{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Update to WebKitGTK 2.28.0.\n\n * Add API to enable Process Swap on (Cross-site) Navigation.\n * Add user messages API for the communication with the web extension.\n * Add support for same-site cookies.\n * Service workers are enabled by default.\n * Add support for Pointer Lock API.\n * Add flatpak sandbox support.\n * Make ondemand hardware acceleration policy never leave accelerated compositing mode.\n * Always use a light theme for rendering form controls.\n * Add about:gpu to show information about the graphics stack.\n * CVE fixes: CVE-2020-10018\n", "type": "security", "status": "obsolete", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": true, "critpath_groups": null, "close_bugs": true, "date_submitted": "2020-03-12 14:23:18", "date_modified": "2020-03-12 14:37:49", "date_approved": null, "date_testing": "2020-03-12 18:48:04", "date_stable": null, "alias": "FEDORA-2020-5933c201ee", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2020-03-12 18:48:04", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2020-5933c201ee", "title": "webkit2gtk3-2.28.0-2.fc32", "version_hash": "2c992e23fca0b12bc72384bbe7960bb0f11d6393", "release": {"name": "F32", "long_name": "Fedora 32", "version": "32", "id_prefix": "FEDORA", "branch": "f32", "dist_tag": "f32", "stable_tag": "f32-updates", "testing_tag": "f32-updates-testing", "candidate_tag": "f32-updates-candidate", "pending_signing_tag": "f32-signing-pending", "pending_testing_tag": "f32-updates-testing-pending", "pending_stable_tag": "f32-updates-pending", "override_tag": "f32-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "catanzaro", "email": "mcatanzaro@redhat.com", "id": 1020, "avatar": "https://seccdn.libravatar.org/avatar/c442b3fe1b661f7566d0e27e8c86631fca5c34c365941f03572587f80927de1b?s=24&d=retro", "openid": "catanzaro.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "metrics-sig"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by catanzaro. ", "timestamp": "2020-03-12 14:23:18", "update_id": 192468, "user_id": 91, "id": 1277131, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "catanzaro edited this update.", "timestamp": "2020-03-12 14:37:49", "update_id": 192468, "user_id": 91, "id": 1277184, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2020-03-12 14:37:52", "update_id": 192468, "user_id": 91, "id": 1277185, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2020-03-12 18:50:50", "update_id": 192468, "user_id": 91, "id": 1277543, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Nit-pick: With some unrelated changes in fedora 31 and 30, builds from this fedora 32 update now have a lower NVR than the builds from fedora 31 or 30.\n\nWhen doing such \"unrelated fixes\" in older branches, it's recommended to append `.1` to the Release (like `1%{?dist}.1`, and then incrementing that postfix number) instead of incrementing the Release like normal. This preserves a correct upgrade path within and across releases.", "timestamp": "2020-03-16 11:42:08", "update_id": 192468, "user_id": 388, "id": 1281006, "bug_feedback": [{"karma": 0, "comment_id": 1281006, "bug_id": 1811722, "bug": {"bug_id": 1811722, "title": "CVE-2020-10018 webkit2gtk3: webkitgtk: Denial of service issue in accessibility/AXObjectCache.cpp [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "fedorabugs"}, {"name": "fedora-contributor"}, {"name": "packaging-committee"}, {"name": "pantheon-sig"}, {"name": "multimedia-sig"}, {"name": "ipausers"}, {"name": "libreoffice-sig"}, {"name": "rust-sig"}, {"name": "diversity-pride"}, {"name": "signed_fpca"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Hm, I thought we didn't care about upgrade path anymore because dist-upgrade downgrades everything automatically... is that wrong?\n\nI can remember to do this in the future, though.", "timestamp": "2020-03-16 14:04:57", "update_id": 192468, "user_id": 1020, "id": 1281244, "bug_feedback": [{"karma": 0, "comment_id": 1281244, "bug_id": 1811722, "bug": {"bug_id": 1811722, "title": "CVE-2020-10018 webkit2gtk3: webkitgtk: Denial of service issue in accessibility/AXObjectCache.cpp [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "catanzaro", "email": "mcatanzaro@redhat.com", "id": 1020, "avatar": "https://seccdn.libravatar.org/avatar/c442b3fe1b661f7566d0e27e8c86631fca5c34c365941f03572587f80927de1b?s=24&d=retro", "openid": "catanzaro.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "metrics-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "I have another change to make anyway, so I'll call it -7 to fix the upgrade path.", "timestamp": "2020-03-16 21:40:41", "update_id": 192468, "user_id": 1020, "id": 1282609, "bug_feedback": [{"karma": 0, "comment_id": 1282609, "bug_id": 1811722, "bug": {"bug_id": 1811722, "title": "CVE-2020-10018 webkit2gtk3: webkitgtk: Denial of service issue in accessibility/AXObjectCache.cpp [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "catanzaro", "email": "mcatanzaro@redhat.com", "id": 1020, "avatar": "https://seccdn.libravatar.org/avatar/c442b3fe1b661f7566d0e27e8c86631fca5c34c365941f03572587f80927de1b?s=24&d=retro", "openid": "catanzaro.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "metrics-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Well, it's mostly true that \"upgrade path\" doesn't matter anymore (you're right that dist-upgrades do distro-sync - and downgrade - now by default).\n\nIn this case, this turned out to not be a problem, but in other cases, I found updates that were missing from f32 entirely (which is a problem, since package downgrades aren't exactly supported, and it's not good for f32 to be missing bugfixes and security updates).\n\nBut thanks for fixing it anyway :)", "timestamp": "2020-03-17 10:54:34", "update_id": 192468, "user_id": 388, "id": 1283199, "bug_feedback": [{"karma": 0, "comment_id": 1283199, "bug_id": 1811722, "bug": {"bug_id": 1811722, "title": "CVE-2020-10018 webkit2gtk3: webkitgtk: Denial of service issue in accessibility/AXObjectCache.cpp [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "fedorabugs"}, {"name": "fedora-contributor"}, {"name": "packaging-committee"}, {"name": "pantheon-sig"}, {"name": "multimedia-sig"}, {"name": "ipausers"}, {"name": "libreoffice-sig"}, {"name": "rust-sig"}, {"name": "diversity-pride"}, {"name": "signed_fpca"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been obsoleted by [webkit2gtk3-2.28.0-7.fc32](https://bodhi.fedoraproject.org/updates/FEDORA-2020-851ab3ca3c).", "timestamp": "2020-03-17 14:36:10", "update_id": 192468, "user_id": 91, "id": 1283466, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "webkit2gtk3-2.28.0-2.fc32", "signed": true, "release_id": 35, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1811722, "title": "CVE-2020-10018 webkit2gtk3: webkitgtk: Denial of service issue in accessibility/AXObjectCache.cpp [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1279251, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-14 08:45:08", "update_id": 192479, "user_id": 198, "id": 1279251, "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 1281006, "bug_id": 1811722, "comment": {"karma": 0, "karma_critpath": 0, "text": "Nit-pick: With some unrelated changes in fedora 31 and 30, builds from this fedora 32 update now have a lower NVR than the builds from fedora 31 or 30.\n\nWhen doing such \"unrelated fixes\" in older branches, it's recommended to append `.1` to the Release (like `1%{?dist}.1`, and then incrementing that postfix number) instead of incrementing the Release like normal. This preserves a correct upgrade path within and across releases.", "timestamp": "2020-03-16 11:42:08", "update_id": 192468, "user_id": 388, "id": 1281006, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "fedorabugs"}, {"name": "fedora-contributor"}, {"name": "packaging-committee"}, {"name": "pantheon-sig"}, {"name": "multimedia-sig"}, {"name": "ipausers"}, {"name": "libreoffice-sig"}, {"name": "rust-sig"}, {"name": "diversity-pride"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1281244, "bug_id": 1811722, "comment": {"karma": 0, "karma_critpath": 0, "text": "Hm, I thought we didn't care about upgrade path anymore because dist-upgrade downgrades everything automatically... is that wrong?\n\nI can remember to do this in the future, though.", "timestamp": "2020-03-16 14:04:57", "update_id": 192468, "user_id": 1020, "id": 1281244, "testcase_feedback": [], "user": {"name": "catanzaro", "email": "mcatanzaro@redhat.com", "id": 1020, "avatar": "https://seccdn.libravatar.org/avatar/c442b3fe1b661f7566d0e27e8c86631fca5c34c365941f03572587f80927de1b?s=24&d=retro", "openid": "catanzaro.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "metrics-sig"}]}}}, {"karma": 0, "comment_id": 1281796, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2020-03-16 19:34:50", "update_id": 192479, "user_id": 284, "id": 1281796, "testcase_feedback": [], "user": {"name": "cairo", "email": "hansmueller183@yahoo.com", "id": 284, "avatar": "https://seccdn.libravatar.org/avatar/65ac01c684e76450d8575348b4894728e9c69ffdbd7c08718a4156e8e0daf5b6?s=24&d=retro", "openid": "cairo.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1282609, "bug_id": 1811722, "comment": {"karma": 0, "karma_critpath": 0, "text": "I have another change to make anyway, so I'll call it -7 to fix the upgrade path.", "timestamp": "2020-03-16 21:40:41", "update_id": 192468, "user_id": 1020, "id": 1282609, "testcase_feedback": [], "user": {"name": "catanzaro", "email": "mcatanzaro@redhat.com", "id": 1020, "avatar": "https://seccdn.libravatar.org/avatar/c442b3fe1b661f7566d0e27e8c86631fca5c34c365941f03572587f80927de1b?s=24&d=retro", "openid": "catanzaro.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "gnome-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "metrics-sig"}]}}}, {"karma": 0, "comment_id": 1283025, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "+1", "timestamp": "2020-03-17 08:59:22", "update_id": 192479, "user_id": 506, "id": 1283025, "testcase_feedback": [], "user": {"name": "smithp", "email": "smithpeter835@yahoo.co.uk", "id": 506, "avatar": "https://seccdn.libravatar.org/avatar/cdf0e9eb825568e6173694f0d1788bd389a980b3497928ce6f44f889943928a5?s=24&d=retro", "openid": "smithp.id.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}, {"karma": 0, "comment_id": 1283199, "bug_id": 1811722, "comment": {"karma": 0, "karma_critpath": 0, "text": "Well, it's mostly true that \"upgrade path\" doesn't matter anymore (you're right that dist-upgrades do distro-sync - and downgrade - now by default).\n\nIn this case, this turned out to not be a problem, but in other cases, I found updates that were missing from f32 entirely (which is a problem, since package downgrades aren't exactly supported, and it's not good for f32 to be missing bugfixes and security updates).\n\nBut thanks for fixing it anyway :)", "timestamp": "2020-03-17 10:54:34", "update_id": 192468, "user_id": 388, "id": 1283199, "testcase_feedback": [], "user": {"name": "decathorpe", "email": "decathorpe@gmail.com", "id": 388, "avatar": "https://seccdn.libravatar.org/avatar/67f4ac6a6b20752d6c2ff1f21b29d10c6fcdd05a35ffccdca789fe670dfc3efb?s=24&d=retro", "openid": "decathorpe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "fedorabugs"}, {"name": "fedora-contributor"}, {"name": "packaging-committee"}, {"name": "pantheon-sig"}, {"name": "multimedia-sig"}, {"name": "ipausers"}, {"name": "libreoffice-sig"}, {"name": "rust-sig"}, {"name": "diversity-pride"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 1283320, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works", "timestamp": "2020-03-17 12:47:30", "update_id": 192479, "user_id": 491, "id": 1283320, "testcase_feedback": [], "user": {"name": "pwalter", "email": "walter.pete@yandex.com", "id": 491, "avatar": "https://seccdn.libravatar.org/avatar/20f7756718e08ef810fe23344dfdcafe17dfb277e2c27d5cbf81e35b66247795?s=24&d=retro", "openid": "pwalter.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1283977, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works for me. No regressions noted compared to previous version.", "timestamp": "2020-03-17 19:57:43", "update_id": 192479, "user_id": 308, "id": 1283977, "testcase_feedback": [], "user": {"name": "chr77", "email": "chr77@protonmail.com", "id": 308, "avatar": "https://seccdn.libravatar.org/avatar/c9ddae9d692ab2ea6cecd787db18332407bb29982c8a1eae39771bfb270b71fd?s=24&d=retro", "openid": "chr77.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1286268, "bug_id": 1811722, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works", "timestamp": "2020-03-19 13:20:51", "update_id": 193270, "user_id": 491, "id": 1286268, "testcase_feedback": [], "user": {"name": "pwalter", "email": "walter.pete@yandex.com", "id": 491, "avatar": "https://seccdn.libravatar.org/avatar/20f7756718e08ef810fe23344dfdcafe17dfb277e2c27d5cbf81e35b66247795?s=24&d=retro", "openid": "pwalter.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "trust admins"}]}}}]}], "updateid": "FEDORA-2020-5933c201ee", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}