[Bug 1982578] [NEW] tkhtml is discontinued, ancient, and most likely unsafe
Launchpad Bug Tracker
1982578 at bugs.launchpad.net
Fri Jul 22 20:17:33 UTC 2022
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
tkhtml was last updated October 8, 2007. It is a web browser engine
written in Tcl and C. It supports Javascript. These three things
combined seem like a bad security risk. Even if development is picked up
in the future, it is my opinion that it should still be considered
unsafe, especially since it was in alpha stage when it was discontinued,
according to http://tkhtml.tcl.tk/hv3.html.
I believe we should remove this package from the Ubuntu archives. If
possible, we may also want to get the package removed in Debian.
(Note by "bad security risk" I don't mean "oh no this could pwn all of
Ubuntu's users in a day" or something - I mean anyone who used this
browser could be at a serious risk of running into trouble.)
(edits: Apparently my tired brain decided to go into overly dramatic
mode. I toned it down a bit.)
** Affects: tk-html3 (Ubuntu)
Importance: Undecided
Status: New
--
tkhtml is discontinued, ancient, and most likely unsafe
https://bugs.launchpad.net/bugs/1982578
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is subscribed to the bug report.
More information about the ubuntu-archive
mailing list