Описание
Moderate: webkit2gtk3 security and bug fix update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.
Security Fix(es):
-
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22624)
-
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-22628)
-
webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2022-22629)
-
webkitgtk: Cookie management issue leading to sensitive user information disclosure (CVE-2022-22662)
-
webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26700)
-
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26709)
-
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26710)
-
webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26716)
-
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2022-26717)
-
webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2022-26719)
-
webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution (CVE-2022-30293)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2061996
- Red Hat - 2073893
- Red Hat - 2073896
- Red Hat - 2073899
- Red Hat - 2082548
- Red Hat - 2092732
- Red Hat - 2092733
- Red Hat - 2092734
- Red Hat - 2092735
- Red Hat - 2092736
- Red Hat - 2104787
- Red Hat - 2104789
