FEDORA-2017-0ad0e2f390 — security update for webkitgtk4

stable

webkitgtk4-2.18.4-1.fc26

FEDORA-2017-0ad0e2f390 created by tpopela 5 years ago for Fedora 26

This update addresses the following vulnerabilities:

CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856

Additional fixes:

Make WebDriver implementation more spec compliant.
Fix a bug when trying to remove cookies before a web process is spawned.
WebKitWebDriver process no longer links to libjavascriptcoregtk.
Fix several memory leaks in GStreamer media backend.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-0ad0e2f390

This update has been submitted for testing by tpopela.

5 years ago

catanzaro edited this update.

5 years ago

This update has been pushed to testing.

5 years ago

samoht0 commented & provided feedback 5 years ago

karma

LGTM

pwalter commented & provided feedback 5 years ago

karma

Works

cserpentis commented & provided feedback 5 years ago

karma

works for me in a VM

This update has been submitted for batched by bodhi.

5 years ago

This update has been submitted for stable by bodhi.

5 years ago

This update has been pushed to stable.

5 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

None

Builds

webkitgtk4-2.18.4-1.fc26

Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

5 years ago

in testing

5 years ago

in stable

5 years ago

modified

5 years ago

BZ#1527747 CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

BZ#1527749 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-7156 CVE-2017-7157 webkitgtk4: various flaws [fedora-all]

webkitgtk4-2.18.4-1.fc26

Automated Test Results

None