Fedora 28: FEDORA-2018-97c58e29e4 critical: web security issue

WebKitGTK+ is the port of the portable web rendering engine WebKit to the

GTK+ platform.

This package contains WebKit2 based WebKitGTK+ for GTK+ 3.

This update addresses the following vulnerabilities: *

[CVE-2018-4200](https://www.cve.org/CVERecord?id=CVE-2018-4200)

Additional fixes: * Do TLS error checking on GTlsConnection::accept-certificate

to finish the load earlier in case of errors. * Properly close the connection to

the nested wayland compositor in the Web Process. * Avoid painting backing

stores for zero-opacity layers. * Fix downloads started by context menu failing

in some websites due to missing user agent HTTP header. * Fix video unpause when

GStreamerGL is disabled. * Fix several GObject introspection annotations. *

Update user agent quirks to fix Outlook.com and Chase.com. * Fix several crashes

and rendering issues.

* Wed May 9 2018 Tomas Popela - 2.20.2-1

- Update to 2.20.2

su -c 'dnf upgrade --advisory FEDORA-2018-97c58e29e4' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org