Opened 5 years ago
Closed 5 years ago
#11654 closed enhancement (fixed)
webkitgtk-2.22.6 (CVE-2019-6212 CVE-2019-6215)
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 8.4 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (4)
comment:1 by , 5 years ago
comment:2 by , 5 years ago
| Owner: | changed from to |
|---|---|
| Priority: | normal → high |
| Status: | new → assigned |
| Summary: | webkitgtk-2.22.6 → webkitgtk-2.22.6 (CVE-2019-6212 CVE-2019-6215) |
As I should've expected...
comment:3 by , 5 years ago
CVE-2019-6212
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before 2.22.4.
Credit to an anonymous researcher.
Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.
CVE-2019-6215
Versions affected: WebKitGTK+ before 2.22.6 and WPE WebKit before 2.22.4.
Credit to Lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.
WebKitGTK+ 2.22.6 released!
This is a bug fix release in the stable 2.22 series.
What’s new in the WebKitGTK+ 2.22.6 release?
Make kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.
Fix Web inspector magnifier under Wayland.
Fix garbled rendering of some websites (e.g. YouTube) while scrolling under X11.
Fix several crashes, race conditions, and rendering issues.
Thanks to all the contributors who made possible this release.
Note:
See TracTickets
for help on using tickets.
Now this one was unexpected... I haven't even gotten the release notes yet.
As soon as I do, I'll plop this in. It's likely a security fix.