WebkitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. webkitgtk 2018-12-02 2018-12-02 667892 remote 2.22.0 2.22.0

WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers.

Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.

A remote attacker could execute arbitrary commands or cause a Denial of Service condition via maliciously crafted web content.

There is no known workaround at this time.

All WebkitGTK+ users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.22.0" CVE-2018-4191 CVE-2018-4197 CVE-2018-4207 CVE-2018-4208 CVE-2018-4209 CVE-2018-4210 CVE-2018-4212 CVE-2018-4213 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4311 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4358 CVE-2018-4359 CVE-2018-4361 b-man b-man