Catanzaro: On WebKit security updates

Michael Catanzaro describesthe sad state of WebKit security on Linux distributions and thechallenges of security support for such a complex package in general."We regularly receive bug reports from users with very old versionsof WebKit, who trust their distributors to handle security for them andmight not even realize they are running ancient, unsafe versions ofWebKit. I strongly recommend using a distribution that releases WebKitGTK+updates shortly after they're released upstream. That is currently onlyArch and Fedora. (You can also safely use WebKitGTK+ in Debian testing -except during its long freeze periods - and Debian unstable, and maybe alsoin openSUSE Tumbleweed. Just be aware that the stable releases of thesedistributions are currently not receiving our security updates.)"Lots of information here, worth a read for anybody interested in the topic.