[Apollo] Advisories Statistics light light Login

RLSA-2025:13780

Security Mirrored from RHSA-2025:13780
Issued at: 2025-09-08
Updated at: 2025-09-08

Synopsis

Important: webkit2gtk3 security update



Description

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* angle: insufficient input validation can cause undefined behavior (CVE-2025-6558)

* webkitgtk: A download?s origin may be incorrectly associated (CVE-2025-43240)

* webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31273)

* webkitgtk: Processing maliciously crafted web content may lead to memory corruption (CVE-2025-31278)

* webkitgtk: Processing web content may lead to a denial-of-service (CVE-2025-43211)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43212)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43216)

* webkitgtk: Processing maliciously crafted web content may disclose sensitive user information (CVE-2025-43227)

* webkitgtk: Processing maliciously crafted web content may disclose internal states of the app (CVE-2025-43265)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2380254 2384385 2386268 2386269 2386270 2386271 2386273 2386274 2386276

CVEs

CVE-2025-31273 CVE-2025-31278 CVE-2025-43211 CVE-2025-43212 CVE-2025-43216 CVE-2025-43227 CVE-2025-43240 CVE-2025-43265 CVE-2025-6558

Affected packages

Rocky Linux 8 aarch64 - AppStream

webkit2gtk3-jsc-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-0:2.48.5-1.el8_10.src.rpm webkit2gtk3-debuginfo-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-debugsource-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-devel-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-devel-debuginfo-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-jsc-debuginfo-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-jsc-devel-0:2.48.5-1.el8_10.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.48.5-1.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

webkit2gtk3-jsc-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-0:2.48.5-1.el8_10.src.rpm webkit2gtk3-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-debuginfo-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-debuginfo-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-debugsource-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-debugsource-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-devel-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-devel-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-devel-debuginfo-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-devel-debuginfo-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-jsc-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-jsc-debuginfo-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-jsc-debuginfo-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-jsc-devel-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-jsc-devel-0:2.48.5-1.el8_10.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.48.5-1.el8_10.i686.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.48.5-1.el8_10.x86_64.rpm