Upstream has issued an advisory today (February 14): https://webkitgtk.org/security/WSA-2020-0002.html The issues are fixed upstream in 2.26.4: https://webkitgtk.org/2020/02/14/webkitgtk2.26.4-released.html
Assignee: bugsquad => pkg-bugsCC: (none) => nicolas.salguero
Suggested advisory: ======================== Updated webkit2 packages fix security vulnerabilities: The webkit2 package has been updated to version 2.26.4, fixing several security issues and other bugs. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3862 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3864 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3865 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3867 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3868 https://webkitgtk.org/2020/02/14/webkitgtk2.26.4-released.html https://webkitgtk.org/security/WSA-2020-0002.html https://www.openwall.com/lists/oss-security/2020/02/14/6 ======================== Updated packages in core/updates_testing: ======================== webkit2-2.26.4-1.mga7 webkit2-jsc-2.26.4-1.mga7 lib(64)webkit2gtk4.0_37-2.26.4-1.mga7 lib(64)javascriptcoregtk4.0_18-2.26.4-1.mga7 lib(64)webkit2-devel-2.26.4-1.mga7 lib(64)javascriptcore-gir4.0-2.26.4-1.mga7 lib(64)webkit2gtk-gir4.0-2.26.4-1.mga7 from SRPMS: webkit2-2.26.4-1.mga7.src.rpm
Status: NEW => ASSIGNEDAssignee: pkg-bugs => qa-bugs
MGA7-64 Plasma on Lenovo B50 No installation issues Ref to bug 26127 for test $ zenity --calendar I navigate to March 19, clicked OK and got as feedback. 19/03/20
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 1.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0092.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED