ALSA-2025:13782

[ALSA-2025:13782] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-08-14

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * angle: insufficient input validation can cause undefined behavior (CVE-2025-6558)
  * webkitgtk: A download?s origin may be incorrectly associated (CVE-2025-43240)
  * webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31273)
  * webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31278)
  * webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-43211)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43212)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43216)
  * webkitgtk: Processing maliciously crafted web content may disclose sensitive user information (CVE-2025-43227)
  * webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-43265)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-2.48.5-1.el9_6.aarch64.rpm	1d15f6f0a6dac42043bf9082ff8367fd9c055188afd52a51c48b437c1bb28994
aarch64	webkit2gtk3-2.48.5-1.el9_6.aarch64.rpm	356c2b96b39b79ae001a3c114a7eff77b91f8e28278460f576afba975c0bd98a
aarch64	webkit2gtk3-devel-2.48.5-1.el9_6.aarch64.rpm	6af41a67e2a536d86790c063620ac5518e5f5f4111b5f6fcb14e2ee96926b426
aarch64	webkit2gtk3-jsc-devel-2.48.5-1.el9_6.aarch64.rpm	c0ec32c12214df606e911bfdadff1113720dc01ca16f679990188f62a3f8b90a
i686	webkit2gtk3-jsc-devel-2.48.5-1.el9_6.i686.rpm	3f1c427cc5009c6ac137f23b5a77f2a64315eb80d7d41a2e6b4ea5d843cd638d
i686	webkit2gtk3-2.48.5-1.el9_6.i686.rpm	83553095627a98bb61e5871e34e43c66ff2d15f6125713eb1d4d283112e2bb62
i686	webkit2gtk3-jsc-2.48.5-1.el9_6.i686.rpm	8381a48ecae75bce2fc4b473f483b19ed9123d0c3e0ef631847a547f6a3cd8b2
i686	webkit2gtk3-devel-2.48.5-1.el9_6.i686.rpm	e0fb046b604f535ada493e711cee153578551845fe5c8c5956ac62b9815756f4
ppc64le	webkit2gtk3-jsc-2.48.5-1.el9_6.ppc64le.rpm	19380bb9c034c5ce747a0711e3e5e4f9f722323b53bb8e2f056117f6f26fa6f0
ppc64le	webkit2gtk3-2.48.5-1.el9_6.ppc64le.rpm	4ecbf37d95ce6f3d298e2471b3fd734663f20eaaa7a0ac0250555cf8731f3a61
ppc64le	webkit2gtk3-jsc-devel-2.48.5-1.el9_6.ppc64le.rpm	bd190f854d336ca71e31f9501b92c5e55ca93dc29473b4bf4f3564e7a2b515fd
ppc64le	webkit2gtk3-devel-2.48.5-1.el9_6.ppc64le.rpm	c5e516f5ae4ae703ce6e9f9c631f30dc22fa5657a84a739dca752711fc066541
s390x	webkit2gtk3-jsc-devel-2.48.5-1.el9_6.s390x.rpm	4cd1899eb8d2f8836a266bb64f0ebd469155a0dded73a89b70966144427d5f57
s390x	webkit2gtk3-jsc-2.48.5-1.el9_6.s390x.rpm	4f9856d0bc628647be817803604ad9de8b179dd2f2c19fd2fc45e78e7c05e101
s390x	webkit2gtk3-devel-2.48.5-1.el9_6.s390x.rpm	c241b278a8a29eedce80272e361c38fd5206c5b7105fade8e8996604761a3aae
s390x	webkit2gtk3-2.48.5-1.el9_6.s390x.rpm	f6e0c61700549c80028b39f58c827c22b693b62d310bc4b35a2fff32a227c2d9
x86_64	webkit2gtk3-jsc-devel-2.48.5-1.el9_6.x86_64.rpm	00eadd7302ff4539ecae16dd8325c2c8f7f08584af601fca714c99a74bd8e978
x86_64	webkit2gtk3-jsc-2.48.5-1.el9_6.x86_64.rpm	0dbc015b5f7584083e28c79528ede150027eca291ff009d026e31f5a70dfde32
x86_64	webkit2gtk3-2.48.5-1.el9_6.x86_64.rpm	7bec0801047bd5c985aea3bef953ee223f150e311c1cacbd47fa8f6301bc9c9e
x86_64	webkit2gtk3-devel-2.48.5-1.el9_6.x86_64.rpm	abadbc58ed9bd49bb3c47416c5e2c015266368a92c15ddf6f3becbe218c95fbc

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.