-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-25a98f5d55 2022-01-23 01:41:29.500049 -------------------------------------------------------------------------------- Name : webkit2gtk3 Product : Fedora 35 Version : 2.34.4 Release : 2.fc35 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. -------------------------------------------------------------------------------- Update Information: Update to 2.34.4: * Fix dire ["Safari Leaks"](https://safarileaks.com/) IndexedDB privacy violation. * Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. * Fix several crashes and rendering issues. * Additional security fixes: CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 21 2022 Michael Catanzaro2.34.4-2 - Add missing BuildRequires for wayland-protocols * Fri Jan 21 2022 Michael Catanzaro 2.34.4-1 - Update to WebKitGTK 2.34.4 * Wed Nov 24 2021 Michael Catanzaro 2.34.2-1 - Upgrade to 2.34.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=2034381 [ 2 ] Bug #2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting https://bugzilla.redhat.com/show_bug.cgi?id=2034389 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-25a98f5d55' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure