Opened 2 years ago
Closed 2 years ago
#19242 closed enhancement (fixed)
webkitgtk-2.42.5
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | high | Milestone: | 12.1 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version
I'm expecting this to have a variety of CVE fixes in it, but particularly a fix for CVE-2024-23222 (which is in the actively exploited vulnerabilities catalog at CISA). That one allows for trivial RCE and was fixed at https://github.com/WebKit/WebKit/commit/0e5a485821858b7acb5c7be586c177b15ae14a91
I will treat this like a critical security update, but will not file an SA until I have the official documentation from upstream with a list of any other CVEs fixed.
Change History (4)
comment:1 by , 2 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 2 years ago
comment:3 by , 2 years ago
------------------------------------------------------------------------
WebKitGTK and WPE WebKit Security Advisory WSA-2024-0001
------------------------------------------------------------------------
Date reported : February 05, 2024
Advisory ID : WSA-2024-0001
WebKitGTK Advisory URL : https://webkitgtk.org/security/WSA-2024-0001.html
WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2024-0001.html
CVE identifiers : CVE-2024-23222, CVE-2024-23206,
CVE-2024-23213, CVE-2023-40414,
CVE-2023-42833, CVE-2014-1745.
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit.
CVE-2024-23222
Versions affected: WebKitGTK and WPE WebKit before 2.42.5.
Credit to Apple.
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been exploited. Description: A type confusion issue was
addressed with improved checks.
WebKit Bugzilla: 267134
CVE-2024-23206
Versions affected: WebKitGTK and WPE WebKit before 2.42.5.
Credit to An anonymous researcher.
Impact: A maliciously crafted webpage may be able to fingerprint the
user. Description: An access issue was addressed with improved
access restrictions.
WebKit Bugzilla: 262699
CVE-2024-23213
Versions affected: WebKitGTK and WPE WebKit before 2.42.5.
Credit to Wangtaiyu of Zhongfu info.
Impact: Processing web content may lead to arbitrary code execution.
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 266619
2023-40414/42833/2014-1745 affect previous versions of WebKit so they don't apply to us for this update
comment:4 by , 2 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at 452af2e9543f5a1d34770aafb2308649e5e3083d
SA-12.0-089 issued
Note:
See TracTickets
for help on using tickets.
WebKitGTK 2.42.5 released! This is a bug fix release in the stable 2.42 series. What’s new in the WebKitGTK 2.42.5 release? Fix webkit_web_context_allow_tls_certificate_for_host to handle IPv6 URIs produced by SoupURI. Ignore stops with offset zero before last one when rendering gradients with cairo. Write bwrapinfo.json to disk for xdg-desktop-portal. Fix gamepads detection by correctly handling focused window in GTK4. Fix several crashes and rendering issues.