ALSA-2025:13780

[ALSA-2025:13780] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-08-14

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * angle: insufficient input validation can cause undefined behavior (CVE-2025-6558)
  * webkitgtk: A download?s origin may be incorrectly associated (CVE-2025-43240)
  * webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31273)
  * webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31278)
  * webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-43211)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43212)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43216)
  * webkitgtk: Processing maliciously crafted web content may disclose sensitive user information (CVE-2025-43227)
  * webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-43265)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-2.48.5-1.el8_10.aarch64.rpm	0f37a9961e906f1901910ca80b51efadc6d2d073a0b5442b78a86db2c2c33b31
aarch64	webkit2gtk3-devel-2.48.5-1.el8_10.aarch64.rpm	3f7a43d3c5701cc4f535cfe485dd5a7e36d5e2a9bfd26b94e8468024d063a2c0
aarch64	webkit2gtk3-2.48.5-1.el8_10.aarch64.rpm	74ec017f659a0b91a90307cb2d6034fa24ae27a9f766d802cbbb6b2171aee4d5
aarch64	webkit2gtk3-jsc-devel-2.48.5-1.el8_10.aarch64.rpm	760e434032e2a2b199e61b27ca5ed9b48c08694c2596037845c0f0268046cb15
i686	webkit2gtk3-jsc-2.48.5-1.el8_10.i686.rpm	13335b67cd9fecfb941cb8e658a5e94bd3e10aafd62d020d2f0c3165e8e0cfc3
i686	webkit2gtk3-2.48.5-1.el8_10.i686.rpm	8e39519d8c2d456fcc21028d85db56414a25efa2503eba88ebb04a32cdd197e1
i686	webkit2gtk3-jsc-devel-2.48.5-1.el8_10.i686.rpm	bf5d56fe078699e6263f4c556ea060ed6105788471b2ed1803131591c6b1e1c8
i686	webkit2gtk3-devel-2.48.5-1.el8_10.i686.rpm	f6050023a5b48f5d151e0f67dd12e04fa547f0999ab35f2171f4535176d22532
ppc64le	webkit2gtk3-devel-2.48.5-1.el8_10.ppc64le.rpm	2b4a5ff3819b46efd7564f8fae35ab7f387ff65d977f093572136948eee11595
ppc64le	webkit2gtk3-2.48.5-1.el8_10.ppc64le.rpm	49512c9e845cce11fbfd78b1c520d5d0c8c1ab4fc80347afa5c2c1581073b7d3
ppc64le	webkit2gtk3-jsc-devel-2.48.5-1.el8_10.ppc64le.rpm	597568731ea3ad6686a6d2ba40a1209aab40992be82e9fbf5168cc348f84d93b
ppc64le	webkit2gtk3-jsc-2.48.5-1.el8_10.ppc64le.rpm	979eb1242c93cd558b18ec543badf0d425d33c36c0a3633ba915fb94b987e6c9
s390x	webkit2gtk3-jsc-devel-2.48.5-1.el8_10.s390x.rpm	466dd6c46fcb39c78a88d3d68bea54d6cf965fb5db67cc28e5394fbf71df1f99
s390x	webkit2gtk3-2.48.5-1.el8_10.s390x.rpm	bdc12db2c025e07e3ae5536393a15130ee4ecf70277769878c207c5ea7790a08
s390x	webkit2gtk3-devel-2.48.5-1.el8_10.s390x.rpm	d587a8a9e5a58e5b6de2731bcd9a42de84976192e7323d29f99c9e97171ad4ab
s390x	webkit2gtk3-jsc-2.48.5-1.el8_10.s390x.rpm	eb05c9d5c0d7f3c90cdf41391032455d20f22966fa412ee8a5dde798388b4e2f
x86_64	webkit2gtk3-2.48.5-1.el8_10.x86_64.rpm	71e35f93b360ff74f99a449d7200b341c4a8bbbb4662d2207ecc0160d65d6c73
x86_64	webkit2gtk3-jsc-devel-2.48.5-1.el8_10.x86_64.rpm	906cdcb98f912e9867a2dd6e8da3d6310cfd2e66f68fbe784f92fdcbce8494ad
x86_64	webkit2gtk3-devel-2.48.5-1.el8_10.x86_64.rpm	b9c2651ebacecce95f6e151244adae3c3ab8f3aaec00eb1990173f60e177ef90
x86_64	webkit2gtk3-jsc-2.48.5-1.el8_10.x86_64.rpm	e5d9bb56de6d07eb3e62f4a5942a63daf0e499495068535643e107d2a8c3ff35

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.