are pretty busy with other stuff, which is quite
understandable. The downside of that being the fact that we have a
lot of open security issues not fixed in Webkit-Gtk and other
variants as well.
I was wondering if Fedora WebKit SIG could help in this matter,
perhaps engage with upstream, back port security fixes or even ask
for git commit access so that we could commit these fixes directly,
So that the WebKit SIG and the Fedora community would take leadership
in getting these issues fixed.
What do you think about this?
I think this is a great idea, but I sadly don't have time to devote to
it right now. ;(
Hopefully some folks will be able to work on it and help out...
kevin