This bug was fixed in the package epiphany-browser - 3.36.4-0ubuntu2
---------------
epiphany-browser (3.36.4-0ubuntu2) focal-security; urgency=medium
* SECURITY UPDATE: Fix memory corruption in ephy_string_shorten()
- CVE-2022-29536 (LP: #1969851)
* SECURITY UPDATE: Multiple XSS issues (LP: #1955362)
- CVE-2021-45085 XSS exploit possible from the Most Visited page
- CVE-2021-45086 XSS exploit possible with a PDF's suggested filename
- CVE-2021-45087 XSS exploit possible in View Source or Reader Mode
- CVE-2021-45087 XSS exploit possible via error pages
-- Jeremy Bicha <jbi...@ubuntu.com> Sun, 31 Jul 2022 16:32:14 -0400
** Changed in: epiphany-browser (Ubuntu Focal)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-29536
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to epiphany-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1955362
Title:
epiphany December 2021 XSS issues
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/epiphany-browser/+bug/1955362/+subscriptions
--
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
