ALSA-2025:23700

[ALSA-2025:23700] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-12-22

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkitgtk: webkitgtk: Use-after-free due to improper memory management (CVE-2025-43529)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43501)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43531)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43535)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43536)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43541)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-devel-2.50.4-1.el9_7.aarch64.rpm	38e2e327a57ae1a8638132603f73763301f2f83408f098289a358388d1ea9885
aarch64	webkit2gtk3-devel-2.50.4-1.el9_7.aarch64.rpm	627c26ccdc38340e83aef366d85f6924c720545c877b597770ec4380ac0c2f19
aarch64	webkit2gtk3-2.50.4-1.el9_7.aarch64.rpm	8c3077e58e332ad280c3edcdf02efac26e6fbb782d9cc6f8dd036e85c5bb8bb9
aarch64	webkit2gtk3-jsc-2.50.4-1.el9_7.aarch64.rpm	8dd18cd5c0fa0d2f0a16950c179eca902c4e1a27a64e109674f9e4eb31952dd7
i686	webkit2gtk3-jsc-2.50.4-1.el9_7.i686.rpm	0a307eabcb8c1bbbefe5c1e615dc44ab70f6fcde73172a92c2b204557677a536
i686	webkit2gtk3-jsc-devel-2.50.4-1.el9_7.i686.rpm	2f1566948ccdc779533debc7dcf5234ce65706f193b7a272182c1037e6de8309
i686	webkit2gtk3-2.50.4-1.el9_7.i686.rpm	d78e535b531e324736c11507b9f59b9881aae0608bf82ffe38af725c0b361a08
i686	webkit2gtk3-devel-2.50.4-1.el9_7.i686.rpm	eae1322042fab7d74da7bcd22d770879d7808653ef109ab1c1a42f9608a86c8a
ppc64le	webkit2gtk3-jsc-2.50.4-1.el9_7.ppc64le.rpm	3ec3f0bf2d01c7726352d6a348222534e29cd2c270fc36a38d1500ec653a0e18
ppc64le	webkit2gtk3-devel-2.50.4-1.el9_7.ppc64le.rpm	6a4e46cd207addfeb4a10ad9f556322c8caa8baeb98bf2dec8ae824fe4d6e735
ppc64le	webkit2gtk3-jsc-devel-2.50.4-1.el9_7.ppc64le.rpm	7ee936cfccba46e59faef9dfaf974995a46f4712f1380584f1742b0f6257ab3f
ppc64le	webkit2gtk3-2.50.4-1.el9_7.ppc64le.rpm	ec44b1dcd2dc059d2e1a28323d90277ba1addad5d1d427c8ed2b02871344196f
s390x	webkit2gtk3-2.50.4-1.el9_7.s390x.rpm	05a1fd6d3385f9a6a089c44ed60d87af7db8912a95a3b946ce0b3bc368079a15
s390x	webkit2gtk3-jsc-2.50.4-1.el9_7.s390x.rpm	1d2a4c68a7494cf5d5bd653f81b89df274172478045f1c4398689b2f4b245321
s390x	webkit2gtk3-jsc-devel-2.50.4-1.el9_7.s390x.rpm	664775c94a93a556aca88aff5c3cf81e979668198e8780a6ec134243a8935498
s390x	webkit2gtk3-devel-2.50.4-1.el9_7.s390x.rpm	e358948a972c9985c91bc5a5d1620baa4f89c6828f76438fd3342e4905b7ec6e
x86_64	webkit2gtk3-jsc-2.50.4-1.el9_7.x86_64.rpm	8586fdf2a0f9584456f156edf28c4edb2b2c6e96b5242444b3aba346bc1e012a
x86_64	webkit2gtk3-2.50.4-1.el9_7.x86_64.rpm	c0b0eb6c1a2b82e5e09ccfffbddaaa4717cf179ffadf9d33ba33cfe0831ecb66
x86_64	webkit2gtk3-devel-2.50.4-1.el9_7.x86_64.rpm	d11b455ae94206beaea3bb97c44a24403b40dbed3ab32d71e4c53c776fd02d66
x86_64	webkit2gtk3-jsc-devel-2.50.4-1.el9_7.x86_64.rpm	f9a63e49cbb18fac73e4eb826c043e9ed98e885057d07d4c81e2df1652122234

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.