Is xombrero still being developed? I used it for quite a while and liked it but the lack of updates made me think it was probably falling behind on security. Granted WebKit is the biggest part of that.
AFAICT, no. I actually did some work on the build process to sanitise it for fixing some stuff later (use bmake on tree root and use a single platform.h with ifdefs instead of cd $OS && make stupidity, which the author of xombrero seems to like; tested only on freebsd tho), but I didn't have any spare time for that yet.
No it's not, that vulnerability is a WebKit vulnerability, AFAIK fixed in WebKit. The browser has nice features for controlling script, cookie, plugin use and data exposed to servers, that is what I refer to as "security". I don't know if it's still affected by that bug or not.
