#20225 closed enhancement (fixed)
webkitgtk-2.44.3
Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
---|---|---|---|
Priority: | normal | Milestone: | 12.2 |
Component: | BOOK | Version: | git |
Severity: | normal | Keywords: | |
Cc: |
Description
New point version
What's new in the WebKitGTK 2.44.3 release? =========================================== - Fix web process cache suspend/resume when sandbox is enabled. - Fix accelerated images dissapearing after scrolling. - Fix video flickering with DMA-BUF sink. - Fix pointer lock on X11. - Fix movement delta on mouse events in GTK3. - Undeprecate console message API and make it available in 2022 API. - Fix several crashes and rendering issues.
Change History (3)
comment:1 by , 4 weeks ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 4 weeks ago
Resolution: | → fixed |
---|---|
Status: | assigned → closed |
comment:3 by , 6 days ago
SA-12.1-093 issued
Several vulnerabilities were discovered in WebKitGTK and WPE WebKit. CVE-2024-40776 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to Huang Xilin of Ant Group Light-Year Security Lab. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 273176 CVE-2024-40779 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to Huang Xilin of Ant Group Light-Year Security Lab. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 275431 CVE-2024-40780 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to Huang Xilin of Ant Group Light-Year Security Lab. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 275273 CVE-2024-40782 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to Maksymilian Motyl. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 268770 CVE-2024-40789 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to Seunghyun Lee (@0x10n) of KAIST Hacking Lab working with Trend Micro Zero Day Initiative. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-4558 Versions affected: WebKitGTK and WPE WebKit before 2.44.3. Credit to an anonymous researcher. Impact: Processing maliciously crafted web content may lead to an unexpected process crash. Description: Use after free in ANGLE allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. WebKit Bugzilla: 274165
Note:
See TracTickets
for help on using tickets.
Fixed at f7ecea1eb04dbfc0effefa28c77a706547775f6c