UbuntuUpdates.org

Package "webkit2gtk"

Name: webkit2gtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JavaScript engine library from WebKitGTK - GObject introspection data
  • Web content engine library for GTK - GObject introspection data
  • JavaScript engine library from WebKitGTK
  • JavaScript engine library from WebKitGTK - development files

Latest version: 2.36.0-0ubuntu0.20.04.3
Release: focal (20.04)
Level: updates
Repository: main

Links



Other versions of "webkit2gtk" in Focal

Repository Area Version
base main 2.28.1-1
base universe 2.28.1-1
security main 2.36.0-0ubuntu0.20.04.3
security universe 2.36.0-0ubuntu0.20.04.3
updates universe 2.36.0-0ubuntu0.20.04.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.36.0-0ubuntu0.20.04.3 2022-04-28 19:06:21 UTC

  webkit2gtk (2.36.0-0ubuntu0.20.04.3) focal-security; urgency=medium

  * Updated to 2.36.0 to fix security issues.
    - CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22637
    - debian/patches/*.patch, debian/*.symbols: refreshed from jammy
      package.
    - debian/rules: reduce the number of parallel build jobs.

 -- Marc Deslauriers <email address hidden> Wed, 13 Apr 2022 12:22:56 -0400

Source diff to previous version
CVE-2022-22624 A use after free issue was addressed with improved memory management
CVE-2022-22628 A use after free issue was addressed with improved memory management
CVE-2022-22629 A buffer overflow issue was addressed with improved memory handling
CVE-2022-22637 A logic issue was addressed with improved state management

Version: 2.34.6-0ubuntu0.20.04.1 2022-02-28 15:06:24 UTC

  webkit2gtk (2.34.6-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.34.6 to fix security issues.
    - CVE-2022-22589, CVE-2022-22590, CVE-2022-22592

 -- Marc Deslauriers <email address hidden> Thu, 17 Feb 2022 10:29:55 -0500

Source diff to previous version
CVE-2022-22589 A validation issue was addressed with improved input sanitization
CVE-2022-22590 A use after free issue was addressed with improved memory management
CVE-2022-22592 A logic issue was addressed with improved state management

Version: 2.34.4-0ubuntu0.20.04.1 2022-01-27 20:06:32 UTC

  webkit2gtk (2.34.4-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.34.4 to fix security issues.
    - CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952,
      CVE-2021-30953, CVE-2021-30954, CVE-2021-30984

 -- Marc Deslauriers <email address hidden> Wed, 26 Jan 2022 07:22:38 -0500

Source diff to previous version

Version: 2.34.3-0ubuntu0.20.04.1 2022-01-06 17:06:33 UTC

  webkit2gtk (2.34.3-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.34.3 to fix security issues.
    - CVE-2021-30887
    - CVE-2021-30890

 -- Marc Deslauriers <email address hidden> Wed, 05 Jan 2022 12:06:34 -0500

Source diff to previous version
CVE-2021-30887 A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS 15.
CVE-2021-30890 A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1, iOS 15.1 and iPadOS 15.1, watchOS 8.1, tvOS

Version: 2.34.1-0ubuntu0.20.04.1 2021-11-01 16:06:18 UTC

  webkit2gtk (2.34.1-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.34.1 to fix security issues.
    - CVE-2021-30846, CVE-2021-30851, CVE-2021-42762
  * debian/patches/*, debian/*.symbols: refreshed from impish package.
  * debian/rules: build with -DUSE_SOUP2=ON.
  * debian/control: Add build dependency on liblcms2-dev.

 -- Marc Deslauriers <email address hidden> Wed, 27 Oct 2021 09:37:26 -0400

CVE-2021-30846 A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15, tvOS 15, iOS 15 an
CVE-2021-30851 A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Pr
CVE-2021-42762 BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1 allows a limited sandbox bypass that allows a sandboxed process to trick host proces



About   -   Send Feedback to @ubuntu_updates