ALSA-2025:23663

[ALSA-2025:23663] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-12-22

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkitgtk: webkitgtk: Use-after-free due to improper memory management (CVE-2025-43529)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43501)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43531)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43535)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43536)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43541)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-devel-2.50.4-1.el8_10.aarch64.rpm	1f8c1026e510d302ba4a84e14dbc31635e03c4a6b212a223666870c5f334e935
aarch64	webkit2gtk3-2.50.4-1.el8_10.aarch64.rpm	423baf94acec4cbb827fcb98126d2c2b82bb16c86916158b065f0de4626dc1c0
aarch64	webkit2gtk3-jsc-devel-2.50.4-1.el8_10.aarch64.rpm	5bccc0b65eccf5cceb5719cf755b1a441b92bba564c901d6125ac31240d27636
aarch64	webkit2gtk3-jsc-2.50.4-1.el8_10.aarch64.rpm	ced8ee006dd64cb79bb2b9f10923ce0f1292816d6119c11ac93a59db5f05e049
i686	webkit2gtk3-2.50.4-1.el8_10.i686.rpm	40d235fb11978c34e0bd85b824931cc8b24f2ab52e375f16cc01eb16c999959a
i686	webkit2gtk3-jsc-2.50.4-1.el8_10.i686.rpm	99bcce1d4aaecbeb09c5023a55f299a3245a5f8c6dde3a241d497a9aff6e1554
i686	webkit2gtk3-jsc-devel-2.50.4-1.el8_10.i686.rpm	bd8c28a5989317b4cf249aebd2ea82b988934a6917ac148e320a1dd2a3f8691f
i686	webkit2gtk3-devel-2.50.4-1.el8_10.i686.rpm	cd38c4a7aae6c26c358de8c39450ccea45311a43549d6cd898cb9102511351ab
ppc64le	webkit2gtk3-jsc-devel-2.50.4-1.el8_10.ppc64le.rpm	1deeeefa0046258a4cd4ed6a59b28722d59db0ed7464c5d82ebae3c1fbcd7937
ppc64le	webkit2gtk3-jsc-2.50.4-1.el8_10.ppc64le.rpm	cf631b6b3a41bf0dc0d0cf7969d70733e509389316ab413a7f797fba57cf267b
ppc64le	webkit2gtk3-2.50.4-1.el8_10.ppc64le.rpm	f7e32a3694736b5bb1e5f2fd2656137ae98722a5347e194225f73e58f1a8caed
ppc64le	webkit2gtk3-devel-2.50.4-1.el8_10.ppc64le.rpm	fb9f798c85039bad3d0a43af6f938af9318cb9fd8cc786fe4a8d0ee26a02a663
s390x	webkit2gtk3-devel-2.50.4-1.el8_10.s390x.rpm	3712364b04d0eaae8b58814be4b303315ec5fdf0b073e08b19a039a3991bd377
s390x	webkit2gtk3-jsc-2.50.4-1.el8_10.s390x.rpm	4d139723e92269629067ddbedf3925a2f9f99e6d5898b44663e872893dcbf5de
s390x	webkit2gtk3-2.50.4-1.el8_10.s390x.rpm	bb78d34855c8249a2385de2b194e2c5c7cae747fd85975959e7422ee1bdb9055
s390x	webkit2gtk3-jsc-devel-2.50.4-1.el8_10.s390x.rpm	d85e94a0f5164cead37ef0bfb9a3d9b8c86ee36f763aef414324c58cbae30f5e
x86_64	webkit2gtk3-jsc-2.50.4-1.el8_10.x86_64.rpm	178b0c29bedc2abae5d997c65ed1aa6920521a1e9e45798a2b515dbd5a025081
x86_64	webkit2gtk3-2.50.4-1.el8_10.x86_64.rpm	62c23690cf9177f8298088abf22950b0c959a6b782beda01e4db5b1405f6cd86
x86_64	webkit2gtk3-devel-2.50.4-1.el8_10.x86_64.rpm	ef5504dd369e8b8da8bc3ffcf50d9efd3fdb2724e91836ac26982e61482316ce
x86_64	webkit2gtk3-jsc-devel-2.50.4-1.el8_10.x86_64.rpm	ffb69d1e5bdf2f3b89d330d820dc4ca0874f794f120101c3aecafd6d25e7dd62

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.