Stay Secure with the Latest Linux Advisories

security advisorysecurity issueFedora

Fedora 36: 2023-efe0594c2b Critical: Multiple WebKit2gtk3 Security Issues

* Fix large memory allocation when uploading content. * Fix scrolling after a history navigation with PSON enabled. * Always update the active uri of WebKitFrame. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-23529 ---- * Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-efe0594c2b 2023-02-22 11:06:32.700107 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 36 Version : 2.38.5 Release : 1.fc36 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: * Fix large memory allocation when uploading content. * Fix scrolling after a history navigation with PSON enabled. * Always update the active uri of WebKitFrame. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-23529 ---- * Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard to avoid audio/video desynchronization, among other fixes. * Disable HLS media playback by default, which makes web sites use MSE instead. If needed WEBKIT_GST_ENABLE_HLS_SUPPORT=1 can be set in the environment to enable it back. * Disable threaded rendering in GTK4 builds by default, as it was causing crashes. * Fix MediaSession API not showing artwork images. * Fix MediaSession MPRIS usage when running inside a Flatpak sandbox. * Fix input element controls to correctly scale when applying a zoom factor different than the default. * Fixleakage of Web processes in certain situations. * Fix several crashes and rendering issues. * Security fixes: CVE-2023-23517, CVE-2023-23518, CVE-2022-42826, and many additional security issues --------------------------------------------------------------------------------ChangeLog: * Wed Feb 15 2023 Michael Catanzaro - 2.38.5-1 - Update to 2.38.5 * Thu Feb 2 2023 Michael Catanzaro - 2.38.4-1 - Update to 2.38.4 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-efe0594c2b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora Update Alert for webkit2gtk3, resolving memory issues and enhancing media capabilities along with security enhancements.. Fedora Update, Webkit Fixes, GStreamer Enhancements. . Severity: Critical. LinuxSecurity.com Team

Feb 22, 2023 •Critical Fedora