Mageia 2021-0583: webkit2 security update | LinuxSecurity.com

Advisories

MGASA-2021-0583 - Updated webkit2 packages fix security vulnerability

Publication date: 23 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0583.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-30887,
     CVE-2021-30890

Processing maliciously crafted web content may lead to unexpectedly
unenforced Content Security Policy. (CVE-2021-30887)

Processing maliciously crafted web content may lead to universal cross
site scripting. (CVE-2021-30890)

References:
- https://bugs.mageia.org/show_bug.cgi?id=29793
- https://webkitgtk.org/security/WSA-2021-0007.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30887
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30890

SRPMS:
- 8/core/webkit2-2.34.3-1.mga8

Mageia 2021-0583: webkit2 security update

Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy

Summary

Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887)
Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)

References

- https://bugs.mageia.org/show_bug.cgi?id=29793

- https://webkitgtk.org/security/WSA-2021-0007.html

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30887

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30890

Resolution

MGASA-2021-0583 - Updated webkit2 packages fix security vulnerability

SRPMS

- 8/core/webkit2-2.34.3-1.mga8

Severity
Publication date: 23 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0583.html
Type: security
CVE: CVE-2021-30887, CVE-2021-30890

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.