SECURITY: Fedora 35 Update: webkit2gtk3-2.38.2-1.fc35
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-e7726761c4
2022-11-15 01:26:52.355809
--------------------------------------------------------------------------------
Name : webkit2gtk3
Product : Fedora 35
Version : 2.38.2
Release : 1.fc35
URL : https://www.webkitgtk.org/
Summary : GTK Web content engine library
Description :
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
This package contains WebKit2 based WebKitGTK for GTK 3.
--------------------------------------------------------------------------------
Update Information:
* Fix scrolling issues in some sites having fixed background. * Fix prolonged
buffering during progressive live playback. * Fix several crashes and rendering
issues. * Security fixes: CVE-2022-42799, CVE-2022-42823, CVE-2022-42824 ----
* Make xdg-dbus-proxy work if host session bus address is an abstract socket. *
Use a single xdg-dbus-proxy process when sandbox is enabled. * Fix high
resolution video playback due to unimplemented changeType operation. * Ensure
GSubprocess uses posix_spawn() again and inherit file descriptors. * Fix player
getting stuck in buffering (paused) state for progressive streaming. * Do not
try to preconnect on link click when link preconnect setting is disabled. * Fix
close status code returned when the client closes a WebSocket in some cases. *
Fix media player duration calculation. * Fix several crashes and rendering
issues.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Nov 4 2022 Michael Catanzaro 2.38.2-1
- Update to 2.38.2
* Tue Oct 25 2022 Michael Catanzaro 2.38.1-1
- Update to 2.38.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2140510 - CVE-2022-42799 webkit2gtk3: webkitgtk: a issue was addressed with improved UI handling [fedora-35]
https://bugzilla.redhat.com/show_bug.cgi?id=2140510
[ 2 ] Bug #2140516 - CVE-2022-42824 webkit2gtk3: webkitgtk: A logic issue was addressed with improved state management [fedora-35]
https://bugzilla.redhat.com/show_bug.cgi?id=2140516
[ 3 ] Bug #2140522 - CVE-2022-42823 webkit2gtk3: webkitgtk: A type confusion issue was addressed with improved memory handling [fedora-35]
https://bugzilla.redhat.com/show_bug.cgi?id=2140522
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-e7726761c4' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A webkit2gtk3 security update has been released for Fedora 35.
