Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[ GLSA 202202-01 ] WebkitGTK+
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2663
PostPosted: Tue Feb 01, 2022 4:26 am    Post subject: [ GLSA 202202-01 ] WebkitGTK+ Reply with quote
Gentoo Linux Security Advisory

Title: WebkitGTK+: Multiple vulnerabilities (GLSA 202202-01)
Severity: high
Exploitable: remote
Date: 2022-02-01
Bug(s): #779175, #801400, #813489, #819522, #820434, #829723, #831739
ID: 202202-01

Synopsis

Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in the arbitrary execution of code.


Background

WebKitGTK+ is a full-featured port of the WebKit rendering engine,
suitable for projects requiring any kind of web integration,
from hybrid HTML/CSS applications to full-fledged web browsers.


Affected Packages

Package: net-libs/webkit-gtk
Vulnerable: < 2.34.4
Unaffected: >= 2.34.4
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the CVE identifiers referenced below for details.


Impact

An attacker, by enticing a user to visit maliciously
crafted web content, may be able to execute arbitrary code, violate
iframe sandboxing policy, access restricted ports on arbitrary
servers, cause memory corruption, or could cause a Denial of Service
condition.

Workaround

There is no known workaround at this time.

Resolution

All WebkitGTK+ users should upgrade to the latest version:
Code:
# emerge --sync
         # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.34.4"
      


References

CVE-2021-1788
CVE-2021-1817
CVE-2021-1820
CVE-2021-1825
CVE-2021-1826
CVE-2021-1844
CVE-2021-1871
CVE-2021-21775
CVE-2021-21779
CVE-2021-21806
CVE-2021-30661
CVE-2021-30663
CVE-2021-30665
CVE-2021-30666
CVE-2021-30682
CVE-2021-30689
CVE-2021-30720
CVE-2021-30734
CVE-2021-30744
CVE-2021-30749
CVE-2021-30758
CVE-2021-30761
CVE-2021-30762
CVE-2021-30795
CVE-2021-30797
CVE-2021-30799
CVE-2021-30809
CVE-2021-30818
CVE-2021-30823
CVE-2021-30836
CVE-2021-30846
CVE-2021-30848
CVE-2021-30849
CVE-2021-30851
CVE-2021-30858
CVE-2021-30884
CVE-2021-30887
CVE-2021-30888
CVE-2021-30889
CVE-2021-30890
CVE-2021-30897
CVE-2021-30934
CVE-2021-30936
CVE-2021-30951
CVE-2021-30952
CVE-2021-30953
CVE-2021-30954
CVE-2021-30984
CVE-2021-42762
CVE-2021-45482
WSA-2021-0004
WSA-2021-0005
WSA-2021-0006
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy