[Git][security-tracker-team/security-tracker][master] Mark new CVEs for webkit2gtk as end-of-line for buster

Anton Gladky (@gladk) gladk at debian.org
Sat Aug 5 20:24:29 BST 2023



Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d4af5b20 by Anton Gladky at 2023-08-05T21:20:50+02:00
Mark new CVEs for webkit2gtk as end-of-line for buster

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -950,6 +950,7 @@ CVE-2023-38601 (This issue was addressed by removing the vulnerable code. This i
 	NOT-FOR-US: Apple
 CVE-2023-38599 (A logic issue was addressed with improved state management. This issue ...)
 	- webkit2gtk 2.40.5-1
+  [buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
@@ -957,6 +958,7 @@ CVE-2023-38598 (A use-after-free issue was addressed with improved memory manage
 	NOT-FOR-US: Apple
 CVE-2023-38592 (A logic issue was addressed with improved restrictions. This issue is  ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
@@ -1071,6 +1073,7 @@ CVE-2023-3451
 	REJECTED
 CVE-2023-38611 (The issue was addressed with improved memory handling. This issue is f ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
@@ -1084,21 +1087,25 @@ CVE-2023-38602 (A permissions issue was addressed with additional restrictions.
 	NOT-FOR-US: Apple
 CVE-2023-38600 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
 CVE-2023-38597 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
 CVE-2023-38595 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
 CVE-2023-38594 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
@@ -1108,6 +1115,7 @@ CVE-2023-38580 (The issue was addressed with improved memory handling. This issu
 	NOT-FOR-US: Apple
 CVE-2023-38572 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html
@@ -1136,6 +1144,7 @@ CVE-2023-38136 (The issue was addressed with improved memory handling. This issu
 	NOT-FOR-US: Apple
 CVE-2023-38133 (The issue was addressed with improved checks. This issue is fixed in i ...)
 	- webkit2gtk 2.40.5-1
+	[buster] - webkit2gtk <end-of-life> (webkit2gtk EOL in buster)
 	- wpewebkit 2.40.5-1
 	[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
 	NOTE: https://webkitgtk.org/security/WSA-2023-0007.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4af5b202196a67e6599e5e8fbd6476c653b6409

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4af5b202196a67e6599e5e8fbd6476c653b6409
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230805/8ebd2cab/attachment.htm>


More information about the debian-security-tracker-commits mailing list