CVE-2023-42883 Versions affected: WebKitGTK and WPE WebKit before 2.42.4. Credit to Zoom Offensive Security Team. Impact: Processing a SVG image may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 263349
The somewhat esoteric slotting here is apparently breaking kuroneko, dropping the slots so kuroneko's cache will hopefully continue updating.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=27dbd0aa1207a04e72d0d05235473868999afb10 commit 27dbd0aa1207a04e72d0d05235473868999afb10 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2024-02-12 01:15:16 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2024-02-12 01:16:12 +0000 [ GLSA 202401-33 ] add missed bug Bug: https://bugs.gentoo.org/920664 Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202401-33.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
The stablereq in 920667 is for 2.42.4 while >=2.42.2 is already stable for bugs 915222 and 918667, so we're fixed here once this is GLSA'd. I've just amended the last GLSA to add this.