4
This is the oldest WebKitGTK+ source package in Ubuntu. It is the
5
WebKitGTK+ upstream project. See: http://webkitgtk.org/
7
This package is only in precise.
9
Current stable tree (1.4.x) is here:
10
http://svn.webkit.org/repository/webkit/releases/WebKitGTK/webkit-1.4.0
12
Previous stable tree (1.2.x) was here:
13
http://gitorious.org/webkitgtk/stable/commits/master
18
This is the older WebKitGTK+ (pre-WebKit2) source package in Ubuntu. It is
19
the WebKitGTK+ upstream project. See: http://webkitgtk.org/
21
It is based on an older version which is no longer being developed.
22
Starting with Ubuntu 16.04 LTS, this package is in universe.
27
This is the newer WebKitGTK+ source package based on WebKit2. It is the
28
WebKitGTK+ upstream project. See: http://webkitgtk.org/
29
Starting with Ubuntu 16.04 LTS, this package is in main.
34
On Jaunty and later, this contains a copy of the QTWebKit source code in
35
the src/3rdparty/webkit directory.
37
Upstream for QTWebKit is http://trac.webkit.org/wiki/QtWebKit
39
On Maverick and later, the QTWebKit source code isn't built, it has been
40
replaced by the qtwebkit-source package.
45
This package exists on Maverick and later, and contains a copy of the
46
QTWebKit source code. It is used instead of the QTWebKit code in qt4-x11.
48
qtwebkit-opensource-src
49
-----------------------
51
This package exists in Raring and later, and contains a copy of the QTWebKit
52
source code (both Webkit1 and Webkit2). It is used by the Ubuntu SDK. It also
53
has code to use the V8 javascript engine, but uses the JavaScriptCore (JSC)
54
engine only on Ubuntu.
59
WebKit was originally a fork of khtml from kdelibs. Codebase doesn't look
65
WebKit was originally a fork of khtml from kdelibs. Codebase doesn't look
71
This is just a wrapper, and contains no WebKit code.
76
This package contains a fork of the WebKit code base (aka 'Blink'). It is
77
maintained separately by Google and is tracked in the 'chromium-browser'
83
Oxide is bindings for the chromium content api and therefore contains a fork
84
of the webkit code base (aka, 'Blink'). The chromium content api is maintained
85
separately by Google and Oxide is maintained by Canonical. Oxide is tracked in
86
the 'chromium-browser' boilerplate.
90
active/00boilerplate.webkit is used to capture the source package relationships
91
when triaging CVEs for webkit (ie, you only need to specify 'webkit' as the
94
When a CVE comes out MITRE generally assigns a CVE to chromium and webkit
95
separately, unless the chromium stable release text explicitly states there was
96
a problem in webkit. Considering this, the current triage practice is that we
97
will treat chromium and webkit separately (since that is what MITRE does) and
98
therefore if a CVE is listed for chromium only, we will not add webkit to the
101
This policy means that we will need to be careful to watch for CVE description
102
updates when using check-cves, and add webkit to a chromium CVE if MITRE does
103
(but changes to CVE description text should always be reviewed before
106
Due to various upstreams' release models, support for webkit is limited to new
107
upstream minor version releases only. See
108
https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit for details.