Upstream has issued an advisory on June 13:
The issues have been fixed in 2.20.3, released on June 11:
Mageia 6 is also affected.
It's building in Cauldron now and will be pushed in Mageia 6 when that's done.
Testing procedure in bug 22876 comment 4
Updated webkit2 packages fix security vulnerabilities:
The webkit2 package has been updated to version 2.20.3, fixing several
security issues and other bugs.
Updated packages in core/updates_testing:
Building in Mageia 6 now. Info in Comment 0.
MGA6-32 on IBM Thinkpad R50e MATE
No installation issues.
Followed testing procedure in using zenity and the script (see attachment)
Found also an example of a pdf with internal and external hyperlinks (next attachment)
All work OK.
Created attachment 10262 [details]
zenity test script
Created attachment 10263 [details]
Sample pdf with hyperlinks
Advisory committed to svn. Validating the update.
Actually adding the keywords.
An update for this issue has been pushed to the Mageia Updates repository.