[ALSA-2024:2982] Important: webkit2gtk3 security update
Type:
security
Severity:
important
Release date:
2024-05-29
Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852) * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-23213) * webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents (CVE-2014-1745) * webkitgtk: User password may be read aloud by a text-to-speech accessibility feature (CVE-2023-32359) * webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (CVE-2023-39928) * webkitgtk: Processing web content may lead to a denial of service (CVE-2023-41983) * webkitgtk: processing a malicious image may lead to a denial of service (CVE-2023-42883) * webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-42890) * webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2024-23206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 webkit2gtk3-devel-2.42.5-1.el8.aarch64.rpm 00921485c5b9edfff8878c236b815fa31071d3a8523a2bc8e27e24b4034b1f93
aarch64 webkit2gtk3-jsc-2.42.5-1.el8.aarch64.rpm 4c04d4ab1e5a95ce2b8b37ee074b97c910416db328b670797c5d4c3fce543019
aarch64 webkit2gtk3-2.42.5-1.el8.aarch64.rpm 4f182a2f33e6a2857115530dc769c104879e9e902fd3bd7220ef6fb7bebd1e66
aarch64 webkit2gtk3-jsc-devel-2.42.5-1.el8.aarch64.rpm b6941b97161c0fff6cbd762cab4b9765182cb36bacad3706f9baf9732f89c4d1
i686 webkit2gtk3-jsc-2.42.5-1.el8.i686.rpm 0109065a1c686101ec3896ab9449428e761b96251ccf38c48d79ed388c0db362
i686 webkit2gtk3-jsc-devel-2.42.5-1.el8.i686.rpm 5836d03df136a614ead9d7d4662bbda058a94b1c8c23839b2ca74da649a5f160
i686 webkit2gtk3-devel-2.42.5-1.el8.i686.rpm a8b6bf137658d76787514700a0522e57b010904019695b18ae9948ab933e2a22
i686 webkit2gtk3-2.42.5-1.el8.i686.rpm be9c2cd1465bb049e2b0607e828ce50ba3c0129c65c4d7dd41a0e62940d8a79d
ppc64le webkit2gtk3-jsc-devel-2.42.5-1.el8.ppc64le.rpm 072a36a41b5198c22ef83215eecbba544b6c753a2b5174528bb0bb5321ef4935
ppc64le webkit2gtk3-devel-2.42.5-1.el8.ppc64le.rpm 5a5694afea46e5dcc304b3447e935aea48fc9f6c2277ca7a0479fe87ef3863fb
ppc64le webkit2gtk3-jsc-2.42.5-1.el8.ppc64le.rpm ad66ec50ec0d4415da9e638c16930fda8319983ab8dd9b7c5fa5c14d98a87927
ppc64le webkit2gtk3-2.42.5-1.el8.ppc64le.rpm b91bb378728932945ef4582a07c9ff05663dcac65bf7dceee94e99ea2661f806
s390x webkit2gtk3-jsc-2.42.5-1.el8.s390x.rpm 27ff122929d5395d6d879cce760190654e1556da867a857772187e5e84661400
s390x webkit2gtk3-jsc-devel-2.42.5-1.el8.s390x.rpm 4b698bf5e3262ed2a49602849b1dcaf55682ef0710aad1a791da3a70c3c791df
s390x webkit2gtk3-2.42.5-1.el8.s390x.rpm 63a39687365cf70bd225f09df198e3f3b720b29da4015253cbdfe5f00ed35d0d
s390x webkit2gtk3-devel-2.42.5-1.el8.s390x.rpm cc0f4a69a6aed3ae65cab44cba442733695d7f4f5841480dca87dd54bb8be0e4
x86_64 webkit2gtk3-jsc-2.42.5-1.el8.x86_64.rpm 2b50441e92163d0114a27d0809ee32306364e49c0de11e56375bb8d776267e8c
x86_64 webkit2gtk3-jsc-devel-2.42.5-1.el8.x86_64.rpm 88dbc4151a08bf5938d77ff3868f25bb67ebb7714882b812a7651242cf3cdaa5
x86_64 webkit2gtk3-devel-2.42.5-1.el8.x86_64.rpm 9218c3fe8d76d468c80eecba1e4d25bde3a2b9264d78fac3407175ace8222f57
x86_64 webkit2gtk3-2.42.5-1.el8.x86_64.rpm f85f9c7faabfa655762b275973ae5755db5db2601b3d654eaaadf5de50efa4a7
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.