Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
219
security advisorybuffer overflowbug fixRocky Linux 8 RLSA-2022:7704 Moderate: WebKit2GTK3 Bug Fix
Moderate: webkit2gtk3 security and bug fix update. {"type":"TYPE_SECURITY","shortCode":"RL","name":"RLSA-2022:7704","synopsis":"Moderate: webkit2gtk3 security and bug fix update","severity":"SEVERITY_MODERATE","topic":"An update for glib2 and webkit2gtk3 is now available for Rocky Linux 8.\nRocky Enterprise Software Foundation Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.","description":"WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.\nGLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\nAdditional Changes:\nFor detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.","solution":null,"affectedProducts":["Rocky Linux 8"],"fixes":[{"ticket":"2061994","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2061994","description":"Upgrade WebKitGTK for RHEL 8.7"},{"ticket":"2073893","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2073893","description":"CVE-2022-22624 webkitgtk: Use-after-free leading to arbitrary code execution"},{"ticket":"2073896","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2073896","description":"CVE-2022-22628 webkitgtk: Use-after-free leading to arbitrary code execution"},{"ticket":"2073899","sourceBy":"RedHat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2073899","description":"CVE-2022-22629 webkitgtk: Buffer overflow leading to arbitrary code execution"},{"ticket":"2082548","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2082548","description":"CVE-2022-30293 webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution"},{"ticket":"2092732","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2092732","description":"CVE-2022-26700 webkitgtk: Memory corruption issue leading to arbitrary code execution"},{"ticket":"2092733","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2092733","description":"CVE-2022-26709 webkitgtk: Use-after-free leading to arbitrary code execution"},{"ticket":"2092734","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2092734","description":"CVE-2022-26716 webkitgtk: Memory corruption issue leading to arbitrary code execution"},{"ticket":"2092735","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2092735","description":"CVE-2022-26717 webkitgtk: Use-after-free leading to arbitrary code execution"},{"ticket":"2092736","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2092736","description":"CVE-2022-26719 webkitgtk: Memory corruption issue leading to arbitrary code execution"},{"ticket":"2099334","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2099334","description":"Can not play yelp videos"},{"ticket":"2104787","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2104787","description":"CVE-2022-22662 webkitgtk: Cookie management issue leading to sensitive user information disclosure"},{"ticket":"2104789","sourceBy":"Red Hat","sourceLink":"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=2104789","description":"CVE-2022-26710 webkitgtk: Use-after-free leading toarbitrary code execution"}],"cves":[{"name":"CVE-2022-22624","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-22624.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-416"},{"name":"CVE-2022-22628","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-22628.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-416"},{"name":"CVE-2022-22629","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-22629.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-120"},{"name":"CVE-2022-22662","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-22662.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N","cvss3BaseScore":"6.5","cwe":"CWE-200"},{"name":"CVE-2022-26700","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26700.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-1173"},{"name":"CVE-2022-26709","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26709.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-416"},{"name":"CVE-2022-26710","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26710.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-416"},{"name":"CVE-2022-26716","sourceBy":"RedHat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26716.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-1173"},{"name":"CVE-2022-26717","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26717.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-416"},{"name":"CVE-2022-26719","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-26719.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"8.8","cwe":"CWE-1173"},{"name":"CVE-2022-30293","sourceBy":"Red Hat","sourceLink":"https:\/\/access.redhat.com\/hydra\/rest\/securitydata\/cve\/CVE-2022-30293.json","cvss3ScoringVector":"CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H","cvss3BaseScore":"7.5","cwe":"CWE-787"}],"references":[],"publishedAt":"2022-11-13T07:53:57.972674Z","rpms":{},"rebootSuggested":false}. An essential security improvement for webkit2gtk3 and glib2 has been released for Rocky Linux 8, tackling significant vulnerabilities.. webkit security update, rocky linux glib, moderate update, webkitgtk3 patch. . LinuxSecurity.com Team
Nov 13, 2022
Rocky Linux
89
security advisoryfedoraDoSFedora 31: FEDORA-2020-4832f2bd62 Moderate: WebKitGTK DoS Fix
Update to WebKitGTK 2.28.1: * Fix position of default option element popup windows under Wayland. * Update Chrome and Firefox versions in user agent quirks. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-11793. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-4832f2bd62 2020-04-26 02:47:56.787585 --------------------------------------------------------------------------------Name : webkit2gtk3 Product : Fedora 31 Version : 2.28.1 Release : 3.fc31 URL : https://www.webkitgtk.org/ Summary : GTK Web content engine library Description : WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. --------------------------------------------------------------------------------Update Information: Update to WebKitGTK 2.28.1: * Fix position of default option element popup windows under Wayland. * Update Chrome and Firefox versions in user agent quirks. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-11793 --------------------------------------------------------------------------------ChangeLog: * Fri Apr 17 2020 Michael Catanzaro - 2.28.1-3 - Fix popup menus in X11. * Mon Apr 13 2020 Michael Catanzaro - 2.28.1-1 - Update to 2.28.1 * Thu Apr 9 2020 Michael Catanzaro - 2.28.0-9 - Second attempt to fix ppc64le --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-4832f2bd62' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 25, 2020
Fedora
89
security advisorysecurity updatecriticalFedora 24: WebKitGTK3 Security Advisory - Critical Issues Notification
This update addresses the following vulnerabilities: * [CVE-2015-1120](https://www.cve.org/CVERecord?id=CVE-2015-1120) * [CVE-2015-1076](https://www.cve.org/CVERecord?id=CVE-2015-1076) * [CVE-2015-1071](https://www.cve.org/CVERecord?id=CVE-2015-1071) * [CVE-2015-1081](https://www.cve.org/CVERecord?id=CVE-2015-1081) *. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-fde7ffcb77 2016-03-27 00:00:51.394092 -------------------------------------------------------------------------------- Name : webkitgtk3 Product : Fedora 24 Version : 2.4.10 Release : 1.fc24 URL : https://www.webkitgtk.org/ Summary : GTK+ Web content engine library Description : WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. -------------------------------------------------------------------------------- Update Information: This update addresses the following vulnerabilities: * [CVE-2015-1120](https://www.cve.org/CVERecord?id=CVE-2015-1120) * [CVE-2015-1076](https://www.cve.org/CVERecord?id=CVE-2015-1076) * [CVE-2015-1071](https://www.cve.org/CVERecord?id=CVE-2015-1071) * [CVE-2015-1081](https://www.cve.org/CVERecord?id=CVE-2015-1081) * [CVE-2015-1122](https://www.cve.org/CVERecord?id=CVE-2015-1122) * [CVE-2015-1155](https://www.cve.org/CVERecord?id=CVE-2015-1155) * [CVE-2014-1748](https://www.cve.org/CVERecord?id=CVE-2014-1748) * [CVE-2015-3752](https://www.cve.org/CVERecord?id=CVE-2015-3752) * [CVE-2015-5809](https://www.cve.org/CVERecord?id=CVE-2015-5809) * [CVE-2015-5928](https://www.cve.org/CVERecord?id=CVE-2015-5928) * [CVE-2015-3749](https://www.cve.org/CVERecord?id=CVE-2015-3749) * [CVE-2015-3659](https://www.cve.org/CVERecord?id=CVE-2015-3659) * [CVE-2015-3748](https://www.cve.org/CVERecord?id=CVE-2015-3748) * [CVE-2015-3743](https://www.cve.org/CVERecord?id=CVE-2015-3743) * [CVE-2015-3731](https://www.cve.org/CVERecord?id=CVE-2015-3731) * [CVE-2015-3745](https://www.cve.org/CVERecord?id=CVE-2015-3745) * [CVE-2015-5822](https://www.cve.org/CVERecord?id=CVE-2015-5822) * [CVE-2015-3658](https://www.cve.org/CVERecord?id=CVE-2015-3658) * [CVE-2015-3741](https://www.cve.org/CVERecord?id=CVE-2015-3741) * [CVE-2015-3727](https://www.cve.org/CVERecord?id=CVE-2015-3727) * [CVE-2015-5801](https://www.cve.org/CVERecord?id=CVE-2015-5801) * [CVE-2015-5788](https://www.cve.org/CVERecord?id=CVE-2015-5788) * [CVE-2015-3747](https://www.cve.org/CVERecord?id=CVE-2015-3747) * [CVE-2015-5794](https://www.cve.org/CVERecord?id=CVE-2015-5794) * [CVE-2015-1127](https://www.cve.org/CVERecord?id=CVE-2015-1127) * [CVE-2015-1153](https://www.cve.org/CVERecord?id=CVE-2015-1153) * [CVE-2015-1083](https://www.cve.org/CVERecord?id=CVE-2015-1083) Additional fixes: * Fix rendering of form controls and scrollbars with GTK+ > 3.19 * Fix crashes on PowerPC 64. * Fix the build on PowerPC 32. * Add ARM64 build support. Translation updates * German * Spanish * French * Italian * Korean * Brazilian Portuguese * Russian * Chinese. -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update webkitgtk3' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Mar 27, 2016
•Critical
Fedora
89
security advisoryFedorabrowser securityFedora 21 Moderate: SIGSEGV Fix for webkitgtk3 in Midori
webkitgtk-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6999afd53e 2015-10-05 18:13:04.381280 -------------------------------------------------------------------------------- Name : webkitgtk3 Product : Fedora 21 Version : 2.4.9 Release : 2.fc21 URL : https://www.webkitgtk.org/ Summary : GTK+ Web content engine library Description : WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. -------------------------------------------------------------------------------- Update Information: webkitgtk-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-3.fc23 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-3.fc23 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatementbefore using it -------------------------------------------------------------------------------- References: [ 1 ] Bug #1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1189303 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update webkitgtk3' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Oct 05, 2015
Fedora
89
security advisorymoderateupdateFedora 23: FEDORA-2015-6e968aee2c Moderate: Fix for WebKitGTK3 Signal Error
webkitgtk-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6e968aee2c 2015-10-03 17:32:22.208632 -------------------------------------------------------------------------------- Name : webkitgtk3 Product : Fedora 23 Version : 2.4.9 Release : 3.fc23 URL : https://www.webkitgtk.org/ Summary : GTK+ Web content engine library Description : WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform. This package contains WebKitGTK+ for GTK+ 3. -------------------------------------------------------------------------------- Update Information: webkitgtk-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk-2.4.9-3.fc23 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-2.fc21 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-2.fc22 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatement before using it webkitgtk3-2.4.9-3.fc23 - rhbz#1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV Initialize string in SQLiteStatementbefore using it -------------------------------------------------------------------------------- References: [ 1 ] Bug #1189303 - [abrt] midori: WebCore::SQLiteStatement::prepare(): midori killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1189303 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update webkitgtk3' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Oct 03, 2015
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!