|
|
Subscribe / Log in / New account

Debian alert DLA-3074-1 (epiphany-browser)



From:
              Emilio Pozuelo Monfort <pochu@debian.org>


To:
              <debian-lts-announce@lists.debian.org>


Subject:
              [SECURITY] [DLA 3074-1] epiphany-browser security update


Date:
              Thu, 18 Aug 2022 09:54:52 +0200


Message-ID:
              <20220818075452.B42EB2A0AE5@andromeda>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3074-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
August 18, 2022                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : epiphany-browser
Version        : 3.32.1.2-3~deb10u2
CVE ID         : CVE-2021-45085 CVE-2021-45087 CVE-2021-45088 CVE-2022-29536
Debian Bug     : 1009959

Several issues were discovered in Epiphany, the GNOME web browser, allowing
XSS attacks by malicious websites, or memory corruption and application
crash by a page with a very long title.

For Debian 10 buster, these problems have been fixed in version
3.32.1.2-3~deb10u2.

We recommend that you upgrade your epiphany-browser packages.

For the detailed security status of epiphany-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/epiphany-browser

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmL98EgACgkQnUbEiOQ2
gwLu5hAAi8SYoVMrdq0Oor3U4wfQwWm4kTw/cyR3ceWdNP3Tpv7hpyQghMYODYH6
9aRdCxioGW2Fd/pdKdZ6FupDJ6TSbSl7BJ9mVlajjOHGWNl5bhi4cIH2DCTgaYsp
XaiQTzJ3aQQv5S4zkPq7OpuFDMmUTCOOY7qg/nWCHtiO/wDHQWgJkMmj0zqBOD88
csjsnQ9STs3Xr3BRezXYpbL9OkgHsuz9Sm8IPnJEwT+Y5gKLk3Fgw/77fMWyUMBt
zbtsgIH0aQJgngouYBH7FOXufDj8cwfetOuiX6HPFhdD3YLdCMhZt+Sb3AegOEZG
G6IZsUXU177KUIklJsNEZlyNBT+TXURvqmf6pJFfy2whKJoz6jJtm/P/p60eLos6
s+2H5Yi7VQ5ofCLAZQ7V9eX1LhmXjmxrjcoXGNUcJf0T1Gpe54ZRdMxhVyP4EQmZ
XxCY2TIepLCwm+obZseiqiz3mqXvsXq6UKbkt620CPtmtB/SXxFy2x3byN1Sh9rN
LvuDaF+4qgZ5Il9ejcV4OXB8cbtbhICR5vECr7+1mqnHEy8SgRUCSnYZJ3lMojO+
RopXIqaW5B8/jP7Htw3efDjbCVV/xpEJxQezJuRI/hk6M67V5gHevx9xoz+L0mHQ
g6sTtCHRGpXUo2/cYjsQ7QbjQylPFMSMPD3HtrbdcrWReRfQOl0=
=h+m9
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds