[Git][security-tracker-team/security-tracker][master] Update status for some new webkit2gtk and wpewebkit issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 26 21:24:39 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fdbb1354 by Salvatore Bonaccorso at 2021-10-26T22:24:05+02:00
Update status for some new webkit2gtk and wpewebkit issues
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30333,13 +30333,22 @@ CVE-2021-30851
CVE-2021-30850 (An access issue was addressed with improved access restrictions. This ...)
NOT-FOR-US: Apple
CVE-2021-30849 (Multiple memory corruption issues were addressed with improved memory ...)
- NOT-FOR-US: Apple
+ - webkit2gtk 2.32.4-1
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+ - wpewebkit 2.32.4-1
+ NOTE: https://webkitgtk.org/security/WSA-2021-0006.html
CVE-2021-30848 (A memory corruption issue was addressed with improved memory handling. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk 2.32.4-1
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+ - wpewebkit 2.32.4-1
+ NOTE: https://webkitgtk.org/security/WSA-2021-0006.html
CVE-2021-30847 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
CVE-2021-30846 (A memory corruption issue was addressed with improved memory handling. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk 2.34.0-1
+ [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
+ - wpewebkit 2.34.1-1
+ NOTE: https://webkitgtk.org/security/WSA-2021-0006.html
CVE-2021-30845 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
NOT-FOR-US: Apple
CVE-2021-30844 (A logic issue was addressed with improved state management. This issue ...)
=====================================
data/DSA/list
=====================================
@@ -58,10 +58,10 @@
{CVE-2021-28694 CVE-2021-28695 CVE-2021-28696 CVE-2021-28697 CVE-2021-28698 CVE-2021-28699 CVE-2021-28700 CVE-2021-28701}
[bullseye] - xen 4.14.3-1~deb11u1
[20 Sep 2021] DSA-4976-1 wpewebkit - security update
- {CVE-2021-30858}
+ {CVE-2021-30848 CVE-2021-30849 CVE-2021-30858}
[bullseye] - wpewebkit 2.32.4-1~deb11u1
[20 Sep 2021] DSA-4975-1 webkit2gtk - security update
- {CVE-2021-30858}
+ {CVE-2021-30848 CVE-2021-30849 CVE-2021-30858}
[buster] - webkit2gtk 2.32.4-1~deb10u1
[bullseye] - webkit2gtk 2.32.4-1~deb11u1
[19 Sep 2021] DSA-4974-1 nextcloud-desktop - security update
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdbb1354a8b4c00cffdcad1fe5cebec7a7a072af
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdbb1354a8b4c00cffdcad1fe5cebec7a7a072af
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211026/0049f8f1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list