Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker
Commits: b5a5976e by Alberto Garcia at 2023-09-11T18:26:27+02:00 webkit2gtk / wpewebkit upstream advisory WSA-2023-0008 - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== @@ -212,7 +212,10 @@ CVE-2023-41053 (Redis is an in-memory database that persists on disk. Redis does NOTE: Fixed by: https://github.com/redis/redis/commit/0f14d3279212e1b262869b6160db87d6f117cff5 (7.0.13) NOTE: https://github.com/redis/redis/security/advisories/GHSA-q4jr-5p56-4xwc CVE-2023-40397 (The issue was addressed with improved checks. This issue is fixed in m ...) - NOT-FOR-US: Apple + - webkit2gtk 2.40.5-1 + - wpewebkit 2.40.5-1 + [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm) + NOTE: https://webkitgtk.org/security/WSA-2023-0008.html CVE-2023-40392 (A privacy issue was addressed with improved private data redaction for ...) NOT-FOR-US: Apple CVE-2023-39967 (WireMock is a tool for mocking HTTP services. When certain request URL ...) @@ -431,7 +434,10 @@ CVE-2023-32425 (The issue was addressed with improved memory handling. This issu CVE-2023-32379 (A buffer overflow issue was addressed with improved memory handling. T ...) NOT-FOR-US: Apple CVE-2023-32370 (A logic issue was addressed with improved validation. This issue is fi ...) - NOT-FOR-US: Apple + - webkit2gtk 2.40.1-1 + - wpewebkit 2.40.2-2 + [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm) + NOTE: https://webkitgtk.org/security/WSA-2023-0008.html CVE-2023-32362 (Error handling was changed to not reveal sensitive information. This i ...) NOT-FOR-US: Apple CVE-2023-32356 (A buffer overflow issue was addressed with improved memory handling. T ...) @@ -25311,7 +25317,10 @@ CVE-2023-28200 (A validation issue was addressed with improved input sanitizatio CVE-2023-28199 (An out-of-bounds read issue existed that led to the disclosure of kern ...) NOT-FOR-US: Apple CVE-2023-28198 (A use-after-free issue was addressed with improved memory management. ...) - NOT-FOR-US: Apple + - webkit2gtk 2.40.1-1 + - wpewebkit 2.40.2-2 + [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm) + NOTE: https://webkitgtk.org/security/WSA-2023-0008.html CVE-2023-28197 RESERVED CVE-2023-28196 ===================================== data/DSA/list ===================================== @@ -98,7 +98,7 @@ [bullseye] - thunderbird 1:102.14.0-1~deb11u1 [bookworm] - thunderbird 1:102.14.0-1~deb12u1 [05 Aug 2023] DSA-5468-1 webkit2gtk - security update - {CVE-2023-38133 CVE-2023-38572 CVE-2023-38592 CVE-2023-38594 CVE-2023-38595 CVE-2023-38597 CVE-2023-38599 CVE-2023-38600 CVE-2023-38611} + {CVE-2023-38133 CVE-2023-38572 CVE-2023-38592 CVE-2023-38594 CVE-2023-38595 CVE-2023-38597 CVE-2023-38599 CVE-2023-38600 CVE-2023-38611 CVE-2023-40397} [bullseye] - webkit2gtk 2.40.5-1~deb11u1 [bookworm] - webkit2gtk 2.40.5-1~deb12u1 [04 Aug 2023] DSA-5467-1 chromium - security update @@ -345,7 +345,7 @@ {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205} [bullseye] - wpewebkit 2.38.6-1~deb11u1 [03 May 2023] DSA-5396-1 webkit2gtk - security update - {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205 CVE-2023-32393 CVE-2023-32435} + {CVE-2022-0108 CVE-2022-32885 CVE-2023-27932 CVE-2023-27954 CVE-2023-28205 CVE-2023-32393 CVE-2023-32435 CVE-2023-28198 CVE-2023-32370} [bullseye] - webkit2gtk 2.40.1-1~deb11u1 [02 May 2023] DSA-5395-1 nodejs - security update {CVE-2023-23920} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5a5976e3de0d1e7126d124b2150f8752f62a54a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5a5976e3de0d1e7126d124b2150f8752f62a54a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits