[Git][security-tracker-team/security-tracker][master] webkit2gtk: CVEs 2021-21779 and 2021-21775 are not fixed yet

Alberto Garcia (@berto) berto at debian.org
Wed Jul 14 13:34:14 BST 2021 


Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker


Commits:
316fa019 by Alberto Garcia at 2021-07-14T14:33:39+02:00
webkit2gtk: CVEs 2021-21779 and 2021-21775 are not fixed yet

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35195,6 +35195,7 @@ CVE-2021-21807 (An integer overflow vulnerability exists in the DICOM parse_dico
 CVE-2021-21806 (An exploitable use-after-free vulnerability exists in WebKitGTK browse ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.30.6-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1214
 CVE-2021-21805
@@ -35252,10 +35253,10 @@ CVE-2021-21781
 CVE-2021-21780
 	RESERVED
 CVE-2021-21779 (A use-after-free vulnerability exists in the way Webkit’s Graphi ...)
-	- webkit2gtk <undetermined>
-	- wpewebkit <undetermined>
+	- webkit2gtk <unfixed>
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	- wpewebkit <unfixed>
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1238
-	TODO: check
 CVE-2021-21778
 	RESERVED
 CVE-2021-21777 (An information disclosure vulnerability exists in the Ethernet/IP UDP  ...)
@@ -35263,10 +35264,10 @@ CVE-2021-21777 (An information disclosure vulnerability exists in the Ethernet/I
 CVE-2021-21776 (An out-of-bounds write vulnerability exists in the SGI Format Buffer S ...)
 	NOT-FOR-US: ImageGear
 CVE-2021-21775 (A use-after-free vulnerability exists in the way certain events are pr ...)
-	- webkit2gtk <undetermined>
-	- wpewebkit <undetermined>
+	- webkit2gtk <unfixed>
+	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+	- wpewebkit <unfixed>
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1229
-	TODO: check
 CVE-2021-21774
 	RESERVED
 CVE-2021-21773 (An out-of-bounds write vulnerability exists in the TIFF header count-p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/316fa019f86cb6601eb98f4172e7aec1ab15c438

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/316fa019f86cb6601eb98f4172e7aec1ab15c438
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210714/3aba93b2/attachment.htm>

More information about the debian-security-tracker-commits mailing list