ALSA-2024:9144

[ALSA-2024:9144] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2024-11-19

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkit: visiting a malicious website may lead to address bar spoofing (CVE-2023-42843)
  * webkit: heap use-after-free may lead to arbitrary code execution (CVE-2023-42950)
  * webkit: processing malicious web content may lead to a denial of service (CVE-2023-42956)
  * chromium-browser: Use after free in ANGLE (CVE-2024-4558)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-2.44.3-2.el9.aarch64.rpm	211d953598de958c24e80bb0b38c7fed06bbca6c7746f6659202e69a63b2b824
aarch64	webkit2gtk3-devel-2.44.3-2.el9.aarch64.rpm	30c1beda65f7397df15103c98aae9427a1cd7f99eba28aaa45d7db5e03b764e1
aarch64	webkit2gtk3-jsc-devel-2.44.3-2.el9.aarch64.rpm	6307e6767521ea5a058be0fd5425f0f76b752d1f487d37ded1c512c304fce6c2
aarch64	webkit2gtk3-jsc-2.44.3-2.el9.aarch64.rpm	eebb80322411b8688616a07a0f271d004ee40a9367bb0cfb0d8f6b4b72756b45
i686	webkit2gtk3-jsc-2.44.3-2.el9.i686.rpm	1c6bf2789948d9414187619ee475b2ea1598094477eb586bc80d4bac291c2598
i686	webkit2gtk3-2.44.3-2.el9.i686.rpm	26f1a2bca9e7507cac955c3caa821d2caab464a7d28a061368105d88c4d34e36
i686	webkit2gtk3-jsc-devel-2.44.3-2.el9.i686.rpm	86ba22a2d879df3d42ed9f1cf4b8cce6ed54ffead71e7e2c6e386a2f7e441ffb
i686	webkit2gtk3-devel-2.44.3-2.el9.i686.rpm	c9ce088ad9119b1323eaea888558783cbd93dcb8233e78d06895e673b5d9a86e
ppc64le	webkit2gtk3-2.44.3-2.el9.ppc64le.rpm	1f8c16dfb97181964390feaad5b89db0abb214cfc75bbc2c3dc46502f1a2edd7
ppc64le	webkit2gtk3-jsc-devel-2.44.3-2.el9.ppc64le.rpm	a85746bc58e7f6e968ae8f6a132011c78f6147182af94bfc3f8da41e9cf5f08d
ppc64le	webkit2gtk3-devel-2.44.3-2.el9.ppc64le.rpm	ec80824017f97fccf9b9d46e54d6890115dec26a6ddaf6a82a9288685e5f367b
ppc64le	webkit2gtk3-jsc-2.44.3-2.el9.ppc64le.rpm	ecc59ddcf843653f4efb013c6ace7728c62954fe37234c649f1ab01b3107e47b
s390x	webkit2gtk3-jsc-2.44.3-2.el9.s390x.rpm	5891a6a24ad76557b894b6b3418d5f7a6e1a0ccc968f79ea4c937f407bfefd76
s390x	webkit2gtk3-2.44.3-2.el9.s390x.rpm	ad6ea617ab4190b8a6b638ab2b529283e881aab745bbcbc13fd5bf9029d1ba9c
s390x	webkit2gtk3-devel-2.44.3-2.el9.s390x.rpm	b8d89b1743b0e4a7cc52b8db21fb2eb92943ada0b6cdc1cac7d6c4e66f97ad62
s390x	webkit2gtk3-jsc-devel-2.44.3-2.el9.s390x.rpm	ef4ff01ad239c10ef7c83ede114780deb9168374386ec8a373203eff05b38220
x86_64	webkit2gtk3-devel-2.44.3-2.el9.x86_64.rpm	4d95cc225ed03548354879139cb736bff372b7ff9683004599187088fe70ea9a
x86_64	webkit2gtk3-2.44.3-2.el9.x86_64.rpm	97a6dea47562e2e85c5026693b8777b33c9386564726137111774a077375efb4
x86_64	webkit2gtk3-jsc-devel-2.44.3-2.el9.x86_64.rpm	acd0dbc006572660acc76c8d7555318f380a25f3fb37c633d9e52d3ffeb76dc1
x86_64	webkit2gtk3-jsc-2.44.3-2.el9.x86_64.rpm	f9673a7f981869ccef0823bba46fb000783abf2b1fa5627bce8afa0e395ec698

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.