• WebKitGTK vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Wed Apr 29 16:10:03 2020
    webkit2gtk vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS

    Summary

    Several security issues were fixed in WebKitGTK.

    Software Description

    * webkit2gtk - Web content engine library for GTK+

    Details

    A large number of security issues were discovered in the WebKitGTK
    Web and JavaScript engines. If a user were tricked into viewing a
    malicious website, a remote attacker could exploit a variety of
    issues related to web browser security, including cross-site
    scripting attacks, denial of service attacks, and arbitrary code
    execution.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    libjavascriptcoregtk-4.0-18 - 2.28.2-0ubuntu0.20.04.1
    libwebkit2gtk-4.0-37 - 2.28.2-0ubuntu0.20.04.1

    Ubuntu 19.10
    libjavascriptcoregtk-4.0-18 - 2.28.2-0ubuntu0.19.10.1
    libwebkit2gtk-4.0-37 - 2.28.2-0ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    libjavascriptcoregtk-4.0-18 - 2.28.2-0ubuntu0.18.04.1
    libwebkit2gtk-4.0-37 - 2.28.2-0ubuntu0.18.04.1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    This update uses a new upstream release, which includes additional
    bug fixes. After a standard system update you need to restart any
    applications that use WebKitGTK, such as Epiphany, to make all the
    necessary changes.

    References

    * CVE-2020-3899

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)