Fedora Linux 8814 Published by

A webkit2gtk3 security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: webkit2gtk3-2.38.2-1.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e7726761c4
2022-11-15 01:26:52.355809
--------------------------------------------------------------------------------

Name : webkit2gtk3
Product : Fedora 35
Version : 2.38.2
Release : 1.fc35
URL :   https://www.webkitgtk.org/
Summary : GTK Web content engine library
Description :
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.

This package contains WebKit2 based WebKitGTK for GTK 3.

--------------------------------------------------------------------------------
Update Information:

* Fix scrolling issues in some sites having fixed background. * Fix prolonged
buffering during progressive live playback. * Fix several crashes and rendering
issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824 ----
* Make xdg-dbus-proxy work if host session bus address is an abstract socket. *
Use a single xdg-dbus-proxy process when sandbox is enabled. * Fix high
resolution video playback due to unimplemented changeType operation. * Ensure
GSubprocess uses posix_spawn() again and inherit file descriptors. * Fix player
getting stuck in buffering (paused) state for progressive streaming. * Do not
try to preconnect on link click when link preconnect setting is disabled. * Fix
close status code returned when the client closes a WebSocket in some cases. *
Fix media player duration calculation. * Fix several crashes and rendering
issues.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov 4 2022 Michael Catanzaro 2.38.2-1
- Update to 2.38.2
* Tue Oct 25 2022 Michael Catanzaro 2.38.1-1
- Update to 2.38.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2140510 - CVE-2022-42799 webkit2gtk3: webkitgtk: a issue was addressed with improved UI handling [fedora-35]
  https://bugzilla.redhat.com/show_bug.cgi?id=2140510
[ 2 ] Bug #2140516 - CVE-2022-42824 webkit2gtk3: webkitgtk: A logic issue was addressed with improved state management [fedora-35]
  https://bugzilla.redhat.com/show_bug.cgi?id=2140516
[ 3 ] Bug #2140522 - CVE-2022-42823 webkit2gtk3: webkitgtk: A type confusion issue was addressed with improved memory handling [fedora-35]
  https://bugzilla.redhat.com/show_bug.cgi?id=2140522
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e7726761c4' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________