UbuntuUpdates.org

Package "webkit2gtk"

Name: webkit2gtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JavaScript engine library from WebKitGTK+ - command-line interpreter
  • Transitional dummy package
  • WebKitGTK+ WebDriver support

Latest version: 2.28.4-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: universe

Links



Other versions of "webkit2gtk" in Bionic

Repository Area Version
base main 2.20.1-1
base universe 2.20.1-1
security main 2.28.4-0ubuntu0.18.04.1
updates main 2.28.4-0ubuntu0.18.04.1
updates universe 2.28.4-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.28.4-0ubuntu0.18.04.1 2020-08-03 14:06:41 UTC

  webkit2gtk (2.28.4-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.3 to fix security issues.
    - CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,
      CVE-2020-9915, CVE-2020-9925

 -- Marc Deslauriers <email address hidden> Fri, 31 Jul 2020 11:23:32 -0400

Source diff to previous version

Version: 2.28.3-0ubuntu0.18.04.1 2020-07-14 15:07:08 UTC

  webkit2gtk (2.28.3-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.3 to fix security issues.
    - CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
      CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753

 -- Marc Deslauriers <email address hidden> Mon, 13 Jul 2020 08:25:24 -0400

Source diff to previous version
CVE-2020-9802 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i
CVE-2020-9803 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari
CVE-2020-9805 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i
CVE-2020-9806 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9807 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9843 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9850 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i

Version: 2.28.2-0ubuntu0.18.04.1 2020-04-29 16:07:40 UTC

  webkit2gtk (2.28.2-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.2 to fix security issue.
    - CVE-2020-3899

 -- Marc Deslauriers <email address hidden> Tue, 28 Apr 2020 14:46:46 -0400

Source diff to previous version
CVE-2020-3899 A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTun

Version: 2.28.1-0ubuntu0.18.04.1 2020-04-20 13:06:58 UTC

  webkit2gtk (2.28.1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.1 to fix security issue.
    - CVE-2020-11793
  * debian/patches/upstream_archs_fix.patch: removed, no longer needed.

 -- Marc Deslauriers <email address hidden> Thu, 16 Apr 2020 11:29:02 -0400

Source diff to previous version
CVE-2020-11793 A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute

Version: 2.28.0-0ubuntu0.18.04.3 2020-03-30 14:06:36 UTC

  webkit2gtk (2.28.0-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * Updated to 2.28.0 to fix security issue.
    - debian/patches/*, debian/*.symbols: updated for 2.28.0.
    - CVE-2020-10018
  * debian/patches/upstream_archs_fix.patch:
    - workaround a regression on ppc64el, the fix is a temporary hackish
      solution until upstreams comes with a proper one.
  * debian/patches/work-around-gcc-7-ice.patch:
    - workaround FTBFS caused by ICE in gcc-7 update in bionic.
  * debian/rules:
    - disable debug packages on ppc64el to fix build issues.

 -- Marc Deslauriers <email address hidden> Thu, 26 Mar 2020 11:46:35 -0400

CVE-2020-10018 WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-fre



About   -   Send Feedback to @ubuntu_updates