[Git][security-tracker-team/security-tracker][master] Remove tracking of src:epiphany-browser for CVE-2019-6251
Salvatore Bonaccorso
carnil at debian.org
Wed Apr 17 07:56:16 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8c111845 by Salvatore Bonaccorso at 2019-04-17T06:54:35Z
Remove tracking of src:epiphany-browser for CVE-2019-6251
The issue is in webkit2gtk and was adressed there[1]. Updated
description to "WebKitGTK and WPE WebKit prior to version 2.24.1 are
vulnerable to address bar spoofing upon certain JavaScript redirections.
An attacker could cause malicious web content to be displayed as if for
a trusted URI."
[1] https://gitlab.gnome.org/GNOME/epiphany/issues/532
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12893,8 +12893,6 @@ CVE-2019-6253
CVE-2019-6252
RESERVED
CVE-2019-6251 (embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allow ...)
- - epiphany-browser <unfixed>
- [jessie] - epiphany-browser <not-affected> (spoof.html does not change address bar)
- webkit2gtk 2.24.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c111845d14aefa1ccbc019b3badd75db3f7f011
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8c111845d14aefa1ccbc019b3badd75db3f7f011
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190417/517eeec1/attachment.html>
More information about the debian-security-tracker-commits
mailing list