Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.3399
webkitgtk4 security, bug fix, and enhancement update
30 September 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: webkitgtk4
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Access Privileged Data -- Remote with User Interaction
Cross-site Scripting -- Remote with User Interaction
Provide Misleading Information -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2020-11793 CVE-2020-10018 CVE-2020-3902
CVE-2020-3901 CVE-2020-3900 CVE-2020-3899
CVE-2020-3897 CVE-2020-3895 CVE-2020-3894
CVE-2020-3885 CVE-2020-3868 CVE-2020-3867
CVE-2020-3865 CVE-2020-3864 CVE-2020-3862
CVE-2019-11070 CVE-2019-8846 CVE-2019-8844
CVE-2019-8835 CVE-2019-8823 CVE-2019-8822
CVE-2019-8821 CVE-2019-8820 CVE-2019-8819
CVE-2019-8816 CVE-2019-8815 CVE-2019-8814
CVE-2019-8813 CVE-2019-8812 CVE-2019-8811
CVE-2019-8808 CVE-2019-8783 CVE-2019-8782
CVE-2019-8771 CVE-2019-8769 CVE-2019-8768
CVE-2019-8766 CVE-2019-8765 CVE-2019-8764
CVE-2019-8763 CVE-2019-8743 CVE-2019-8735
CVE-2019-8733 CVE-2019-8726 CVE-2019-8720
CVE-2019-8719 CVE-2019-8710 CVE-2019-8707
CVE-2019-8690 CVE-2019-8689 CVE-2019-8688
CVE-2019-8687 CVE-2019-8686 CVE-2019-8684
CVE-2019-8683 CVE-2019-8681 CVE-2019-8680
CVE-2019-8679 CVE-2019-8678 CVE-2019-8677
CVE-2019-8676 CVE-2019-8674 CVE-2019-8673
CVE-2019-8672 CVE-2019-8671 CVE-2019-8669
CVE-2019-8666 CVE-2019-8658 CVE-2019-8649
CVE-2019-8644 CVE-2019-8625 CVE-2019-8623
CVE-2019-8622 CVE-2019-8619 CVE-2019-8615
CVE-2019-8611 CVE-2019-8610 CVE-2019-8609
CVE-2019-8608 CVE-2019-8607 CVE-2019-8601
CVE-2019-8597 CVE-2019-8596 CVE-2019-8595
CVE-2019-8594 CVE-2019-8587 CVE-2019-8586
CVE-2019-8584 CVE-2019-8583 CVE-2019-8571
CVE-2019-8563 CVE-2019-8559 CVE-2019-8558
CVE-2019-8551 CVE-2019-8544 CVE-2019-8536
CVE-2019-8535 CVE-2019-8524 CVE-2019-8506
CVE-2019-6251 CVE-2019-6237
Reference: ESB-2020.1741.2
ESB-2020.1627
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:4035
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
=====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1667409 - CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing
1709289 - CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure
1719199 - CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution
1719209 - CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution
1719210 - CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719213 - CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719224 - CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content
1719231 - CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution
1719235 - CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution
1719237 - CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution
1719238 - CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting
1811721 - CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp
1816678 - CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution
1816684 - CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1816686 - CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
1817144 - Rebase WebKitGTK to 2.28
1829369 - CVE-2020-11793 webkitgtk: use-after-free via crafted web content
1876462 - CVE-2020-3885 webkitgtk: Incorrect processing of file URLs
1876463 - CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory
1876465 - CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content
1876468 - CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution
1876470 - CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution
1876472 - CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content
1876473 - CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution
1876476 - CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack
1876516 - CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling
1876518 - CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts
1876521 - CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context
1876522 - CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876523 - CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876536 - CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876537 - CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876540 - CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876542 - CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876543 - CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876545 - CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876548 - CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876549 - CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876550 - CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876552 - CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876553 - CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876554 - CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876555 - CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876556 - CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876590 - CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876591 - CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876592 - CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876593 - CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876594 - CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876607 - CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876608 - CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876609 - CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876610 - CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876611 - CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876612 - CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876613 - CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876614 - CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876615 - CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876616 - CVE-2019-8768 webkitgtk: Browsing history could not be deleted
1876617 - CVE-2019-8769 webkitgtk: Websites could reveal browsing history
1876619 - CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy
1876626 - CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876628 - CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876629 - CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876630 - CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876631 - CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876632 - CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876634 - CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876643 - CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876644 - CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876645 - CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876646 - CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876647 - CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876648 - CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876650 - CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876651 - CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876652 - CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876653 - CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876655 - CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876656 - CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876657 - CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876664 - CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting
1876880 - CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876881 - CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876882 - CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876883 - CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876884 - CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876887 - CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876891 - CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876892 - CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876893 - CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876894 - CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876895 - CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876897 - CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure
1876898 - CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876899 - CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1876900 - CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877045 - CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877046 - CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877047 - CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877048 - CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
1877049 - CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3OjINzjgjWX9erEAQjqsg/9FnSEJ3umFx0gtnsZIVRP9YxMIVZhVQ8z
rNnK/LGQWq1nPlNC5OF60WRcWA7cC74lh1jl/+xU6p+9JXTq9y9hQTd7Fcf+6T01
RYj2zJe6kGBY/53rhZJKCdb9zNXz1CkqsuvTPqVGIabUWTTlsBFnd6l4GK6QL4kM
XVQZyWtmSfmLII4Ocdav9WocJzH6o1TbEo+O9Fm6WjdVOK+/+VzPki0/dW50CQAK
R8u5tTXZR5m52RLmvhs/LTv3yUnmhEkhvrR0TtuR8KRfcP1/ytNwn3VidFefuAO1
PWrgpjIPWy/kbtZaZWK4fBblYj6bKCVD1SiBKQcOfCq0f16aqRP2niFoDXdAy467
eGu0JHkRsIRCLG2rY+JfOau5KtLRhRr0iRe5AhOVpAtUelzjAvEQEcVv4GmZXcwX
rXfeagSjWzdo8Mf55d7pjORXAKhGdO3FQSeiCvzq9miZq3NBX4Jm4raobeskw/rJ
1ONqg4fE7Gv7rks8QOy5xErwI8Ut1TGJAgYOD8rmRptr05hBWQFJCfmoc4KpxsMe
PJoRag0AZfYxYoMe5avMcGCYHosU63z3wS7gao9flj37NkEi6M134vGmCpPNmpGr
w5HQly9SO3mD0a92xOUn42rrXq841ZkVu89fR6j9wBn8NAKLWH6eUjZkVMNmLRzh
PKg+HFNkMjk=
=dS3G
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBX3QZoONLKJtyKPYoAQhZ1Q/9HeL347QysmqcPo4TQrEFwgWnm2ancjSR
QeK27CMu1EJP0O3+tqooxdvc2TQkcZwD9tfaLRyWDi2ayWDNn/uIeFdn0iIdDOfd
t3Nv6O6hwLOp+ObnF3lPNFxxZyzh8x5ogINiyHKyFgR/y0NHYQOTkrDnpaTIaWPf
52ys4Dj4/1MphB3daPmxGWit4/Dqo+TLEgc7GDcYrWskrH9aM3j3Mh5TDag51rEw
TOXmt37FQRNGu7DvCdLvQWWHiLxxiLJESIaqiHNwXNDHMeQEpdtffZkxCET+Lqab
sFD9qV8DTFhlTPAlYaTEyJqmngx1ST397Pg34koQUD15rMkhYm4NCNDvx8PLLboD
zhOevv/ViU+qsngKL7qEkbhh7AHmp+8Kna0PZ7NxvBvxbLIlSxMzVa+rWntq2742
nvt9JdisELzKdFYOc8nFVvd3NiIfOrJ8Vd9SyRMKYz9F/ZYbFhyjJo0hqISghxFE
ltz4r1fz40QlA7ZIZ/GTkKUOe/Sg8Vy3sfSEe8/HcFBgNIknuqUx1z2mA0ErQyv2
UH86sf35n3BNOrXQ7u98stk4UTcHtToff52Hl3wt9JJa2KY0Bjqm6QcHgQTNmnnw
MdSD/LwXXxwqnWBp4WpzDy2yCZZpPYP1rknW6OmUu17gAQF+LapzjD1AHJ6tZ7au
31jO+zi5OD0=
=MEW5
-----END PGP SIGNATURE-----