Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 26: 2018-6a9fea1b3a Moderate: WebKitGTK4 TLS Error Check

fedora
Calendar Grey May 21, 2018
Dist Fedora Esm H88
Upgrade the CVE-2018-4200 vulnerabilities alongside other essential patches for webkitgtk4 within the Fedora ecosystem.
This update addresses the following vulnerabilities: * [CVE-2018-4200](https://www.cve.org/CVERecord?id=CVE-2018-4200) Additional fixes: * Do TLS error checking on GTlsConnection::...

Summary

WebKitGTK+ is the port of the portable web rendering engine WebKit to the

GTK+ platform.

This package contains WebKitGTK+ for GTK+ 3.

This update addresses the following vulnerabilities: *

[CVE-2018-4200](https://www.cve.org/CVERecord?id=CVE-2018-4200)

Additional fixes: * Do TLS error checking on GTlsConnection::accept-certificate

to finish the load earlier in case of errors. * Properly close the connection to

the nested wayland compositor in the Web Process. * Avoid painting backing

stores for zero-opacity layers. * Fix downloads started by context menu failing

in some websites due to missing user agent HTTP header. * Fix video unpause when

GStreamerGL is disabled. * Fix several GObject introspection annotations. *

Update user agent quirks to fix Outlook.com and Chase.com. * Fix several crashes

and rendering issues.

* Wed May 9 2018 Tomas Popela - 2.20.2-1

- Update to 2.20.2

* Tue Apr 10 2018 Tomas Popela - 2.20.1-1

- Update to 2.20.1

* Mon Mar 12 2018 Tomas Popela - 2.20.0-1

- Update to 2.20.0

* Wed Jan 24 2018 Tomas Popela - 2.18.6-1

- Update to 2.18.6

* Wed Jan 10 2018 Tomas Popela - 2.18.5-1

- Update to 2.18.5

* Tue Dec 19 2017 Tomas Popela - 2.18.4-1

- Update to 2.18.4

* Mon Nov 13 2017 Tomas Popela - 2.18.3-1

- Update to 2.18.3

* Fri Oct 27 2017 Tomas Popela - 2.18.2-1

- Update to 2.18.2

* Wed Oct 18 2017 Tomas Popela - 2.18.1-1

- Update to 2.18.1

* Mon Sep 11 2017 Tomas Popela - 2.18.0-1

- Update to 2.18.0

* Mon Jul 24 2017 Tomas Popela - 2.16.6-1

- Update to 2.16.6

* Tue Jun 27 2017 Tomas Popela - 2.16.5-1

- Update to 2.16.5

su -c 'dnf upgrade --advisory FEDORA-2018-6a9fea1b3a' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SCT4DPLVQHBJF4T3V4JRZ3Q4FPJT6Z3J/

Topics%20covered

Topics Covered

security advisory fedora critical fix webkitgtk4 tls error check

Change Log

References

Update Instructions

Product: Fedora 26
Version: 2.20.2
Release: 1.fc26
URL: https://www.webkitgtk.org/
Summary: GTK+ Web content engine library

Topics%20covered

Topics Covered

security advisory fedora critical fix webkitgtk4 tls error check

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here