[SECURITY] Fedora 22 Update: webkitgtk4-2.8.4-2.fc22
updates at fedoraproject.org
updates at fedoraproject.org
Sat Jul 18 02:02:40 UTC 2015
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-11395
2015-07-13 16:43:47
--------------------------------------------------------------------------------
Name : webkitgtk4
Product : Fedora 22
Version : 2.8.4
Release : 2.fc22
URL : http://www.webkitgtk.org/
Summary : GTK+ Web content engine library
Description :
WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.
This package contains WebKitGTK+ for GTK+ 3.
--------------------------------------------------------------------------------
Update Information:
WebKitGTK+ 2.8.4 includes fixes for 12 security issues. Additional fixes:
* Make WebSQL work by using a default quota instead of always failing in openDatabase with DOM Exception 18.
* Improve detection and usage of GL/GLES/EGL libraries.
* Fix a crash on memory allocation using bmalloc on 32bit systems.
* Fix DOCUMENT_VIEWER cache model to actually disable the memory cache.
* Fix a WebProcess crash after too many redirect error when there's an active NPAPI plugin.
* Fix a WebProcess crash when gtk-font-name setting is empty.
* Ensure Math.abs() doesn't return negative.
* Correctly restore accelerated compositing after a WebProcess crash.
* Respect X-Frame-Options headers when loading from application cache.
* Several crashes and rendering issues fixed.
* Fix the MIPS N64 detection.
* Fix several memory leaks.
* Translation updates: Catalan.
* Workaround a crash affecting 32-bit computers.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 9 2015 Michael Catanzaro <mcatanzaro at igalia.com> - 2.8.4-2
- Prevent runaway web processes from using unlimited memory.
* Wed Jul 8 2015 Tomas Popela <tpopela at redhat.com> - 2.8.4-1
- Update to 2.8.4
* Thu Jul 2 2015 Michael Catanzaro <mcatanzaro at igalia.com> - 2.8.3-5
- Build i686 with -fno-tree-rsa, #1225733
* Mon Jun 15 2015 Michael Catanzaro <mcatanzaro at igalia.com> - 2.8.3-4
- Remove sqlite crash patch; didn't help
* Thu Jun 11 2015 Michael Catanzaro <mcatanzaro at igalia.com> - 2.8.3-3
- Add speculative fix for sqlite crashes
* Thu May 28 2015 Tomas Popela <tpopela at redhat.com> - 2.8.3-2
- Backport bmalloc fix (rhbz#1225733)
* Fri May 15 2015 Tomas Popela <tpopela at redhat.com> - 2.8.3-1
- Update to 2.8.3
* Tue May 12 2015 Tomas Popela <tpopela at redhat.com> - 2.8.2-1
- Update to 2.8.2
* Tue Apr 21 2015 Michael Catanzaro <mcatanzaro at igalia.com> - 2.8.1-2
- Reenable fast matrix multiplication on x86_64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1225733 - [abrt] [faf] webkitgtk4: bmalloc::Heap::allocateXLarge(std::lock_guard<bmalloc::StaticMutex>&, unsigned int, unsigned int)(): /usr/libexec/webkit2gtk-4.0/WebKitWebProcess killed by 11
https://bugzilla.redhat.com/show_bug.cgi?id=1225733
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update webkitgtk4' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list