This bug was fixed in the package epiphany-browser - 3.36.4-0ubuntu2
---------------
epiphany-browser (3.36.4-0ubuntu2) focal-security; urgency=medium
* SECURITY UPDATE: Fix memory corruption in ephy_string_shorten()
- CVE-2022-29536 (LP: #1969851)
* SECURITY UPDATE: Multiple XSS issues (LP: #1955362)
- CVE-2021-45085 XSS exploit possible from the Most Visited page
- CVE-2021-45086 XSS exploit possible with a PDF's suggested filename
- CVE-2021-45087 XSS exploit possible in View Source or Reader Mode
- CVE-2021-45087 XSS exploit possible via error pages
-- Jeremy Bicha <[email protected]> Sun, 31 Jul 2022 16:32:14 -0400
** Changed in: epiphany-browser (Ubuntu Focal)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-45085
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-45086
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-45087
** Changed in: epiphany-browser (Ubuntu Jammy)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to epiphany-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1969851
Title:
CVE-2022-29536 epiphany
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/epiphany-browser/+bug/1969851/+subscriptions
--
desktop-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
