webkit2gtk3-2.50.1-0.el9_6

エラータID: AXSA:2025-11002:18

Release date: 
Wednesday, October 29, 2025 - 22:31
Subject: 
webkit2gtk3-2.50.1-0.el9_6
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform.

Security Fix(es):

* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43272)
* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43342)
* webkitgtk: A website may be able to access sensor information without user consent (CVE-2025-43356)
* webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash (CVE-2025-43368)
* webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (CVE-2025-43343)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-43272
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43342
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43343
The issue was addressed with improved memory handling. This issue is fixed in tvOS 26, Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43356
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
CVE-2025-43368
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Solution: 

Update packages.

CVEs: 
CVE-2025-43272
The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-43342
A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43343
The issue was addressed with improved memory handling. This issue is fixed in tvOS 26, Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-43356
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent.
CVE-2025-43368
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Additional Info: 

N/A

Download: 

SRPMS
  1. webkit2gtk3-2.50.1-0.el9_6.src.rpm
    MD5: 2d180e3c67601f0ae17bad41df0b6574
    SHA-256: 771ff2a40ca9a943863a83a45307954d14bb2179a3ce4132678566d369b74147
    Size: 43.22 MB

Asianux Server 9 for x86_64
  1. webkit2gtk3-2.50.1-0.el9_6.i686.rpm
    MD5: 92461a76b1dfc7fdfa84cbb9ebeb9a07
    SHA-256: 96e35cdac74be0899f7bfca80c3b0cf55e50d078958aa3d9555cd94dfa55ede7
    Size: 26.63 MB
  2. webkit2gtk3-2.50.1-0.el9_6.x86_64.rpm
    MD5: 6976b9ae9541896f8d5de9e5986dc32d
    SHA-256: 57ca2e5952ea3c118b7b353a33b7a77a639b30ba10cd91e1cf4919452255aa59
    Size: 27.34 MB
  3. webkit2gtk3-devel-2.50.1-0.el9_6.i686.rpm
    MD5: d65f4ea669629c0c3e4a8f0932e5345f
    SHA-256: 173675eed7784943c59f66bcb7881357a7a820fe89d71b1c7232e2328d09919d
    Size: 371.08 kB
  4. webkit2gtk3-devel-2.50.1-0.el9_6.x86_64.rpm
    MD5: 022a59ff0ddbb165eaca0dadd4fd8359
    SHA-256: 2d6227e16ec464081c69d985c523d08395d5d0fa8bdbca20719f2ad02931d8c9
    Size: 369.87 kB
  5. webkit2gtk3-jsc-2.50.1-0.el9_6.i686.rpm
    MD5: 66d11e51d7c0c277be854835cb9ffeff
    SHA-256: 258f468a5e54b86ec93bbcf37381fd0f94b48ad0ea839d94cc1143f258f9c167
    Size: 3.95 MB
  6. webkit2gtk3-jsc-2.50.1-0.el9_6.x86_64.rpm
    MD5: fcdbf371e945002422107723064b9926
    SHA-256: c6d4fea7e22083960656b02d4b9769d4db25fc6d38e25e781c108ed76e841cac
    Size: 8.55 MB
  7. webkit2gtk3-jsc-devel-2.50.1-0.el9_6.i686.rpm
    MD5: 2955a7d4d43b07ae0e844bc112499cef
    SHA-256: 8643afc2e8a83d3938281db18977e04259a5af0f909c79ec9a0de99901b736f0
    Size: 169.61 kB
  8. webkit2gtk3-jsc-devel-2.50.1-0.el9_6.x86_64.rpm
    MD5: dd619afa319b23d9c56511666aa16789
    SHA-256: c34bf45460e9baddf3cbb94e96e77f45cc41cb8f3e9a45bc9e7629f7d9dcbe59
    Size: 160.62 kB