UbuntuUpdates.org

Package "gir1.2-javascriptcoregtk-4.0"

Name: gir1.2-javascriptcoregtk-4.0

Description:

JavaScript engine library from WebKitGTK - GObject introspection data

Latest version: 2.46.1-0ubuntu0.22.04.3
Release: jammy (22.04)
Level: security
Repository: main
Head package: webkit2gtk
Homepage: https://webkitgtk.org/

Links


Download "gir1.2-javascriptcoregtk-4.0"


Other versions of "gir1.2-javascriptcoregtk-4.0" in Jammy

Repository Area Version
base main 2.36.0-2ubuntu1
updates main 2.46.1-0ubuntu0.22.04.3
PPA: Ubuntu-desktop ppa 2.38.6-0ubuntu0.22.04.1+wpe1

Changelog

Version: 2.46.1-0ubuntu0.22.04.3 2024-10-22 16:06:51 UTC

  webkit2gtk (2.46.1-0ubuntu0.22.04.3) jammy-security; urgency=medium

  * Build 2.46.1 for jammy to fix security issues.
    - debian/rules: set USE_OLD_WEBDRIVER_PKG=YES, ENABLE_SOUP2=YES,
      USE_OLD_DOC_PKG=YES, USE_OLD_JSCBIN_PKG=YES.
    - debian/control.*: remove libavif-dev as there are no i386 binaries
      for it in 22.04 and it blocks the i386 build.
    - debian/control.*: remove libjxl-dev as it doesn't exist in 22.04.
    - debian/patches/update_simde.patch: fix FTBFS on arm64 by updating
      simde code.
    - CVE-2024-40866
    - CVE-2024-44187

 -- Marc Deslauriers <email address hidden> Tue, 08 Oct 2024 11:24:41 -0400

Source diff to previous version
CVE-2024-40866 The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar sp
CVE-2024-44187 A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18,

Version: 2.44.3-0ubuntu0.22.04.1 2024-09-09 14:07:02 UTC

  webkit2gtk (2.44.3-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Update to 2.44.3 to fix security issues.
    - CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2024-40782,
      CVE-2024-40789, CVE-2024-4558

 -- Marc Deslauriers <email address hidden> Thu, 05 Sep 2024 09:55:49 -0400

Source diff to previous version
CVE-2024-40776 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and
CVE-2024-40779 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPa
CVE-2024-40780 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPa
CVE-2024-40782 A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and
CVE-2024-40789 An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6
CVE-2024-4558 Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML

Version: 2.44.2-0ubuntu0.22.04.1 2024-05-28 13:07:11 UTC

  webkit2gtk (2.44.2-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Update to 2.44.2 to fix security issues.
    - debian/patches/fix-ftbfs-i386.patch: removed, no longer needed.
    - CVE-2024-27834

 -- Marc Deslauriers <email address hidden> Tue, 21 May 2024 10:15:17 -0400

Source diff to previous version
CVE-2024-27834 The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.

Version: 2.44.0-0ubuntu0.22.04.1 2024-04-15 18:07:05 UTC

  webkit2gtk (2.44.0-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Update to 2.44.0 to fix security issues.
    - Refreshed patches from 2.44.0-2 package.
    - debian/rules: use -DUSE_GTK4=OFF as ON is now the default.
    - debian/rules: use -DUSE_LIBBACKTRACE=OFF.
    - debian/libwebkit2gtk-4.0-doc.install: adjust doc location.
    - debian/rules: adjust doc location.
    - CVE-2024-23252, CVE-2024-23254, CVE-2024-23263, CVE-2024-23280,
      CVE-2024-23284, CVE-2023-42950, CVE-2023-42956, CVE-2023-42843.

 -- Marc Deslauriers <email address hidden> Tue, 09 Apr 2024 08:09:35 -0400

Source diff to previous version
CVE-2024-23254 The issue was addressed with improved UI handling. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watch
CVE-2024-23263 A logic issue was addressed with improved validation. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, wa
CVE-2024-23280 An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, watchOS 1
CVE-2024-23284 A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17
CVE-2023-42950 A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchO
CVE-2023-42956 The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2. Processing we
CVE-2023-42843 An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and

Version: 2.42.5-0ubuntu0.22.04.2 2024-02-12 14:06:54 UTC

  webkit2gtk (2.42.5-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * Update to 2.42.5 to fix security issues.
    - debian/patches/fix_ftbfs.patch: fix build issue.
    - CVE-2024-23222, CVE-2024-23206, CVE-2024-23213

 -- Marc Deslauriers <email address hidden> Tue, 06 Feb 2024 07:32:42 -0500

CVE-2024-23222 A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5
CVE-2024-23206 An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sono
CVE-2024-23213 The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, i



About   -   Send Feedback to @ubuntu_updates