ALSA-2022:7704

[ALSA-2022:7704] Moderate: webkit2gtk3 security and bug fix update

Type:

security

Severity:

moderate

Release date:

2023-03-13

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.

Security Fix(es):

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm	3559dd8b1228a635d1b2ff557f32539c58a1dccfd409a15609e34bc80e8c7a44
aarch64	webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm	76704ff250ae0a0e091db7ba8ec30d3cce9720accd67b55708119a4c1d74495c
aarch64	webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm	b9b5a57ea7c64a785c6a101bc26ca4ecb9925a90d8d212f745b858269149f9e7
aarch64	webkit2gtk3-2.36.7-1.el8.aarch64.rpm	d058762ef9bec1cbcb762ccf4835253fd7dadd3b3e8d0709d16cc791560c2daf
i686	webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm	2e9399367a9aef32000d9d1cd728df31e867613d1341fcf58b7f168aa27606f6
i686	webkit2gtk3-2.36.7-1.el8.i686.rpm	67226f5d92f7cc0a8736156f324d17cedbbf89ae258f76f9285cb8d83503d39f
i686	webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm	a7bd4619c947920b07462692ede21efeb949d6c55b69eb8340251d3e945e8b7b
i686	webkit2gtk3-devel-2.36.7-1.el8.i686.rpm	c884784fd2ade5eeaaa8ec9cad9d5a6fd73349681e7db46158b0b1e5aa725f9d
ppc64le	webkit2gtk3-2.36.7-1.el8.ppc64le.rpm	0f53ec4446251ec02213ad030f85134eaa4aed8eeebac598fda68abda756edc8
ppc64le	webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm	1459c69835355cbe8ffeb292eb14f0edd65ee14ae3369c8423704bf77215fc39
ppc64le	webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm	75977402e8d59891b24359c6a64d712ee759cce1324e7ae830feaa1eeb07919a
ppc64le	webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm	b58b4bd6f0cc9086468edaa115c570c7aeb20886beacf1df039c8ee0cbe19e1b
s390x	webkit2gtk3-2.36.7-1.el8.s390x.rpm	041acbdd8e214d92ec412b976f5cc94acfb37e56ee1e142f34cedcf6024a8fcc
s390x	webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm	1bed2ba90604a58caa987ea86246de54c2ca9b4a1d72816ea8ae681b67a3731f
s390x	webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm	30e55caa9add9722d46172867f5ad13718feaa04ec16b4fbd0cde28a0638296e
s390x	webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm	c677c6f092f54bee36f47c9f20f947e8e4068651f232fd36e278e46529c8db57
x86_64	webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm	1c132b0cef4da16dc60a0645977acf34e1b5c276cd7184e709015c7b9b3aaa72
x86_64	webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm	2779fc195f51dd35683e1a23d9fe92e8f7e82cd8578afd8b96783a024e68e55d
x86_64	webkit2gtk3-2.36.7-1.el8.x86_64.rpm	4eb00342c739d7fb0f6ad406ef0b85bb6046eee2d7f04ee41dbf7930145745f2
x86_64	webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm	b970780956734687688138634e23370972980460aaf0321422139deb4e51d9c4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.