You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa webkit2gtk

Sigurnosni nedostatak programskog paketa webkit2gtk

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4331-1
April 20, 2020

webkit2gtk vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.10
– Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in WebKitGTK+.

Software Description:
– webkit2gtk: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
libjavascriptcoregtk-4.0-18 2.28.1-0ubuntu0.19.10.1
libwebkit2gtk-4.0-37 2.28.1-0ubuntu0.19.10.1

Ubuntu 18.04 LTS:
libjavascriptcoregtk-4.0-18 2.28.1-0ubuntu0.18.04.1
libwebkit2gtk-4.0-37 2.28.1-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

References:
https://usn.ubuntu.com/4331-1
CVE-2020-11793

Package Information:
https://launchpad.net/ubuntu/+source/webkit2gtk/2.28.1-0ubuntu0.19.10.1
https://launchpad.net/ubuntu/+source/webkit2gtk/2.28.1-0ubuntu0.18.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6dpPkACgkQZWnYVadE
vpO7sg//Y7QgBi8WkU3M4usWWsq2xPYSC+H13rh65/xZWVTSE5fuw7UbpMimDCO1
H+IMJcUZaABx3zWFVmoilL1YdYacMa5syIUJpXvRKXdbax/EtVqO2AxSPb2OuKrD
o1fbhUiqzCEuK8IG1NyjXgXUgBbTLbXPVnzNYG2JuTHwJ1GCf4z4G+h2xmh9fM+g
zgdvPP+oyfkWyY/aBGKZ4BEmtSfCHmdkTyVMeaTNHETFuQVv4eh90OEFFiiIcCSq
yfqJLAhnQUUg8m7YsZUN3i8UK05gxDlujgy79vCj1Uw1hwJSlgrfHfdWfdJwAgxP
PsAdTXa2ds30fQj3JWxRMJ61CcMVk2iA0x+xDto+iUQRQ5/aCywrxAiFjWmhD2hD
zqtSe6ZfD8snM1bEK+rk+7kTb7Gh7AnIkm+1VWtGJUXN8JO76KxkdVd0EWAH5rLl
k9z/GLPY80IXPCYzaGA4atehZMdZFbOxNxOw8AFQJJnkeJeLYSTJ6TNyfyVBW3K9
3+G+R1aZJBl/orKTZug8e5j3dkykdIJHyp018NtqRyQ8jx74FAYqWg0l8qX/qgpK
f0fUEE1o6Dp/6U8zjyBQzO7OEcxPbbJrWtK8FpO10LHJS7qdCJ1GBa8aEM0uK2XN
O3a0GNS8Aj7A2n6Wsww6gdZ8G1S9vDpuHRnrCntGbQAkUm3r6L0=
=FN96
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2020-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa chromium

Otkriven je kritičan sigurnosni nedostatak u programskom paketu chromium za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje rušenje servisa...

Close