Advisories » MGASA-2020-0188

Updated webkit2 packages fix security vulnerability

Publication date: 05 May 2020
Modification date: 05 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-3899

Description

Updated webkit2 packages fix security vulnerability:

A memory consumption issue was addressed with improved memory handling.
A remote attacker may be able to cause arbitrary code execution
(CVE-2020-3899).

The webkit2 package has been updated to version 2.28.2, fixing this issue
and other bugs.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=26550
• https://webkitgtk.org/2020/04/24/webkitgtk2.28.2-released.html
• https://webkitgtk.org/security/WSA-2020-0005.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3899

SRPMS

7/core

• webkit2-2.28.2-1.mga7