|
|
Log in / Subscribe / Register

Ubuntu alert USN-7817-1 (webkit2gtk)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7817-1] WebKitGTK vulnerabilities


Date:
              Thu, 09 Oct 2025 20:40:11 +0000


Message-ID:
              <E1v6xQp-0002s8-Up@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7817-1
October 09, 2025

webkit2gtk vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in WebKitGTK.

Software Description:
- webkit2gtk: Web content engine library for GTK+

Details:

Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libjavascriptcoregtk-4.1-0      2.48.7-0ubuntu0.25.04.2
  libjavascriptcoregtk-6.0-1      2.48.7-0ubuntu0.25.04.2
  libwebkit2gtk-4.1-0             2.48.7-0ubuntu0.25.04.2
  libwebkitgtk-6.0-4              2.48.7-0ubuntu0.25.04.2

Ubuntu 24.04 LTS
  libjavascriptcoregtk-4.1-0      2.48.7-0ubuntu0.24.04.2
  libjavascriptcoregtk-6.0-1      2.48.7-0ubuntu0.24.04.2
  libwebkit2gtk-4.1-0             2.48.7-0ubuntu0.24.04.2
  libwebkitgtk-6.0-4              2.48.7-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
  libjavascriptcoregtk-4.0-18     2.48.7-0ubuntu0.22.04.2
  libjavascriptcoregtk-4.1-0      2.48.7-0ubuntu0.22.04.2
  libjavascriptcoregtk-6.0-1      2.48.7-0ubuntu0.22.04.2
  libwebkit2gtk-4.0-37            2.48.7-0ubuntu0.22.04.2
  libwebkit2gtk-4.1-0             2.48.7-0ubuntu0.22.04.2
  libwebkitgtk-6.0-4              2.48.7-0ubuntu0.22.04.2

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK, such as Epiphany, to make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7817-1
  CVE-2025-43272, CVE-2025-43342, CVE-2025-43356, CVE-2025-43368

Package Information:
  https://launchpad.net/ubuntu/+source/webkit2gtk/2.48.7-0u...
  https://launchpad.net/ubuntu/+source/webkit2gtk/2.48.7-0u...
  https://launchpad.net/ubuntu/+source/webkit2gtk/2.48.7-0u...




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmjoHZ8ACgkQcpJm3tlz
hgFh4xAAw+G4KCuI+IIU+vaXammvgupNO0lvWBmjDQYqNxkidjx4jfxL/IQd9zfV
4jeIdlnHNNTQu52kaFnRNnUYwzyT5UZtB0u86FgzkPTigfwI6H+OwoyOE+60fRxN
y627ezTyDlkeuZ2SHao/yf6gn+RP6/ycZ94Q4rMQfpkuXi8IQgz5p4okn3Rf0hbG
+xHp42F5fRCNz41oeAhqDK4opi5Uz7b9vf8ON12FOYaX1fKJoMLAzM2gfJB/HxH5
9jV9rT7AFyt2/eaUqpH07au+8NGBfph1RA/C+c4qNgS8jackaGCl+fteHKgWLheh
xgsCkqG5/yNOJXgRE+SKmWqXtN8GA7G8tqBAqLcQ5JBZVifRFVHyh+G/6Kj8dfk6
LmPAlWzCq1DM4YKLeX/z88ThJ2z0EzhtICZh15nzmIpviOQJTok1LyP7FrD1vI67
0lnEozfGl3cq3v6PxcPDCp6gzES0lK/auqw/YvTVqcSGebwOC82b0KZEdFiZjPOT
5GyTf35AHpDnGXC6/WKkbtaOl/d3XGv78jYHQ05hyzK2aK2ksOqfBL3b2Mr2IcBf
ojFTI7oEoqgrpz9t4OtkHUc/4Hh+L1e9M+Btl9j1cw5SA9rqzGv4onPE/+JrPcZY
ohYHNxQV8nSYa4r/ii8+HbD0Tg4xR7/EUeFwrGlpqa5bMCAJyfs=
=3wSM
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds