[SECURITY] [DLA 4375-1] webkit2gtk security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4375-1] webkit2gtk security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 20 Nov 2025 18:53:20 +0100
Message-id: <[🔎] 20251120175320.BA0A05F00083@kamino>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4375-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
November 20, 2025                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : webkit2gtk
Version        : 2.50.1-1~deb11u1
CVE ID         : CVE-2025-43272 CVE-2025-43342 CVE-2025-43343 CVE-2025-43356
                 CVE-2025-43368

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2025-43272

    Big Bear discovered that processing maliciously crafted web
    content may lead to an unexpected process crash.

CVE-2025-43342

    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to an unexpected process crash.

CVE-2025-43343

    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to an unexpected process crash.

CVE-2025-43356

    Jaydev Ahire discovered that a website may be able to access
    sensor information without user consent.

CVE-2025-43368

    Pawel Wylecial discovered that processing maliciously crafted web
    content may lead to an unexpected process crash.

This WebKitGTK update causes a compatibility problem with older
versions of Evolution when handling e-mail attachments. For this
reason, fixed versions of Evolution have also been released along with
this WebKitGTK update.

For Debian 11 bullseye, these problems have been fixed in version
2.50.1-1~deb11u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmkfVY4ACgkQnUbEiOQ2
gwJZRA/9HCjIiF0PFyZnA7UZmXUckpFi3ty5k4e3JXZ6WGOz91gYovaqSqDOYe6U
oYfJrNnTRBm17rK3OuqgKWMx4R0+y/no+Hym0VMJUZdRHtdyrgH0KjPG0rseKP4f
aGNxKgY05nJVijshM52Cd0FxUhfJi0CSBBrBmmMxf8kn+JDJ0LVgpusNJiAqzD8q
XUThkU0eGTihumEjFOrwRsfXn2wGFsoJSVkAVO8RzAAIo+tKol/PDwGnO9chiE6u
OfSboxpzWx7vA5b9iSPEMtvqkViFC7mzkf3wBMyeCiCtnVg7eBmmX8cUSGPMwKJJ
IBfTYkkDJ9bgo1OBVWnK3hXFdEEqN3QwQ2Iz6VQcbp66qoLt6zkCSCoZ9NQF4ekV
mbzKs9WOzZTYhi5dGM8Odj5mrTir1sTIZmGPKR6d5dC8zXg6/oPZ6uQQFchLu7wW
vNRosdemTlfI4AF/Br2H6nbTquP4yp6tJbNhLQqNYb8LTjVeJY36v2+AXcV5tql/
svZPzeFODwvPuyGsH91UonuT1BHlraVWID+4hiQmhrniEDYRXl4FghZapdZTPihM
dLbERaylp6cIwCT20E7bNnFnDk+RxBeHYC5PRfbDVeH/BNm91w4NDpryZ0Xawd/D
jXRLf1dnZRhNr+xtl+qyB5loAdc/GAXdg28x5hnG94oOiYI8A1Y=
=ojtT
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4374-1] pdfminer security update
Next by Date: [SECURITY] [DLA 4376-1] erlang security update
Previous by thread: [SECURITY] [DLA 4374-1] pdfminer security update
Next by thread: [SECURITY] [DLA 4376-1] erlang security update
Index(es):
- Date
- Thread