This bug was fixed in the package epiphany-browser - 3.36.4-0ubuntu2
---
epiphany-browser (3.36.4-0ubuntu2) focal-security; urgency=medium
* SECURITY UPDATE: Fix memory corruption in ephy_string_shorten()
- CVE-2022-29536 (LP: #1969851)
* SECURITY UPDATE: Multiple XSS issues (
I installed epiphany-browser 3.36.4-0ubuntu2 from the proposed PPA on to
Ubuntu 20.04.4 LTS.
After installing, I was able to watch a video on YouTube (I needed to
install gstreamer1.0-plugins-bad first).
I was able to use Reader Mode on a blog site.
And I was able to load https://ubuntu.com/ nor
ACK on the debdiff in comment #3. It is building in the security team
PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
Once it has finished building, please test it and detail the testing
performed in this bug, and we will release it as a security update.
T
** Description changed:
- I'm filing this placeholder bug for the epiphany security issues. I am
- not currently working on this bug.
+ Impact
+ --
+ Multiple cross-site scripting (XSS) vulnerabilities were fixed in December
2021. (Sorry for the delay.)
https://discourse.gnome.org/t/epip
** No longer affects: epiphany-browser (Ubuntu Bionic)
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to epiphany-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1955362
Title:
epiphany December 2021 XSS issues
To manage notificat
Ubuntu 21.10 (Impish Indri) has reached end of life, so this bug will
not be fixed for that specific release.
** Changed in: epiphany-browser (Ubuntu Impish)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subs
** No longer affects: epiphany-browser (Ubuntu Hirsute)
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to epiphany-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1955362
Title:
epiphany December 2021 XSS issues
To manage notifica
** Also affects: epiphany-browser (Ubuntu Jammy)
Importance: Undecided
Status: Fix Released
** No longer affects: epiphany-browser (Ubuntu Jammy)
** Changed in: epiphany-browser (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a m
This bug was fixed in the package epiphany-browser - 41.2-1
---
epiphany-browser (41.2-1) unstable; urgency=high
* New upstream release
- Includes fixes for CVE-2021-45085, CVE-2021-45086, CVE-2021-45087,
CVE-2021-4508 (LP: #1955362)
* debian/copyright: minor update
--
