Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
874845fb by Salvatore Bonaccorso at 2023-03-05T20:40:23+01:00
Add new set of webkit2gtk issues
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6203,17 +6203,27 @@ CVE-2023-25365
CVE-2023-25364
RESERVED
CVE-2023-25363 (A use-after-free vulnerability in
WebCore::RenderLayer::updateDescenda ...)
- TODO: check
+ - webkit2gtk 2.38.0-1
+ - wpewebkit 2.38.0-1
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=242684
CVE-2023-25362 (A use-after-free vulnerability in
WebCore::RenderLayer::repaintBlockSe ...)
- TODO: check
+ - webkit2gtk 2.38.0-1
+ - wpewebkit 2.38.0-1
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=244802
CVE-2023-25361 (A use-after-free vulnerability in
WebCore::RenderLayer::setNextSibling ...)
- TODO: check
+ - webkit2gtk 2.38.0-1
+ - wpewebkit 2.38.0-1
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=244249
CVE-2023-25360 (A use-after-free vulnerability in
WebCore::RenderLayer::renderer in We ...)
- TODO: check
+ - webkit2gtk 2.38.0-1
+ - wpewebkit 2.38.0-1
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=242686
CVE-2023-25359
RESERVED
CVE-2023-25358 (A use-after-free vulnerability in
WebCore::RenderLayer::addChild in We ...)
- TODO: check
+ - webkit2gtk 2.38.0-1
+ - wpewebkit 2.38.0-1
+ NOTE: https://bugs.webkit.org/show_bug.cgi?id=242683
CVE-2023-25357
RESERVED
CVE-2023-25356
=====================================
data/DLA/list
=====================================
@@ -683,7 +683,7 @@
{CVE-2020-25708 CVE-2020-29260}
[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u5
[29 Sep 2022] DLA-3124-1 webkit2gtk - security update
- {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863}
+ {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863
CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363}
[buster] - webkit2gtk 2.38.0-1~deb10u1
[27 Sep 2022] DLA-3123-1 thunderbird - security update
{CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
=====================================
data/DSA/list
=====================================
@@ -386,10 +386,10 @@
{CVE-2022-29599}
[bullseye] - maven-shared-utils 3.3.0-1+deb11u1
[28 Sep 2022] DSA-5241-1 wpewebkit - security update
- {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863}
+ {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863
CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363}
[bullseye] - wpewebkit 2.38.0-1~deb11u1
[28 Sep 2022] DSA-5240-1 webkit2gtk - security update
- {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863}
+ {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863
CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363}
[bullseye] - webkit2gtk 2.38.0-1~deb11u1
[27 Sep 2022] DSA-5239-1 gdal - security update
{CVE-2021-45943}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/874845fb52cd250c6541f6b64ffad2c6c26e2bc1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/874845fb52cd250c6541f6b64ffad2c6c26e2bc1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
