Upstream has released 2.18.5 today (January 10), containing Spectre mitigations:
Updated packages submitted for Mageia 6 and Cauldron.
webkit2-2.18.5-1.mga6 did build, thanks David
Assigning to all packagers collectively, since there is no registered maintainer for this package.
RPM Packages =>
Updated webkit2 packages fix security vulnerabilities:
The webkit2 package has been updated to version 2.18.5, containing Spectre mitigations.
Updated packages in core/updates_testing:
They eventually issued an advisory yesterday:
Please include it in the References.
webkit2 2.18.5 contains Spectre mitigations =>
webkit2 2.18.5 contains Spectre mitigations (WSA-2018-0001)
MGA6-64 on Lenovo B50 Plasma
No installation issues
Used atril to trace use of webkit2: OK
(In reply to David Walser from comment #3)
> They eventually issued an advisory yesterday:
> Please include it in the References.
Done. Also validating - thanks Herman.
An update for this issue has been pushed to the Mageia Updates repository.