Package: release-notes Severity: important Tags: patch Debian provides security support for the WebKitGTK browser engine (source package: webkit2gtk). For bullseye we also want to support wpewebkit, which is developed by the same team, follows a very similar release schedule and numbering system, shares most of the code and almost all CVEs fixes apply to both ports.
See #990754 for more details. I'm attaching a patch for the release notes.
diff --git a/en/issues.dbk b/en/issues.dbk index 5f177f54..9fb6861d 100644 --- a/en/issues.dbk +++ b/en/issues.dbk @@ -483,12 +483,13 @@ data = ${lookup{$local_part}lsearch{/some/path/$domain_data/aliases}} source packages and the concern applies to all packages shipping them. The concern also extends to web rendering engines not explicitly mentioned here, with the exception of <systemitem - role="source">webkit2gtk</systemitem>.</para></footnote> are included in - &releasename;, but not - covered by security support. These browsers should not be used against - untrusted websites. - The <systemitem role="source">webkit2gtk</systemitem> source package is - covered by security support. + role="source">webkit2gtk</systemitem> and <systemitem + role="source">wpewebkit</systemitem>.</para></footnote> are included in + &releasename;, but not covered by security support. These + browsers should not be used against untrusted websites. + The <systemitem role="source">webkit2gtk</systemitem> and + <systemitem role="source">wpewebkit</systemitem> source + packages are covered by security support. </para> <para> For general web browser use we recommend Firefox or Chromium.