FEDORA-2016-6cd07bc955 created by tpopela 7 years ago for Fedora 22

This update addresses the following vulnerabilities:

  • CVE-2015-7096
  • CVE-2015-7098

Additional fixes:

  • Disable DNS prefetch when a proxy is configured.
  • Reduce the maximum simultaneous network connections to match other browsers.
  • Make WebKitWebView always propagate motion-notify-event signal.
  • Add a way to force accelerating compositing mode at runtime using an environment variable.
  • Fix input elements and scrollbars rendering with GTK+ 3.19.
  • Fix rendering of lines when using solid colors.
  • Fix UI process crashes related to not having a main resource response when the load is committed for pages restored from the history cache.
  • Fix a WebProcess crash when loading large contents with custom URI schemes API.
  • Fix a crash in the UI process when the WebView is destroyed while the screensaver DBus proxy is being created.
  • Fix WebProcess crashes due to BadDrawable X errors in accelerated compositing mode.
  • Fix crashes on PPC64 due to mprotect() on address not aligned to the page size.
  • Fix std::bad_function_call exception raised in dispatchDecidePolicyForNavigationAction.
  • Fix downloads of data URLs.
  • Fix runtime critical warnings when closing a page containing windowed plugins.
  • Fix several crashes and rendering issues.
  • Translation updates: French, German, Italian, Turkish.

Update to 2.10.4. Major new features:

  • New HTTP disk cache for the Network Process.
  • IndexedDB support.
  • New Web Inspector UI.
  • Automatic ScreenServer inhibition when playing fullscreen videos.
  • Initial Editor API.
  • Performance improvements.

This update addresses the following vulnerabilities:

  • CVE-2015-1122
  • CVE-2015-1152
  • CVE-2015-1155
  • CVE-2015-3660
  • CVE-2015-3730
  • CVE-2015-3738
  • CVE-2015-3740
  • CVE-2015-3742
  • CVE-2015-3744
  • CVE-2015-3746
  • CVE-2015-3750
  • CVE-2015-3751
  • CVE-2015-3754
  • CVE-2015-3755
  • CVE-2015-5804
  • CVE-2015-5805
  • CVE-2015-5807
  • CVE-2015-5810
  • CVE-2015-5813
  • CVE-2015-5814
  • CVE-2015-5815
  • CVE-2015-5817
  • CVE-2015-5818
  • CVE-2015-5825
  • CVE-2015-5827
  • CVE-2015-5828
  • CVE-2015-5929
  • CVE-2015-5930
  • CVE-2015-5931
  • CVE-2015-7002
  • CVE-2015-7013
  • CVE-2015-7014
  • CVE-2015-7048
  • CVE-2015-7095
  • CVE-2015-7097
  • CVE-2015-7099
  • CVE-2015-7100
  • CVE-2015-7102
  • CVE-2015-7103
  • CVE-2015-7104

For further information on the new features, see the Igalia blog post. For information on the security vulnerabilities, refer to WebKitGTK+ Security Advisory WSA-2015-0002.

This update has been submitted for testing by tpopela.

7 years ago

This update has obsoleted webkitgtk4-2.10.4-1.fc22, and has inherited its bugs and notes.

7 years ago
User Icon catanzaro commented & provided feedback 7 years ago

This breaks Google Maps and has only two vulnerability fixes; let's stick with 2.10.4 until we figure out what's wrong.

This update has been obsoleted by webkitgtk4-2.10.7-1.fc22.

7 years ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
7 years ago

Automated Test Results