Fedora 27: 2018-aac3ca8936 Critical: WebKitGTK+ Memory Issues

WebKitGTK+ is the port of the portable web rendering engine WebKit to the

GTK+ platform.

This package contains WebKitGTK+ for GTK+ 3.

This update addresses the following vulnerabilities: *

[CVE-2018-4190](https://www.cve.org/CVERecord?id=CVE-2018-4190),

[CVE-2018-4199](https://www.cve.org/CVERecord?id=CVE-2018-4199),

[CVE-2018-4218](https://www.cve.org/CVERecord?id=CVE-2018-4218),

[CVE-2018-4222](https://www.cve.org/CVERecord?id=CVE-2018-4222),

[CVE-2018-4232](https://www.cve.org/CVERecord?id=CVE-2018-4232),

[CVE-2018-4233](https://www.cve.org/CVERecord?id=CVE-2018-4233),

[CVE-2018-4246](https://www.cve.org/CVERecord?id=CVE-2018-4246),

[CVE-2018-11646](https://www.cve.org/CVERecord?id=CVE-2018-11646).

Additional fixes: * Fix installation directory of API documentation. * Disable

Gigacage if mmap fails to allocate in Linux. * Add user agent quirk for paypal

website. * Properly detect compiler flags, needed libs, and fallbacks for usage

of 64-bit atomic operations. * Fix a network process crash when trying to get

cookies of about:blank page. * Fix UI process crash when closing the window

under Wayland. * Fix several crashes and rendering issues.

* Mon Jun 11 2018 Tomas Popela - 2.20.3-1

- Update to 2.20.3

* Wed May 9 2018 Tomas Popela - 2.20.2-1

- Update to 2.20.2

* Tue Apr 10 2018 Tomas Popela - 2.20.1-1

- Update to 2.20.1

* Mon Mar 12 2018 Tomas Popela - 2.20.0-1

- Update to 2.20.0

* Wed Jan 24 2018 Tomas Popela - 2.18.6-1

- Update to 2.18.6

* Wed Jan 10 2018 Tomas Popela - 2.18.5-1

- Update to 2.18.5

* Tue Dec 19 2017 Tomas Popela - 2.18.4-1

- Update to 2.18.4

* Mon Nov 13 2017 Tomas Popela - 2.18.3-1

- Update to 2.18.3

* Thu Nov 2 2017 Kalev Lember - 2.18.2-2

- Fix gir directory ownership

* Fri Oct 27 2017 Tomas Popela - 2.18.2-1

- Update to 2.18.2

* Wed Oct 18 2017 Tomas Popela - 2.18.1-1

- Update to 2.18.1

su -c 'dnf upgrade --advisory FEDORA-2018-aac3ca8936' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6P4J4BQM66DFTDUIWVOVRVIB2AYST56/