UbuntuUpdates.org

Package "webkit2gtk"

Name: webkit2gtk

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • JavaScript engine library from WebKitGTK - command-line interpreter
  • Transitional dummy package
  • WebKitGTK WebDriver support

Latest version: 2.32.0-0ubuntu0.20.04.1
Release: focal (20.04)
Level: security
Repository: universe

Links



Other versions of "webkit2gtk" in Focal

Repository Area Version
base main 2.28.1-1
base universe 2.28.1-1
security main 2.32.0-0ubuntu0.20.04.1
updates universe 2.32.0-0ubuntu0.20.04.1
updates main 2.32.0-0ubuntu0.20.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.32.0-0ubuntu0.20.04.1 2021-05-10 12:06:24 UTC

  webkit2gtk (2.32.0-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.32.0 to fix security issues.
    - sync patches and some packaging changes from 2.32.0-1ubuntu3
    - CVE-2021-1788, CVE-2021-1844, CVE-2021-1871

 -- Marc Deslauriers <email address hidden> Fri, 16 Apr 2021 06:59:45 -0400

Source diff to previous version
CVE-2021-1788 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, S
CVE-2021-1844 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.
CVE-2021-1871 A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update

Version: 2.30.6-0ubuntu0.20.04.1 2021-03-29 15:06:24 UTC

  webkit2gtk (2.30.6-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.30.6 to fix security issues.
    - CVE-2020-27918, CVE-2020-29623, CVE-2021-1765, CVE-2021-1789,
      CVE-2021-1799, CVE-2021-1801, CVE-2021-1870

 -- Marc Deslauriers <email address hidden> Fri, 26 Mar 2021 11:17:36 -0400

Source diff to previous version
CVE-2020-27918 A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 1

Version: 2.30.5-0ubuntu0.20.04.1 2021-02-18 14:06:23 UTC

  webkit2gtk (2.30.5-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.30.5 to fix security issues.
    - CVE-2020-13558

 -- Marc Deslauriers <email address hidden> Mon, 15 Feb 2021 11:17:04 -0500

Source diff to previous version

Version: 2.30.3-0ubuntu0.20.04.1 2020-11-26 15:06:58 UTC

  webkit2gtk (2.30.3-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.30.3 to fix security issues.
    - CVE-2020-13753, CVE-2020-9948, CVE-2020-9951, CVE-2020-9952,
      CVE-2020-9983
  * debian/patches/*.patch: refreshed
  * debian/patches/user-agent-branding.patch: removed, no longer needed.
  * debian/rules: use -DUSER_AGENT_BRANDING.
  * debian/control: add libsystemd-dev to Build-Depends.
  * debian/libwebkit2gtk-4.0-37.symbols: updated for new version.

 -- Marc Deslauriers <email address hidden> Tue, 24 Nov 2020 06:55:03 -0500

Source diff to previous version
CVE-2020-13753 The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NE
CVE-2020-9948 A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0. Processing maliciously crafted web content ma
CVE-2020-9951 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0. Processing maliciously crafted web content
CVE-2020-9952 An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safa
CVE-2020-9983 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web cont

Version: 2.28.4-0ubuntu0.20.04.1 2020-08-03 14:06:43 UTC

  webkit2gtk (2.28.4-0ubuntu0.20.04.1) focal-security; urgency=medium

  * Updated to 2.28.3 to fix security issues.
    - CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,
      CVE-2020-9915, CVE-2020-9925
  * debian/rules: build with openjpeg2, it is now in main in focal.
    (LP: #1886411)

 -- Marc Deslauriers <email address hidden> Fri, 31 Jul 2020 11:18:44 -0400

1886411 Missing libopenjp2-7 from dependencies



About   -   Send Feedback to @ubuntu_updates