Package "webkit2gtk"
| Name: |
webkit2gtk
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- JavaScript engine library from WebKitGTK - GObject introspection data
- JavaScript engine library from WebKitGTK - GObject introspection data
- Web content engine library for GTK - GObject introspection data
- Web content engine library for GTK - GObject introspection data
|
| Latest version: |
2.48.7-0ubuntu0.24.04.2 |
| Release: |
noble (24.04) |
| Level: |
updates |
| Repository: |
main |
Links
Other versions of "webkit2gtk" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
|
webkit2gtk (2.48.7-0ubuntu0.24.04.2) noble-security; urgency=medium
* Update to 2.48.7 to fix security issues.
- CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368
* debian/patches/fix-ftbfs-armv7.patch: removed, included in new version.
* debian/patches/fix-ftbfs-op_instanceof_return_location.patch: fix new
op_instanceof_return_location build issue.
-- Marc Deslauriers <email address hidden> Thu, 02 Oct 2025 08:41:44 -0400
|
| Source diff to previous version |
| CVE-2025-43272 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 2 |
| CVE-2025-43342 |
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, |
| CVE-2025-43356 |
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 2 |
| CVE-2025-43368 |
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Process |
|
|
webkit2gtk (2.48.5-0ubuntu0.24.04.1) noble-security; urgency=medium
* Update to 2.48.5 to fix security issues.
- CVE-2025-6558, CVE-2025-31273, CVE-2025-31278, CVE-2025-43211,
CVE-2025-43212, CVE-2025-43216, CVE-2025-43227, CVE-2025-43228,
CVE-2025-43240, CVE-2025-43265
* debian/patches/fix-ftbfs-armv7.patch:
- Fix arm build.
-- Marc Deslauriers <email address hidden> Wed, 13 Aug 2025 14:23:52 -0400
|
| Source diff to previous version |
| CVE-2025-6558 |
Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform |
| CVE-2025-31273 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, w |
| CVE-2025-31278 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iP |
| CVE-2025-43211 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18. |
| CVE-2025-43212 |
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, w |
| CVE-2025-43216 |
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPa |
| CVE-2025-43227 |
This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18 |
| CVE-2025-43228 |
The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to add |
| CVE-2025-43240 |
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly ass |
| CVE-2025-43265 |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPad |
|
|
webkit2gtk (2.48.3-0ubuntu0.24.04.1) noble-security; urgency=medium
* Update to 2.48.3 to fix security issues.
- CVE-2025-24223
- CVE-2025-31204
- CVE-2025-31205
- CVE-2025-31206
- CVE-2025-31215
- CVE-2025-31257
* d/p/fix-typo-denormaldisabler.patch: dropped, no longer needed.
-- Marc Deslauriers <email address hidden> Wed, 04 Jun 2025 15:28:17 -0400
|
| Source diff to previous version |
| CVE-2025-24223 |
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, |
| CVE-2025-31204 |
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, |
| CVE-2025-31205 |
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS |
| CVE-2025-31206 |
A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS |
| CVE-2025-31215 |
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia |
| CVE-2025-31257 |
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, |
|
|
webkit2gtk (2.48.1-0ubuntu0.24.04.1) noble-security; urgency=medium
* Update to 2.48.1 to fix security issues.
- d/p/fix-typo-denormaldisabler.patch: fix build failure in i386 and
others due to missing semicolon.
- CVE-2024-54551
- CVE-2025-24208
- CVE-2025-24209
- CVE-2025-24213
- CVE-2025-24216
- CVE-2025-24264
- CVE-2025-30427
-- Marc Deslauriers <email address hidden> Mon, 07 Apr 2025 11:14:55 -0400
|
| Source diff to previous version |
| CVE-2024-54551 |
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, |
| CVE-2025-24208 |
A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious ifr |
| CVE-2025-24209 |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadO |
| CVE-2025-24213 |
This issue was addressed with improved handling of floats. This issue is fixed in tvOS 18.4, Safari 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, ma |
| CVE-2025-24216 |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS |
| CVE-2025-24264 |
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS |
| CVE-2025-30427 |
A use-after-free issue was addressed with improved memory management. This issue is fixed in visionOS 2.4, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPa |
|
|
webkit2gtk (2.48.0-0ubuntu0.24.04.1) noble-security; urgency=medium
* Update to 2.48.0 to fix security issues.
- d/p/fix-ftbfs-hurd.patch: removed, not needed in Ubuntu.
- d/p/disable-nvidia-dmabuf.patch, d/p/fix-bmalloc-armhf.patch: synced
from plucky package.
- debian/rules: build with -DENABLE_SPEECH_SYNTHESIS=OFF.
- debian/libwebkit2gtk-4.0-37.symbols: added new symbols.
- CVE-2024-44192
- CVE-2024-54467
- CVE-2025-24201
-- Marc Deslauriers <email address hidden> Mon, 24 Mar 2025 07:16:35 -0400
|
| CVE-2024-44192 |
The issue was addressed with improved checks. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS |
| CVE-2024-54467 |
A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, i |
| CVE-2025-24201 |
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 an |
|
About
-
Send Feedback to @ubuntu_updates
