[Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2022-0010
Alberto Garcia (@berto)
berto at debian.org
Fri Nov 4 15:28:02 GMT 2022
Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52f7600f by Alberto Garcia at 2022-11-04T16:27:02+01:00
webkit2gtk / wpewebkit upstream advisory WSA-2022-0010
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -7799,9 +7799,15 @@ CVE-2022-42826
CVE-2022-42825 (This issue was addressed by removing additional entitlements. This iss ...)
NOT-FOR-US: Apple
CVE-2022-42824 (A logic issue was addressed with improved state management. This issue ...)
- NOT-FOR-US: Apple
+ RESERVED
+ - webkit2gtk 2.38.2-1
+ - wpewebkit 2.38.2-1
+ NOTE: https://webkitgtk.org/security/WSA-2022-0010.html
CVE-2022-42823 (A type confusion issue was addressed with improved memory handling. Th ...)
- NOT-FOR-US: Apple
+ RESERVED
+ - webkit2gtk 2.38.2-1
+ - wpewebkit 2.38.2-1
+ NOTE: https://webkitgtk.org/security/WSA-2022-0010.html
CVE-2022-42822
RESERVED
CVE-2022-42821
@@ -7849,7 +7855,10 @@ CVE-2022-42801 (A logic issue was addressed with improved checks. This issue is
CVE-2022-42800 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
CVE-2022-42799 (The issue was addressed with improved UI handling. This issue is fixed ...)
- NOT-FOR-US: Apple
+ RESERVED
+ - webkit2gtk 2.38.2-1
+ - wpewebkit 2.38.2-1
+ NOTE: https://webkitgtk.org/security/WSA-2022-0010.html
CVE-2022-42798 (The issue was addressed with improved memory handling. This issue is f ...)
NOT-FOR-US: Apple
CVE-2022-42797
=====================================
data/DSA/list
=====================================
@@ -87,10 +87,10 @@
{CVE-2022-29599}
[bullseye] - maven-shared-utils 3.3.0-1+deb11u1
[28 Sep 2022] DSA-5241-1 wpewebkit - security update
- {CVE-2022-32886}
+ {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923}
[bullseye] - wpewebkit 2.38.0-1~deb11u1
[28 Sep 2022] DSA-5240-1 webkit2gtk - security update
- {CVE-2022-32886}
+ {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923}
[bullseye] - webkit2gtk 2.38.0-1~deb11u1
[27 Sep 2022] DSA-5239-1 gdal - security update
{CVE-2021-45943}
=====================================
data/dsa-needed.txt
=====================================
@@ -68,3 +68,7 @@ tiff
--
xen
--
+webkit2gtk
+--
+wpewebkit
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52f7600f1f4db8114a8d5f39f112447777df1423
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52f7600f1f4db8114a8d5f39f112447777df1423
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221104/3f1bd4e0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list