Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 41: webkitgtk 2025-b92313b6f2 Security Advisory Updates

fedora
Calendar Grey March 28, 2025
Dist Fedora Esm H88
Upgrade to WebKitGTK 2.48.0 resolves critical issues, enhancing performance and addressing security threats. Act now!
Upgrade to 2.48.0: Move tile rendering to worker threads when rendering with the GPU

Summary

WebKitGTK is the port of the WebKit web rendering engine to the

GTK platform.

Update Information:

Upgrade to 2.48.0: Move tile rendering to worker threads when rendering with the GPU. Fix preserve-3D intersection rendering. Added new function for creating Promise objects to the JavaScriptCore GLib API. The MediaRecorder backend gained WebM support (requires at least GStreamer 1.24.9) and audio bitrate configuration support. Fix invalid DPI-aware font size conversion. Bring back support for OpenType-SVG fonts using Skia SVG module. Add metadata (title and creation/modification date) to the PDF document generated for printing. Propagate the font’s computed locale to HarfBuzz. The GPU process build is now enabled for WebGL, but the web process is still used by default. The runtime flag UseGPUProcessForWebGL can be used to use the GPU process for WebGL. Fix CVE-2025-24201, CVE-2024-44192, CVE-2024-54467

Topics%20covered

Topics Covered

security advisory update Fedora out-of-bounds webkitgtk process crash

Change Log

* Tue Mar 18 2025 Michael Catanzaro - 2.48.0-1 - Update to WebKitGTK 2.48.0

References


[ 1 ] Bug #2352356 - CVE-2025-24201 webkitgtk: out-of-bounds write vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2352356 [ 2 ] Bug #2353875 - CVE-2024-44192 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2353875 [ 3 ] Bug #2353950 - CVE-2024-54467 webkitgtk: A malicious website may exfiltrate data cross-origin [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2353950

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b92313b6f2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: webkitgtk
Product: Fedora 41
Version: 2.48.0
Release: 1.fc41
URL: https://www.webkitgtk.org/
Summary: GTK web content engine library

Topics%20covered

Topics Covered

security advisory update Fedora out-of-bounds webkitgtk process crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here