[Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2019-0006

Alberto Garcia berto at debian.org
Tue Nov 12 12:11:06 GMT 2019



Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c840da1 by Alberto Garcia at 2019-11-12T12:09:16Z
webkit2gtk upstream advisory WSA-2019-0006

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -33176,36 +33176,76 @@ CVE-2019-8824
 	RESERVED
 CVE-2019-8823
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8822
 	RESERVED
+	- webkit2gtk 2.24.4-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8821
 	RESERVED
+	- webkit2gtk 2.24.4-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8820
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8819
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8818
 	RESERVED
 CVE-2019-8817
 	RESERVED
 CVE-2019-8816
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8815
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8814
 	RESERVED
 CVE-2019-8813
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8812
 	RESERVED
 CVE-2019-8811
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8810
 	RESERVED
 CVE-2019-8809
 	RESERVED
 CVE-2019-8808
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8807
 	RESERVED
 CVE-2019-8806
@@ -33256,8 +33296,16 @@ CVE-2019-8784
 	RESERVED
 CVE-2019-8783
 	RESERVED
+	- webkit2gtk 2.26.1-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8782
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8781
 	RESERVED
 CVE-2019-8780
@@ -33304,10 +33352,22 @@ CVE-2019-8767
 	RESERVED
 CVE-2019-8766
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8765
 	RESERVED
+	- webkit2gtk 2.24.4-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8764
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8763
 	RESERVED
 	{DSA-4515-1}
@@ -33355,6 +33415,10 @@ CVE-2019-8744
 	RESERVED
 CVE-2019-8743
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8742
 	RESERVED
 CVE-2019-8741
@@ -33444,6 +33508,10 @@ CVE-2019-8711
 	RESERVED
 CVE-2019-8710
 	RESERVED
+	- webkit2gtk 2.26.0-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
+	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
 CVE-2019-8709
 	RESERVED
 CVE-2019-8708


=====================================
data/DSA/list
=====================================
@@ -13,7 +13,7 @@
 	[stretch] - proftpd-dfsg 1.3.5b-4+deb9u2
 	[buster] - proftpd-dfsg 1.3.6-4+deb10u2
 [04 Nov 2019] DSA-4558-1 webkit2gtk - security update
-	{CVE-2019-8625 CVE-2019-8720 CVE-2019-8769 CVE-2019-8771}
+	{CVE-2019-8625 CVE-2019-8720 CVE-2019-8769 CVE-2019-8771 CVE-2019-8710 CVE-2019-8743 CVE-2019-8764 CVE-2019-8766 CVE-2019-8782 CVE-2019-8808 CVE-2019-8815 CVE-2019-8783 CVE-2019-8811 CVE-2019-8813 CVE-2019-8816 CVE-2019-8819 CVE-2019-8820 CVE-2019-8823}
 	[buster] - webkit2gtk 2.26.1-3~deb10u1
 [31 Oct 2019] DSA-4557-1 libarchive - security update
 	{CVE-2019-18408}
@@ -174,7 +174,7 @@
 	[stretch] - firefox-esr 60.9.0esr-1~deb9u1
 	[buster] - firefox-esr 60.9.0esr-1~deb10u1
 [04 Sep 2019] DSA-4515-1 webkit2gtk - security update
-	{CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8763 CVE-2019-8733 CVE-2019-8719 CVE-2019-8707 CVE-2019-8674}
+	{CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 CVE-2019-8763 CVE-2019-8733 CVE-2019-8719 CVE-2019-8707 CVE-2019-8674 CVE-2019-8765 CVE-2019-8821 CVE-2019-8822}
 	[buster] - webkit2gtk 2.24.4-1~deb10u1
 [04 Sep 2019] DSA-4514-1 varnish - security update
 	{CVE-2019-15892}


=====================================
data/dsa-needed.txt
=====================================
@@ -65,6 +65,8 @@ thunderbird
 tiff
   Maintainer working on updates
 --
+webkit2gtk
+--
 wordpress
   Maintainer proposed debdiff for buster-security
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c840da187033834d840b56a66487aa87347740e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c840da187033834d840b56a66487aa87347740e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191112/f59209fe/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list