Linux News Today: Thanks to Apple, WebKitGTK+ Devs Patch More Than 100 Security Vulnerabilities
The developers of the WebKitGTK+ open source WebKit rendering engine used in the popular GNOME desktop environment reported that the software has been hit hard by over 130 security vulnerabilities, urging all users to update as soon as possible.
The WebKitGTK+ Security Advisory WSA-2015-0002 was reported on December 28, 2015, and it includes no less than 134 CVE (Common Vulnerabilities and Exposures) identifiers, which means that there were as many security vulnerabilities discovered in recent WebKitGTK+ versions as CVE identifier reported.
“We recommend updating to the last stable version of WebKitGTK+. It is the best way of ensuring that you are running a safe version of WebKitGTK+. Please check our website for information about the last stable releases. Further information about WebKitGTK+ Security Advisories can be found at: http://webkitgtk.org/security.html,” reads the announcement.
Credits go to Apple
Looking through all those CVEs, we can’t help but notice that Apple is credited for discovering, reporting and fixing more than 100 of those security vulnerabilities, which appear to have affected the iOS mobile operating system prior to version 9, as well as many of Apple’s renowned software, such as iTunes, Safari, and tvOS.
It also appears that numerous versions of the WebKitGTK+ software are affected, from the 2.4, 2.6, 2.8, and 2.10 branches. The latest stable and most advanced version of WebKitGTK+ is 2.10.4, and the latest development release is 2.11.2. If you’re using a version of WebKitGTK+ prior to 2.10.4, it is strongly recommended that you update as soon as possible.
You can always download the recent WebKitGTK+ releases from our website, but considering the fact that only the sources are provided, we strongly recommend that you check your GNU/Linux distribution’s default software repositories for updates and apply them immediately. We always recommend having the latest version of a software!