Summary: | <net-libs/webkit-gtk-2.42.2: Denial of service in SVG handling | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ajak, gnome |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://webkitgtk.org/security/WSA-2023-0012.html | ||
Whiteboard: | A3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 915222, 918667 | ||
Bug Blocks: |
Description
Sam James
2023-12-24 16:17:30 UTC
The somewhat esoteric slotting here is apparently breaking kuroneko, dropping the slots so kuroneko's cache will hopefully continue updating. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=27dbd0aa1207a04e72d0d05235473868999afb10 commit 27dbd0aa1207a04e72d0d05235473868999afb10 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2024-02-12 01:15:16 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2024-02-12 01:16:12 +0000 [ GLSA 202401-33 ] add missed bug Bug: https://bugs.gentoo.org/920664 Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202401-33.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) The stablereq in 920667 is for 2.42.4 while >=2.42.2 is already stable for bugs 915222 and 918667, so we're fixed here once this is GLSA'd. I've just amended the last GLSA to add this. |