• [SECURITY] [DSA 5351-1] webkit2gtk security update

    From Alberto Garcia@21:1/5 to All on Fri Feb 17 00:30:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5351-1 security@debian.org https://www.debian.org/security/ Alberto Garcia February 17, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : webkit2gtk
    CVE ID : CVE-2023-23529

    The following vulnerabilities have been discovered in the WebKitGTK
    web engine:

    CVE-2023-23529

    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to arbitrary code execution. Apple is
    aware of a report that this issue may have been actively
    exploited.

    For the stable distribution (bullseye), this problem has been fixed in
    version 2.38.5-1~deb11u1.

    We recommend that you upgrade your webkit2gtk packages.

    For the detailed security status of webkit2gtk please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmPut+cACgkQAAyEYu0C 2AJaFhAAkyJJj40wLK3T0Zleue2oSvGe5fujMsGtiiUXCn8L6x4nGnk0tPDsIPsD jssAEH6sSFrQkpuDV/MUYK6EXsRG8js4HFql8M9A0xdGihT35mih7YSrhd2cMmBU VJS8DMuVefOhukGdgubydfUhCpN4v9YmlmNo+bURl6GRtNBJfm9bWvtx9i1CANMQ rhbMIXuzrbx7j8PAfbTA8YclFpiLhsq+aEjb7UeOr6ZPeNfMcIisZrJI2cfpcDFH JpA6yECLXnuOqMWn4xUN+f8kmUwDLlSpnZ6qA9+jeOC5O2ljKB2k75D/C2547o8Z km5ihSNafLDsVXsy3DSU0XZiLxLpAEmR3TqsC30k196frajVt1cQKWdvI9yUj+oZ YePgbmXlz+Ua1pgoaD8IuJiAwvQw7ZYen6xVKSX1Gu2+5NWTB5cw3sOcTLeCTSzh IZlS8Gdf0dbyN9nWF2jKv9LeGKfGHs6WzEcx9FZDLjZ0B96uYcbVLNopp9SVYgTX sqYwDTAqjbLTegGbLxGkXXqqvKsPiAEDHdhdBOHmefQjLvThMvwxciRAx0P76Rsa s3kxIlsOgdnlZ/ecA1vS0Xa+xK4r19eGveJU2dfQ80DdqeeNTNNhkfUjwzPaYlEX b2Irr6UDv2JYmzIZ5qtJgCOA7yX1lbIOTj5/S11K0gIdp4HTyao=
    =URao
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)