diff options
author | Alberto Garcia <berto@igalia.com> | 2022-04-08 16:31:06 +0200 |
---|---|---|
committer | Alberto Garcia <berto@igalia.com> | 2022-04-08 16:31:06 +0200 |
commit | dcfe145f41bba1403a45780c866f315df4a92ecb (patch) | |
tree | ae6f7dbd660627e547f0cd3a80c9ecf93d944dbe /data | |
parent | 5bb2ad15d34da923b5e32476986ffe569f00c892 (diff) |
webkit2gtk / wpewebkit upstream advisory WSA-2022-0004
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 24 | ||||
-rw-r--r-- | data/DSA/list | 4 |
2 files changed, 22 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index b71a0caf10..d048457b25 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -18345,8 +18345,12 @@ CVE-2022-22639 (A logic issue was addressed with improved state management. This NOT-FOR-US: Apple CVE-2022-22638 (A null pointer dereference was addressed with improved validation. Thi ...) NOT-FOR-US: Apple -CVE-2022-22637 +CVE-2022-22637 [A logic issue was addressed with improved state management] RESERVED + - webkit2gtk 2.34.4-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.34.4-1 + NOTE: https://webkitgtk.org/security/WSA-2022-0004.html CVE-2022-22636 (An out-of-bounds write issue was addressed with improved bounds checki ...) NOT-FOR-US: Apple CVE-2022-22635 (An out-of-bounds write issue was addressed with improved bounds checki ...) @@ -18361,18 +18365,30 @@ CVE-2022-22631 (An out-of-bounds write issue was addressed with improved bounds NOT-FOR-US: Apple CVE-2022-22630 RESERVED -CVE-2022-22629 +CVE-2022-22629 [A buffer overflow issue was addressed with improved memory handling] RESERVED -CVE-2022-22628 + - webkit2gtk 2.36.0-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.36.0-2 + NOTE: https://webkitgtk.org/security/WSA-2022-0004.html +CVE-2022-22628 [A use after free issue was addressed with improved memory management] RESERVED + - webkit2gtk 2.36.0-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.36.0-2 + NOTE: https://webkitgtk.org/security/WSA-2022-0004.html CVE-2022-22627 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) NOT-FOR-US: Apple CVE-2022-22626 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) NOT-FOR-US: Apple CVE-2022-22625 (An out-of-bounds read was addressed with improved input validation. Th ...) NOT-FOR-US: Apple -CVE-2022-22624 +CVE-2022-22624 [A use after free issue was addressed with improved memory management] RESERVED + - webkit2gtk 2.36.0-1 + [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) + - wpewebkit 2.36.0-2 + NOTE: https://webkitgtk.org/security/WSA-2022-0004.html CVE-2022-22623 (Multiple issues were addressed by updating to curl version 7.79.1. Thi ...) NOT-FOR-US: Apple CVE-2022-22622 (This issue was addressed with improved checks. This issue is fixed in ...) diff --git a/data/DSA/list b/data/DSA/list index f79b768b53..b26cd37838 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -197,10 +197,10 @@ [buster] - nss 2:3.42.1-1+deb10u5 [bullseye] - nss 2:3.61-1+deb11u2 [25 Jan 2022] DSA-5061-1 wpewebkit - security update - {CVE-2022-22594 CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984} + {CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 CVE-2022-22594 CVE-2022-22637} [bullseye] - wpewebkit 2.34.4-1~deb11u1 [25 Jan 2022] DSA-5060-1 webkit2gtk - security update - {CVE-2022-22594 CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984} + {CVE-2021-30934 CVE-2021-30936 CVE-2021-30951 CVE-2021-30952 CVE-2021-30953 CVE-2021-30954 CVE-2021-30984 CVE-2022-22594 CVE-2022-22637} [buster] - webkit2gtk 2.34.4-1~deb10u1 [bullseye] - webkit2gtk 2.34.4-1~deb11u1 [25 Jan 2022] DSA-5059-1 policykit-1 - security update |