RLSA-2022:8054 --- webkit2gtk3ID: oval:org.secpod.oval:def:5800130 | Date: (C)2023-04-03 (M)2023-12-07 |
Class: PATCH | Family: unix |
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix: * webkitgtk: Use-after-free leading to arbitrary code execution * webkitgtk: Use-after-free leading to arbitrary code execution * webkitgtk: Buffer overflow leading to arbitrary code execution * webkitgtk: Cookie management issue leading to sensitive user information disclosure * webkitgtk: Memory corruption issue leading to arbitrary code execution * webkitgtk: Use-after-free leading to arbitrary code execution * webkitgtk: Use-after-free leading to arbitrary code execution * webkitgtk: Memory corruption issue leading to arbitrary code execution * webkitgtk: Use-after-free leading to arbitrary code execution * webkitgtk: Memory corruption issue leading to arbitrary code execution * webkitgtk: Heap buffer overflow in WebCore::TextureMapperLayer::setContentsLayer leading to arbitrary code execution For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section.