Bug 33232 - webkit2 security issue fixed upstream (WSA-2024-0003)
Summary: webkit2 security issue fixed upstream (WSA-2024-0003)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-64-OK,MGA9-32-OK
Keywords: advisory, validated_update
Depends on:
Blocks: 33208
  Show dependency treegraph
 
Reported: 2024-05-22 12:00 CEST by Nicolas Salguero
Modified: 2024-06-03 20:32 CEST (History)
5 users (show)

See Also:
Source RPM: webkit2-2.44.1-1.mga9.src.rpm
CVE: CVE-2024-27834
Status comment:


Attachments

Description Nicolas Salguero 2024-05-22 12:00:16 CEST
Upstream has issued an advisory on May 21:
https://webkitgtk.org/security/WSA-2024-0003.html

The issue is fixed upstream in 2.44.2:
https://webkitgtk.org/2024/05/16/webkitgtk2.44.2-released.html
Nicolas Salguero 2024-05-22 12:02:32 CEST

Status comment: (none) => Fixed upstream in 2.44.2
Source RPM: (none) => webkit2-2.44.1-1.mga10.src.rpm
CVE: (none) => CVE-2024-27834
Whiteboard: (none) => MGA9TOO

katnatek 2024-05-22 18:17:46 CEST

Blocks: (none) => 33208

Comment 1 Lewis Smith 2024-05-22 20:30:58 CEST
Although I am assigning this globally, ns80 is the main updater of webkit2, so is already (as bug originator) effectively CC'd.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2024-05-29 15:44:27 CEST
Ubuntu has issued an advisory on May 28:
https://ubuntu.com/security/notices/USN-6788-1
Comment 3 Nicolas Salguero 2024-05-30 09:04:27 CEST
Suggested advisory:
========================

The updated packages fix a security vulnerability and other issues.

References:
https://webkitgtk.org/security/WSA-2024-0003.html
https://webkitgtk.org/2024/05/16/webkitgtk2.44.2-released.html
https://ubuntu.com/security/notices/USN-6788-1
========================

Updated packages in core/updates_testing:
========================
lib(64)javascriptcore-gir4.0-2.44.2-1.mga9
lib(64)javascriptcore-gir4.1-2.44.2-1.mga9
lib(64)javascriptcore-gir6.0-2.44.2-1.mga9
lib(64)javascriptcoregtk4.0_18-2.44.2-1.mga9
lib(64)javascriptcoregtk4.1_0-2.44.2-1.mga9
lib(64)javascriptcoregtk6.0_1-2.44.2-1.mga9
lib(64)webkit2gtk-gir4.0-2.44.2-1.mga9
lib(64)webkit2gtk-gir4.1-2.44.2-1.mga9
lib(64)webkit2gtk4.0-devel-2.44.2-1.mga9
lib(64)webkit2gtk4.0_37-2.44.2-1.mga9
lib(64)webkit2gtk4.1-devel-2.44.2-1.mga9
lib(64)webkit2gtk4.1_0-2.44.2-1.mga9
lib(64)webkitgtk-gir6.0-2.44.2-1.mga9
lib(64)webkitgtk6.0-devel-2.44.2-1.mga9
lib(64)webkitgtk6.0_4-2.44.2-1.mga9
webkit2-driver-2.44.2-1.mga9
webkit2gtk4.0-2.44.2-1.mga9
webkit2gtk4.0-jsc-2.44.2-1.mga9
webkit2gtk4.1-2.44.2-1.mga9
webkit2gtk4.1-jsc-2.44.2-1.mga9
webkitgtk6.0-2.44.2-1.mga9
webkitgtk6.0-jsc-2.44.2-1.mga9

from SRPM:
webkit2-2.44.2-1.mga9.src.rpm

Source RPM: webkit2-2.44.1-1.mga10.src.rpm => webkit2-2.44.1-1.mga9.src.rpm
Assignee: pkg-bugs => qa-bugs
Version: Cauldron => 9
Status comment: Fixed upstream in 2.44.2 => (none)
Status: NEW => ASSIGNED
Whiteboard: MGA9TOO => (none)

Comment 4 katnatek 2024-05-30 19:39:09 CEST
Thomas would be good to test in the system you have bug#33208

CC: (none) => andrewsfarm

Comment 5 katnatek 2024-05-30 19:56:45 CEST
RH mageia 9 x86_64

LC_ALL=C urpmi --auto --auto-update
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date
medium "BDK-Free-x86_64" is up-to-date
medium "BDK-Free-noarch" is up-to-date
medium "BDK-NonFree-x86_64" is up-to-date


installing lib64webkit2gtk4.1_0-2.44.2-1.mga9.x86_64.rpm lib64javascriptcoregtk4.1_0-2.44.2-1.mga9.x86_64.rpm lib64javascriptcore-gir4.1-2.44.2-1.mga9.x86_64.rpm webkit2gtk4.1-2.44.2-1.mga9.x86_64.rpm webkit2-driver-2.44.2-1.mga9.x86_64.rpm lib64webkit2gtk-gir4.1-2.44.2-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/6: lib64javascriptcoregtk4.1_0
                                 ##################################################################################################
      2/6: lib64javascriptcore-gir4.1
                                 ##################################################################################################
      3/6: webkit2-driver        ##################################################################################################
      4/6: webkit2gtk4.1         ##################################################################################################
      5/6: lib64webkit2gtk4.1_0  ##################################################################################################
      6/6: lib64webkit2gtk-gir4.1
                                 ##################################################################################################
      1/6: removing lib64webkit2gtk-gir4.1-2.44.1-1.mga9.x86_64
                                 ##################################################################################################
      2/6: removing lib64javascriptcore-gir4.1-2.44.1-1.mga9.x86_64
                                 ##################################################################################################
      3/6: removing lib64webkit2gtk4.1_0-2.44.1-1.mga9.x86_64
                                 ##################################################################################################
      4/6: removing webkit2gtk4.1-2.44.1-1.mga9.x86_64
                                 ##################################################################################################
      5/6: removing lib64javascriptcoregtk4.1_0-2.44.1-1.mga9.x86_64
                                 ##################################################################################################
      6/6: removing webkit2-driver-2.44.1-1.mga9.x86_64
                                 ##################################################################################################

drakconf works OK

strace gnome-boxes show the library is opened

openat(AT_FDCWD, "/lib64/libwebkit2gtk-4.1.so.0", O_RDONLY|O_CLOEXEC) = 3

gnoome-boxes works

Later when I test in i586 I test again run mcc in ssh conection
katnatek 2024-05-30 20:24:23 CEST

Keywords: (none) => advisory

Comment 6 Tony Blackwell 2024-05-30 22:39:56 CEST
Sorry folks, where do I get webkit 2.44.2 from?  I've enabled core-updates-testing but latest appearing in mcc is my current 2.44.1
I have seen the list of packages in madb but not sure where to go from there.

CC: (none) => tablackwell

Comment 7 Tony Blackwell 2024-05-30 23:03:41 CEST
Whoops - forgot update media.  Got it
Comment 8 Tony Blackwell 2024-05-30 23:12:40 CEST
From xfce on x86_64, Having installed 2.44.2, then ssh localhost, login, su root, then run mcc, fails with 
# mcc
Too late to run INIT block at /usr/lib64/perl5/vendor_perl/Glib/Object/Introspection.pm line 257.
Ignore the following Glib::Object::Introspection & Gtk3 warnings
Subroutine Gtk3::main redefined at /usr/share/perl5/vendor_perl/Gtk3.pm line 539.
GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line 223.
GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line 223.
GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line 223.
GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line 223.
Overriding existing handler for signal 10. Set JSC_SIGNAL_FOR_GC if you want WebKit to use a different signal

I'm getting same error with drakconf.

What have I left un-done?
Comment 9 katnatek 2024-05-31 01:42:18 CEST
(In reply to Tony Blackwell from comment #8)
> From xfce on x86_64, Having installed 2.44.2, then ssh localhost, login, su
> root, then run mcc, fails with 
> # mcc
> Too late to run INIT block at
> /usr/lib64/perl5/vendor_perl/Glib/Object/Introspection.pm line 257.
> Ignore the following Glib::Object::Introspection & Gtk3 warnings
> Subroutine Gtk3::main redefined at /usr/share/perl5/vendor_perl/Gtk3.pm line
> 539.
> GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion
> 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line
> 223.
> GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion
> 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line
> 223.
> GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion
> 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line
> 223.
> GLib-GObject-CRITICAL **: g_boxed_type_register_static: assertion
> 'g_type_from_name (name) == 0' failed at /usr/lib64/perl5/DynaLoader.pm line
> 223.
> Overriding existing handler for signal 10. Set JSC_SIGNAL_FOR_GC if you want
> WebKit to use a different signal
> 
> I'm getting same error with drakconf.
> 
> What have I left un-done?

Nothing but not works for all, see Bug#32185 comment#41, If works in the system that you update webkit2 then is fine
Thank you for the test
Comment 10 Morgan Leijström 2024-05-31 02:00:41 CEST
mga9-64 Plasma X11

Tested on both my workstation "svarten" with nvidia470, and laptop thinkpad T510 using nouveau.

No problems noted in drakconf, various desktop appsm suspend/resume

Packages i had installed updated:

- webkit2-driver-2.44.2-1.mga9.x86_64
- webkit2gtk4.0-2.44.2-1.mga9.x86_64
- webkit2gtk4.1-2.44.2-1.mga9.x86_64
- webkitgtk6.0-2.44.2-1.mga9.x86_64
- lib64javascriptcore-gir4.0-2.44.2-1.mga9.x86_64
- lib64javascriptcore-gir4.1-2.44.2-1.mga9.x86_64
- lib64javascriptcoregtk4.0_18-2.44.2-1.mga9.x86_64
- lib64javascriptcoregtk4.1_0-2.44.2-1.mga9.x86_64
- lib64javascriptcoregtk6.0_1-2.44.2-1.mga9.x86_64
- lib64webkit2gtk-gir4.0-2.44.2-1.mga9.x86_64
- lib64webkit2gtk-gir4.1-2.44.2-1.mga9.x86_64
- lib64webkit2gtk4.0_37-2.44.2-1.mga9.x86_64
- lib64webkit2gtk4.1_0-2.44.2-1.mga9.x86_64
- lib64webkitgtk6.0_4-2.44.2-1.mga9.x86_64

CC: (none) => fri

Comment 11 katnatek 2024-05-31 02:32:33 CEST
RH mageia 9 i586

 LC_ALL=C urpmi --auto --auto-update 
medium "QA Testing (32-bit)" is up-to-date
medium "BDK-Free-i586" is up-to-date
medium "BDK-Free-noarch" is up-to-date
medium "BDK-NonFree-i586" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date


installing libwebkit2gtk4.1_0-2.44.2-1.mga9.i586.rpm webkit2gtk4.0-2.44.2-1.mga9.i586.rpm libwebkit2gtk-gir4.1-2.44.2-1.mga9.i586.rpm libwebkit2gtk-gir4.0-2.44.2-1.mga9.i586.rpm webkit2-driver-2.44.2-1.mga9.i586.rpm libjavascriptcoregtk4.0_18-2.44.2-1.mga9.i586.rpm libjavascriptcore-gir4.1-2.44.2-1.mga9.i586.rpm libwebkit2gtk4.0_37-2.44.2-1.mga9.i586.rpm libjavascriptcore-gir4.0-2.44.2-1.mga9.i586.rpm libjavascriptcoregtk4.1_0-2.44.2-1.mga9.i586.rpm webkit2gtk4.1-2.44.2-1.mga9.i586.rpm from //home/katnatek/qa-testing/i586
Preparing...                     ################################################################
     1/11: libjavascriptcoregtk4.1_0
                                 ################################################################
     2/11: libjavascriptcoregtk4.0_18
                                 ################################################################
     3/11: webkit2-driver        ################################################################
     4/11: libjavascriptcore-gir4.0
                                 ################################################################
     5/11: libjavascriptcore-gir4.1
                                 ################################################################
     6/11: libwebkit2gtk4.0_37   ################################################################
     7/11: webkit2gtk4.0         ################################################################
     8/11: webkit2gtk4.1         ################################################################
     9/11: libwebkit2gtk4.1_0    ################################################################
    10/11: libwebkit2gtk-gir4.1  ################################################################
    11/11: libwebkit2gtk-gir4.0  ################################################################
     1/11: removing libwebkit2gtk-gir4.0-2.44.1-1.mga9.i586
                                 ################################################################
     2/11: removing libwebkit2gtk-gir4.1-2.44.1-1.mga9.i586
                                 ################################################################
     3/11: removing libwebkit2gtk4.1_0-2.44.1-1.mga9.i586
                                 ################################################################
     4/11: removing webkit2gtk4.1-2.44.1-1.mga9.i586
                                 ################################################################
     5/11: removing libjavascriptcore-gir4.1-2.44.1-1.mga9.i586
                                 ################################################################
     6/11: removing libwebkit2gtk4.0_37-2.44.1-1.mga9.i586
                                 ################################################################
     7/11: removing webkit2gtk4.0-2.44.1-1.mga9.i586
                                 ################################################################
     8/11: removing libjavascriptcore-gir4.0-2.44.1-1.mga9.i586
                                 ################################################################
     9/11: removing libjavascriptcoregtk4.0_18-2.44.1-1.mga9.i586
                                 ################################################################
    10/11: removing libjavascriptcoregtk4.1_0-2.44.1-1.mga9.i586
                                 ################################################################
    11/11: removing webkit2-driver-2.44.1-1.mga9.i586
                                 ################################################################

drakconf works OK

From ssh still see the errors in  Bug#32185 comment#41, so the problem that have Tony in comment#8 is not new
Comment 12 Thomas Andrews 2024-05-31 03:24:04 CEST
(In reply to katnatek from comment #4)
> Thomas would be good to test in the system you have bug#33208

MGA9-32 Xfce on an HP Probook 6550b. No change that I can see. MCC still displays maybe a second, then crashes. The last line of dmesg is:

   82.191395] traps: VBlankMonitor[2319] trap divide error ip:afd1f000 sp:9e1fe290 error:0 in libwebkit2gtk-4.1.so.0.13.6[af87b000+3135000]

indicating, I guess, that there's still a webkit2-related error. Whether it's a webkit2 error or a drakconf error, I couldn't say.

Other than that, I don't see any issues.
Comment 13 Ben McMonagle 2024-05-31 04:47:32 CEST
updated:

lib64webkit2gtk-gir4.1 
lib64webkit2gtk4.1_0 
lib64webkitgtk6.0_4 
lib64javascriptcore-gir4.1 
lib64javascriptcoregtk4.1_0 
lib64javascriptcoregtk6.0_1 
webkit2-driver 
webkit2gtk4.1 
webkitgtk6.0   

installing webkit2-driver-2.44.2-1.mga9.x86_64.rpm webkit2gtk4.1-2.44.2-1.mga9.x86_64.rpm 
webkitgtk6.0-2.44.2-1.mga9.x86_64.rpm 
lib64javascriptcoregtk4.1_0-2.44.2-1.mga9.x86_64.rpm lib64javascriptcoregtk6.0_1-2.44.2-1.mga9.x86_64.rpm lib64webkit2gtk4.1_0-2.44.2-1.mga9.x86_64.rpm 
lib64javascriptcore-gir4.1-2.44.2-1.mga9.x86_64.rpm 
lib64webkit2gtk-gir4.1-2.44.2-1.mga9.x86_64.rpm lib64webkitgtk6.0_4-2.44.2-1.mga9.x86_64.rpm from /var/cache/urpmi/rpms
Preparing...                     #############################################################################

no issue with update

checked MCC ok

inxi -G
Graphics:
  Device-1: AMD Mullins [Radeon R2 Graphics] driver: amdgpu v: kernel
  Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:
    loaded: amdgpu,v4l dri: radeonsi gpu: amdgpu resolution: 1366x768~60Hz
  API: OpenGL v: 4.6 Mesa 24.0.5 renderer: AMD Radeon R2 Graphics (radeonsi
    kabini LLVM 15.0.6 DRM 3.54 6.6.28-desktop-1.mga9)

CC: (none) => westel

Comment 14 Tony Blackwell 2024-05-31 23:46:21 CEST
re comment 13 above, and my different experience in comment 8, I note my graphics setup is different. (nvidia using proprietary driver)

$ inxi -G
Graphics:
  Device-1: NVIDIA GP102 [GeForce GTX 1080 Ti] driver: nvidia v: 550.76
  Device-2: Logitech QuickCam Pro 9000 type: USB
    driver: snd-usb-audio,uvcvideo
  Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:
    loaded: nvidia,v4l gpu: nvidia,nvidia-nvswitch resolution: 1: 2560x1440~60Hz
    2: 2560x1440~60Hz
  API: OpenGL v: 4.6.0 NVIDIA 550.76 renderer: NVIDIA GeForce GTX 1080
    Ti/PCIe/SSE2
Comment 15 katnatek 2024-06-02 20:48:53 CEST
Wait a few more, a new version is available but for the moment not new security post is published

If the Monday in the afternoon in my time zone the situation is still the same, I'll give the OKs
Comment 16 Nicolas Salguero 2024-06-02 22:00:18 CEST
Version 2.45.3 is only a development release, not a stable one. For the moment, version 2.44.2 is the latest stable release.
Comment 17 katnatek 2024-06-02 22:11:52 CEST
(In reply to Nicolas Salguero from comment #16)
> Version 2.45.3 is only a development release, not a stable one. For the
> moment, version 2.44.2 is the latest stable release.

You right, I not check well the version number thanks

Whiteboard: (none) => MGA9-64-OK,MGA9-32-OK

Comment 18 Morgan Leijström 2024-06-02 22:21:26 CEST
I say it is good to go then.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 19 Mageia Robot 2024-06-03 20:32:02 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0208.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.