Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1ac6bfa7 by Salvatore Bonaccorso at 2024-08-18T20:50:57+02:00
Track issues from WSA-2024-0004
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4687,11 +4687,19 @@ CVE-2024-40796 (A privacy issue was addressed with
improved private data redacti
CVE-2024-40795 (This issue was addressed with improved data protection. This
issue is ...)
NOT-FOR-US: Apple
CVE-2024-40794 (This issue was addressed through improved state management.
This issue ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40793 (This issue was addressed by removing the vulnerable code. This
issue i ...)
NOT-FOR-US: Apple
CVE-2024-40789 (An out-of-bounds access issue was addressed with improved
bounds check ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40788 (A type confusion issue was addressed with improved memory
handling. Th ...)
NOT-FOR-US: Apple
CVE-2024-40787 (This issue was addressed by adding an additional prompt for
user conse ...)
@@ -4699,25 +4707,45 @@ CVE-2024-40787 (This issue was addressed by adding an
additional prompt for user
CVE-2024-40786 (This issue was addressed through improved state management.
This issue ...)
NOT-FOR-US: Apple
CVE-2024-40785 (This issue was addressed with improved checks. This issue is
fixed in ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40784 (An integer overflow was addressed with improved input
validation. This ...)
NOT-FOR-US: Apple
CVE-2024-40783 (The issue was addressed with improved restriction of data
container ac ...)
NOT-FOR-US: Apple
CVE-2024-40782 (A use-after-free issue was addressed with improved memory
management. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40781 (The issue was addressed with improved checks. This issue is
fixed in m ...)
NOT-FOR-US: Apple
CVE-2024-40780 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40779 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40778 (An authentication issue was addressed with improved state
management. ...)
NOT-FOR-US: Apple
CVE-2024-40777 (An out-of-bounds access issue was addressed with improved
bounds check ...)
NOT-FOR-US: Apple
CVE-2024-40776 (A use-after-free issue was addressed with improved memory
management. ...)
- NOT-FOR-US: Apple
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-40775 (A downgrade issue was addressed with additional code-signing
restricti ...)
NOT-FOR-US: Apple
CVE-2024-40774 (A downgrade issue was addressed with additional code-signing
restricti ...)
@@ -29580,6 +29608,11 @@ CVE-2024-4558 (Use after free in ANGLE in Google
Chrome prior to 124.0.6367.155
- chromium 124.0.6367.155-1
[bullseye] - chromium <end-of-life> (see #1061268)
[buster] - chromium <end-of-life> (see DSA 5046)
+ - webkit2gtk <unfixed>
+ - wpewebkit <unfixed>
+ [bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
+ [bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
+ NOTE: https://webkitgtk.org/security/WSA-2024-0004.html
CVE-2024-34397 (An issue was discovered in GNOME GLib before 2.78.5, and
2.79.x and 2. ...)
{DSA-5682-1 DLA-3814-1}
- glib2.0 2.80.0-10
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ac6bfa78a29c2b01aa30a9c7e1429a10c2772a0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ac6bfa78a29c2b01aa30a9c7e1429a10c2772a0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
