ALSA-2022:8054

[ALSA-2022:8054] Moderate: webkit2gtk3 security and bug fix update

Type:

security

Severity:

moderate

Release date:

2023-03-13

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-2.36.7-1.el9.aarch64.rpm	042a0c38609431e069fe8bd6dce9f6935a9e60c495faa06ee73fe9ef4e20474b
aarch64	webkit2gtk3-devel-2.36.7-1.el9.aarch64.rpm	71c9af562f55bc3134a14ba8d99868da4e1bc357cf4c82790912af32af6eda90
aarch64	webkit2gtk3-jsc-devel-2.36.7-1.el9.aarch64.rpm	dd856cb03644dcb2e71c5007f04864e4ab5bcce545bf96d822c7680b069b8491
aarch64	webkit2gtk3-jsc-2.36.7-1.el9.aarch64.rpm	f4dc1236b85b1f1717ae56e886194a2fe02cf3094ca50c453dfb4a76de64f630
i686	webkit2gtk3-jsc-devel-2.36.7-1.el9.i686.rpm	1a07aa0165708036b83b1d45135516e570e49291f000707c0c31e34be451a1cc
i686	webkit2gtk3-devel-2.36.7-1.el9.i686.rpm	300944cf3f28f92bdd5a4cc8b929d500955ea72f5cedf7472d6fb869aeb7957a
i686	webkit2gtk3-jsc-2.36.7-1.el9.i686.rpm	683793f45d2ba871f1ec07b5f428a2ce2bcfdd7150991da1392b2e09915a6568
i686	webkit2gtk3-2.36.7-1.el9.i686.rpm	6a548cfe16e0874766f736e60d5ab126ef7a343dbaf1e23649b491ec01335ca6
ppc64le	webkit2gtk3-devel-2.36.7-1.el9.ppc64le.rpm	798483d88983f1b94758ca632a5779c6ef7b459511dbb129bf80746b748437d7
ppc64le	webkit2gtk3-jsc-devel-2.36.7-1.el9.ppc64le.rpm	9542a4b25fa3fc3a3e94d307ce552db5e6458c4407c7041dca67d9bfd7c115c4
ppc64le	webkit2gtk3-2.36.7-1.el9.ppc64le.rpm	95c2f161c415d5a650546d30915439650736030afa185b539932441cf0a54c56
ppc64le	webkit2gtk3-jsc-2.36.7-1.el9.ppc64le.rpm	d5b6f18449648ec2cc2a5242a7401e9f1f74015b67ce315ed2762ed4d9d4eab3
s390x	webkit2gtk3-2.36.7-1.el9.s390x.rpm	0ceb985d97ccce1541d74573406d6a53b6ec88212d7d30c0e5d02f41597af006
s390x	webkit2gtk3-jsc-devel-2.36.7-1.el9.s390x.rpm	43bee5b981d46acb279044a44076126e4d604d86ce0623db83e71c88d8898a8f
s390x	webkit2gtk3-jsc-2.36.7-1.el9.s390x.rpm	6e52744ede860bc272d0a8459b507cb344f4a77a8a1ab80d3bc4d77f29ddca6b
s390x	webkit2gtk3-devel-2.36.7-1.el9.s390x.rpm	9a9be167370aa235a3e99f3016c93aa85a2e96e83b8b542e0d43bb2f5522a479
x86_64	webkit2gtk3-devel-2.36.7-1.el9.x86_64.rpm	137e54927a5dc1bab36fad7ee977776ad3175ba0a5fdea4889101a88a36ef162
x86_64	webkit2gtk3-jsc-2.36.7-1.el9.x86_64.rpm	5cca81135482f3bf75cc7ce10ea52ff2cf6b95685928865a680478fce7a1ca66
x86_64	webkit2gtk3-jsc-devel-2.36.7-1.el9.x86_64.rpm	73d45c0262ae990849c5ad37959e594fc4539ea3396faec4eae63f3428e748ff
x86_64	webkit2gtk3-2.36.7-1.el9.x86_64.rpm	d5fa74977313f7367ac876b58fecd35bf6bb152317fc78ee2e5a69f3cda91d93

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.