Alberto Garcia pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
10f2d402 by Alberto Garcia at 2025-03-20T13:46:49+01:00
webkit2gtk / wpewebkit upstream advisory WSA-2025-0002
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1976,7 +1976,11 @@ CVE-2025-24431 (Acrobat Reader versions 24.001.30225,
20.005.30748, 25.001.20428
NOT-FOR-US: Adobe
CVE-2025-24201 (An out-of-bounds write issue was addressed with improved
checks to pre ...)
{DSA-5877-1}
- NOT-FOR-US: Apple
+ - webkit2gtk 2.48.0-1
+ - wpewebkit 2.48.0-1
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2025-0002.html
CVE-2025-24084 (Untrusted pointer dereference in Windows Subsystem for Linux
allows an ...)
NOT-FOR-US: Microsoft
CVE-2025-24083 (Untrusted pointer dereference in Microsoft Office allows an
unauthoriz ...)
@@ -2451,7 +2455,11 @@ CVE-2024-54473 (This issue was addressed with improved
redaction of sensitive in
CVE-2024-54469 (The issue was addressed with improved checks. This issue is
fixed in m ...)
NOT-FOR-US: Apple
CVE-2024-54467 (A cookie management issue was addressed with improved state
management ...)
- NOT-FOR-US: Apple
+ - webkit2gtk 2.48.0-1
+ - wpewebkit 2.48.0-1
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2025-0002.html
CVE-2024-54463 (This issue was addressed with improved entitlements. This
issue is fix ...)
NOT-FOR-US: Apple
CVE-2024-53307 (A reflected cross-site scripting (XSS) vulnerability in the
/mw/ endpo ...)
@@ -2465,7 +2473,11 @@ CVE-2024-47109 (IBM Sterling File Gateway 6.0.0.0
through 6.1.2.6 and 6.2.0.0 th
CVE-2024-44227 (The issue was addressed with improved memory handling. This
issue is f ...)
NOT-FOR-US: Apple
CVE-2024-44192 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- NOT-FOR-US: Apple
+ - webkit2gtk 2.48.0-1
+ - wpewebkit 2.48.0-1
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2025-0002.html
CVE-2024-44179 (This issue was addressed by restricting options offered on a
locked de ...)
NOT-FOR-US: Apple
CVE-2024-13919 (The Laravel framework versions between 11.9.0 and 11.35.1 are
suscepti ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10f2d40258f0d426b78b1779f64328eccc9c5b67
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/10f2d40258f0d426b78b1779f64328eccc9c5b67
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
