1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5557-1] webkit2gtk security update

    From Alberto Garcia@21:1/5 to All on Fri Nov 17 01:40:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5557-1 security@debian.org https://www.debian.org/security/ Alberto Garcia November 17, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : webkit2gtk
    CVE ID : CVE-2023-41983 CVE-2023-42852

    The following vulnerabilities have been discovered in the WebKitGTK
    web engine:

    CVE-2023-41983

    Junsung Lee discovered that processing web content may lead to a
    denial-of-service.

    CVE-2023-42852

    An anonymous researcher discovered that processing web content may
    lead to arbitrary code execution.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 2.42.2-1~deb11u1.

    For the stable distribution (bookworm), these problems have been fixed in version 2.42.2-1~deb12u1.

    We recommend that you upgrade your webkit2gtk packages.

    For the detailed security status of webkit2gtk please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmVWsEgACgkQAAyEYu0C 2ALSaxAAlUplCgENdVCJvbf2cRhZiJeQvEm71xLR972uesvSaBr+NsQacz+lv6qU 3U8iq4ulY8Y4o8rv3TbIrxF+WvMWYq8U7a8vqrY66W++u4//L5INYvuIxaNwoonV +r30K0tJ2exsbTdQVCSHe2dB8aOf1qLWJHpwgnYuSIZRS1rBxSrxTUuJizZsUXi5 Y4l4KRdGIuv/e+kIkxKDCxeFHI3bmHJEZiDnNG8ohVSxmWPqjNFh9ZBYcFynVoFr hrqc076Py5ok4AYLgnH2rW8/33NCsh08IINqRovR6cSkOLL9KZFSeKWAKZunbrjb Ptp3wZSANh5pYBl7cbxXvam+gakgkkZg9hNoe+RJjRBwEUylURODK6+dBNXbO1mr JQqajMyXnUWT8JakalV0Ioi6KKQR6Qpp7OGTdoLlrnh1oXAjrbDTtwk6Zn2LEWwr THCH4roBbVKPXG0LJRGntWnt/qRVMjnmmCY1xOzs/Y+5tuR0ChtlZueGrL1t9kSQ EVMU7MZ3jBz0l0ZkzWFMXzSNXQK6m0Vef1vS9JZkNyc+sBmtrDQfJu+qf17z1RUz 56FuYfVi4f+P+IxyLnh5MTssR8QjLR1WCVZBiTyfIyNtl6oOCFJ9UTrQC8QnycD6 tHJfHHwwAp5HucG6zaJHZ3KV4BOuL6bNV0SChvlCc13dnTyyGv4=
    =zn+t
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)