webkit2gtk: security update to 2.46.3 #8449
Comments
MingcongBai
added
security
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
MingcongBai
added
security
Affected package (and version)
webkit2gtk< 2.46.3CVE ID(s)
CVE-2024-44185, CVE-2024-44244, CVE-2024-44296
Severity
N/A
Other security advisory ID(s)
WSA-2024-0006
Description/References
CVE-2024-44185
Versions affected: WebKitGTK and WPE WebKit before 2.46.0.
Credit to Gary Kwong.
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash Description: The issue was addressed with
improved checks.
WebKit Bugzilla: 276097
CVE-2024-44244
Versions affected: WebKitGTK and WPE WebKit before 2.46.3.
Credit to an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@P1umer).
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash Description: A memory corruption issue was
addressed with improved input validation.
WebKit Bugzilla: 279780
CVE-2024-44296
Versions affected: WebKitGTK and WPE WebKit before 2.46.3.
Credit to Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd,
Pune (India).
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced Description: The issue
was addressed with improved checks.
WebKit Bugzilla: 278765
Patch(es)/Solution(s)
Update to 2.46.3.
The text was updated successfully, but these errors were encountered: