-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5340-1 [email protected] https://www.debian.org/security/ Alberto Garcia February 06, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2022-42826 CVE-2023-23517 CVE-2023-23518 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826 Francisco Alonso discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-23517 YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution. CVE-2023-23518 YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae and Dohyun Lee discovered that processing maliciously crafted web content may lead to arbitrary code execution. For the stable distribution (bullseye), these problems have been fixed in version 2.38.4-2~deb11u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected]
Debian: DSA-5340-1: webkit2gtk security update
February 6, 2023
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826
Summary
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2022-42826
Francisco Alonso discovered that processing maliciously crafted
web content may lead to arbitrary code execution.
CVE-2023-23517
YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae
and Dohyun Lee discovered that processing maliciously crafted web
content may lead to arbitrary code execution.
CVE-2023-23518
YeongHyeon Choi, Hyeon Park, SeOk JEON, YoungSung Ahn, JunSeo Bae
and Dohyun Lee discovered that processing maliciously crafted web
content may lead to arbitrary code execution.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.4-2~deb11u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
Severity
Package : webkit2gtk
CVE ID : CVE-2022-42826 CVE-2023-23517 CVE-2023-23518
News
HOWTOs
Features
Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems
About Us
Powered By
