Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 750893

Summary: media-plugins/mythplugins[mythmusic|mythbrowser]: Drop optional support for deprecated dev-qt/qtwebkit:5
Product: Gentoo Linux Reporter: Andreas Sturmlechner <asturm>
Component: Current packagesAssignee: Wilson M. Michaels <thebitpit>
Status: CONFIRMED ---    
Severity: normal CC: proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=730674
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 684580    

Description Andreas Sturmlechner gentoo-dev 2020-10-23 17:28:57 UTC
QtWebKit's time is limited now.
Comment 1 Wilson M. Michaels 2020-11-30 15:30:01 UTC
Upstream's latest release still uses qtwebkit in media-plugins/mythplugins. I didn't find a reference to qtwebengine in the snapshot for the next release either. I will change the default USE flags to select no plugins by default. dev-qt/qtwebkit will be pulled in only when the user selects a plugin that requires it. I'll edit the installation message to reflect this.
Comment 2 Andreas Sturmlechner gentoo-dev 2021-01-02 01:36:30 UTC
How important are those functions? Are there alternatives?
Comment 3 Wilson M. Michaels 2021-01-02 01:56:26 UTC
There are no alternatives in the current mythplugins release. Not all mythplugins use QtWebKit. I expect the next mythtv release to address this. I use mythtv everyday. I do not use any mythplugins on a regular basis. A user must select the plugins desired for compilation, none are selected by default. I am trying to maintain plugin availability for those who do use them.
Comment 4 Andreas Sturmlechner gentoo-dev 2021-01-23 17:01:19 UTC
Providing users with a browser engine with several years worth of unpatched security issues is not a service at this point. The question is not so much if there are alternatives within mythplugins, but if there is any other system browser mythtv users would be able to use, that does not contain those vulnerabilities.

That they aren't selected by default is beside the point; we need to get rid of the dependency.