diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2021-12-21 13:11:57 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-12-21 13:11:57 +0100 |
| commit | 69c51299dea51ac6a165ae6fa21f658bcc89481c (patch) | |
| tree | 8db5a7615100049c79107e3f526c280db4fbade6 | |
| parent | 6cb91b0fb8002538d3faf91461a4270074665c71 (diff) | |
new webkit issues
| -rw-r--r-- | data/CVE/list | 45 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 4 |
2 files changed, 40 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index 0ca8be4bf6..a4fff5a224 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -39511,19 +39511,34 @@ CVE-2021-30892 (An inherited permissions issue was addressed with additional res CVE-2021-30891 REJECTED CVE-2021-30890 (A logic issue was addressed with improved state management. This issue ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.3-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.3-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30889 (A buffer overflow issue was addressed with improved memory handling. T ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.1-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.1-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30888 (An information leakage issue was addressed. This issue is fixed in iOS ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.1-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.1-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30887 (A logic issue was addressed with improved restrictions. This issue is ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.3-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.3-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30886 (A use after free issue was addressed with improved memory management. ...) NOT-FOR-US: Apple CVE-2021-30885 REJECTED CVE-2021-30884 (The issue was resolved with additional restrictions on CSS compositing ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.1-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.1-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30883 (A memory corruption issue was addressed with improved memory handling. ...) NOT-FOR-US: Apple CVE-2021-30882 (A logic issue was addressed with improved validation. This issue is fi ...) @@ -39641,7 +39656,10 @@ CVE-2021-30838 (A memory corruption issue was addressed with improved memory han CVE-2021-30837 (A memory consumption issue was addressed with improved memory handling ...) NOT-FOR-US: Apple CVE-2021-30836 (An out-of-bounds read was addressed with improved input validation. Th ...) - NOT-FOR-US: Apple + - webkit2gtk 2.32.4-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.32.4-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30835 (This issue was addressed with improved checks. This issue is fixed in ...) NOT-FOR-US: Apple CVE-2021-30834 (A logic issue was addressed with improved state management. This issue ...) @@ -39667,7 +39685,10 @@ CVE-2021-30825 (This issue was addressed with improved checks. This issue is fix CVE-2021-30824 (A memory corruption issue was addressed with improved state management ...) NOT-FOR-US: Apple CVE-2021-30823 (A logic issue was addressed with improved restrictions. This issue is ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.1-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.1-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30822 RESERVED CVE-2021-30821 (A memory corruption issue was addressed with improved memory handling. ...) @@ -39677,7 +39698,10 @@ CVE-2021-30820 (A logic issue was addressed with improved state management. This CVE-2021-30819 (An out-of-bounds read was addressed with improved input validation. Th ...) NOT-FOR-US: Apple CVE-2021-30818 (A type confusion issue was addressed with improved state handling. Thi ...) - NOT-FOR-US: Apple + - webkit2gtk 2.34.1-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.1-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30817 (A permissions issue was addressed with improved validation. This issue ...) NOT-FOR-US: Apple CVE-2021-30816 (The issue was addressed with improved permissions logic. This issue is ...) @@ -39695,7 +39719,10 @@ CVE-2021-30811 (This issue was addressed with improved checks. This issue is fix CVE-2021-30810 (An authorization issue was addressed with improved state management. T ...) NOT-FOR-US: Apple CVE-2021-30809 (A use after free issue was addressed with improved memory management. ...) - NOT-FOR-US: Apple + - webkit2gtk 2.32.4-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.32.4-1 + NOTE: https://webkitgtk.org/security/WSA-2021-0007.html CVE-2021-30808 (This issue was addressed with improved checks. This issue is fixed in ...) NOT-FOR-US: Apple CVE-2021-30807 (A memory corruption issue was addressed with improved memory handling. ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 3a985e7dfc..a727cd34f5 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -65,6 +65,10 @@ trafficserver (jmm) -- varnish -- +webkit2gtk +-- +wpewebkit/stable +-- xorg-server (carnil) Maintainer preparing updates -- |