Bug 29793 - webkit2 security issues fixed upstream (WSA-2021-0007)
Summary: webkit2 security issues fixed upstream (WSA-2021-0007)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2021-12-20 17:06 CET by David Walser
Modified: 2021-12-23 22:03 CET (History)
4 users (show)

See Also:
Source RPM: webkit2-2.34.1-1.mga8.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2021-12-20 17:06:57 CET
Upstream has issued an advisory today (December 20):
https://webkitgtk.org/security/WSA-2021-0007.html

The issues are fixed upstream in 2.34.3:
https://webkitgtk.org/2021/12/20/webkitgtk2.34.3-released.html

Mageia 8 is also affected.
Comment 1 David Walser 2021-12-20 17:07:43 CET
CVE-2021-30887 and CVE-2021-30890 are the CVEs fixed since the last update.  Update pushed to the build system for Mageia 8 and Cauldron.
Comment 2 David Walser 2021-12-20 18:21:05 CET
webkit2-2.34.3-1.mga8
webkit2-jsc-2.34.3-1.mga8
libwebkit2gtk-gir4.0-2.34.3-1.mga8
libjavascriptcore-gir4.0-2.34.3-1.mga8
libjavascriptcoregtk4.0_18-2.34.3-1.mga8
libwebkit2gtk4.0_37-2.34.3-1.mga8
libwebkit2-devel-2.34.3-1.mga8

from SRPM:
webkit2-2.34.3-1.mga8.src.rpm

Assignee: bugsquad => qa-bugs

Comment 3 Herman Viaene 2021-12-21 13:50:55 CET
MGA8-64 Plasma on Lenovo B50 in Dutch
No installation issues
Ref bug 29596 for testing.
$ zenity --calendar

select 23-01-2022 as date
23-01-22
Looks good

Whiteboard: (none) => MGA8-64-OK
CC: (none) => herman.viaene

Comment 4 Thomas Andrews 2021-12-21 16:26:08 CET
Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2021-12-23 20:24:53 CET

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 5 Mageia Robot 2021-12-23 22:03:09 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0583.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.