The officially official Devuan Forum!

You are not logged in.

#1 2023-10-13 11:06:49

Plentyn
Member
Registered: 2017-07-14
Posts: 23  

luakit and CVE-2023-40476 - or - security in Devuan

Hi people,

I stumbled upun a security problem today. Is there a solution for this kind of problem?

I use luakit. CVE-2023-40476 [1] applies to luakit via libwebkit2gtk-4.0-37 . So - I have questions:
- Why does libwebkit2gtk-4.0-37 depend on libgstreamer-plugins-bad1.0-0 - which is explicitly the less-maintained part of gstreamer?
- Do we really want to rely on Debian doing the right thing here?

[1] https://security-tracker.debian.org/tra … 2023-40476

Offline

Board footer