[Git][security-tracker-team/security-tracker][master] Track issues from WSA-2024-0004
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Aug 18 19:51:20 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1ac6bfa7 by Salvatore Bonaccorso at 2024-08-18T20:50:57+02:00
Track issues from WSA-2024-0004
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4687,11 +4687,19 @@ CVE-2024-40796 (A privacy issue was addressed with improved private data redacti
CVE-2024-40795 (This issue was addressed with improved data protection. This issue is ...)
NOT-FOR-US: Apple
CVE-2024-40794 (This issue was addressed through improved state management. This issue ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40793 (This issue was addressed by removing the vulnerable code. This issue i ...)
NOT-FOR-US: Apple
CVE-2024-40789 (An out-of-bounds access issue was addressed with improved bounds check ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40788 (A type confusion issue was addressed with improved memory handling. Th ...)
NOT-FOR-US: Apple
CVE-2024-40787 (This issue was addressed by adding an additional prompt for user conse ...)
@@ -4699,25 +4707,45 @@ CVE-2024-40787 (This issue was addressed by adding an additional prompt for user
CVE-2024-40786 (This issue was addressed through improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2024-40785 (This issue was addressed with improved checks. This issue is fixed in ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40784 (An integer overflow was addressed with improved input validation. This ...)
NOT-FOR-US: Apple
CVE-2024-40783 (The issue was addressed with improved restriction of data container ac ...)
NOT-FOR-US: Apple
CVE-2024-40782 (A use-after-free issue was addressed with improved memory management. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40781 (The issue was addressed with improved checks. This issue is fixed in m ...)
NOT-FOR-US: Apple
CVE-2024-40780 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40779 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40778 (An authentication issue was addressed with improved state management. ...)
NOT-FOR-US: Apple
CVE-2024-40777 (An out-of-bounds access issue was addressed with improved bounds check ...)
NOT-FOR-US: Apple
CVE-2024-40776 (A use-after-free issue was addressed with improved memory management. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40775 (A downgrade issue was addressed with additional code-signing restricti ...)
NOT-FOR-US: Apple
CVE-2024-40774 (A downgrade issue was addressed with additional code-signing restricti ...)
@@ -29580,6 +29608,11 @@ CVE-2024-4558 (Use after free in ANGLE in Google Chrome prior to 124.0.6367.155
- chromium 124.0.6367.155-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-34397 (An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2. ...)
{DSA-5682-1 DLA-3814-1}
- glib2.0 2.80.0-10
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ac6bfa78a29c2b01aa30a9c7e1429a10c2772a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ac6bfa78a29c2b01aa30a9c7e1429a10c2772a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240818/fc3e1c34/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list