UbuntuUpdates.org

Package "webkit2gtk"

Name: webkit2gtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JavaScript engine library from WebKitGTK+ - command-line interpreter
  • Transitional dummy package
  • WebKitGTK+ WebDriver support

Latest version: 2.32.4-0ubuntu0.18.04.1
Release: bionic (18.04)
Level: security
Repository: universe

Links



Other versions of "webkit2gtk" in Bionic

Repository Area Version
base main 2.20.1-1
base universe 2.20.1-1
security main 2.32.4-0ubuntu0.18.04.1
updates universe 2.32.4-0ubuntu0.18.04.1
updates main 2.32.4-0ubuntu0.18.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.30.3-0ubuntu0.18.04.1 2020-11-26 15:06:55 UTC

  webkit2gtk (2.30.3-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.30.3 to fix security issues.
    - CVE-2020-13753, CVE-2020-9948, CVE-2020-9951, CVE-2020-9952,
      CVE-2020-9983
  * debian/patches/*.patch: refreshed
  * debian/patches/user-agent-branding.patch: removed, no longer needed.
  * debian/rules: use -DUSER_AGENT_BRANDING.
  * debian/control: add libsystemd-dev to Build-Depends.
  * debian/libwebkit2gtk-4.0-37.symbols: updated for new version.
  * debian/rules: Use -g1 in all architectures.

 -- Marc Deslauriers <email address hidden> Tue, 24 Nov 2020 07:02:23 -0500

Source diff to previous version
CVE-2020-13753 The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NE
CVE-2020-9948 A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content ma
CVE-2020-9951 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content
CVE-2020-9952 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safa
CVE-2020-9983 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web cont

Version: 2.28.4-0ubuntu0.18.04.1 2020-08-03 14:06:41 UTC

  webkit2gtk (2.28.4-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.3 to fix security issues.
    - CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,
      CVE-2020-9915, CVE-2020-9925

 -- Marc Deslauriers <email address hidden> Fri, 31 Jul 2020 11:23:32 -0400

Source diff to previous version

Version: 2.28.3-0ubuntu0.18.04.1 2020-07-14 15:07:08 UTC

  webkit2gtk (2.28.3-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.3 to fix security issues.
    - CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
      CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-13753

 -- Marc Deslauriers <email address hidden> Mon, 13 Jul 2020 08:25:24 -0400

Source diff to previous version
CVE-2020-9802 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i
CVE-2020-9803 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari
CVE-2020-9805 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i
CVE-2020-9806 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9807 A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9843 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5,
CVE-2020-9850 A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, i

Version: 2.28.2-0ubuntu0.18.04.1 2020-04-29 16:07:40 UTC

  webkit2gtk (2.28.2-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.2 to fix security issue.
    - CVE-2020-3899

 -- Marc Deslauriers <email address hidden> Tue, 28 Apr 2020 14:46:46 -0400

Source diff to previous version
CVE-2020-3899 A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTun

Version: 2.28.1-0ubuntu0.18.04.1 2020-04-20 13:06:58 UTC

  webkit2gtk (2.28.1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.28.1 to fix security issue.
    - CVE-2020-11793
  * debian/patches/upstream_archs_fix.patch: removed, no longer needed.

 -- Marc Deslauriers <email address hidden> Thu, 16 Apr 2020 11:29:02 -0400

CVE-2020-11793 A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute



About   -   Send Feedback to @ubuntu_updates