Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7b002770 by Alberto Garcia at 2023-06-29T17:17:55+02:00 webkit2gtk / wpewebkit upstream advisory WSA-2023-0005 - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -563,7 +563,10 @@ CVE-2023-32580 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i CVE-2023-32480 (Dell BIOS contains an Improper Input Validation vulnerability. An unau ...) NOT-FOR-US: Dell CVE-2023-32439 (A type confusion issue was addressed with improved checks. This issue ...) - NOT-FOR-US: Apple + - webkit2gtk 2.40.3-1 + - wpewebkit 2.40.3-1 + [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm) + NOTE: https://webkitgtk.org/security/WSA-2023-0005.html CVE-2023-32435 (A memory corruption issue was addressed with improved state management ...) NOT-FOR-US: Apple CVE-2023-32434 (An integer overflow was addressed with improved input validation. This ...) ===================================== data/DSA/list ===================================== @@ -149,7 +149,7 @@ {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205} [bullseye] - wpewebkit 2.38.6-1~deb11u1 [03 May 2023] DSA-5396-1 webkit2gtk - security update - {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205} + {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205 CVE-2023-32435} [bullseye] - webkit2gtk 2.40.1-1~deb11u1 [02 May 2023] DSA-5395-1 nodejs - security update {CVE-2023-23920} @@ -619,10 +619,10 @@ {CVE-2022-29599} [bullseye] - maven-shared-utils 3.3.0-1+deb11u1 [28 Sep 2022] DSA-5241-1 wpewebkit - security update - {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363} + {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863 CVE-2022-48503 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363} [bullseye] - wpewebkit 2.38.0-1~deb11u1 [28 Sep 2022] DSA-5240-1 webkit2gtk - security update - {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363} + {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42863 CVE-2022-48503 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363} [bullseye] - webkit2gtk 2.38.0-1~deb11u1 [27 Sep 2022] DSA-5239-1 gdal - security update {CVE-2021-45943} ===================================== data/dsa-needed.txt ===================================== @@ -79,6 +79,8 @@ salt/oldstable -- samba/oldstable -- +webkit2gtk +-- wpewebkit -- xrdp/oldstable View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b002770aac0166b14ff765a9531e5d440cdadaf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b002770aac0166b14ff765a9531e5d440cdadaf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits