Fedora Linux 8811 Published by

A webkitgtk security update has been released for Fedora 38.



SECURITY: Fedora 38 Update: webkitgtk-2.40.1-1.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-5b61346bbe
2023-04-22 00:46:16.249947
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 38
Version : 2.40.1
Release : 1.fc38
URL :   https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

* The Bubblewrap sandbox no longer requires setting an application identifier
via GApplication to operate correctly. Using GApplication is still recommended,
but optional. * Adjust the scrolling speed for mouse wheels to make it feel
more natural. * Allow pasting content using the Asynchronous Clipboard API when
the origin is the same as the clipboard contents. * Improvements to the
GStreamer multimedia playback, in particular around MSE, WebRTC, and seeking. *
Make all supported image types appear in the Accept HTTP header. * Fix text
caret blinking when blinking is disabled in the GTK settings. * Fix default
database quota size definition. * Fix application of all caps tags listed in
the font-feature-settings CSS property. * Fix font height calculations for the
font-size-adjust CSS property. * Fix several crashes and rendering issues. *
Security fixes: CVE-2022-0108, CVE-2022-32885, CVE-2023-25358, CVE-2023-27932,
CVE-2023-27954, CVE-2023-28205
--------------------------------------------------------------------------------
ChangeLog:

* Wed Apr 19 2023 Michael Catanzaro - 2.40.1-1
- Update to 2.40.1
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2185729 - CVE-2023-28205 webkitgtk: use-after-free leads to arbitrary code execution [fedora-all]
  https://bugzilla.redhat.com/show_bug.cgi?id=2185729
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-5b61346bbe' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________