FEDORA-2017-06b373d942 — security update for webkitgtk4

stable

webkitgtk4-2.18.4-1.fc27

FEDORA-2017-06b373d942 created by tpopela 5 years ago for Fedora 27

This update addresses the following vulnerabilities:

CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856

Additional fixes:

Make WebDriver implementation more spec compliant.
Fix a bug when trying to remove cookies before a web process is spawned.
WebKitWebDriver process no longer links to libjavascriptcoregtk.
Fix several memory leaks in GStreamer media backend.

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2017-06b373d942

This update has been submitted for testing by tpopela.

5 years ago

catanzaro edited this update.

5 years ago

This update has been pushed to testing.

5 years ago

cserpentis commented & provided feedback 5 years ago

karma

works for me

cserpentis commented & provided feedback 5 years ago

karma

works for me

besser82 commented & provided feedback 5 years ago

karma

Works great! LGTM! =)

bt0dotninja commented & provided feedback 5 years ago

karma

No regressions noted

This update has been submitted for batched by bodhi.

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

None

Builds

webkitgtk4-2.18.4-1.fc27

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

modified

5 years ago

BZ#1527747 CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

BZ#1527749 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-7156 CVE-2017-7157 webkitgtk4: various flaws [fedora-all]

webkitgtk4-2.18.4-1.fc27

Automated Test Results

None