ALSA-2025:7387

[ALSA-2025:7387] Important: webkit2gtk3 security update

Type:

security

Severity:

important

Release date:

2025-05-21

Description:

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.  

Security Fix(es):  

  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-44192)
  * webkitgtk: A malicious website may exfiltrate data cross-origin (CVE-2024-54467)
  * webkitgtk: Processing web content may lead to a denial-of-service (CVE-2024-54551)
  * webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack (CVE-2025-24208)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-24209)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-24216)
  * webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-30427)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	webkit2gtk3-jsc-2.48.1-1.el9_6.aarch64.rpm	01fc9a0e97af603380771dfa78a4d5c52c41f39277678ca12dd27922cce5ae52
aarch64	webkit2gtk3-devel-2.48.1-1.el9_6.aarch64.rpm	5887f969cabfb2b629d3bfe57a4b5b2a3c6944d55f633bf5d5e19a7a59b92adb
aarch64	webkit2gtk3-2.48.1-1.el9_6.aarch64.rpm	7a0d398be8c22d19c02359a0ab6bbec05f73b0f0cd5e33c6033b86c7c5998158
aarch64	webkit2gtk3-jsc-devel-2.48.1-1.el9_6.aarch64.rpm	98999b855ce668160cd0c91b136e503316644120beeefe521b3c32eb6644fb36
i686	webkit2gtk3-2.48.1-1.el9_6.i686.rpm	14dbb7715b97fc4bc1bcbe0b04ebf0e51efaa43adde2bf72eac4348115c62093
i686	webkit2gtk3-jsc-devel-2.48.1-1.el9_6.i686.rpm	5d6f80f48902042fc49314f6273e82fbaf1fa80b72717cb945912bf1cae83242
i686	webkit2gtk3-jsc-2.48.1-1.el9_6.i686.rpm	ce6d3c821383d521009f06222f43de082196f02e5e707e46c325d8f94029cf89
i686	webkit2gtk3-devel-2.48.1-1.el9_6.i686.rpm	e5fa9f314a530bf789633cfe0c0d4178e6a6984ec7a942e195b9d3f0abd15984
ppc64le	webkit2gtk3-devel-2.48.1-1.el9_6.ppc64le.rpm	369aac2ae8dabfa4ca25713ef08ea9f25693e723f0e845848da4ec32265ae22b
ppc64le	webkit2gtk3-2.48.1-1.el9_6.ppc64le.rpm	7f014a3434df48d636b519da8a3208548ba07961bb4abbef82879bc3531f3494
ppc64le	webkit2gtk3-jsc-2.48.1-1.el9_6.ppc64le.rpm	871f7a002b50e0d3253904b33ea4beec37eb5dd7a58b505a2964253ec285987f
ppc64le	webkit2gtk3-jsc-devel-2.48.1-1.el9_6.ppc64le.rpm	cea2fa7d62bb1ddb472e0dca120deb945e9922ca94bd48889cc81efe537e5c62
s390x	webkit2gtk3-jsc-devel-2.48.1-1.el9_6.s390x.rpm	10899291474e53cfbe533c579f22c6f4e253005ebbfe16a981ddf5bc7d7efca5
s390x	webkit2gtk3-devel-2.48.1-1.el9_6.s390x.rpm	57e704ca044ace9cfe4f384ac1d35394eba55ac4bce50a1fc2fe78121071fe05
s390x	webkit2gtk3-2.48.1-1.el9_6.s390x.rpm	641a73d6c9cfaf30073c6902165b73d8fdea293a1ece87c38ba713833cedceb0
s390x	webkit2gtk3-jsc-2.48.1-1.el9_6.s390x.rpm	f56e4a1a4e16ba8f8539067362cd01cd62d8c86dd6c50a8b81622d29fa453ea8
x86_64	webkit2gtk3-jsc-2.48.1-1.el9_6.x86_64.rpm	46732ee34e22cdd121daa0bf2a1cc66cdc45077086d7a28d3e69e086469156f8
x86_64	webkit2gtk3-2.48.1-1.el9_6.x86_64.rpm	e73b885f174fa9066ba0c3866795eb43f61153801dc70e8aa3e06c2ba67eb126
x86_64	webkit2gtk3-jsc-devel-2.48.1-1.el9_6.x86_64.rpm	f503d41f76b609cf4e8d6a22ebca8fc61956d377eae6b06fed2fc1dc64e227ce
x86_64	webkit2gtk3-devel-2.48.1-1.el9_6.x86_64.rpm	ff9fbfaab6421977bc2df82232cfa909b050e815c4f7a8b61b024fe212d3db24

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.