[ALSA-2024:2126] Important: webkit2gtk3 security update
Type:
security
Severity:
important
Release date:
2024-05-07
Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-40414) * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2023-42852) * webkitgtk: Processing web content may lead to arbitrary code execution (CVE-2024-23213) * webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents (CVE-2014-1745) * webkitgtk: User password may be read aloud by a text-to-speech accessibility feature (CVE-2023-32359) * webkitgtk: use-after-free in the MediaRecorder API of the WebKit GStreamer-based ports (CVE-2023-39928) * webkitgtk: Processing web content may lead to a denial of service (CVE-2023-41983) * webkitgtk: processing a malicious image may lead to a denial of service (CVE-2023-42883) * webkitgtk: processing malicious web content may lead to arbitrary code execution (CVE-2023-42890) * webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2024-23206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 webkit2gtk3-2.42.5-1.el9.aarch64.rpm 7bfcff4873ae506bd7fe9f234358e4540b4199cc70d4d1ce9437b50ef768245a
aarch64 webkit2gtk3-devel-2.42.5-1.el9.aarch64.rpm a0b12450a6ff51782a3d9582347152776d7a4efb56e56c336f240b6b3807ab06
aarch64 webkit2gtk3-jsc-2.42.5-1.el9.aarch64.rpm a4cb016753defdc4418d656ffb7ccd8d63b7c7942c780beaec6c86675f88df61
aarch64 webkit2gtk3-jsc-devel-2.42.5-1.el9.aarch64.rpm b4de4ebafbd441ba233e3a8458672dc65caf9552ead109a78f0ed4647da73fca
i686 webkit2gtk3-jsc-2.42.5-1.el9.i686.rpm 04bc161ebf79dab1518ebb9be5f5528ef46ddaec3190953a67439cbf1aeef462
i686 webkit2gtk3-devel-2.42.5-1.el9.i686.rpm 813898782743768ff62325fe88181afe9111c6e45f9a615bdc0f87dc90cf3ded
i686 webkit2gtk3-2.42.5-1.el9.i686.rpm 86188ff858a29e34c898b319872cbc9e49366f200655df983b23dcbd2ab4fd87
i686 webkit2gtk3-jsc-devel-2.42.5-1.el9.i686.rpm 9cf1890eb1f359668901237231d895d4d64ef4580b00a21f6174c09e57ef9398
ppc64le webkit2gtk3-jsc-devel-2.42.5-1.el9.ppc64le.rpm 0f596e0082333a75a2de20daa10e29cce90fba4f3d8e6b26132f9adec5a7a85b
ppc64le webkit2gtk3-2.42.5-1.el9.ppc64le.rpm 5118d342eed3cbe1416186e05794ed1a79487ef232bce14e8dc10730cf8c2124
ppc64le webkit2gtk3-devel-2.42.5-1.el9.ppc64le.rpm a3ae6fa4374f5379cd1949f5ce4e51884dd3e6828230651885aec8f067af765c
ppc64le webkit2gtk3-jsc-2.42.5-1.el9.ppc64le.rpm e1322d21437be2c4135f4f034838b81e7cbe569324416102057c24000dda3c3f
s390x webkit2gtk3-devel-2.42.5-1.el9.s390x.rpm 22bd2911df91aeab4aead0d92c22854b32a621dd9cc5a7e9a2447e8103b6b257
s390x webkit2gtk3-jsc-2.42.5-1.el9.s390x.rpm 34578b86856b5ff435775986ca85342c2d1fb153e3ea2006ac95208820c0d622
s390x webkit2gtk3-2.42.5-1.el9.s390x.rpm 7fb58051b536be74bfcca11ad851e5bdefee1d5ffa443c60d7b8461d2b9956b9
s390x webkit2gtk3-jsc-devel-2.42.5-1.el9.s390x.rpm d1fb2046a65059a7fa1bf8ea87b824d2d0f2ed654e1165c2162d9e4c7c8abbce
x86_64 webkit2gtk3-2.42.5-1.el9.x86_64.rpm 2c668ffc51a2b83d3c0df7904ab749188169057cb455e093a16f118044aacb64
x86_64 webkit2gtk3-devel-2.42.5-1.el9.x86_64.rpm 656f07dfd1152b90a9bd407f1eafae86d1dfb55ee2fb53057651cf14b12d59f3
x86_64 webkit2gtk3-jsc-devel-2.42.5-1.el9.x86_64.rpm e080742046fe704c873dfaac7e15a74cfc14472ba3e16c0e4a898b0dc04676b5
x86_64 webkit2gtk3-jsc-2.42.5-1.el9.x86_64.rpm f8b8e5e7402343d76652ad2970fab15ddf313fd91856197bdb59122fcdf1def8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.