Fedora has issued an advisory today (January 13): https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175443.html They updated shotwell to a git snapshot which ported it to WebKit2, which as I mentioned on the dev list: https://ml.mageia.org/l/arc/dev/2016-01/msg00078.html is needed since WebKit1 has a bunch of security vulnerabilities that will never be fixed, and it also implements TLS certificate validation, which has been missing. Reproducible: Steps to Reproduce:
Jani did this update for Cauldron. Thanks Jani! We should update this for Mageia 5 if possible.
CC: (none) => jani.valimaaVersion: Cauldron => 5
Updated package uploaded by Jani. Thanks! Advisory: ======================== Updated shotwell package fixes security vulnerabilities: Shotwell is vulnerable to numerous security vulnerabilities, due to its use of the old APIs of the Webkit library which are no longer maintained (the "webkit" package in Mageia). The shotwell package has been updated to use the current Webkit API, allowing it to benefit from security fixes in the newer Webkit branch (the "webkit2" package in Mageia). Another benefit of switching to the newer Webkit branch is that it allows shotwell to validate TLS certificates when connecting to websites. References: https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175443.html ======================== Updated packages in core/updates_testing: ======================== shotwell-0.22.1-0.20160310.1.mga5 from shotwell-0.22.1-0.20160310.1.mga5.src.rpm
Assignee: olav => qa-bugs
mga5 x86_64 Mate Shotwell already installed so I tinkered with it to get the feel of it. Updated to shotwell-0.22.1-0.20160310.1 and tried out a few functions: import from folders, remove redeye, rotate, zoom. Set images as background did not work but that is not surprising. At a basic level it certainly works.
CC: (none) => tarazed25
Whiteboard: (none) => MGA5-64-OK
mga5 i586 virtualbox Mate This works fine on 32-bit architecture as well. Validating the update. Please push to 5 updates.
Keywords: (none) => validated_updateWhiteboard: MGA5-64-OK => MGA5-64-OK MGA-32-OKCC: (none) => sysadmin-bugs
Whiteboard: MGA5-64-OK MGA-32-OK => MGA5-64-OK MGA5-32-OK
Advisory uploaded.
Whiteboard: MGA5-64-OK MGA5-32-OK => advisory MGA5-64-OK MGA5-32-OK
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0111.html
Status: NEW => RESOLVEDResolution: (none) => FIXED