File _patchinfo of Package patchinfo.38256

<patchinfo incident="38256">
  <issue tracker="bnc" id="1240986">VUL-0: CVE-2025-24216: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: improper memory handling may lead to an unexpected crash when processing certain web content</issue>
  <issue tracker="bnc" id="1240958">VUL-0: CVE-2025-30427: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content</issue>
  <issue tracker="bnc" id="1240963">VUL-0: CVE-2025-24213: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: type confusion issue may lead to memory corruption</issue>
  <issue tracker="bnc" id="1240962">VUL-0: CVE-2024-54551: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: improper memory handling may lead to a denial-of-service when processing certain web content</issue>
  <issue tracker="bnc" id="1240961">VUL-0: CVE-2025-24208: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe</issue>
  <issue tracker="bnc" id="1240987">VUL-0: CVE-2025-24264: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: improper memory handling may lead to unexpected crash when processing certain web content</issue>
  <issue tracker="bnc" id="1240964">VUL-0: CVE-2025-24209: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: buffer overflow may lead to crash when processing maliciously crafted web content</issue>
  <issue tracker="cve" id="2025-24216"/>
  <issue tracker="cve" id="2025-30427"/>
  <issue tracker="cve" id="2025-24264"/>
  <issue tracker="cve" id="2025-24208"/>
  <issue tracker="cve" id="2024-54551"/>
  <issue tracker="cve" id="2025-24209"/>
  <issue tracker="cve" id="2025-24213"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for webkit2gtk3</summary>
  <description>This update for webkit2gtk3 fixes the following issues:

- Update to version 2.48.1
- CVE-2024-54551: improper memory handling may lead to a denial-of-service when processing certain web content (bsc#1240962)
- CVE-2025-24208: permissions issue may lead to a cross-site scripting attack when loading a malicious iframe (bsc#1240961)
- CVE-2025-24209: buffer overflow may lead to crash when processing maliciously crafted web content (bsc#1240964)
- CVE-2025-24213: type confusion issue may lead to memory corruption (bsc#1240963)
- CVE-2025-24216: improper memory handling may lead to an unexpected crash when processing certain web content (bsc#1240986)
- CVE-2025-24264: improper memory handling may lead to unexpected crash when processing certain web content (bsc#1240987)
- CVE-2025-30427: use-after-free issue may lead to an unexpected Safari crash when processing maliciously crafted web content (bsc#1240958)
</description>
</patchinfo>