UbuntuUpdates.org

Package "webkit2gtk"

Name: webkit2gtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • WebKitGTK JavaScript command-line interpreter (transitional dummy package)
  • JavaScript engine library from WebKitGTK - command-line interpreter
  • WebKitGTK WebDriver support (transitional dummy package)
  • WebKitGTK WebDriver support
Latest version: 2.48.5-0ubuntu0.25.04.1
Release: plucky (25.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "webkit2gtk" in Plucky

Repository Area Version
base main 2.48.1-1ubuntu1
base universe 2.48.1-1ubuntu1
security main 2.48.5-0ubuntu0.25.04.1
updates main 2.48.5-0ubuntu0.25.04.1
updates universe 2.48.5-0ubuntu0.25.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.48.5-0ubuntu0.25.04.1 2025-08-19 21:07:08 UTC

  webkit2gtk (2.48.5-0ubuntu0.25.04.1) plucky-security; urgency=medium

  * Update to 2.48.5 to fix security issues.
    - CVE-2025-6558, CVE-2025-31273, CVE-2025-31278, CVE-2025-43211,
      CVE-2025-43212, CVE-2025-43216, CVE-2025-43227, CVE-2025-43228,
      CVE-2025-43240, CVE-2025-43265
  * debian/patches/fix-ftbfs-armv7.patch:
    - Fix arm build.

 -- Marc Deslauriers <email address hidden> Wed, 13 Aug 2025 14:23:52 -0400
Source diff to previous version
CVE-2025-6558 Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform
CVE-2025-31273 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, w
CVE-2025-31278 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iPadOS 17.7.9, watchOS 11.6, visionOS 2.6, iOS 18.6 and iP
CVE-2025-43211 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.
CVE-2025-43212 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, w
CVE-2025-43216 A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, iPa
CVE-2025-43227 This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18
CVE-2025-43228 The issue was addressed with improved UI. This issue is fixed in iOS 18.6 and iPadOS 18.6, Safari 18. 6. Visiting a malicious website may lead to add
CVE-2025-43240 A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, Safari 18. 6. A download's origin may be incorrectly ass
CVE-2025-43265 An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPad

Version: 2.48.3-0ubuntu0.25.04.1 2025-06-11 20:07:36 UTC

  webkit2gtk (2.48.3-0ubuntu0.25.04.1) plucky-security; urgency=medium

  * Update to 2.48.3 to fix security issues.
    - CVE-2025-24223
    - CVE-2025-31204
    - CVE-2025-31205
    - CVE-2025-31206
    - CVE-2025-31215
    - CVE-2025-31257
  * d/p/fix-typo-denormaldisabler.patch: dropped, no longer needed.
  * debian/rules:
    - Build with -mbranch-protection=pac-ret on arm64 (Closes: #1104703).

 -- Marc Deslauriers <email address hidden> Wed, 04 Jun 2025 15:28:17 -0400
1104703 libwebkitgtk-6.0-4: JTI broken on arm64 with BTI enabled
CVE-2025-24223 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5,
CVE-2025-31204 The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5,
CVE-2025-31205 The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS
CVE-2025-31206 A type confusion issue was addressed with improved state handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS
CVE-2025-31215 The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia
CVE-2025-31257 This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5,


About   -   Send Feedback to @ubuntu_updates