Fedora Linux 8811 Published by

A webkit2gtk3 security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: webkit2gtk3-2.34.4-2.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-25a98f5d55
2022-01-23 01:41:29.500049
--------------------------------------------------------------------------------

Name : webkit2gtk3
Product : Fedora 35
Version : 2.34.4
Release : 2.fc35
URL :   https://www.webkitgtk.org/
Summary : GTK Web content engine library
Description :
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.

This package contains WebKit2 based WebKitGTK for GTK 3.

--------------------------------------------------------------------------------
Update Information:

Update to 2.34.4: * Fix dire ["Safari Leaks"](  https://safarileaks.com/)
IndexedDB privacy violation. * Make audio tools (like mixers) display the
actual name of the application producing sound, instead of a generic one. * Fix
several crashes and rendering issues. * Additional security fixes:
CVE-2021-30887, CVE-2021-30890, CVE-2021-30934, CVE-2021-30936, CVE-2021-30951,
CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 21 2022 Michael Catanzaro 2.34.4-2
- Add missing BuildRequires for wayland-protocols
* Fri Jan 21 2022 Michael Catanzaro 2.34.4-1
- Update to WebKitGTK 2.34.4
* Wed Nov 24 2021 Michael Catanzaro 2.34.2-1
- Upgrade to 2.34.2
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2034381 - CVE-2021-30887 webkitgtk: Logic issue leading to Content Security Policy bypass
  https://bugzilla.redhat.com/show_bug.cgi?id=2034381
[ 2 ] Bug #2034389 - CVE-2021-30890 webkitgtk: Logic issue leading to universal cross-site scripting
  https://bugzilla.redhat.com/show_bug.cgi?id=2034389
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-25a98f5d55' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________