Alberto Garcia pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
316fa019 by Alberto Garcia at 2021-07-14T14:33:39+02:00
webkit2gtk: CVEs 2021-21779 and 2021-21775 are not fixed yet
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35195,6 +35195,7 @@ CVE-2021-21807 (An integer overflow vulnerability
exists in the DICOM parse_dico
CVE-2021-21806 (An exploitable use-after-free vulnerability exists in
WebKitGTK browse ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.30.6-1
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1214
CVE-2021-21805
@@ -35252,10 +35253,10 @@ CVE-2021-21781
CVE-2021-21780
RESERVED
CVE-2021-21779 (A use-after-free vulnerability exists in the way
Webkit’s Graphi ...)
- - webkit2gtk <undetermined>
- - wpewebkit <undetermined>
+ - webkit2gtk <unfixed>
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
+ - wpewebkit <unfixed>
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1238
- TODO: check
CVE-2021-21778
RESERVED
CVE-2021-21777 (An information disclosure vulnerability exists in the
Ethernet/IP UDP ...)
@@ -35263,10 +35264,10 @@ CVE-2021-21777 (An information disclosure
vulnerability exists in the Ethernet/I
CVE-2021-21776 (An out-of-bounds write vulnerability exists in the SGI Format
Buffer S ...)
NOT-FOR-US: ImageGear
CVE-2021-21775 (A use-after-free vulnerability exists in the way certain
events are pr ...)
- - webkit2gtk <undetermined>
- - wpewebkit <undetermined>
+ - webkit2gtk <unfixed>
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
+ - wpewebkit <unfixed>
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1229
- TODO: check
CVE-2021-21774
RESERVED
CVE-2021-21773 (An out-of-bounds write vulnerability exists in the TIFF header
count-p ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/316fa019f86cb6601eb98f4172e7aec1ab15c438
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/316fa019f86cb6601eb98f4172e7aec1ab15c438
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
