Package "gir1.2-javascriptcoregtk-6.0"
Name: |
gir1.2-javascriptcoregtk-6.0
|
Description: |
JavaScript engine library from WebKitGTK - GObject introspection data
|
Latest version: |
2.46.3-0ubuntu0.22.04.1 |
Release: |
jammy (22.04) |
Level: |
security |
Repository: |
main |
Head package: |
webkit2gtk |
Homepage: |
https://webkitgtk.org/ |
Links
Download "gir1.2-javascriptcoregtk-6.0"
Other versions of "gir1.2-javascriptcoregtk-6.0" in Jammy
Changelog
webkit2gtk (2.46.3-0ubuntu0.22.04.1) jammy-security; urgency=medium
* Update to 2.46.3 to fix security issues.
- debian/control-common.in: no longer mark -dev packages as Multi-Arch:
same because they are now different on s390x.
- debian/patches/update_simde.patch: removed, included in new version.
- CVE-2024-44244
- CVE-2024-44296
-- Marc Deslauriers <email address hidden> Wed, 13 Nov 2024 09:09:02 -0500
|
Source diff to previous version |
CVE-2024-44244 |
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, |
CVE-2024-44296 |
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, |
|
webkit2gtk (2.46.1-0ubuntu0.22.04.3) jammy-security; urgency=medium
* Build 2.46.1 for jammy to fix security issues.
- debian/rules: set USE_OLD_WEBDRIVER_PKG=YES, ENABLE_SOUP2=YES,
USE_OLD_DOC_PKG=YES, USE_OLD_JSCBIN_PKG=YES.
- debian/control.*: remove libavif-dev as there are no i386 binaries
for it in 22.04 and it blocks the i386 build.
- debian/control.*: remove libjxl-dev as it doesn't exist in 22.04.
- debian/patches/update_simde.patch: fix FTBFS on arm64 by updating
simde code.
- CVE-2024-40866
- CVE-2024-44187
-- Marc Deslauriers <email address hidden> Tue, 08 Oct 2024 11:24:41 -0400
|
Source diff to previous version |
CVE-2024-40866 |
The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar sp |
CVE-2024-44187 |
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, |
|
webkit2gtk (2.44.3-0ubuntu0.22.04.1) jammy-security; urgency=medium
* Update to 2.44.3 to fix security issues.
- CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2024-40782,
CVE-2024-40789, CVE-2024-4558
-- Marc Deslauriers <email address hidden> Thu, 05 Sep 2024 09:55:49 -0400
|
Source diff to previous version |
CVE-2024-40776 |
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and |
CVE-2024-40779 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPa |
CVE-2024-40780 |
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPa |
CVE-2024-40782 |
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and |
CVE-2024-40789 |
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 |
CVE-2024-4558 |
Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML |
|
webkit2gtk (2.44.2-0ubuntu0.22.04.1) jammy-security; urgency=medium
* Update to 2.44.2 to fix security issues.
- debian/patches/fix-ftbfs-i386.patch: removed, no longer needed.
- CVE-2024-27834
-- Marc Deslauriers <email address hidden> Tue, 21 May 2024 10:15:17 -0400
|
Source diff to previous version |
CVE-2024-27834 |
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14. |
|
webkit2gtk (2.44.0-0ubuntu0.22.04.1) jammy-security; urgency=medium
* Update to 2.44.0 to fix security issues.
- Refreshed patches from 2.44.0-2 package.
- debian/rules: use -DUSE_GTK4=OFF as ON is now the default.
- debian/rules: use -DUSE_LIBBACKTRACE=OFF.
- debian/libwebkit2gtk-4.0-doc.install: adjust doc location.
- debian/rules: adjust doc location.
- CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280,
CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843.
-- Marc Deslauriers <email address hidden> Tue, 09 Apr 2024 08:09:35 -0400
|
CVE-2024-23254 |
The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watch |
CVE-2024-23263 |
A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, wa |
CVE-2024-23280 |
An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 1 |
CVE-2024-23284 |
A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17 |
CVE-2023-42950 |
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchO |
CVE-2023-42956 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing we |
CVE-2023-42843 |
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and |
|
About
-
Send Feedback to @ubuntu_updates