Bug#901018: epiphany-browser: CVE-2018-12016
Salvatore Bonaccorso
carnil at debian.org
Fri Jun 8 04:58:21 BST 2018
Source: epiphany-browser
Version: 3.28.2.1-1
Severity: normal
Tags: security upstream
Hi,
The following vulnerability was published for epiphany-browser,
filling it for tracking purposes. AFAIK there is no report upstream on
it.
CVE-2018-12016[0]:
| libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows
| remote attackers to cause a denial of service (application crash) via
| certain window.open and document.write calls.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-12016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12016
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-gnome-maintainers
mailing list