[SECURITY] [DSA 5575-1] webkit2gtk security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-5575-1 secur...@debian.org https://www.debian.org/security/ Alberto Garcia December 11, 2023 https://www.debian.org/security/faq - - Package: webkit2gtk CVE ID : CVE-2023-42916 CVE-2023-42917 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42916 Clement Lecigne discovered that processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. CVE-2023-42917 Clement Lecigne discovered that processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. For the oldstable distribution (bullseye), these problems have been fixed in version 2.42.3-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 2.42.3-1~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmV3hxQACgkQAAyEYu0C 2ALD/A/+Inn3pEr29SXRWDWhmX/eUIg1KrUVGXXfgrWFaDx9ejRhchXnzORIOKcV a1SlXQ48Gixernf8T06Hbvg6l3TL8vd+Z/mNO+oVYvT3h/ARiJ6rtAS+rxjpFrF0 GOGBDUh8X69knZ17ZZ4fuMo4dkGvq75Ww95bS70ffLWGcwvDjL0VYU1Igkcf8DAU moqWeHGH1dPwQs18Ifa5PWCnBoxyBkeu3sQz1qsZQ4h628Feo1k7orjRiL7NDS9t bfSZyiR935BmrOqbGZ1Mg8UH26qY9WZkARUEmi5kfHeycXvAs80sKW6AzKJtksa/ nidSAmYU9QTI5pHp4oF4hSlG7GSABQhSBEzx/B2449XvQOvoD0EAt7OKvEFZ7fIL mHDLBl4K9QOErM7Qu2hWqaqEBnxo8Xb8epKFtqQUUqVpBPdc79UtrwNj2Lvg5/w3 TPqBc/OnYuXRuTlAZ85zAqbus6roCQI2Nwe6m8+lVhK1H4wRSGQ3XvzpGMG9bplq y9Z7Lwg2b8s9+3Kfkm8fO9qsK0TrrODxBoJ/hvWZ0ULtvY3KzREnEpnKkPmPdtod InJwL6vQbtR9D9Zcss8+pWm/ElD5ImTekoqs5vHrgFaXLH0iI/lAXPm/DFX5R5cW SR6mK0T1Dwg5GveQlnVR7nbwYCtjZOPHGPKDUQYzaNf14keKk9A= =v8r9 -END PGP SIGNATURE-
[SECURITY] [DSA 5574-1] libreoffice security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-5574-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 11, 2023 https://www.debian.org/security/faq - - Package: libreoffice CVE ID : CVE-2023-6185 CVE-2023-6186 Reginaldo Silva discovered two security vulnerabilities in LibreOffice, which could result in the execution of arbitrary scripts or Gstreamer plugins when opening a malformed file. For the oldstable distribution (bullseye), these problems have been fixed in version 1:7.0.4-4+deb11u8. For the stable distribution (bookworm), these problems have been fixed in version 4:7.4.7-1+deb12u1. We recommend that you upgrade your libreoffice packages. For the detailed security status of libreoffice please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libreoffice Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmV3VjIACgkQEMKTtsN8 TjbwORAAuB60r1xUa5p57zhnUoQUsbnl/TvmwcHNX9mL8AgXgwN2ni0j5YdwpVbP lAuMHf/LaoHrOeHQM+rxV9ATErW28I7hHc2Iyys9nUVv8vKwqhu5U1bTloNUIH4t UcqxZS49ydLgAV6YqcycPJZMXQBq7N4rcWLf0oIS+3aR3ZW1bPcydOQuLUe9eTT1 9V8hSpn3w58xKn/f9kfhvCW4xjm8TICMqmHGFznUgr2zUvFIIL4jlQyWIOtC8vcv X/PGr5hCVOiUeFgnGltiEe6KKJoVuBzrO1FDnewVetsqzqUlWzJ4djyMiKn0rFDn voo0DNA1HO32jQi1KNDmPYSyRr5h3VneYJSAfUdpW3Q5pX2KxaCgzKGLV58rr+qy fzEd9Z2DqCP9tiBYZmzFQRQ7WsTHiKHV1gKD+jTVO0thpGAZvh5XLS5JBs7FnrlV x4DCaXQLkLhshv9dsevSq2ssyzcfhUCuvA5m+tbXeZGmukulwH70sUZSCj2Uz7bN niUWUfu/kM/Y8SmynZYvNO0+daVAn32EY7xXmnTvNykRRuXDkL0r7mE4UXLfbWPi sEZbANWHJGWeVT3Ucbroko66UMnygl/0TIzqZifo3wJTBEEVExmVlvunsnnsdl0x ZPm2DUMhs/3T5xd0nP0ySCzM1BsF302PocN+I9M/LkaMhk6/X0U= =yhb9 -END PGP SIGNATURE-
