USN-3640-1: WebKitGTK+ vulnerability
8 May 2018
A security issue was fixed in WebKitGTK+.
Releases
Packages
- webkit2gtk - Web content engine library for GTK+
Details
Ivan Fratric discovered that WebKitGTK+ incorrectly handled certain web
content. If a user were tricked into viewing a malicious website, a remote
attacker could possibly exploit this to execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
-
libjavascriptcoregtk-4.0-18
-
2.20.2-0ubuntu0.18.04.1
-
libwebkit2gtk-4.0-37
-
2.20.2-0ubuntu0.18.04.1
Ubuntu 17.10
-
libjavascriptcoregtk-4.0-18
-
2.20.2-0ubuntu0.17.10.1
-
libwebkit2gtk-4.0-37
-
2.20.2-0ubuntu0.17.10.1
Ubuntu 16.04
-
libjavascriptcoregtk-4.0-18
-
2.20.2-0ubuntu0.16.04.1
-
libwebkit2gtk-4.0-37
-
2.20.2-0ubuntu0.16.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.