Is Gnome Web (Epiphany) safe to use ?

[Jaekelsson]

Hi all,

I would like to know if Gnome Web (Epiphany) is safe to use.

Last version of this browser is 42.2. Last version on latest/quarterly repos is 42.2. This seems good but Epiphany is built on WebKitGTK which seems old on FreeBSD.

Latest version of WebKitGTK is 2.36.4 but on FreeBSD it is 2.34.6. (on Freshports on 05 Mar 2022)

This version seems to have several unpatched vulnerability :

WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
30 MAY 2022

WebKitGTK and WPE WebKit Security Advisory WSA-2022-0004
08 APRIL 2022

WebKitGTK Security Advisories - The WebKitGTK Project

WebKitGTK seems to be needed for a lot of software of Gnome as :

1. deskutils/meteo
2. devel/glade
3. graphics/shotwell
4. mail/evolution
5. mail/evolution-ews
6. net/remmina
7. x11-fonts/font-manager
8. ..................

So are they safe ?

Thank you for your responses.

 

[bsduck]

That's a good observation. I personally wouldn't use as a main browser something that doesn't get frequent security updates. In my opinion, WebkitGTK currently isn't taken care of enough on FreeBSD to be considered safe for anything critical (e-banking, etc.). Same with www/qt5-webengine (Chromium engine) which is used similarly by a few browsers and a lot of various Qt programs. Both would deserve a more reactive port maintenance. www/qt5-webkit is far worse but that's an upstream problem.

It's not much of an issue for programs using the browser engine for rendering local HTML or limited web requests, but for a proper browser I expect first class security support, and currently that's mostly limited to Firefox and Chromium.