Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 39: FEDORA-2023-A4693C1C98 Critical WebKitGTK Code Execution

fedora
Calendar Grey October 1, 2023
Dist Fedora Esm H88
The recent WebKitGTK security patch for Fedora 39 addresses serious vulnerabilities, including those that could lead to arbitrary code execution.
* Fix enable-html5-database setting to properly enable/disable IndexedDB API

Summary

WebKitGTK is the port of the WebKit web rendering engine to the

GTK platform.

Update Information:

* Fix enable-html5-database setting to properly enable/disable IndexedDB API. * Fix the build with GBM disabled. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-41993

Topics%20covered

Topics Covered

security advisory critical Fedora code execution arbitrary code execution software fix WebKitGTK

Change Log

* Wed Sep 27 2023 Michael Catanzaro - 2.42.1-1 - Update to 2.40.1 and fix GL dependencies

References


[ 1 ] Bug #2240428 - [abrt] webkit2gtk4.1: get_dlopen_handle(): WebKitWebProcess killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2240428 [ 2 ] Bug #2240526 - CVE-2023-41993 webkitgtk: processing malicious web content may lead to arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2240526

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-a4693c1c98' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: webkitgtk
Product: Fedora 39
Version: 2.42.1
Release: 1.fc39
URL: https://www.webkitgtk.org/
Summary: GTK web content engine library

Topics%20covered

Topics Covered

security advisory critical Fedora code execution arbitrary code execution software fix WebKitGTK

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here