ALT-PU-2020-1481-1
Package libwebkitgtk4 updated to version 2.28.0-alt1 for branch sisyphus in task 247780.
Closed vulnerabilities
BDU:2020-01109
Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с использованием памяти после ее освобождения, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2013-7324
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration.
- http://www.openwall.com/lists/oss-security/2014/02/10/13
- http://www.openwall.com/lists/oss-security/2014/02/10/13
- https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-7324.html
- https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-7324.html
- https://www.openwall.com/lists/oss-security/2013/10/08/4
- https://www.openwall.com/lists/oss-security/2013/10/08/4
Modified: 2024-11-21
CVE-2020-10018
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling.
- openSUSE-SU-2020:0602
- https://bugs.webkit.org/show_bug.cgi?id=204342#c21
- FEDORA-2020-f25793aac4
- FEDORA-2020-f3fa778924
- GLSA-202006-08
- USN-4310-1
- https://webkitgtk.org/security/WSA-2020-0003.html
- https://wpewebkit.org/security/WSA-2020-0003.html
- DSA-4641
- openSUSE-SU-2020:0602
- DSA-4641
- https://wpewebkit.org/security/WSA-2020-0003.html
- https://webkitgtk.org/security/WSA-2020-0003.html
- USN-4310-1
- GLSA-202006-08
- FEDORA-2020-f3fa778924
- FEDORA-2020-f25793aac4
- https://bugs.webkit.org/show_bug.cgi?id=204342#c21