"CVE-2022-0108 Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40 branch before 2.40.1. Credit to Luan Herrera (@lbherrera_). Impact: An HTML document may be able to render iframes with sensitive user information. Description: This issue was addressed with improved iframe sandbox enforcement. CVE-2022-32885 Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40 branch before 2.40.1. Credit to P1umer(@p1umer) and Q1IQ(@q1iqF). Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A memory corruption issue was addressed with improved validation. CVE-2023-27932 Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40 branch before 2.40.1. Credit to an anonymous researcher. Impact: Processing maliciously crafted web content may bypass Same Origin Policy. Description: This issue was addressed with improved state management. CVE-2023-27954 Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40 branch before 2.40.1. Credit to an anonymous researcher. Impact: A website may be able to track sensitive user information. Description: The issue was addressed by removing origin information. CVE-2023-28205 Versions affected: WebKitGTK and WPE WebKit before 2.38.6 and 2.40 branch before 2.40.1. Credit to Clément Lecigne of Google's Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A use after free issue was addressed with improved memory management." Please stabilize 2.40.1.
Thanks! Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d24459ed817d36cb6b0a3c3e487ae392a0237826 commit d24459ed817d36cb6b0a3c3e487ae392a0237826 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2023-05-18 14:40:12 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2023-05-18 14:40:37 +0000 net-libs/webkit-gtk: Drop SLOT=5 Has been replaced by SLOT=6. Bug: https://bugs.gentoo.org/905351 Signed-off-by: Matt Turner <mattst88@gentoo.org> net-libs/webkit-gtk/Manifest | 1 - net-libs/webkit-gtk/files/2.38.3-gcc-13.patch | 25 -- net-libs/webkit-gtk/files/2.38.5-gcc-13.patch | 30 --- net-libs/webkit-gtk/webkit-gtk-2.38.5-r500.ebuild | 265 ---------------------- 4 files changed, 321 deletions(-)
Other vulnerable versions dropped in commit f2e39b35f2bc73494ab8e38c67240a45a868e27f Author: Matt Turner <mattst88@gentoo.org> Date: Wed May 17 17:14:14 2023 -0400 net-libs/webkit-gtk: Drop old versions Signed-off-by: Matt Turner <mattst88@gentoo.org> net-libs/webkit-gtk/Manifest | 1 - net-libs/webkit-gtk/webkit-gtk-2.38.5-r410.ebuild | 271 ---------------------- net-libs/webkit-gtk/webkit-gtk-2.38.5.ebuild | 261 --------------------- net-libs/webkit-gtk/webkit-gtk-2.40.0-r410.ebuild | 257 -------------------- net-libs/webkit-gtk/webkit-gtk-2.40.0-r600.ebuild | 250 -------------------- net-libs/webkit-gtk/webkit-gtk-2.40.0.ebuild | 247 -------------------- 6 files changed, 1287 deletions(-)
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a8dea8203b3b4b4cca0bdebe02a9a8ea505ae935 commit a8dea8203b3b4b4cca0bdebe02a9a8ea505ae935 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-30 03:01:57 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-05-30 03:05:03 +0000 [ GLSA 202305-32 ] WebKitGTK+: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/871732 Bug: https://bugs.gentoo.org/879571 Bug: https://bugs.gentoo.org/888563 Bug: https://bugs.gentoo.org/905346 Bug: https://bugs.gentoo.org/905349 Bug: https://bugs.gentoo.org/905351 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202305-32.xml | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+)
GLSA released, all done!
