El lun, 05-06-2017 a las 13:42 -0400, Michael Orlitzky escribió: > On 06/05/2017 07:06 AM, Kent Fredric wrote: > > On Mon, 05 Jun 2017 09:11:27 +0200 > > Hans de Graaff <gra...@gentoo.org> wrote: > > > > > # Hans de Graaff <gra...@gentoo.org> (05 Jun 2017) > > > # Bundles obsolete and vulnerable webkit version. > > > # Upstream has stopped development and recommends using > > > # headless mode in >=www-client/chromium-59. > > > # Masked for removal in 30 days. Bug #589994. > > > www-client/phantomjs > > > > Can phantomjs be simply masked for a longer period until the development > > world has had an opportunity to catch up? > > > > The real reason for the mask is that it bundles an ancient version of > qtwebkit with a ton of known security vulnerabilities. Hans was > attempting to fix it, but now that upstream is dead, it will remain > insecure forever. >
Also, current stable version cannot be built with stable gcc, and latest version also have lots of unresolved bugs (some building bugs) apart of the security issues affecting all versions
