Rocky Linux: RLSA-2023:4201 webkit2gtk3 security update
Summary
An update is available for webkit2gtk3. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: memory corruption issue leading to arbitrary code execution (CVE-2023-32435) * webkitgtk: type confusion issue leading to arbitrary code execution (CVE-2023-32439) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
webkit2gtk3-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-0:2.38.5-1.el9_2.3.i686.rpm
webkit2gtk3-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-0:2.38.5-1.el9_2.3.src.rpm
webkit2gtk3-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-debuginfo-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-debuginfo-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-debuginfo-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-debuginfo-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-debugsource-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-debugsource-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-debugsource-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-debugsource-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-devel-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-devel-0:2.38.5-1.el9_2.3.i686.rpm
webkit2gtk3-devel-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-devel-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-devel-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-devel-debuginfo-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-devel-debuginfo-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-devel-debuginfo-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-devel-debuginfo-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-jsc-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-jsc-0:2.38.5-1.el9_2.3.i686.rpm
webkit2gtk3-jsc-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-jsc-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-jsc-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-jsc-devel-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-jsc-devel-0:2.38.5-1.el9_2.3.i686.rpm
webkit2gtk3-jsc-devel-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-jsc-devel-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-jsc-devel-0:2.38.5-1.el9_2.3.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el9_2.3.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el9_2.3.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el9_2.3.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el9_2.3.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32439
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37450
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2218626
https://bugzilla.redhat.com/show_bug.cgi?id=2218640