FEDORA-2017-0ad0e2f390 — security update for webkitgtk4

webkitgtk4-2.18.4-1.fc26

FEDORA-2017-0ad0e2f390 created by tpopela 2 years ago for Fedora 26

stable

This update addresses the following vulnerabilities:

CVE-2017-13866, CVE-2017-13870, CVE-2017-7156, CVE-2017-13856

Additional fixes:

Make WebDriver implementation more spec compliant.
Fix a bug when trying to remove cookies before a web process is spawned.
WebKitWebDriver process no longer links to libjavascriptcoregtk.
Fix several memory leaks in GStreamer media backend.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-0ad0e2f390

This update has been submitted for testing by tpopela.

2 years ago

catanzaro edited this update.

2 years ago

This update has been pushed to testing.

2 years ago

samoht0 commented & provided feedback 2 years ago

karma

LGTM

pwalter commented & provided feedback 2 years ago

karma

Works

cserpentis commented & provided feedback 2 years ago

karma

works for me in a VM

This update has been submitted for batched by bodhi.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

Builds

webkitgtk4-2.18.4-1.fc26

Settings

Unstable by Karma

-3

Stable by Karma

Dates

submitted

2 years ago

in testing

2 years ago

in stable

2 years ago

modified

2 years ago

BZ#1527747 CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution

BZ#1527749 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-7156 CVE-2017-7157 webkitgtk4: various flaws [fedora-all]

webkitgtk4-2.18.4-1.fc26

How to install

Automated Test Results