#15691 closed enhancement (fixed)
WebKitGTK-2.34.1
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | normal | Milestone: | 11.1 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
New point version
Fixes the bug that Pierre discovered with MIME detection of XHTML/HTML files.
I will update libwpe and wpebackend-fdo alongside it.
Change History (4)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
What’s new in the WebKitGTK 2.34.1 release?
Update user agent browser versions.
Fix a crash with GTK >= 3.24.30.
Fix a crash when loading videos on reddit.
Fix file type detection when application calls g_desktop_app_info_set_as_default_for_extension() passing html.
comment:3 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
comment:4 by , 3 years ago
Some security fixes have been announced:
CVE-2021-30846
Versions affected: WebKitGTK and WPE WebKit before 2.34.0.
Credit to Sergei Glazunov of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: A memory corruption issue was
addressed with improved memory handling.
CVE-2021-30848
Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
Credit to Sergei Glazunov of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to code
execution. Description: A memory corruption issue was addressed with
improved memory handling.
CVE-2021-30849
Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
Credit to Sergei Glazunov of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
CVE-2021-30851
Versions affected: WebKitGTK and WPE WebKit before 2.34.0.
Credit to Samuel Groß of Google Project Zero.
Impact: Processing maliciously crafted web content may lead to code
execution. Description: A memory corruption vulnerability was
addressed with improved locking.
CVE-2021-30858
Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
Credit to an anonymous researcher.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited. Description: A use after free
issue was addressed with improved memory management.
CVE-2021-42762
Versions affected: WebKitGTK and WPE WebKit before 2.34.1.
Credit to an anonymous reporter.
BubblewrapLauncher.cpp allows a limited sandbox bypass that allows a
sandboxed process to trick host processes into thinking the
sandboxed process is not confined by the sandbox, by abusing VFS
syscalls that manipulate its filesystem namespace. The impact is
limited to host services that create UNIX sockets that WebKit mounts
inside its sandbox, and the sandboxed process remains otherwise
confined. NOTE: this is similar to CVE-2021-41133.
The only one that was fixed in this release (2.34.1) was CVE-2021-42762, and we're not affected by that one since we don't use the Bubblewrap sandbox (we'd need xdg-dbus-proxy).
I am going to check the Security Advisory for 2.34.0 and update that if needed though.
Note:
See TracTickets
for help on using tickets.
wpebackend-fdo/webkitgtk+, too many tickets for me to grab libwpe with a batch modify.