Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 33 articles for you...
89
security advisoryupdateFedoraFedora 41: epiphany 2025-164c668d6a critical: external protocol issue
Update to 47.7 notably fixing CVE-2025-3839. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-164c668d6a 2025-05-10 01:58:21.497415+00:00 -------------------------------------------------------------------------------- Name : epiphany Product : Fedora 41 Version : 47.7 Release : 1.fc41 URL : https://wiki.gnome.org/Apps/Web Summary : Web browser for GNOME Description : Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the web content, instead of the browser application. -------------------------------------------------------------------------------- Update Information: Update to 47.7 notably fixing CVE-2025-3839 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 24 2025 Michael Catanzaro - 1:47.7-1 - Update to Epiphany 47.7 * Tue Apr 22 2025 Michael Catanzaro - 1:47.6-1 - Update to 47.6 * Mon Apr 21 2025 Michael Catanzaro - 1:47.5-1 - Update to 47.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2361431 - CVE-2025-3839 epiphany: Insecure External Protocol Invocation in Epiphany [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2361431 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-164c668d6a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 10, 2025
•Critical
Fedora
202
security advisorymoderateupdateopenSUSE Tumbleweed: 2025:15011-1 moderate: epiphany-48.1-1.1
An update that solves one vulnerability can now be installed.. # epiphany-48.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15011-1 Rating: moderate Cross-References: * CVE-2025-3839 CVSS scores: * CVE-2025-3839 ( SUSE ): 8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the epiphany-48.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * epiphany 48.1-1.1 * epiphany-branding-upstream 48.1-1.1 * epiphany-lang 48.1-1.1 * gnome-shell-search-provider-epiphany 48.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-3839.html . A recent patch for openSUSE Tumbleweed resolves a notable security concern in epiphany-48.1-1.1. Find out more details.. openSUSE Tumbleweed, epiphany update, moderate security advisory. . LinuxSecurity.com Team
Apr 23, 2025
OpenSUSE
91
security advisorygentoobuffer overflowGentoo: GLSA-202405-27 Normal Severity: Epiphany Buffer Overflow Issue
A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-27 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Epiphany: Buffer Overflow Date: May 08, 2024 Bugs: #839786 ID: 202405-27 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow. Background ========== Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko. Affected packages ================= Package Vulnerable Unaffected ------------------- ------------ ------------ www-client/epiphany < 42.4 > = 42.4 Description =========== A vulnerability has been discovered in Epiphany. Please review the CVE identifier referenced below for details. Impact ====== In GNOME Epiphany an HTML document can trigger a client buffer overflow (in ephy_string_shorten) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. Workaround ========== There is no known workaround at this time. Resolution ========== All Epiphany users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =www-client/epiphany-42.4" References ========== [ 1 ] CVE-2022-29536 https://nvd.nist.gov/vuln/detail/CVE-2022-29536 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202405-27 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is ofutmost importance to us. Any security concerns should be addressed to
May 08, 2024
Gentoo
203
security advisorycritical riskweb securityMageia 8 MGASA-2023-0099 Critical: Epiphany Exfiltration Threat
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. (CVE-2023-26081) References: . MGASA-2023-0099 - Updated epiphany packages fix security vulnerability Publication date: 18 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0099.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-26081 In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. (CVE-2023-26081) References: - https://bugs.mageia.org/show_bug.cgi?id=31609 - https://lists.fedoraproject.org/archives/list/
Mar 18, 2023
•Critical
Mageia
89
security advisorycritical issueFedoraFedora 37 FEDORA-2023-d8d2cd7c58 Critical: Epiphany Password Exfiltration
New upstream version, including fix for CVE-2023-26081. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-d8d2cd7c58 2023-02-27 01:43:30.948396 --------------------------------------------------------------------------------Name : epiphany Product : Fedora 37 Version : 43.1 Release : 1.fc37 URL : https://wiki.gnome.org/Apps/Web Summary : Web browser for GNOME Description : Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the web content, instead of the browser application. --------------------------------------------------------------------------------Update Information: New upstream version, including fix for CVE-2023-26081 --------------------------------------------------------------------------------ChangeLog: * Tue Feb 21 2023 Michael Catanzaro - 1:43.1-1 - Update to 43.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2171910 - CVE-2023-26081 Epiphany: untrusted web content can trick users into exfiltrating passwords https://bugzilla.redhat.com/show_bug.cgi?id=2171910 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-d8d2cd7c58' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 27, 2023
•Critical
Fedora
203
security advisorymoderatebuffer overflowMageia 8: 2022-0382 Moderate: Epiphany Buffer Overflow Fix
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. (CVE-2022-29536) . MGASA-2022-0382 - Updated epiphany packages fix security vulnerability Publication date: 23 Oct 2022 URL: https://advisories.mageia.org/MGASA-2022-0382.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-29536 In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. (CVE-2022-29536) References: - https://bugs.mageia.org/show_bug.cgi?id=30365 - https://lists.fedoraproject.org/archives/list/
Oct 23, 2022
Mageia
89
security advisorybuffer overflowFedoraUbuntu 22.04: 2022-99780f3a3d Important: GIMP Vulnerability Remediation
Update to 42.2, fixes CVE-2022-29536. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-88690c6188 2022-05-07 04:08:14.316711 --------------------------------------------------------------------------------Name : epiphany Product : Fedora 36 Version : 42.2 Release : 1.fc36 URL : https://wiki.gnome.org/Apps/Web Summary : Web browser for GNOME Description : Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. --------------------------------------------------------------------------------Update Information: Update to 42.2, fixes CVE-2022-29536 --------------------------------------------------------------------------------ChangeLog: * Thu Apr 21 2022 Michael Catanzaro - 1:42.2-1 - Update to 42.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2077324 - CVE-2022-29536 epiphany: a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2077324 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-88690c6188' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 07, 2022
•Important
Fedora
89
security advisoryfedoracriticalFedora 34: 2022-22b85a45cb Critical: Epiphany Buffer Overflow Issue
Fix CVE-2022-29536. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-22b85a45cb 2022-04-30 18:40:14.826063 --------------------------------------------------------------------------------Name : epiphany Product : Fedora 34 Version : 40.6 Release : 2.fc34 URL : https://wiki.gnome.org/Apps/Web Summary : Web browser for GNOME Description : Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. --------------------------------------------------------------------------------Update Information: Fix CVE-2022-29536 --------------------------------------------------------------------------------ChangeLog: * Thu Apr 21 2022 Michael Catanzaro - 1:40.6-2 - Add patch for CVE-2022-29536 --------------------------------------------------------------------------------References: [ 1 ] Bug #2077324 - CVE-2022-29536 epiphany: a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2077324 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-22b85a45cb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 30, 2022
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!