FEDORA-2025-57805565ad — security update for webkitgtk

stable

webkitgtk-2.46.6-1.fc40

FEDORA-2025-57805565ad created by catanzaro a year ago for Fedora 40

Update to WebKitGTK 2.46.6:

Fix a crash when enabling Skia CPU rendering.
Fix several crashes and rendering issues.
Fix CVE-2024-54543, CVE-2025-24143, CVE-2025-24150, CVE-2025-24158, CVE-2025-24162

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-57805565ad

This update has been submitted for testing by catanzaro.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

This update has been pushed to testing.

a year ago

filiperosset commented & provided feedback a year ago

karma

no regressions noted

This update has been submitted for stable by bodhi.

12 months ago

This update has been pushed to stable.

11 months ago

Please log in to add feedback.

Metadata

Type

security

Severity

high

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Dates

submitted

a year ago

in testing

a year ago

in stable

11 months ago

approved

12 months ago

Builds

webkitgtk-2.46.6-1.fc40

BZ#2344951 CVE-2024-54543 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all]

BZ#2344953 CVE-2025-24162 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all]

BZ#2344964 CVE-2025-24143 webkitgtk: A maliciously crafted webpage may be able to fingerprint the user [fedora-all]

BZ#2344967 CVE-2025-24150 webkitgtk: Copying a URL from Web Inspector may lead to command injection [fedora-all]

BZ#2344969 CVE-2025-24158 webkitgtk: Processing web content may lead to a denial-of-service [fedora-all]

webkitgtk-2.46.6-1.fc40

Automated Test Results

passed