From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0BB37139694 for ; Tue, 6 Jun 2017 08:30:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3E3D822400C; Tue, 6 Jun 2017 08:30:25 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E1CB521C072 for ; Tue, 6 Jun 2017 08:30:24 +0000 (UTC) Received: from [192.168.1.34] (65.red-83-49-40.dynamicip.rima-tde.net [83.49.40.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: pacho) by smtp.gentoo.org (Postfix) with ESMTPSA id F01FE33FE7D for ; Tue, 6 Jun 2017 08:30:22 +0000 (UTC) Message-ID: <1496737817.1024.2.camel@gentoo.org> Subject: Re: [gentoo-dev] Last rites: www-client/phantomjs and dev-ruby/poltergeist From: Pacho Ramos To: gentoo-dev@lists.gentoo.org Date: Tue, 06 Jun 2017 10:30:17 +0200 In-Reply-To: References: <1496646687.9038.9.camel@gentoo.org> <20170605230605.099dfdc3@katipo2.lan> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.22.6 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Archives-Salt: 7feb57e7-1734-4a35-8831-fc2dabf34894 X-Archives-Hash: 0f58d1d8f63e90ea7eee666c9ba74513 El lun, 05-06-2017 a las 13:42 -0400, Michael Orlitzky escribió: > On 06/05/2017 07:06 AM, Kent Fredric wrote: > > On Mon, 05 Jun 2017 09:11:27 +0200 > > Hans de Graaff wrote: > > > > > # Hans de Graaff (05 Jun 2017) > > > # Bundles obsolete and vulnerable webkit version. > > > # Upstream has stopped development and recommends using > > > # headless mode in >=www-client/chromium-59. > > > # Masked for removal in 30 days. Bug #589994. > > > www-client/phantomjs > > > > Can phantomjs be simply masked for a longer period until the development > > world has had an opportunity to catch up? > > > > The real reason for the mask is that it bundles an ancient version of > qtwebkit with a ton of known security vulnerabilities. Hans was > attempting to fix it, but now that upstream is dead, it will remain > insecure forever. > Also, current stable version cannot be built with stable gcc, and latest version also have lots of unresolved bugs (some building bugs) apart of the security issues affecting all versions