[Apollo] Advisories Statistics light light Login

RLSA-2026:25918

Security Mirrored from RHSA-2026:25918
Issued at: 2026-06-17
Updated at: 2026-06-17

Synopsis

Important: webkit2gtk3 security update



Description

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2026-28946)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28847)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28883)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28901)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28902)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28903)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28904)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28905)

* webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-28907)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2026-28942)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2026-28947)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28953)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2026-28955)

* webkitgtk: An app may be able to access sensitive user data (CVE-2026-28958)

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2026-43658)

* webkitgtk: Processing maliciously crafted web content may prevent Content Security Policy from being enforced (CVE-2026-43660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2471790 2483955 2483956 2483957 2483958 2483959 2483960 2483961 2483962 2483963 2483964 2483965 2483966 2483967 2483968 2483969

CVEs

CVE-2026-28847 CVE-2026-28883 CVE-2026-28901 CVE-2026-28902 CVE-2026-28903 CVE-2026-28904 CVE-2026-28905 CVE-2026-28907 CVE-2026-28942 CVE-2026-28946 CVE-2026-28947 CVE-2026-28953 CVE-2026-28955 CVE-2026-28958 CVE-2026-43658 CVE-2026-43660

Affected packages

Rocky Linux 8 aarch64 - AppStream

webkit2gtk3-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-0:2.52.4-1.el8_10.src.rpm webkit2gtk3-debuginfo-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-debugsource-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-devel-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-devel-debuginfo-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-jsc-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-jsc-debuginfo-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-jsc-devel-0:2.52.4-1.el8_10.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.52.4-1.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

webkit2gtk3-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-0:2.52.4-1.el8_10.src.rpm webkit2gtk3-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-debuginfo-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-debuginfo-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-debugsource-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-debugsource-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-devel-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-devel-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-devel-debuginfo-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-devel-debuginfo-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-jsc-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-jsc-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-jsc-debuginfo-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-jsc-debuginfo-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-jsc-devel-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-jsc-devel-0:2.52.4-1.el8_10.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.52.4-1.el8_10.i686.rpm webkit2gtk3-jsc-devel-debuginfo-0:2.52.4-1.el8_10.x86_64.rpm