ALT-BU-2022-4703-1
Branch sisyphus_riscv64 update bulletin.
Package epiphany updated to version 42.2-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2022-29536
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106
- [debian-lts-announce] 20220818 [SECURITY] [DLA 3074-1] epiphany-browser security update
- [debian-lts-announce] 20220818 [SECURITY] [DLA 3074-1] epiphany-browser security update
- FEDORA-2022-22b85a45cb
- FEDORA-2022-22b85a45cb
- FEDORA-2022-88690c6188
- FEDORA-2022-88690c6188
- FEDORA-2022-ad26447c98
- FEDORA-2022-ad26447c98
- DSA-5208
- DSA-5208
Package libwebkitgtk4 updated to version 2.36.1-alt1 for branch sisyphus_riscv64.
Closed vulnerabilities
BDU:2022-04287
Уязвимость функции WebCore::TextureMapperLayer::setContentsLayer модулей отображения веб-страниц WebKitGTK и WPE WebKit, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2022-30293
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- [oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://bugs.webkit.org/show_bug.cgi?id=237187
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0
- GLSA-202208-39
- GLSA-202208-39
- DSA-5154
- DSA-5154
- DSA-5155
- DSA-5155