it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Alberto Garcia <berto AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5219-1] webkit2gtk security update
- Date: Sat, 27 Aug 2022 14:49:40 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/20220827144940.GA15846 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=DQ16Ed+Zsg5tC2sxe8Qt1RAOVmxjGCljOgOk58Zt5z8=; b=Rb RfNmu1mUX7/JKaMf7PEx97iimjgeCWha+vD8EiFwhgzaKzISBgc0PvhsR/wVZtSJ1eiunJJbcPSop Ku32VlOmphP+cb4FxRTRtQAr5RePyWOv4aS0rT5uVTLQdugKx/bJ2SVTGao+y+mi1Yn+sfEqR0cka WMvmAuCeFO98Qaho4SLXzmsnvIN7Bsq7BBTvsIMgVBtX4suytUePfKjzCIOTmd2eHtdK+V1prNgps aPPLmRZk7AmmD+l92JmJZhGwBUeJoC0bTPGSGOjAVSNE26e0x/q8JY5EotX+Gyg8ahe9k/6slNnKo 170x58ktRa6/RaYfNQZV/SXF8iN7P7WQ==;
- Old-return-path: <berto AT debian.org>
- Priority: urgent
- Resent-date: Sat, 27 Aug 2022 14:50:03 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <Oo8yGXhqXKH.A.hRE.b8iCjB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5219-1 security AT debian.org
https://www.debian.org/security/ Alberto Garcia
August 27, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : webkit2gtk
CVE ID : CVE-2022-32893
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2022-32893
An anonymous researcher discovered that processing maliciously
crafted web content may lead to arbitrary code execution. Apple is
aware of a report that this issue may have been actively
exploited.
For the stable distribution (bullseye), this problem has been fixed in
version 2.36.7-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmMKLR4ACgkQAAyEYu0C
2AJDOA//V22fNdY0/G6glW0m9WDDKK+wqQHTI0kZehD7IuG8Y6wjeKff1ZvaGeW/
kOrAeg/jhxT1Q9gFOCfWmEimfEfnYUCORt/FTNVPG1inpPgkXOevnUbCpLZBQTJC
cjAc3+t7gXLo03fzAcDmPosQYyKyyxUDK6YKG/BQ9ZDHvS/vaE3zKzZOsFYgz6bg
bbPgu+O9PzrHmRO1iA5eLYbGBtc7CbRp3qWdxytDghnXBl3guG1HRFhoj0Gbk0lb
d0b9GABh3wpjCe44ny1/nvHO9xO538PcF0ZB36NRa9mHCIzqp2BxH4nf3jIiFjua
mKXGI48FIV/wL776l3B6DHNOY1hnuxe8C9p4ipBtxoLk50ffCuTBQwGlt9MLZ2zq
2GJcX8/iqIE3RlsXbVtZpqC01oCVnsYCujdKb6D9CEhE96V3S5qOh3aBQExM2UtQ
/c8JXwfo3J4lu42coF2oGbuMc0Sad35nvrIEocC50a2n3nsB4b3HSWwkDtn7OjxJ
k9HhRPETGK5sarE+JrlL/aslLq45LhBv0yHaMuE6jtYJ9o5t3GHzZvnzQYJ9rksk
2+Sv7iLBm9PbxUnIuzgTtgk+ghFy4q/KXJbayZ8ruqv1IQsp1wXq76kS3ywYk8Eg
AM8u3YbQiUmWPKuwz9Xe8TYYaAefs2jh/OMTe4W4+EAVu/EZfPc=
=aPej
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5219-1] webkit2gtk security update, Alberto Garcia, 27.08.2022
Archiv bereitgestellt durch MHonArc 2.6.24.