ALSA-2024:9553

[ALSA-2024:9553] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2024-11-18

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkitgtk: Visiting a malicious website may lead to address bar spoofing (CVE-2024-40866)
  * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-44187)
  * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44185)
  * webkitgtk: webkit2gtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44244)
  * webkitgtk: webkit2gtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2024-44296)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-devel-2.46.3-1.el9_5.aarch64.rpm	020b26a3b63daa6a71a91fd9db6c1686f19bb15f5699fa6dc8601367d0c4156e
aarch64	webkit2gtk3-jsc-2.46.3-1.el9_5.aarch64.rpm	1072896d026fcfd3cbeeab9dcfcba14e647938faf21d1f04ca1d1ee9b63e925b
aarch64	webkit2gtk3-devel-2.46.3-1.el9_5.aarch64.rpm	7bad39f636d386172f7800018dcf9fd4b5fd4a6a60fb32f9f810994b6a06c1ff
aarch64	webkit2gtk3-2.46.3-1.el9_5.aarch64.rpm	d86d0fa265024f97acbd06bc15febd9e5f13ed869ecfb0725664abe029b0309f
i686	webkit2gtk3-devel-2.46.3-1.el9_5.i686.rpm	2382a4d570f56c3430917e5b452211199d111d7b03908f29bd113ed8aedae033
i686	webkit2gtk3-jsc-2.46.3-1.el9_5.i686.rpm	4da0198cdb70102864ac0f0b35d87bff2133f4b8589bfa3e03500c848bb0ed90
i686	webkit2gtk3-jsc-devel-2.46.3-1.el9_5.i686.rpm	6e82eb7125613d2abbcebdcc25e0b5e8d6caa41a3f5a125f57c3ce131af14016
i686	webkit2gtk3-2.46.3-1.el9_5.i686.rpm	f615a6f4f039693a46ed68dfdc6582f5b4cbebae69b10fb704f3fc3ab97cc9d2
ppc64le	webkit2gtk3-2.46.3-1.el9_5.ppc64le.rpm	4b5bd893e939286634737456c99bf89d16fa48ad2b45f86c486deb3ab35a04b4
ppc64le	webkit2gtk3-devel-2.46.3-1.el9_5.ppc64le.rpm	b5e777a7fe4fccb7edd7ee3f3d91c17d5924497f1d0fa9ddd826c49fa219d594
ppc64le	webkit2gtk3-jsc-2.46.3-1.el9_5.ppc64le.rpm	b6ff6c3e6aa8032e628b6f80d024ea7f32382bcd6cedba7734f5ad87dc1c7a29
ppc64le	webkit2gtk3-jsc-devel-2.46.3-1.el9_5.ppc64le.rpm	d1e980a02f8f7c68c27c1b20d8ad39baf294f0c4e2f3070a75b741c491897a5a
s390x	webkit2gtk3-jsc-devel-2.46.3-1.el9_5.s390x.rpm	1ef356522bbe204043a7696320e9cad8bbaca85f0cb21641001354e1af5c1f9d
s390x	webkit2gtk3-2.46.3-1.el9_5.s390x.rpm	2ca48ec751a5741eca322b20f4f13e9133b7e071bdde1f17049735e87ca1e70f
s390x	webkit2gtk3-devel-2.46.3-1.el9_5.s390x.rpm	b7dbf140c735c4e0d3b832f5df8004a37bc27b641fbe875a6d5823fffd4367ac
s390x	webkit2gtk3-jsc-2.46.3-1.el9_5.s390x.rpm	c72ee5d7fcfcdc28cf2a8d4721afe4206d2a42107a2e8dfaebc578947bec12cc
x86_64	webkit2gtk3-jsc-2.46.3-1.el9_5.x86_64.rpm	205d559935e62f45fea05a512abd2c13b475a057495aafb79a48ed572751ea64
x86_64	webkit2gtk3-2.46.3-1.el9_5.x86_64.rpm	6074f2f4b3f6b526d94961fc6e3366ba2eae304812ad125646fe70dcfddca6f7
x86_64	webkit2gtk3-devel-2.46.3-1.el9_5.x86_64.rpm	bc79f73a733a5f1a8c4b8e06a6c457aeebdf062b660762c43c8e9bca81b747aa
x86_64	webkit2gtk3-jsc-devel-2.46.3-1.el9_5.x86_64.rpm	fb1de4d4e950840b8690b7518894f059d5245ef104e5de411f396ccbd07b208c

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.