|
|
Subscribe / Log in / New account

Debian alert DLA-3087-1 (webkit2gtk)



From:
              Anton Gladky <gladk@debian.org>


To:
              <debian-lts-announce@lists.debian.org>


Subject:
              [SECURITY] [DLA 3087-1] webkit2gtk security update


Date:
              Tue, 30 Aug 2022 18:22:02 +0200


Message-ID:
              <20220830162202.7FA444A0294@localhost.localdomain>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3087-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                         Anton Gladky
August 30, 2022                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : webkit2gtk
Version        : 2.36.7-1~deb10u1
CVE ID         : CVE-2022-32893

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2022-32893

    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to arbitrary code execution. Apple is
    aware of a report that this issue may have been actively
    exploited.

For Debian 10 buster, this problem has been fixed in version
2.36.7-1~deb10u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmMOOScACgkQ0+Fzg8+n
/wYLWA/5AfkmYxgRJrmY1YIaknbP9BWsNn8/nxIwaVgN8jZlA0GkzhB0+J5GAPBx
5/fblyoWXWRdEsBekqlTTqOQsr5SdPWstbVSrb2eLkj6F/Yp6DhDRMWbOGU/gc5P
CBUdYOZ4/tB4XXeTrxDb//Q4Al7t2iRgADold1zlXw/TCEJAOa6qO6kZgZjf1xMq
YZmfU/h2FOCjDn9QccUM/tjoa+ePFzkz8P/3uQupP297c0G3wlWaCtkmca8h0UgD
LNjA+x3erQHYU354GSS1WCjbZChKdncEveWMMbV88YK8JLXbq3sD+Ztiqz3waDh+
I5h/Yh3ntSPnpp69ozHN/XbfUUJ3oTj4jP4VGWAuKhagKFg6dfIauilSkZ/FMCP9
bJxJWPOnyddiPKRHKA8gnmza5ponP2iwghAHsmORFntvDVp8R7N6xLWFE6cryoem
B/BVIF5xEsnZlD0MboGN/ZAcaXyeIqF2I6MxLLSaBTgnOShE1Ku26j8QOvqaL/er
p5inaZTu4WP1y0YqFgD6rvWjVGy5ZsCUbBhGDjJhK0FYTqWdOIu/QSomxfd0yxfC
2+fy13MYetPQXvMWYfDDGixxBK0lLJ0ArroGvad0WnB+uyEwX29jiq0rG+tyM9I3
hV8lWFGg4dIWRfln8oWmIiNcj7jANBa5B/Hdc3jlRwc4FY3Sv8I=
=tjtU
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds