Summary: | <net-libs/webkit-gtk-{2.42.1, 2.42.1-r410, 2.42.1-r600}: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ajak, gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://webkitgtk.org/security/WSA-2023-0009.html | ||
Whiteboard: | A1 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 915977 | ||
Bug Blocks: | 920664 |
Description
Sam James
![]() ![]() ![]() ![]() Another CVE fixed in 2.42.0 in WSA-2023-0012: CVE-2023-42890 Versions affected: WebKitGTK and WPE WebKit before 2.42.0. Credit to Pwn2car. Impact: Processing web content may lead to arbitrary code execution. Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 259830 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=4a07754d6de45c14716438f4a3e32fda6124b30f commit 4a07754d6de45c14716438f4a3e32fda6124b30f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 14:29:39 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 14:30:12 +0000 [ GLSA 202401-33 ] WebKitGTK+: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/915222 Bug: https://bugs.gentoo.org/918667 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-33.xml | 57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) |