This update for webkit2gtk3 fixes the following issues:

Update to version 2.52.1.

Security issues fixed:

- CVE-2025-43213: processing maliciously crafted web content may lead to an unexpected crash due to improper memory
  handling (bsc#1259947).
- CVE-2025-43214: processing maliciously crafted web content may lead to an unexpected crash due to improper memory
  handling (bsc#1259946).
- CVE-2025-43457: processing maliciously crafted web content may lead to an unexpected crash due to use-after-free
  (bsc#1259942).
- CVE-2025-43511: processing maliciously crafted web content may lead to an unexpected process crash due to
  use-after-free (bsc#1259941).
- CVE-2025-46299: processing maliciously crafted web content may disclose internal states of an app due to improper
  memory initialization (bsc#1259940).
- CVE-2026-20608: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  state management (bsc#1259939).
- CVE-2026-20635: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  memory handling (bsc#1259938).
- CVE-2026-20636: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  memory handling (bsc#1259937).
- CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy due to improper input
  validation (bsc#1261172).
- CVE-2026-20644: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  memory handling (bsc#1259936).
- CVE-2026-20652: a remote attacker may be able to cause a denial-of-service due to improper memory handling
  (bsc#1259935).
- CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  memory handling (bsc#1261173).
- CVE-2026-20665: processing maliciously crafted web content may prevent Content Security Policy from being enforced
  due to improper state management (bsc#1261174).
- CVE-2026-20676: a website may be able to track users through web extensions due to improper state management
  (bsc#1259934).
- CVE-2026-20691: a maliciously crafted webpage may be able to fingerprint users due to improper state management
  (bsc#1261175).
- CVE-2026-28857: processing maliciously crafted web content may lead to an unexpected process crash due to improper
  memory handling (bsc#1261176).
- CVE-2026-28859: a malicious website may be able to process restricted web content outside the sandbox due to improper
  memory management (bsc#1261177).
- CVE-2026-28861: a malicious website may be able to access script message handlers intended for other origins due to
  improper state management (bsc#1261178).
- CVE-2026-28871: visiting a maliciously crafted website may lead to a cross-site scripting attack due to missing checks
  (bsc#1261179).

Other updates and bugfixes:

- Version 2.52.1:
  * Reduce the amount of useless MPRIS notifications produced by MediaSession when the information about media being
    played is incomplete.
  * Support turning off USE_GSTREAMER to configure the build with all multimedia features disabled.
  * Add Sysprof marks for mouse events.
  * Fix MediaSession icon for iheart.com not being displayed.
  * Fix the build with USE_GSTREAMER_GL disabled.
  * Fix the build with librice version 0.3.0 or newer.
  * Fix several crashes and rendering issues.
  * Translation updates: Georgian.

- Version 2.52.0:
  * Make scrolling with touch input smoother for small movements.
  * Fix estimated load progress of downloads when Content-Length value is wrong.
  * Ensure that "scrollend" events are correctly emitted after scroll animations.