Upstream has issued an advisory today (April 16): https://webkitgtk.org/security/WSA-2020-0004.html The issue is fixed upstream in 2.28.1: https://webkitgtk.org/2020/04/13/webkitgtk2.28.1-released.html
Update checked into SVN for Mageia 7 and currently building in Cauldron.
Suggested advisory: ======================== Updated webkit2 packages fix security vulnerabilities: The webkit2 package has been updated to version 2.28.1, fixing security issues and other bugs. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11793 https://webkitgtk.org/2020/04/13/webkitgtk2.28.1-released.html https://webkitgtk.org/security/WSA-2020-0004.html ======================== Updated packages in core/updates_testing: ======================== webkit2-2.28.1-1.mga7 webkit2-jsc-2.28.1-1.mga7 libwebkit2gtk4.0_37-2.28.1-1.mga7 libjavascriptcoregtk4.0_18-2.28.1-1.mga7 libwebkit2-devel-2.28.1-1.mga7 libjavascriptcore-gir4.0-2.28.1-1.mga7 libwebkit2gtk-gir4.0-2.28.1-1.mga7 from webkit2-2.28.1-1.mga7.src.rpm
Assignee: bugsquad => qa-bugs
MGA7-64 Plasma on Lenovo B50 No installation issues. Ref bug 26340 for testing. $ zenity --calendar 15/04/21 picked 15 April 2021 from displayed calendar and gor correct feedback.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0177.html
Status: NEW => RESOLVEDResolution: (none) => FIXED