You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa webkit2gtk

Sigurnosni nedostaci programskog paketa webkit2gtk

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4558-1 security@debian.org
https://www.debian.org/security/ Alberto Garcia
November 04, 2019 https://www.debian.org/security/faq
– ————————————————————————-

Package : webkit2gtk
CVE ID : CVE-2019-8625 CVE-2019-8720 CVE-2019-8769 CVE-2019-8771

Several vulnerabilities have been discovered in the webkit2gtk web engine:

CVE-2019-8625

Sergei Glazunov discovered that maliciously crafted web content
may lead to universal cross site scripting.

CVE-2019-8720

Wen Xu discovered that maliciously crafted web content may lead to
arbitrary code execution.

CVE-2019-8769

Pierre Reimertz discovered that visiting a maliciously crafted
website may reveal browsing history.

CVE-2019-8771

Eliya Stein discovered that maliciously crafted web content may
violate iframe sandboxing policy.

For the stable distribution (buster), these problems have been fixed in
version 2.26.1-3~deb10u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3An/sACgkQEMKTtsN8
TjZv3A//UJcdspSRw9nCLFFf4Sj13DrXJoNcmLKkSh+5fTlIlYBdc8E2PT0coGtb
DIdgCoSBd3QwWbAgthkDYxtSTwgbudmDrc59UgY3aHCuvsiDRN6A53C7NMI0eWkW
DftztJ/TVVm9Ym9sNyEMve1sO5JwpPmvMA7Byxfn7+666nZX9gt5C2W2l/vsmxch
Yy7X1Eb56NPoJX66nuznb2Ak435DXRVDiP3dj05rTqdix1ok4Rh5+uho8Kzp/DXs
qAsAbAdcm+5Kk2n313+Vp2jsDOAYWesdyo2JoMw215p/qPk+AoYs91VKDa3Hr9+2
8SRZ3rny514QDFdQZ6ihGIr+eO1xS5zl184LM4bKBb0zWDdTPRP3YIuJ3GSBr5xP
oCuvZ0N4boZRwQvdO/E6wkl2ZUZJVBKH3/aIyZ0rC9JDTejMIlcCryhqjccCnHKZ
2jmuk1RrR/0emLiGGa60GV1F0gimw+5tpFyPAQHxILqSNgMhT21ak/kxTcCn3Tq8
eZi/UnwCDKOsubQlxI8Kjm+ymhVnBzRbcG5pUHzeuSIYHNnRyhN9FMfAyJbtPnVV
9Zr44CfZpqTsoMSBVlNXdMaVbSRazC7LX94TZM3gUrLMjXq8Iyy7No52sh72Exhw
H0jDUqa9sB1fXuiZYEQolUxcvuJggolnGKII1YrdOkqJfVmzCSs=
=HGVt
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa Chromium

Otkriveni su sigurnosni nedostaci u programskom paketu Chromium za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close