[Git][security-tracker-team/security-tracker][master] Add fixed versions for CVEs in the WebKit advisory WSA-2024-0004
Alberto Garcia (@berto)
berto at debian.org
Mon Aug 26 17:57:43 BST 2024
Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c1c9d99 by Alberto Garcia at 2024-08-26T18:56:36+02:00
Add fixed versions for CVEs in the WebKit advisory WSA-2024-0004
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6745,16 +6745,16 @@ CVE-2024-40796 (A privacy issue was addressed with improved private data redacti
CVE-2024-40795 (This issue was addressed with improved data protection. This issue is ...)
NOT-FOR-US: Apple
CVE-2024-40794 (This issue was addressed through improved state management. This issue ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40793 (This issue was addressed by removing the vulnerable code. This issue i ...)
NOT-FOR-US: Apple
CVE-2024-40789 (An out-of-bounds access issue was addressed with improved bounds check ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
@@ -6765,8 +6765,8 @@ CVE-2024-40787 (This issue was addressed by adding an additional prompt for user
CVE-2024-40786 (This issue was addressed through improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2024-40785 (This issue was addressed with improved checks. This issue is fixed in ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
@@ -6775,22 +6775,22 @@ CVE-2024-40784 (An integer overflow was addressed with improved input validation
CVE-2024-40783 (The issue was addressed with improved restriction of data container ac ...)
NOT-FOR-US: Apple
CVE-2024-40782 (A use-after-free issue was addressed with improved memory management. ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40781 (The issue was addressed with improved checks. This issue is fixed in m ...)
NOT-FOR-US: Apple
CVE-2024-40780 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40779 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
@@ -6799,8 +6799,8 @@ CVE-2024-40778 (An authentication issue was addressed with improved state manage
CVE-2024-40777 (An out-of-bounds access issue was addressed with improved bounds check ...)
NOT-FOR-US: Apple
CVE-2024-40776 (A use-after-free issue was addressed with improved memory management. ...)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
@@ -31757,8 +31757,8 @@ CVE-2024-4558 (Use after free in ANGLE in Google Chrome prior to 124.0.6367.155
- chromium 124.0.6367.155-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
- - webkit2gtk <unfixed>
- - wpewebkit <unfixed>
+ - webkit2gtk 2.44.3-1
+ - wpewebkit 2.44.3-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c1c9d99cc75b36f17f07c068664e88fdd0368ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c1c9d99cc75b36f17f07c068664e88fdd0368ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240826/420ebcf1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list