stable

webkitgtk-2.50.2-1.fc42

FEDORA-2025-4fc934f283 created by catanzaro 4 months ago for Fedora 42
  • Prevent unsafe URI schemes from participating in media playback.
  • Make jsc_value_array_buffer_get_data() function introspectable.
  • Fix logging in to Google accounts that have a WebAuthn second factor configured.
  • Fix loading webkit://gpu when there are no threads configured for GPU rendering.
  • Fix rendering gradients that use the CSS hue interpolation method.
  • Fix pasting image data from the clipboard.
  • Fix font-family selection when the font name contains spaces.
  • Fix capturing canvas snapshots in the Web Inspector.
  • Fix several crashes and rendering issues.
  • 2.50.2 CVE fixes: CVE-2023-43000, CVE-2025-43392, CVE-2025-43419, CVE-2025-43425, CVE-2025-43427, CVE-2025-43429, CVE-2025-43430, CVE-2025-43431, CVE-2025-43432, CVE-2025-43434, CVE-2025-43440, CVE-2025-43443, CVE-2025-43480
  • This Fedora update additionally fixes CVE-2025-43421 via a downstream patch

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-4fc934f283

This update has been submitted for testing by catanzaro.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update has been pushed to testing.

4 months ago

catanzaro edited this update.

4 months ago
User Icon frantisekz provided feedback 4 months ago
karma
User Icon filiperosset commented & provided feedback 3 months ago
karma

no regressions noted

This update can be pushed to stable now if the maintainer wishes

3 months ago

This update has been submitted for stable by catanzaro.

3 months ago

This update has been pushed to stable.

3 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
3 months ago
modified
4 months ago
approved
3 months ago
Builds
1
webkitgtk-2.50.2-1.fc42
BZ#2403627 CVE-2025-43343 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
0
0
BZ#2416362 CVE-2023-43000 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-42]
0
0
BZ#2416369 CVE-2025-43392 webkitgtk: A website may exfiltrate image data cross-origin [fedora-42]
0
0
BZ#2416375 CVE-2025-43419 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-42]
0
0
BZ#2416381 CVE-2025-43425 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-42]
0
0
BZ#2416967 CVE-2025-13502 webkitgtk: WebKitGTK / WPE WebKit: Out-of-bounds read and integer underflow vulnerability leading to DoS [fedora-42]
0
0
webkitgtk-2.50.2-1.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-19-vtk2n.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy