-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmV3MTgACgkQZWnYVadE
vpOajxAAtXcdwO0KxGbIa2S3x8ZDEF2saLjj9iONPhmVDpz38zU8ODhQ6/WFxSmf
ZTxm9Ssbkwuo0+zouvwgk5bLlU0j9FZxlOUeO9hM3k2+c+VMXRDgzR2TmD9lCb2u
qBa1Dj8kLqrz/oCMKOyzDVB0YRzFKVRFUR2G24+qxdfuyZQEqeF7jsIs/9p4o1mP
h3O4cZNaSqp4J/ZJ6Ndymaya3UgJ66g6K1W4W4fUVPNw0N3KiTSZTwyLnE2wXY4Y
0+TvsKWVa81zMT45/Th5VDATIiqbRC0AaW9NvtpcjjsXmclgF/IWVT/b89pgXvfh
iBqucWFXiDHKeozZpjtRL/52Z+s7RJuLS28rEXpF6j31hQmU0Jluzc9hHkEhZgVD
L0Vc32pSyHzYyF35xVp1SPqwZj6qzEubEr9v9Y24UXI/GJGmb7VvCqBV3+dtyqHg
TdpMVkQTYaGvIcb0w94NduszpSnHq6aHZHaQ0jO+Cqd4sqLTMq5k0g/8Em9X91VW
qGNHtFtP7ip24cWjA3yEU9+EbINdeNgmn1OL5X0xxwhLOVRJ/oUnQE3xzPeRVoMW
DWXj8G3kiU3jFV1WkYaFOoJ2gyCHHhQeSA1bf2LBNwaGi97z3JMhiRsCFj7JBSaW
WODpritEXjK3JnQQo3FWn/Z3og55eb9YUZ7L671anXNpw+V5eIk=
=ZdL6
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6545-1
December 11, 2023
webkit2gtk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
- Ubuntu 23.04
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in WebKitGTK.
Software Description:
- webkit2gtk: Web content engine library for GTK+
Details:
Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.23.10.1
libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.23.10.1
libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.23.10.1
libwebkit2gtk-4.0-37 2.42.3-0ubuntu0.23.10.1
libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.23.10.1
Ubuntu 23.04:
libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.23.04.1
libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.23.04.1
libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.23.04.1
libwebkit2gtk-4.0-37 2.42.3-0ubuntu0.23.04.1
libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.23.04.1
Ubuntu 22.04 LTS:
libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.22.04.1
libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.22.04.1
libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.22.04.1
libwebkit2gtk-4.0-37 2.42.3-0ubuntu0.22.04.1
libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.22.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK, such as Epiphany, to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6545-1
CVE-2023-42916, CVE-2023-42917
Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.23.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.23.04.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.22.04.1
No comments:
Post a Comment