ALSA-2021:4097

[ALSA-2021:4097] Moderate: webkit2gtk3 security and bug fix update

Type:

security

Severity:

moderate

Release date:

2021-11-03

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* WebProcess::initializeWebProcess crashing on aarch64 (BZ#2010825)

References:

CVE-2021-30858

Updated packages:

webkit2gtk3-2.30.4-3.el8_4.i686.rpm
webkit2gtk3-2.30.4-3.el8_4.x86_64.rpm
webkit2gtk3-devel-2.30.4-3.el8_4.i686.rpm
webkit2gtk3-devel-2.30.4-3.el8_4.x86_64.rpm
webkit2gtk3-jsc-2.30.4-3.el8_4.i686.rpm
webkit2gtk3-jsc-2.30.4-3.el8_4.x86_64.rpm
webkit2gtk3-jsc-devel-2.30.4-3.el8_4.i686.rpm
webkit2gtk3-jsc-devel-2.30.4-3.el8_4.x86_64.rpm

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.