Fedora: 2017-bff1b87765 Critical: WebKitGTK+ Web Process Risks
fedora
July 7, 2017
This update addresses the following vulnerabilities: * [CVE-2017-2538](https://www.cve.org/CVERecord?id=CVE-2017-2538) Additional fixes: * Fix web process deadlock when seeking you...
Summary
WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.
This package contains WebKitGTK+ for GTK+ 3.
This update addresses the following vulnerabilities: *
[CVE-2017-2538](https://www.cve.org/CVERecord?id=CVE-2017-2538)
Additional fixes: * Fix web process deadlock when seeking youtube videos. * Fix
blob downloads. * Improve theme rendering performance when using GTK+ >= 3.20. *
Fix positioning of popup menus in Wayland. * Fix JavaScriptCore crashes on big-endian architectures * Fix a web process crash when page finishes loading in
several web sites. * Fix the menu of select elements not showing in some cases
under Wayland. * Fix several crashes and rendering issues.
su -c 'dnf upgrade webkitgtk4' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Topics Covered
Change Log
References
Update Instructions
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Product: Fedora 25
Version: 2.16.5
Release: 1.fc25
Summary: GTK+ Web content engine library
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!