AlmaLinux 2325 Published by

A webkit2gtk3 security and bug fix update has been released for AlmaLinux 9.



ALSA-2022:8054 Moderate: webkit2gtk3 security and bug fix update


Type:
security

Severity:
moderate

Release date:
2022-11-18

Description
Security Fix(es):
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
* webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
* webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
* webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
* webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
* webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
RHSA-2022:8054
CVE-2022-22624
CVE-2022-22628
CVE-2022-22629
CVE-2022-22662
CVE-2022-26700
CVE-2022-26709
CVE-2022-26710
CVE-2022-26716
CVE-2022-26717
CVE-2022-26719
CVE-2022-30293
ALSA-2022:8054

Updates packages:
webkit2gtk3-jsc-devel-2.36.7-1.el9.i686.rpm
webkit2gtk3-devel-2.36.7-1.el9.i686.rpm
webkit2gtk3-jsc-2.36.7-1.el9.i686.rpm
webkit2gtk3-2.36.7-1.el9.i686.rpm
webkit2gtk3-devel-2.36.7-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.36.7-1.el9.x86_64.rpm
webkit2gtk3-2.36.7-1.el9.x86_64.rpm
webkit2gtk3-devel-2.36.7-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el9.ppc64le.rpm
webkit2gtk3-2.36.7-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.36.7-1.el9.ppc64le.rpm
webkit2gtk3-2.36.7-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el9.s390x.rpm
webkit2gtk3-jsc-2.36.7-1.el9.s390x.rpm
webkit2gtk3-devel-2.36.7-1.el9.s390x.rpm
webkit2gtk3-2.36.7-1.el9.aarch64.rpm
webkit2gtk3-devel-2.36.7-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.36.7-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.36.7-1.el9.aarch64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:8054 Moderate: webkit2gtk3 security and bug fix update