Upstream has issued an advisory today (July 5): https://webkitgtk.org/security/WSA-2022-0006.html The issues are fixed upstream in 2.36.4: https://webkitgtk.org/2022/07/05/webkitgtk2.36.4-released.html
Status comment: (none) => Fixed upstream in 2.36.4
Suggested advisory: ======================== Updated webkit2 packages fix security vulnerabilities: The webkit2 package has been updated to version 2.36.4, fixing several security issues and other bugs. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22662 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22677 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26710 https://webkitgtk.org/2022/07/05/webkitgtk2.36.4-released.html https://webkitgtk.org/security/WSA-2022-0006.html ======================== Updated packages in core/updates_testing: ======================== webkit2-2.36.4-1.mga8 webkit2-jsc-2.36.4-1.mga8 lib(64)webkit2gtk-gir4.0-2.36.4-1.mga8 lib(64)javascriptcore-gir4.0-2.36.4-1.mga8 lib(64)javascriptcoregtk4.0_18-2.36.4-1.mga8 lib(64)webkit2gtk4.0_37-2.36.4-1.mga8 lib(64)webkit2-devel-2.36.4-1.mga8 from SRPM: webkit2-2.36.4-1.mga8.src.rpm
Assignee: nicolas.salguero => qa-bugsCC: (none) => nicolas.salgueroStatus: NEW => ASSIGNEDStatus comment: Fixed upstream in 2.36.4 => (none)
Tested on Foolishness, my Dell Inspiron 5100, 32-bit Xfce system. No installation issues. Ran Atril, loaded and displayed a pdf without issues. Tried to run MCC, but Bug 30332 is still in effect.
CC: (none) => andrewsfarm
MGA8-64 Plasma on Acer Aspire 5253. No installation issues. Ref bug 30494 for testing: $ zenity --calendar (zenity:11633): Gtk-WARNING **: 13:18:34.372: Theme parsing error: gtk.css:2:33: Failed to import: Error opening file /home/tester8/.config/gtk-3.0/window_decorations.css: No such file or directory 22/07/22 That's OK. Used Atril to deisplay a pdf, works OK. I've never experienced the issue from bug 30332, so I cann't judge upon that one. But TJ's input makes it clear there is no regression here, so OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Adding the 32-bit OK, and validating. Advisory in Comment 1.
CC: (none) => sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: MGA8-64-OK => MGA8-32-OK MGA8-64-OK
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0254.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED