Opened 6 weeks ago

Closed 6 weeks ago

Last modified 6 weeks ago

#15691 closed enhancement (fixed)

WebKitGTK-2.34.1

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: normal Milestone: 11.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version

Fixes the bug that Pierre discovered with MIME detection of XHTML/HTML files.

I will update libwpe and wpebackend-fdo alongside it.

Change History (4)

comment:1 by Douglas R. Reno, 6 weeks ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

wpebackend-fdo/webkitgtk+, too many tickets for me to grab libwpe with a batch modify.

comment:2 by Douglas R. Reno, 6 weeks ago

What’s new in the WebKitGTK 2.34.1 release?

    Update user agent browser versions.
    Fix a crash with GTK >= 3.24.30.
    Fix a crash when loading videos on reddit.
    Fix file type detection when application calls g_desktop_app_info_set_as_default_for_extension() passing html.

comment:3 by Douglas R. Reno, 6 weeks ago

Resolution: fixed
Status: assignedclosed

comment:4 by Douglas R. Reno, 6 weeks ago

Some security fixes have been announced:

CVE-2021-30846
    Versions affected: WebKitGTK and WPE WebKit before 2.34.0.
    Credit to Sergei Glazunov of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: A memory corruption issue was
    addressed with improved memory handling.

CVE-2021-30848
    Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
    Credit to Sergei Glazunov of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to code
    execution. Description: A memory corruption issue was addressed with
    improved memory handling.

CVE-2021-30849
    Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
    Credit to Sergei Glazunov of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Description: Multiple memory corruption
    issues were addressed with improved memory handling.

CVE-2021-30851
    Versions affected: WebKitGTK and WPE WebKit before 2.34.0.
    Credit to Samuel Groß of Google Project Zero.
    Impact: Processing maliciously crafted web content may lead to code
    execution. Description: A memory corruption vulnerability was
    addressed with improved locking.

CVE-2021-30858
    Versions affected: WebKitGTK and WPE WebKit before 2.32.4.
    Credit to an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Apple is aware of a report that this issue
    may have been actively exploited. Description: A use after free
    issue was addressed with improved memory management.

CVE-2021-42762
    Versions affected: WebKitGTK and WPE WebKit before 2.34.1.
    Credit to an anonymous reporter.
    BubblewrapLauncher.cpp allows a limited sandbox bypass that allows a
    sandboxed process to trick host processes into thinking the
    sandboxed process is not confined by the sandbox, by abusing VFS
    syscalls that manipulate its filesystem namespace. The impact is
    limited to host services that create UNIX sockets that WebKit mounts
    inside its sandbox, and the sandboxed process remains otherwise
    confined. NOTE: this is similar to CVE-2021-41133.

The only one that was fixed in this release (2.34.1) was CVE-2021-42762, and we're not affected by that one since we don't use the Bubblewrap sandbox (we'd need xdg-dbus-proxy).

I am going to check the Security Advisory for 2.34.0 and update that if needed though.

Note: See TracTickets for help on using tickets.