webkitgtk-2.46.6

[Bruce Dubbs]

New point version.

[Xi Ruoyao]

• Fix a crash when enabling Skia CPU rendering.
• Fix several crashes and rendering issues.

[Xi Ruoyao]

Finally the sed is no longer needed: ​https://github.com/WebKit/WebKit/commit/aa29001ade54425699e1345ce41bbd227dba805c

[Douglas R. Reno]

CVE-2025-24143
    Versions affected: WebKitGTK and WPE WebKit before 2.46.6.
    Credit to an anonymous researcher.
    Impact: A maliciously crafted webpage may be able to fingerprint the
    user. Description: The issue was addressed with improved access
    restrictions to the file system.
    WebKit Bugzilla: 283117

CVE-2025-24150
    Versions affected: WebKitGTK and WPE WebKit before 2.46.6.
    Credit to Johan Carlsson (joaxcar).
    Impact: Copying a URL from Web Inspector may lead to command
    injection. Description: A privacy issue was addressed with improved
    handling of files.
    WebKit Bugzilla: 283718

CVE-2025-24158
    Versions affected: WebKitGTK and WPE WebKit before 2.46.6.
    Credit to Q1IQ (@q1iqF) of NUS CuriOSity and P1umer (@p1umer) of Imperial
    Global Singapore.
    Impact: Processing web content may lead to a denial-of-service.
    Description: The issue was addressed with improved memory handling.
    WebKit Bugzilla: 283889

CVE-2025-24162
    Versions affected: WebKitGTK and WPE WebKit before 2.46.6.
    Credit to linjy of HKUS3Lab and chluo of WHUSecLab.
    Impact: Processing maliciously crafted web content may lead to an
    unexpected process crash. Description: This issue was addressed
    through improved state management.
    WebKit Bugzilla: 284159

[Douglas R. Reno]

Fixed at f92e5bc0c2d3e131f759193af02768712237f95e

SA-12.2-082 issued