Ubuntu alert USN-7957-1 (webkit2gtk)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7957-1] WebKitGTK vulnerabilities | |
| Date: | Tue, 13 Jan 2026 14:42:48 +0000 | |
| Message-ID: | <E1vffbc-00045N-Qn@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7957-1 January 13, 2026 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in WebKitGTK. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libjavascriptcoregtk-4.1-0 2.50.4-0ubuntu0.25.10.1 libjavascriptcoregtk-6.0-1 2.50.4-0ubuntu0.25.10.1 libwebkit2gtk-4.1-0 2.50.4-0ubuntu0.25.10.1 libwebkitgtk-6.0-4 2.50.4-0ubuntu0.25.10.1 Ubuntu 25.04 libjavascriptcoregtk-4.1-0 2.50.4-0ubuntu0.25.04.1 libjavascriptcoregtk-6.0-1 2.50.4-0ubuntu0.25.04.1 libwebkit2gtk-4.1-0 2.50.4-0ubuntu0.25.04.1 libwebkitgtk-6.0-4 2.50.4-0ubuntu0.25.04.1 Ubuntu 24.04 LTS libjavascriptcoregtk-4.1-0 2.50.4-0ubuntu0.24.04.1 libjavascriptcoregtk-6.0-1 2.50.4-0ubuntu0.24.04.1 libwebkit2gtk-4.1-0 2.50.4-0ubuntu0.24.04.1 libwebkitgtk-6.0-4 2.50.4-0ubuntu0.24.04.1 Ubuntu 22.04 LTS libjavascriptcoregtk-4.0-18 2.50.4-0ubuntu0.22.04.1 libjavascriptcoregtk-4.1-0 2.50.4-0ubuntu0.22.04.1 libjavascriptcoregtk-6.0-1 2.50.4-0ubuntu0.22.04.1 libwebkit2gtk-4.0-37 2.50.4-0ubuntu0.22.04.1 libwebkit2gtk-4.1-0 2.50.4-0ubuntu0.22.04.1 libwebkitgtk-6.0-4 2.50.4-0ubuntu0.22.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7957-1 CVE-2025-14174, CVE-2025-43501, CVE-2025-43529, CVE-2025-43531, CVE-2025-43535, CVE-2025-43536, CVE-2025-43541 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.50.4-0u... https://launchpad.net/ubuntu/+source/webkit2gtk/2.50.4-0u... https://launchpad.net/ubuntu/+source/webkit2gtk/2.50.4-0u... https://launchpad.net/ubuntu/+source/webkit2gtk/2.50.4-0u...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmlmWd4ACgkQcpJm3tlz hgHo3g//ZeqDnN9wm0QAoO3rjKX1e012PRjoL9kvULvYgYMWbh/3+0gNq03gceFP fmNLnCFPJ7zSwjVz/3dChgvvAL8SYEbPrWfv0VrspyJWwNQzX2RcoJAIzeAYUgih h9ONTGwSSSWy6XnNCzvyyhFxziHZFk8/uDl9DeP4kc+VwMAXX1wPaZglD2ujFtW9 zidXrGBgbqh0f5pDtabIwQDs2v0b7dTeJTaXpkPQWS9HejCS8FDCkLJQBYIO66Vu xyMye6FdVzz967Vr8vg9UtJmg/gwBzAKjRU/PgcMlHX25Izz/gIBx0OLUlTfDIrf XGzb85TstEW7n3IXQI//DjdZ7OAbAWI/AOIlufWKtKFeo54l0kIOgwRGJQsqMOXS QKrnw5GS5fczxWM6jLB/Z1pPLl9MAO11QcCZRH7yYiExyjhAhtws63Td9pN9VXAk 2z5S2C8ikTDG/JP01NBUrKEhaU6DKg+lppzJIcbxYs6rHnSNgXSB4dTD7XQB7zg8 Thqh3vNIna9mL5IkoT4zUDKPBaLF4R81h6a647OZQ2iTlnDWnIE3UrkfQkqSxdRz 8kl+OuVzGMVXXW+RaON0NuNtCal4pkFQRwNIR1ghz2YNWgSM0OoLoNyFmHmy2S0r daYC1gOdWb8UTGiKR6Ba9OkQBFDccUsSDltTbbuzUU8RCNGxads= =HGk5 -----END PGP SIGNATURE-----