Package "webkit2gtk"
Name: |
webkit2gtk
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- JavaScript engine library from WebKitGTK - GObject introspection data
- Web content engine library for GTK - GObject introspection data
- JavaScript engine library from WebKitGTK
- JavaScript engine library from WebKitGTK - development files
|
Latest version: |
2.38.6-0ubuntu0.20.04.1 |
Release: |
focal (20.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "webkit2gtk" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
webkit2gtk (2.38.6-0ubuntu0.20.04.1) focal-security; urgency=medium
* Updated to 2.38.6 to fix security issues.
- CVE-2023-25358, CVE-2022-0108, CVE-2022-32885, CVE-2023-27932,
CVE-2023-27954, CVE-2023-28205
-- Marc Deslauriers <email address hidden> Tue, 25 Apr 2023 07:47:29 -0400
|
Source diff to previous version |
CVE-2023-25358 |
A use-after-free vulnerability in WebCore::RenderLayer::addChild in WebKitGTK before 2.36.8 allows attackers to execute code remotely. |
CVE-2022-0108 |
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted H |
CVE-2023-28205 |
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1 |
|
webkit2gtk (2.38.5-0ubuntu0.20.04.1) focal-security; urgency=medium
* Updated to 2.38.5 to fix security issues.
- debian/patches/gstreamer_build_fix.patch: removed, included in new
version.
- CVE-2023-23529
-- Marc Deslauriers <email address hidden> Thu, 16 Feb 2023 19:04:12 -0500
|
Source diff to previous version |
CVE-2023-23529 |
Processing maliciously crafted web content may lead to arbitrary code execution |
|
webkit2gtk (2.38.4-0ubuntu0.20.04.2) focal-security; urgency=medium
* Updated to 2.38.4 to fix security issues.
- debian/patches/gstreamer_build_fix.patch: fix build with older
gstreamer.
- CVE-2023-23517, CVE-2023-23518, CVE-2022-42826
-- Marc Deslauriers <email address hidden> Wed, 08 Feb 2023 14:29:07 -0500
|
Source diff to previous version |
CVE-2023-23517 |
Processing maliciously crafted web content may lead to arbitrary code execution |
CVE-2023-23518 |
Processing maliciously crafted web content may lead to arbitrary code execution |
CVE-2022-42826 |
Processing maliciously crafted web content may lead to arbitrary code execution |
|
webkit2gtk (2.38.3-0ubuntu0.20.04.1) focal-security; urgency=medium
* Updated to 2.38.3 to fix security issues.
- CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692,
CVE-2022-46698, CVE-2022-46699, CVE-2022-46700
-- Marc Deslauriers <email address hidden> Fri, 06 Jan 2023 08:03:12 -0500
|
Source diff to previous version |
CVE-2022-42852 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7. |
CVE-2022-42856 |
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and |
CVE-2022-42867 |
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and |
CVE-2022-46692 |
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iP |
CVE-2022-46698 |
A logic issue was addressed with improved checks. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16. |
CVE-2022-46699 |
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 a |
CVE-2022-46700 |
A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 |
|
webkit2gtk (2.38.2-0ubuntu0.20.04.1) focal-security; urgency=medium
* Updated to 2.38.2 to fix security issues.
- debian/patches/*.patch: sync from lunar package.
- debian/control, debian/rules: use bundled docs since gi-docgen is not
available in focal.
- debian/libwebkit2gtk-4.0-37.symbols: updated for new version.
- CVE-2022-32888, CVE-2022-32923, CVE-2022-42799, CVE-2022-42823,
CVE-2022-42824
-- Marc Deslauriers <email address hidden> Thu, 10 Nov 2022 09:34:10 -0500
|
CVE-2022-32888 |
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15 |
CVE-2022-32923 |
A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, |
CVE-2022-42799 |
The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS |
CVE-2022-42823 |
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS |
CVE-2022-42824 |
A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 an |
|
About
-
Send Feedback to @ubuntu_updates