Debian Security Advisory 5575-1

Debian Security Advisory 5575-1: Posted Dec 12, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5575-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2023-42916, CVE-2023-42917; SHA-256 | fb2b3e50ddbe9455517494418af65058e060ac8c36d2bcce67a49bffceb3b808; Download | Favorite | View

Debian Security Advisory 5575-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5575-1                   security@debian.org
https://www.debian.org/security/                           Alberto Garcia
December 11, 2023                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : webkit2gtk
CVE ID         : CVE-2023-42916 CVE-2023-42917

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2023-42916

    Clement Lecigne discovered that processing web content may
    disclose sensitive information. Apple is aware of a report that
    this issue may have been actively exploited.

CVE-2023-42917

    Clement Lecigne discovered that processing web content may lead to
    arbitrary code execution. Apple is aware of a report that this
    issue may have been actively exploited.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.42.3-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 2.42.3-1~deb12u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmV3hxQACgkQAAyEYu0C
2ALD/A/+Inn3pEr29SXRWDWhmX/eUIg1KrUVGXXfgrWFaDx9ejRhchXnzORIOKcV
a1SlXQ48Gixernf8T06Hbvg6l3TL8vd+Z/mNO+oVYvT3h/ARiJ6rtAS+rxjpFrF0
GOGBDUh8X69knZ17ZZ4fuMo4dkGvq75Ww95bS70ffLWGcwvDjL0VYU1Igkcf8DAU
moqWeHGH1dPwQs18Ifa5PWCnBoxyBkeu3sQz1qsZQ4h628Feo1k7orjRiL7NDS9t
bfSZyiR935BmrOqbGZ1Mg8UH26qY9WZkARUEmi5kfHeycXvAs80sKW6AzKJtksa/
nidSAmYU9QTI5pHp4oF4hSlG7GSABQhSBEzx/B2449XvQOvoD0EAt7OKvEFZ7fIL
mHDLBl4K9QOErM7Qu2hWqaqEBnxo8Xb8epKFtqQUUqVpBPdc79UtrwNj2Lvg5/w3
TPqBc/OnYuXRuTlAZ85zAqbus6roCQI2Nwe6m8+lVhK1H4wRSGQ3XvzpGMG9bplq
y9Z7Lwg2b8s9+3Kfkm8fO9qsK0TrrODxBoJ/hvWZ0ULtvY3KzREnEpnKkPmPdtod
InJwL6vQbtR9D9Zcss8+pWm/ElD5ImTekoqs5vHrgFaXLH0iI/lAXPm/DFX5R5cW
SR6mK0T1Dwg5GveQlnVR7nbwYCtjZOPHGPKDUQYzaNf14keKk9A=
=v8r9
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 235 files
Ubuntu 50 files
Debian 19 files
LiquidWorm 15 files
Apple 9 files
Gentoo 5 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

Debian Security Advisory 5575-1

Debian Security Advisory 5575-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5575-1

Share This

Debian Security Advisory 5575-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems