Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorydenial of serviceimportant

Rocky Linux 9 libcurl Security Update Alert RLSA-2026-9831

Important: webkit2gtk3 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:9692", "synopsis": "Important: webkit2gtk3 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for webkit2gtk3.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43213)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43214)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43457)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43511)\n\n* webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-46299)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20608)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20635)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20636)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20644)\n\n* webkitgtk: A remote attacker may be able to cause a denial-of-service (CVE-2026-20652)\n\n* webkitgtk: A website may be able to track users through Safari web extensions (CVE-2026-20676)\n\n* webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2026-20643)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20664)\n\n* webkitgtk: Processingmaliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-20665)\n\n* webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2026-20691)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28857)\n\n* webkitgtk: A malicious website may be able to process restricted web content outside the sandbox (CVE-2026-28859)\n\n* webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack (CVE-2026-28871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2448781", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448781", "description": ""}, {"ticket": "2448782", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448782", "description": ""}, {"ticket": "2448786", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448786", "description": ""}, {"ticket": "2448787", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448787", "description": ""}, {"ticket": "2448788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448788", "description": ""}, {"ticket": "2448789", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448789", "description": ""}, {"ticket": "2448790", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448790", "description": ""}, {"ticket": "2448791", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448791", "description": ""}, {"ticket": "2448792", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448792", "description": ""}, {"ticket": "2448793","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448793", "description": ""}, {"ticket": "2448794", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448794", "description": ""}, {"ticket": "2453000", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453000", "description": ""}, {"ticket": "2453001", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453001", "description": ""}, {"ticket": "2453002", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453002", "description": ""}, {"ticket": "2453003", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453003", "description": ""}, {"ticket": "2453004", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453004", "description": ""}, {"ticket": "2453006", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453006", "description": ""}, {"ticket": "2453008", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453008", "description": ""}], "cves": [{"name": "CVE-2025-43213", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43213", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43214", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43214", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43457", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43457", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-43511", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43511","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-46299", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46299", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-909"}, {"name": "CVE-2026-20608", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20635", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20635", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20636", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20636", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20643", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20643", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-346"}, {"name": "CVE-2026-20644", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20644", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20652", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20652", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-120"}, {"name": "CVE-2026-20664", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20664", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"},{"name": "CVE-2026-20665", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20665", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "cvss3BaseScore": "5.4", "cwe": "CWE-693"}, {"name": "CVE-2026-20676", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20676", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-201"}, {"name": "CVE-2026-20691", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20691", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-497"}, {"name": "CVE-2026-28857", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28857", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28859", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28859", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28871", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28871", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-79"}], "references": [], "publishedAt": "2026-04-24T12:03:31.152911Z", "rpms": {"Rocky Linux 9": {"nvras": ["webkit2gtk3-0:2.52.3-0.el9_7.1.src.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.i686.rpm","webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm"]}},"rebootSuggested": false, "buildReferences": []}. Important webkit2gtk3 security update for Rocky Linux addresses multiple issues including potential DoS attacks.. Rocky Linux WebKitGTK Security Update Exploit Fix Denial-Of-Service. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 24, 2026 Important Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorydenial of serviceimportant

Rocky Linux 9 RLSA-2026-9703 libxslt Severe Vulnerability Patch Deployed

Important: webkit2gtk3 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:9692", "synopsis": "Important: webkit2gtk3 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for webkit2gtk3.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43213)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43214)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43457)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43511)\n\n* webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-46299)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20608)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20635)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20636)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20644)\n\n* webkitgtk: A remote attacker may be able to cause a denial-of-service (CVE-2026-20652)\n\n* webkitgtk: A website may be able to track users through Safari web extensions (CVE-2026-20676)\n\n* webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2026-20643)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20664)\n\n* webkitgtk: Processingmaliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-20665)\n\n* webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2026-20691)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28857)\n\n* webkitgtk: A malicious website may be able to process restricted web content outside the sandbox (CVE-2026-28859)\n\n* webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack (CVE-2026-28871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2448781", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448781", "description": ""}, {"ticket": "2448782", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448782", "description": ""}, {"ticket": "2448786", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448786", "description": ""}, {"ticket": "2448787", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448787", "description": ""}, {"ticket": "2448788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448788", "description": ""}, {"ticket": "2448789", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448789", "description": ""}, {"ticket": "2448790", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448790", "description": ""}, {"ticket": "2448791", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448791", "description": ""}, {"ticket": "2448792", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448792", "description": ""}, {"ticket": "2448793","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448793", "description": ""}, {"ticket": "2448794", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448794", "description": ""}, {"ticket": "2453000", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453000", "description": ""}, {"ticket": "2453001", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453001", "description": ""}, {"ticket": "2453002", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453002", "description": ""}, {"ticket": "2453003", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453003", "description": ""}, {"ticket": "2453004", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453004", "description": ""}, {"ticket": "2453006", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453006", "description": ""}, {"ticket": "2453008", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453008", "description": ""}], "cves": [{"name": "CVE-2025-43213", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43213", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43214", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43214", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43457", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43457", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-43511", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43511","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-46299", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46299", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-909"}, {"name": "CVE-2026-20608", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20635", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20635", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20636", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20636", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20643", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20643", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-346"}, {"name": "CVE-2026-20644", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20644", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20652", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20652", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-120"}, {"name": "CVE-2026-20664", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20664", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"},{"name": "CVE-2026-20665", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20665", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "cvss3BaseScore": "5.4", "cwe": "CWE-693"}, {"name": "CVE-2026-20676", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20676", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-201"}, {"name": "CVE-2026-20691", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20691", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-497"}, {"name": "CVE-2026-28857", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28857", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28859", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28859", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28871", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28871", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-79"}], "references": [], "publishedAt": "2026-04-24T12:03:31.152911Z", "rpms": {"Rocky Linux 9": {"nvras": ["webkit2gtk3-0:2.52.3-0.el9_7.1.src.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.i686.rpm","webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm"]}},"rebootSuggested": false, "buildReferences": []}. New webkit2gtk3 security update on Rocky Linux 9 resolves various issues to enhance system safety. Take action now!. Rocky Linux, webkit2gtk3, important update, security patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 24, 2026 Important Rocky Linux
Banner 1 1028x280 1708121660 1771599717
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorydenial of serviceimportant

Rocky Linux 9 RLSA-2026-9703 webkit2gtk3 Serious Denial of Service Risk

Important: webkit2gtk3 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:9692", "synopsis": "Important: webkit2gtk3 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for webkit2gtk3.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43213)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43214)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43457)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43511)\n\n* webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-46299)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20608)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20635)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20636)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20644)\n\n* webkitgtk: A remote attacker may be able to cause a denial-of-service (CVE-2026-20652)\n\n* webkitgtk: A website may be able to track users through Safari web extensions (CVE-2026-20676)\n\n* webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy (CVE-2026-20643)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-20664)\n\n* webkitgtk: Processingmaliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-20665)\n\n* webkitgtk: A maliciously crafted webpage may be able to fingerprint the user (CVE-2026-20691)\n\n* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28857)\n\n* webkitgtk: A malicious website may be able to process restricted web content outside the sandbox (CVE-2026-28859)\n\n* webkitgtk: Visiting a maliciously crafted website may lead to a cross-site scripting attack (CVE-2026-28871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2448781", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448781", "description": ""}, {"ticket": "2448782", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448782", "description": ""}, {"ticket": "2448786", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448786", "description": ""}, {"ticket": "2448787", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448787", "description": ""}, {"ticket": "2448788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448788", "description": ""}, {"ticket": "2448789", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448789", "description": ""}, {"ticket": "2448790", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448790", "description": ""}, {"ticket": "2448791", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448791", "description": ""}, {"ticket": "2448792", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448792", "description": ""}, {"ticket": "2448793","sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448793", "description": ""}, {"ticket": "2448794", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2448794", "description": ""}, {"ticket": "2453000", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453000", "description": ""}, {"ticket": "2453001", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453001", "description": ""}, {"ticket": "2453002", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453002", "description": ""}, {"ticket": "2453003", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453003", "description": ""}, {"ticket": "2453004", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453004", "description": ""}, {"ticket": "2453006", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453006", "description": ""}, {"ticket": "2453008", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453008", "description": ""}], "cves": [{"name": "CVE-2025-43213", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43213", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43214", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43214", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2025-43457", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43457", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-43511", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43511","cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2025-46299", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46299", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-909"}, {"name": "CVE-2026-20608", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20635", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20635", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20636", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20636", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20643", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20643", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "cvss3BaseScore": "5.4", "cwe": "CWE-346"}, {"name": "CVE-2026-20644", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20644", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-20652", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20652", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-120"}, {"name": "CVE-2026-20664", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20664", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"},{"name": "CVE-2026-20665", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20665", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "cvss3BaseScore": "5.4", "cwe": "CWE-693"}, {"name": "CVE-2026-20676", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20676", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-201"}, {"name": "CVE-2026-20691", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-20691", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-497"}, {"name": "CVE-2026-28857", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28857", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28859", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28859", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-120"}, {"name": "CVE-2026-28871", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28871", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-79"}], "references": [], "publishedAt": "2026-04-24T12:03:31.152911Z", "rpms": {"Rocky Linux 9": {"nvras": ["webkit2gtk3-0:2.52.3-0.el9_7.1.src.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.i686.rpm","webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-debugsource-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-0:2.52.3-0.el9_7.1.x86_64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.aarch64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.i686.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.ppc64le.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.s390x.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.52.3-0.el9_7.1.x86_64.rpm"]}},"rebootSuggested": false, "buildReferences": []}. Rocky Linux webkit2gtk3 security update addresses important vulnerabilities impacting system stability and privacy.. Rocky Linux, webkit2gtk3, security update, denial-of-service, CVSS. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 24, 2026 Important Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorymemory corruptionimportant

Rocky Linux 8 RLSA-2025:0145 important: webkit2gtk3 process crash

Important: webkit2gtk3 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2025:0145", "synopsis": "Important: webkit2gtk3 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for webkit2gtk3.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* WebKitGTK: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54479)\n\n* webkit: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54502)\n\n* webkit: Processing maliciously crafted web content may lead to memory corruption (CVE-2024-54505)\n\n* webkit: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2024-54508)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2333841", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2333841", "description": ""}, {"ticket": "2333843", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2333843", "description": ""}, {"ticket": "2333844", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2333844", "description": ""}, {"ticket": "2333845", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2333845", "description": ""}], "cves": [{"name": "CVE-2024-54479", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-54479", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-54502", "sourceBy":"MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-54502", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-54505", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-54505", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-54508", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-54508", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2025-01-11T02:01:36.549945Z", "rpms": {"Rocky Linux 8": {"nvras": ["webkit2gtk3-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-0:2.46.5-1.el8_10.src.rpm", "webkit2gtk3-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-debuginfo-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-debuginfo-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-debuginfo-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-debugsource-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-debugsource-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-debugsource-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-devel-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-devel-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-devel-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-devel-debuginfo-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-devel-debuginfo-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-devel-debuginfo-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-jsc-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-jsc-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-jsc-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-jsc-debuginfo-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-jsc-devel-0:2.46.5-1.el8_10.aarch64.rpm", "webkit2gtk3-jsc-devel-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-jsc-devel-0:2.46.5-1.el8_10.x86_64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.46.5-1.el8_10.aarch64.rpm","webkit2gtk3-jsc-devel-debuginfo-0:2.46.5-1.el8_10.i686.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.46.5-1.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A security patch for WebKitGTK has been released for Rocky Linux, mitigating vulnerabilities that could lead to application crashes and memory corruption through harmful content.. Rocky Linux, WebKitGTK, security updates, process crash, memory corruption. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 11, 2025 Important Rocky Linux
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 39 WEBKITGTK-2023-8F84DC8E09 Moderate: fix crashes

* Bump Safari version in user agent header. * Fix blob URL regression that broke many websites. * Fix several crashes and rendering issues. * Fix CVE-2023-41983 and CVE-2023-42852. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-8f84dc8e09 2023-11-30 03:29:42.580492 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 39 Version : 2.42.2 Release : 1.fc39 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: * Bump Safari version in user agent header. * Fix blob URL regression that broke many websites. * Fix several crashes and rendering issues. * Fix CVE-2023-41983 and CVE-2023-42852 -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 10 2023 Michael Catanzaro - 2.42.2-1 - Update to 2.42.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-8f84dc8e09' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Address WebKitGTK problems on Fedora 39 by performing a system update and clearing the cache in your web browser, then verify your GTK themes.. Fedora Updates, WebKitGTK Fixes, Software Security. . LinuxSecurity.com Team

Calendar 2 Nov 30, 2023 Fedora
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorybuffer overflowsecurity fix

Rocky Linux 8 RLSA-2023:3433 Important Webkit2gtk3 Fix Critical DoS

Important: webkit2gtk3 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:3433", "synopsis": "Important: webkit2gtk3 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for webkit2gtk3.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\n\nSecurity Fix(es):\n\n* webkitgtk: a use-after-free when processing maliciously crafted web content (CVE-2023-32373)\n\n* webkitgtk: an out-of-bounds read when processing malicious content (CVE-2023-28204)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2209208", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2209208", "description": ""}, {"ticket": "2209214", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2209214", "description": ""}], "cves": [{"name": "CVE-2023-28204", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-28204", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-32373", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-32373", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2023-06-24T18:52:51.490480Z", "rpms": {"Rocky Linux 8": {"nvras": ["webkit2gtk3-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-0:2.38.5-1.el8_8.4.src.rpm", "webkit2gtk3-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-debuginfo-0:2.38.5-1.el8_8.4.aarch64.rpm","webkit2gtk3-debuginfo-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-debuginfo-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-debugsource-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-debugsource-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-debugsource-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-devel-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-devel-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-devel-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-devel-debuginfo-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-devel-debuginfo-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-devel-debuginfo-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-jsc-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-jsc-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-jsc-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-jsc-debuginfo-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-jsc-devel-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-jsc-devel-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-jsc-devel-0:2.38.5-1.el8_8.4.x86_64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el8_8.4.aarch64.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el8_8.4.i686.rpm", "webkit2gtk3-jsc-devel-debuginfo-0:2.38.5-1.el8_8.4.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Patch releases address critical vulnerabilities in webkit2gtk3 for Rocky Linux 8, bolstering defenses against potential cyber threats.. webkit2gtk3 update, Rocky Linux security, WebKitGTK fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 24, 2023 Important Rocky Linux
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraupdate information

Fedora 36: 2022-71121c44a4 Critical: WebKitGTK3 Security Fixes

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-71121c44a4 2022-12-31 01:16:00.044456 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 36 Version : 2.38.3 Release : 1.fc36 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: Update to 2.38.3: * Fix runtime critical warnings from media player. * Fix network process crash when fetching website data on ephemeral session. * Fix the build with Ruby 3.2. * Fix several crashes and rendering issues. * Security fixes: CVE-2022-42852, CVE-2022-42856, CVE-2022-42867, CVE-2022-46692, CVE-2022-46698, CVE-2022-46699, CVE-2022-46700 --------------------------------------------------------------------------------ChangeLog: * Thu Dec 22 2022 Michael Catanzaro 2.38.3-1 - Update to 2.38.3 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-71121c44a4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fortify your Ubuntu 22.04 setup by applying the newest webkit2gtk3 patches that resolve significant vulnerabilities and improve overall performance.. webkitgtk, security fixes, update information, Fedora 36, web rendering. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 31, 2022 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

Red Hat Enterprise Linux 8 RHSA-2022:7704-01 Moderate Update for WebkitGTK3

An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2022:7704-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7704 Issue date: 2022-11-08 CVE Names: CVE-2022-22624 CVE-2022-22628 CVE-2022-22629 CVE-2022-22662 CVE-2022-26700 CVE-2022-26709 CVE-2022-26710 CVE-2022-26716 CVE-2022-26717 CVE-2022-26719 CVE-2022-30293 ==================================================================== 1. Summary: An update for glib2 and webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary codeexecution (CVE-2022-22624) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628) * webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629) * webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716) * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717) * webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719) * webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2061994 - Upgrade WebKitGTK for RHEL 8.7 2073893 - CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution 2073896 - CVE-2022-22628 webkitgtk: Use-after-free leading to arbitrary code execution 2073899 - CVE-2022-22629 webkitgtk: Buffer overflow leading to arbitrary code execution 2082548 - CVE-2022-30293 webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution 2092732 - CVE-2022-26700 webkitgtk: Memory corruption issue leading to arbitrary codeexecution 2092733 - CVE-2022-26709 webkitgtk: Use-after-free leading to arbitrary code execution 2092734 - CVE-2022-26716 webkitgtk: Memory corruption issue leading to arbitrary code execution 2092735 - CVE-2022-26717 webkitgtk: Use-after-free leading to arbitrary code execution 2092736 - CVE-2022-26719 webkitgtk: Memory corruption issue leading to arbitrary code execution 2099334 - Can not play yelp videos 2104787 - CVE-2022-22662 webkitgtk: Cookie management issue leading to sensitive user information disclosure 2104789 - CVE-2022-26710 webkitgtk: Use-after-free leading to arbitrary code execution 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: webkit2gtk3-2.36.7-1.el8.src.rpm aarch64: webkit2gtk3-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el8.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el8.i686.rpm webkit2gtk3-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: glib2-2.56.4-159.el8.src.rpm aarch64: glib2-2.56.4-159.el8.aarch64.rpm glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-tests-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm ppc64le: glib2-2.56.4-159.el8.ppc64le.rpm glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-tests-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-2.56.4-159.el8.s390x.rpm glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-tests-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-2.56.4-159.el8.i686.rpm glib2-2.56.4-159.el8.x86_64.rpm glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-2.56.4-159.el8.i686.rpm glib2-devel-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-tests-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm Red Hat CodeReady Linux Builder (v.8): aarch64: glib2-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-debugsource-2.56.4-159.el8.aarch64.rpm glib2-devel-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-fam-debuginfo-2.56.4-159.el8.aarch64.rpm glib2-static-2.56.4-159.el8.aarch64.rpm glib2-tests-debuginfo-2.56.4-159.el8.aarch64.rpm noarch: glib2-doc-2.56.4-159.el8.noarch.rpm ppc64le: glib2-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-debugsource-2.56.4-159.el8.ppc64le.rpm glib2-devel-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-fam-debuginfo-2.56.4-159.el8.ppc64le.rpm glib2-static-2.56.4-159.el8.ppc64le.rpm glib2-tests-debuginfo-2.56.4-159.el8.ppc64le.rpm s390x: glib2-debuginfo-2.56.4-159.el8.s390x.rpm glib2-debugsource-2.56.4-159.el8.s390x.rpm glib2-devel-debuginfo-2.56.4-159.el8.s390x.rpm glib2-fam-debuginfo-2.56.4-159.el8.s390x.rpm glib2-static-2.56.4-159.el8.s390x.rpm glib2-tests-debuginfo-2.56.4-159.el8.s390x.rpm x86_64: glib2-debuginfo-2.56.4-159.el8.i686.rpm glib2-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-debugsource-2.56.4-159.el8.i686.rpm glib2-debugsource-2.56.4-159.el8.x86_64.rpm glib2-devel-debuginfo-2.56.4-159.el8.i686.rpm glib2-devel-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-fam-debuginfo-2.56.4-159.el8.i686.rpm glib2-fam-debuginfo-2.56.4-159.el8.x86_64.rpm glib2-static-2.56.4-159.el8.i686.rpm glib2-static-2.56.4-159.el8.x86_64.rpm glib2-tests-debuginfo-2.56.4-159.el8.i686.rpm glib2-tests-debuginfo-2.56.4-159.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2022-22624 https://access.redhat.com/security/cve/CVE-2022-22628 https://access.redhat.com/security/cve/CVE-2022-22629 https://access.redhat.com/security/cve/CVE-2022-22662 https://access.redhat.com/security/cve/CVE-2022-26700 https://access.redhat.com/security/cve/CVE-2022-26709 https://access.redhat.com/security/cve/CVE-2022-26710 https://access.redhat.com/security/cve/CVE-2022-26716 https://access.redhat.com/security/cve/CVE-2022-26717 https://access.redhat.com/security/cve/CVE-2022-26719 https://access.redhat.com/security/cve/CVE-2022-30293 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2pSR9zjgjWX9erEAQiQFQ//YREiZYxfs4xndA0wPNv+fq6qubz4ht3h FycNYUUhtiB+KqnpXfelECae9VC+jtDaBqrmopN4kGYPERbIBNOaxDM/AjiwQoRy WAMPMG0Nf7bES6RH793l9a36dPezHS7FQymSw1UsWgiFLEzalcP41UhJmz2ehhnF 89oC3QQ831rCFn637hiTMFkaOMhQsR+P7iCnpDXEA9f3jadtWkMk+ALkddEGR+zr bbCVMi3vd4q1w854SOU0mZjdBXd3JKcBFq5Iux1gY6XVDCilgU6QgZaltJJQx2u6 J3qGFykmSwgoCfvz2QUBMH5x3gYJHknfa1CrqgOtOC5gpO9ChEyRg7T5aC/mpY4P kfFh0VJEOZS29b34KOlKvXCRbgDjvuBy8EHvqJCs29a9ISOWOpZ8qsLDjTMBk+MR AU+J3Ym3ZiRaQhpFDDSakcuub0DAHESbokIsTHlsOt8J80GspJod3GRl2BUfY4FH uVH6t7IIL0k6zL/1si7cEnT1uMxp7rPh70KPSG0hm2CHrJ6MOLt9D6/eAuj7xAEL vkxev1kJ28kXoovVYmylhcjxX4w6v1M9QGE7IBMFEnFDi6btyWNDjD1vLGvmbuIT iJ120wnUt3kGH0vMLO2+Rfwj7jYVyR08tTY8JDtrxbhrUThjhJ9GCTLg3s+MaYVk J8NwK2xt2AQ=vhlq -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A new update has been released for glib2 and webkit2gtk3 in Red Hat Enterprise Linux 8, addressing issues classified with a moderate level of security risk and providing essential patches.. glib2,webkitgtk3,security update. . LinuxSecurity.com Team

Calendar 2 Nov 08, 2022 Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here