Fedora 35: webkit2gtk3 2022-25a98f5d55 | LinuxSecurity.com
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-25a98f5d55
2022-01-23 01:41:29.500049
--------------------------------------------------------------------------------

Name        : webkit2gtk3
Product     : Fedora 35
Version     : 2.34.4
Release     : 2.fc35
URL         : https://www.webkitgtk.org/
Summary     : GTK Web content engine library
Description :
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.

This package contains WebKit2 based WebKitGTK for GTK 3.

--------------------------------------------------------------------------------
Update Information:

Update to 2.34.4:   * Fix dire ["Safari Leaks"](https://safarileaks.com/)
IndexedDB privacy violation.  * Make audio tools (like mixers) display the
actual name of the application producing sound, instead of a generic one.  * Fix
several crashes and rendering issues.  * Additional security fixes:
CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2022 Michael Catanzaro  2.34.4-2
- Add missing BuildRequires for wayland-protocols
* Fri Jan 21 2022 Michael Catanzaro  2.34.4-1
- Update to WebKitGTK 2.34.4
* Wed Nov 24 2021 Michael Catanzaro  2.34.2-1
- Upgrade to 2.34.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=2034381
  [ 2 ] Bug #2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting
        https://bugzilla.redhat.com/show_bug.cgi?id=2034389
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-25a98f5d55' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 35: webkit2gtk3 2022-25a98f5d55

January 22, 2022
Update to 2.34.4: * Fix dire ["Safari Leaks"](https://safarileaks.com/) IndexedDB privacy violation

Summary

WebKitGTK is the port of the portable web rendering engine WebKit to the

GTK platform.

This package contains WebKit2 based WebKitGTK for GTK 3.

Update Information:

Update to 2.34.4: * Fix dire ["Safari Leaks"](https://safarileaks.com/) IndexedDB privacy violation. * Make audio tools (like mixers) display the actual name of the application producing sound, instead of a generic one. * Fix several crashes and rendering issues. * Additional security fixes: CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984

Change Log

* Fri Jan 21 2022 Michael Catanzaro 2.34.4-2 - Add missing BuildRequires for wayland-protocols * Fri Jan 21 2022 Michael Catanzaro 2.34.4-1 - Update to WebKitGTK 2.34.4 * Wed Nov 24 2021 Michael Catanzaro 2.34.2-1 - Upgrade to 2.34.2

References

[ 1 ] Bug #2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass https://bugzilla.redhat.com/show_bug.cgi?id=2034381 [ 2 ] Bug #2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting https://bugzilla.redhat.com/show_bug.cgi?id=2034389

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-25a98f5d55' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : webkit2gtk3
Product : Fedora 35
Version : 2.34.4
Release : 2.fc35
URL : https://www.webkitgtk.org/
Summary : GTK Web content engine library

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.