Fedora Linux 8758 Published by

Updated webkitgtk packages are available for Fedora Linux 39 and 40:

[SECURITY] Fedora 39 Update: webkitgtk-2.46.1-1.fc39
[SECURITY] Fedora 40 Update: webkitgtk-2.46.1-1.fc40




[SECURITY] Fedora 39 Update: webkitgtk-2.46.1-1.fc39


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-e1357fc22f
2024-10-08 01:48:26.849738
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 39
Version : 2.46.1
Release : 1.fc39
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Fix login QR code not shown in WhatsApp web.
Disable PSON by default again in GTK 3 API versions.
Disable DMABuf video sink by default to prevent file descriptor leaks.
Fix several crashes and rendering issues.
Use Skia instead of cairo for 2D rendering and enable GPU rendering by default.
Enable offscreen canvas by default.
Add support for system tracing with Sysprof.
Implement printing using the Print portal.
Add new API to load settings from a config file.
Add a new setting to enable or disable the 2D canvas acceleration (enabled by
default).
Undeprecate console messages API and make it available in 6.0 API.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 30 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.1-1
- Update to 2.46.1
* Tue Sep 17 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.0-1
- Upgrade to 2.46.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2314732 - CVE-2024-44187 webkitgtk: A malicious website may exfiltrate data cross-origin [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2314732
[ 2 ] Bug #2314759 - CVE-2024-40866 webkitgtk: Visiting a malicious website may lead to address bar spoofing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2314759
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-e1357fc22f' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--



[SECURITY] Fedora 40 Update: webkitgtk-2.46.1-1.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-4c6304b6fa
2024-10-08 01:38:01.517382
--------------------------------------------------------------------------------

Name : webkitgtk
Product : Fedora 40
Version : 2.46.1
Release : 1.fc40
URL : https://www.webkitgtk.org/
Summary : GTK web content engine library
Description :
WebKitGTK is the port of the WebKit web rendering engine to the
GTK platform.

--------------------------------------------------------------------------------
Update Information:

Fix login QR code not shown in WhatsApp web.
Disable PSON by default again in GTK 3 API versions.
Disable DMABuf video sink by default to prevent file descriptor leaks.
Fix several crashes and rendering issues.
Use Skia instead of cairo for 2D rendering and enable GPU rendering by default.
Enable offscreen canvas by default.
Add support for system tracing with Sysprof.
Implement printing using the Print portal.
Add new API to load settings from a config file.
Add a new setting to enable or disable the 2D canvas acceleration (enabled by
default).
Undeprecate console messages API and make it available in 6.0 API.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 30 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.1-1
- Update to 2.46.1
* Tue Sep 17 2024 Michael Catanzaro [mcatanzaro@redhat.com] - 2.46.0-1
- Upgrade to 2.46.0
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2314732 - CVE-2024-44187 webkitgtk: A malicious website may exfiltrate data cross-origin [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2314732
[ 2 ] Bug #2314759 - CVE-2024-40866 webkitgtk: Visiting a malicious website may lead to address bar spoofing [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2314759
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-4c6304b6fa' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--