Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 38: FEDORA-2023-e2c2896d16 Critical: WebKitGTK Code Execution Risk

fedora
Calendar Grey September 30, 2023
Dist Fedora Esm H88
Critical updates focused on mitigating vulnerabilities related to code execution and enhancing overall performance in the WebKitGTK component of Fedora 38.
* Fix enable-html5-database setting to properly enable/disable IndexedDB API

Summary

WebKitGTK is the port of the WebKit web rendering engine to the

GTK platform.

Update Information:

* Fix enable-html5-database setting to properly enable/disable IndexedDB API. * Fix the build with GBM disabled. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-41993

Topics%20covered

Topics Covered

security advisory update Fedora code execution software patch security fix WebKitGTK

Change Log

* Wed Sep 27 2023 Michael Catanzaro - 2.42.1-1 - Update to 2.40.1 and fix GL dependencies

References


[ 1 ] Bug #2240428 - [abrt] webkit2gtk4.1: get_dlopen_handle(): WebKitWebProcess killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2240428 [ 2 ] Bug #2240526 - CVE-2023-41993 webkitgtk: processing malicious web content may lead to arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2240526

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-e2c2896d16' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: webkitgtk
Product: Fedora 38
Version: 2.42.1
Release: 1.fc38
URL: https://www.webkitgtk.org/
Summary: GTK web content engine library

Topics%20covered

Topics Covered

security advisory update Fedora code execution software patch security fix WebKitGTK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here