While looking into FFmpeg bundling issues, I read something that pointed out that Chromium bundles it into a file called libffmpegsumo.so. I did a urpmf on this and noticed that desurium contains it as well. Looking at the desurium source package, I see that it bundles the whole Chromium tarball (!) and v8, and the Chromium is a very old version (15). This would imply that it contains an extraordinary number of unpatched security vulnerabilities. This cannot be good. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA4TOO
I'll look into it. Desurium was indeed a pain to package, I had to remove lots of bundled dependencies, but I couldn't do without CEF and v8. The community development of Desurium has ceased since Desura was taken over by LindenLab; now a new LGPL version of the client is being developed professionally by one of the original developers as far as I understand: https://github.com/lindenlab/desura-app From what I've heard on #desura, it seems the development of a Linux version depends on what LindenLab will decide, and it's not 100% sure they consider Linux users as a reliable source of income (though I think many users will stop using their platform if they drop Linux support when even Steam has it now). So, I'll poke the desura-app dev to see if a Linux version (without known security vulnerabilities) can be expected soon, or if we should drop desurium altogether.
I've dropped desurium from cauldron: http://svnweb.mageia.org/packages?view=revision&revision=672093 Sadly there's nothing we can do for Mageia 4.
Status: NEW => RESOLVEDResolution: (none) => FIXED