Upstream has issued an advisory today (December 20): https://webkitgtk.org/security/WSA-2021-0007.html The issues are fixed upstream in 2.34.3: https://webkitgtk.org/2021/12/20/webkitgtk2.34.3-released.html Mageia 8 is also affected.
CVE-2021-30887 and CVE-2021-30890 are the CVEs fixed since the last update. Update pushed to the build system for Mageia 8 and Cauldron.
webkit2-2.34.3-1.mga8 webkit2-jsc-2.34.3-1.mga8 libwebkit2gtk-gir4.0-2.34.3-1.mga8 libjavascriptcore-gir4.0-2.34.3-1.mga8 libjavascriptcoregtk4.0_18-2.34.3-1.mga8 libwebkit2gtk4.0_37-2.34.3-1.mga8 libwebkit2-devel-2.34.3-1.mga8 from SRPM: webkit2-2.34.3-1.mga8.src.rpm
Assignee: bugsquad => qa-bugs
MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues Ref bug 29596 for testing. $ zenity --calendar select 23-01-2022 as date 23-01-22 Looks good
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0583.html
Status: NEW => RESOLVEDResolution: (none) => FIXED