[SECURITY] [DLA 3982-1] webkit2gtk security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3982-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
December 03, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : webkit2gtk
Version : 2.46.4-1~deb11u1
CVE ID : CVE-2024-44308 CVE-2024-44309
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-44308
Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have
been actively exploited on Intel-based Mac systems.
CVE-2024-44309
Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to a cross site scripting
attack. Apple is aware of a report that this issue may have been
actively exploited on Intel-based Mac systems.
For Debian 11 bullseye, these problems have been fixed in version
2.46.4-1~deb11u1.
We recommend that you upgrade your webkit2gtk packages.
For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmdOwhYACgkQnUbEiOQ2
gwJRgBAAgiyvtGL/sC2/SmNAGYeYw5T2vFan3YXJ69G737GA50EIkSBnjhrof2/q
Hb2lbvU1Bffc6TrSFGENYNK56e1wZ+F4EJDg2eLl/sA+BHrAO3//1GrWALfU8sAq
4zLD8NbmZyCy8qa/zNCRiqWXchst9IW6fqS9QsdG/dPPAPiPw+CS7Gbt8uiBCX6F
GmyNlEpyohG4p7VNQAFdCfzzVt4N0a+7aq6UsAybOPVHuA3gVF0VLWTqq5Cyx9PN
B1Hhn1Uzmfvp/86+qJwS7xtrGRGb0oa75Ac+WV3Bpa/Hz0h/02C90gZqy5muKHNp
vhg55Qes+vgHQRw3dS9ZdaDHtTh8pN4CRy4V/b/jCe02d+5tGEObsJf1Slz4ZG4K
Ll3MLZYtgpttqhFvZ44UPMJ7K333LSUB8ddACCnWRgOrmmvOdFNOocOU4fiZ/xXP
vx4xaaijCIgoMBejsqdhjwsWhy+vqh9TAEN+/lOMdFSYtYq+qJ+ZCdW/t/y4fci9
ADlVoIV57GhjBJ0jJXksAfYRqtu2sgYxKubVbJTrlitzjW2geAfJeMdvbxPFelIL
9zYDSSjZsiSqWuA8aDgAVlweAlEKo1ax2aiW5cbaykM54DZCQrK94MjgP/DkpPyh
byakPSLu1qZL7TJOxsfhVE97nAxEo/g/+rZ5X/0nwCTFAfiZpPg=
=4R43
-----END PGP SIGNATURE-----
Reply to: