File _patchinfo of Package patchinfo.38928

<patchinfo incident="38928">
  <issue tracker="bnc" id="1243424">VUL-0: CVE-2025-24223: webkit2gtk3,webkitgtk: webkitgtk: processing maliciously crafted web content may lead to memory corruption</issue>
  <issue tracker="bnc" id="1243282">VUL-0: CVE-2025-31205: webkit2gtk3,webkitgtk: webkitgtk: A malicious website may exfiltrate data cross-origin</issue>
  <issue tracker="bnc" id="1243289">VUL-0: CVE-2025-31215: webkit2gtk3: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash</issue>
  <issue tracker="bnc" id="1243288">VUL-0: CVE-2025-31206: webkit2gtk3: webkitgtk: Processing maliciously crafted web content may lead to an unexpected crash</issue>
  <issue tracker="bnc" id="1243286">VUL-0: CVE-2025-31204: webkit2gtk3: webkitgtk: Processing maliciously crafted web content may lead to memory corruption</issue>
  <issue tracker="bnc" id="1243596">VUL-0: CVE-2025-31257: webkit2gtk3,webkitgtk: improper memory handling when processing certain web content may lead to an unexpected crash</issue>
  <issue tracker="bnc" id="1241158">VUL-0: CVE-2023-42875: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: improper memory handling may lead to arbitrary code execution when processing certain web content</issue>
  <issue tracker="bnc" id="1241160">VUL-0: CVE-2023-42970: libQtWebKit4,libqt5-qtwebkit,webkit2gtk3,webkitgtk: improper memory management may lead to use-after-free when processing certain web content</issue>
  <issue tracker="cve" id="2023-42875"/>
  <issue tracker="cve" id="2023-42970"/>
  <issue tracker="cve" id="2025-24223"/>
  <issue tracker="cve" id="2025-31204"/>
  <issue tracker="cve" id="2025-31205"/>
  <issue tracker="cve" id="2025-31206"/>
  <issue tracker="cve" id="2025-31215"/>
  <issue tracker="cve" id="2025-31257"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for webkit2gtk3</summary>
  <description>This update for webkit2gtk3 fixes the following issues:

Update to version 2.48.2:

- CVE-2025-24223: Processing maliciously crafted web content may lead to memory corruption (bsc#1243424).
- CVE-2025-31204: Processing maliciously crafted web content may lead to memory corruption (bsc#1243286).
- CVE-2025-31205: A malicious website may exfiltrate data cross-origin (bsc#1243282).
- CVE-2025-31206: Processing maliciously crafted web content may lead to an unexpected crash (bsc#1243288).
- CVE-2025-31215: Processing maliciously crafted web content may lead to an unexpected process crash (bsc#1243289).
- CVE-2025-31257: Improper memory handling when processing certain web content may lead to an unexpected crash (bsc#1243596).
- CVE-2023-42875: Improper memory handling may lead to arbitrary code execution when processing certain web content (bsc#1241158).
- CVE-2023-42970: Improper memory management may lead to use-after-free when processing certain web content (bsc#1241160).
</description>
</patchinfo>