SECURITY: Fedora 37 Update: webkitgtk-2.40.1-1.fc37
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-a4bbf02a57
2023-05-01 01:28:35.280171
--------------------------------------------------------------------------------
Name : webkitgtk
Product : Fedora 37
Version : 2.40.1
Release : 1.fc37
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.
--------------------------------------------------------------------------------
Update Information:
* The Bubblewrap sandbox no longer requires setting an application identifier
via GApplication to operate correctly. Using GApplication is still recommended,
but optional. * Adjust the scrolling speed for mouse wheels to make it feel
more natural. * Allow pasting content using the Asynchronous Clipboard API when
the origin is the same as the clipboard contents. * Improvements to the
GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. *
Make all supported image types appear in the Accept HTTP header. * Fix text
caret blinking when blinking is disabled in the GTK settings. * Fix default
database quota size definition. * Fix application of all caps tags listed in
the font-feature-settings CSS property. * Fix font height calculations for the
font-size-adjust CSS property. * Fix several crashes and rendering issues. *
Security fixes: CVE-2022-0108, CVE-2022-32885, CVE-2023-25358, CVE-2023-27932,
CVE-2023-27954, CVE-2023-28205
--------------------------------------------------------------------------------
ChangeLog:
* Wed Apr 19 2023 Michael Catanzaro - 2.40.1-1
- Update to 2.40.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2185729 - CVE-2023-28205 webkitgtk: use-after-free leads to arbitrary code execution [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2185729
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-a4bbf02a57' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A webkitgtk security update has been released for Fedora 37.