2017-01-19 - Jan Alexander Steffens

WebkitGTK+ 2.4 has been unmaintained for quite a while, and lots of CVEs have accumulated. The last release fixing CVEs, 2.4.10, only fixed about half the vulnerabilities known, and that release was only made because 2.4.9 was broken with GTK+ 3.20, and Evolution quickly needed a working HTML renderer.

For more information about the WebKit situation, take a look at

To protect our users we should try to limit the packages using webkitgtk(2), with the goal of eventually getting rid of it completely.

This TODO contains a list of packages which depend (directly or indirectly) on webkitgtk or webkitgtk2.

If the package can be updated to webkit2gtk, do so.
Otherwise, if WebKit is an optional dependency, build without it.
Otherwise, consider removing the package, especially if it's a browser.

Updated packages can go straight to extra/community.

If nothing can be done right now, mark the package as completed anyway. We'll be evaluating the situation again after this TODO is through.

Link to lists of pkgbase values:

Arch Repository Name Current Version Staging Version Maintainers Status Last Touched By
x86_64 Extra claws-mail 4.1.1-1 andyrtr Complete andyrtr
x86_64 Extra eclipse-common Complete heftig
x86_64 Extra eclipse-cpp Complete heftig
x86_64 Extra eclipse-java Complete heftig
x86_64 Extra eclipse-jee Complete heftig
x86_64 Extra eclipse-php Complete heftig
x86_64 Extra empathy Complete heftig
x86_64 Extra gimp 2.10.34-2 eworm, gromit Complete arojas
x86_64 Extra gnucash jlichtblau, bgyorgy Complete bgyorgy
x86_64 Extra java-openjfx 20.0.1.u1-1 felixonmars, anthraxx, freswa Complete guillaume
x86_64 Extra java-openjfx-doc 20.0.1.u1-1 felixonmars, anthraxx, freswa Complete guillaume
x86_64 Extra java-openjfx-src 20.0.1.u1-1 felixonmars, anthraxx, freswa Complete guillaume
x86_64 Extra liferea 1.14.5-1 lcarlier Complete bgyorgy
x86_64 Extra mono-tools anthraxx Complete jgc
x86_64 Extra swt Complete heftig
x86_64 Extra webkit-sharp Complete jgc
x86_64 Extra wxgtk2 Complete bgyorgy
x86_64 Extra wxpython Complete bgyorgy