GNOME is the default desktop environment of Rocky Linux.
The following packages have been upgraded to a later upstream version: gdm (40.0), webkit2gtk3 (2.32.3). (BZ#1909300)
Security Fix(es):
webkitgtk: Use-after-free in AudioSourceProviderGStreamer leading to arbitrary code execution (CVE-2020-13558)
LibRaw: Stack buffer overflow in LibRaw::identify_process_dng_fields() in identify.cpp (CVE-2020-24870)
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2020-27918)
webkitgtk: IFrame sandboxing policy violation (CVE-2021-1765)
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-1788)
webkitgtk: Type confusion issue leading to arbitrary code execution (CVE-2021-1789)
webkitgtk: Access to restricted ports on arbitrary servers via port redirection (CVE-2021-1799)
webkitgtk: IFrame sandboxing policy violation (CVE-2021-1801)
webkitgtk: Memory corruption issue leading to arbitrary code execution (CVE-2021-1844)
webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1870)
webkitgtk: Logic issue leading to arbitrary code execution (CVE-2021-1871)
webkitgtk: Use-after-free in ImageLoader dispatchPendingErrorEvent leading to information leak and possibly code execution (CVE-2021-21775)
webkitgtk: Use-after-free in WebCore::GraphicsContext leading to information leak and possibly code execution (CVE-2021-21779)
webkitgtk: Use-after-free in fireEventListeners leading to arbitrary code execution (CVE-2021-21806)
webkitgtk: Integer overflow leading to arbitrary code execution (CVE-2021-30663)
webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30665)
webkitgtk: Logic issue leading to leak of sensitive user information (CVE-2021-30682)
webkitgtk: Logic issue leading to universal cross site scripting attack (CVE-2021-30689)
webkitgtk: Logic issue allowing access to restricted ports on arbitrary servers (CVE-2021-30720)
webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30734)
webkitgtk: Cross-origin issue with iframe elements leading to universal cross site scripting attack (CVE-2021-30744)
webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30749)
webkitgtk: Type confusion leading to arbitrary code execution (CVE-2021-30758)
webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30795)
webkitgtk: Insufficient checks leading to arbitrary code execution (CVE-2021-30797)
webkitgtk: Memory corruptions leading to arbitrary code execution (CVE-2021-30799)
webkitgtk: User may be unable to fully delete browsing history (CVE-2020-29623)
gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (CVE-2020-36241)
gnome-autoar: Directory traversal via directory symbolic links pointing outside of the destination directory (incomplete CVE-2020-36241 fix) (CVE-2021-28650)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.
bugzilla.redhat.com/show_bug.cgi?id=1651378
bugzilla.redhat.com/show_bug.cgi?id=1770302
bugzilla.redhat.com/show_bug.cgi?id=1791478
bugzilla.redhat.com/show_bug.cgi?id=1813727
bugzilla.redhat.com/show_bug.cgi?id=1854679
bugzilla.redhat.com/show_bug.cgi?id=1873297
bugzilla.redhat.com/show_bug.cgi?id=1873488
bugzilla.redhat.com/show_bug.cgi?id=1888404
bugzilla.redhat.com/show_bug.cgi?id=1894613
bugzilla.redhat.com/show_bug.cgi?id=1897932
bugzilla.redhat.com/show_bug.cgi?id=1904139
bugzilla.redhat.com/show_bug.cgi?id=1905000
bugzilla.redhat.com/show_bug.cgi?id=1909300
bugzilla.redhat.com/show_bug.cgi?id=1914925
bugzilla.redhat.com/show_bug.cgi?id=1924725
bugzilla.redhat.com/show_bug.cgi?id=1925640
bugzilla.redhat.com/show_bug.cgi?id=1928794
bugzilla.redhat.com/show_bug.cgi?id=1928886
bugzilla.redhat.com/show_bug.cgi?id=1935261
bugzilla.redhat.com/show_bug.cgi?id=1937416
bugzilla.redhat.com/show_bug.cgi?id=1937866
bugzilla.redhat.com/show_bug.cgi?id=1938937
bugzilla.redhat.com/show_bug.cgi?id=1940026
bugzilla.redhat.com/show_bug.cgi?id=1944323
bugzilla.redhat.com/show_bug.cgi?id=1944329
bugzilla.redhat.com/show_bug.cgi?id=1944333
bugzilla.redhat.com/show_bug.cgi?id=1944337
bugzilla.redhat.com/show_bug.cgi?id=1944340
bugzilla.redhat.com/show_bug.cgi?id=1944343
bugzilla.redhat.com/show_bug.cgi?id=1944350
bugzilla.redhat.com/show_bug.cgi?id=1944859
bugzilla.redhat.com/show_bug.cgi?id=1944862
bugzilla.redhat.com/show_bug.cgi?id=1944867
bugzilla.redhat.com/show_bug.cgi?id=1949176
bugzilla.redhat.com/show_bug.cgi?id=1951086
bugzilla.redhat.com/show_bug.cgi?id=1952136
bugzilla.redhat.com/show_bug.cgi?id=1955754
bugzilla.redhat.com/show_bug.cgi?id=1957705
bugzilla.redhat.com/show_bug.cgi?id=1960705
bugzilla.redhat.com/show_bug.cgi?id=1962049
bugzilla.redhat.com/show_bug.cgi?id=1971507
bugzilla.redhat.com/show_bug.cgi?id=1971534
bugzilla.redhat.com/show_bug.cgi?id=1972545
bugzilla.redhat.com/show_bug.cgi?id=1978287
bugzilla.redhat.com/show_bug.cgi?id=1978505
bugzilla.redhat.com/show_bug.cgi?id=1978612
bugzilla.redhat.com/show_bug.cgi?id=1980441
bugzilla.redhat.com/show_bug.cgi?id=1980661
bugzilla.redhat.com/show_bug.cgi?id=1981420
bugzilla.redhat.com/show_bug.cgi?id=1986863
bugzilla.redhat.com/show_bug.cgi?id=1986866
bugzilla.redhat.com/show_bug.cgi?id=1986872
bugzilla.redhat.com/show_bug.cgi?id=1986874
bugzilla.redhat.com/show_bug.cgi?id=1986879
bugzilla.redhat.com/show_bug.cgi?id=1986881
bugzilla.redhat.com/show_bug.cgi?id=1986883
bugzilla.redhat.com/show_bug.cgi?id=1986886
bugzilla.redhat.com/show_bug.cgi?id=1986888
bugzilla.redhat.com/show_bug.cgi?id=1986890
bugzilla.redhat.com/show_bug.cgi?id=1986892
bugzilla.redhat.com/show_bug.cgi?id=1986900
bugzilla.redhat.com/show_bug.cgi?id=1986902
bugzilla.redhat.com/show_bug.cgi?id=1986906
bugzilla.redhat.com/show_bug.cgi?id=1987233
bugzilla.redhat.com/show_bug.cgi?id=1989035
bugzilla.redhat.com/show_bug.cgi?id=1998989
bugzilla.redhat.com/show_bug.cgi?id=1999120
bugzilla.redhat.com/show_bug.cgi?id=2004170
errata.rockylinux.org/RLSA-2021:4381