https://bugs.kde.org/show_bug.cgi?id=365299
Matt Whitlock <k...@mattwhitlock.name> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |k...@mattwhitlock.name
--- Comment #21 from Matt Whitlock <k...@mattwhitlock.name> ---
As of 2 Aug 2021, Gentoo has hard-masked Trojitá due to unpatched security
vulnerabilities in QtWebkit. Of course I can manually unmask the ebuilds and
eventually copy them into a local repo when Gentoo deletes them, but I fear
it's only a matter of time before someone figures out a remote-code-execution
vulnerability that's exploitable via Trojitá's HTML email viewer, and with no
further updates to QtWebkit indefinitely, running Trojitá is going to become a
liability.
I second the sentiment that I would prefer to continue using Trojitá even
without support for rendering HTML mail parts. Maybe QtWebkit can be ripped out
and replaced with nothing if it's too hard to switch to QtWebEngine?
No other mail clients are even remotely usable. Trojitá isn't perfect, but it's
the best there is. :(
(In reply to Thomas Rohloff from comment #20)
> What about trojita saving the html to /tmp, then opening it with an external
> browser from there?
That doesn't work because there would be no way to pass attached parts to the
external browser (e.g., for images). Jan mentioned this in Comment 6.
--
You are receiving this mail because:
You are watching all bug changes.
