주의: 이 번역은 원문보다 오래되었습니다.

데비안 보안 권고

DSA-4610-1 webkit2gtk -- 보안 업데이트

보고일:
2020년 01월 29일
영향 받는 패키지:
webkit2gtk
위험성:
보안 데이터베이스 참조:
Mitre의 CVE 사전: CVE-2019-8835, CVE-2019-8844, CVE-2019-8846.
추가 정보:

webkit2gtk web engine에서 아래 취약점을 발견:

  • CVE-2019-8835

    An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2019-8844

    William Bowling discovered that maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2019-8846

    Marcin Towalski of Cisco Talos discovered that maliciously crafted web content may lead to arbitrary code execution.

For the stable distribution (buster), these problems have been fixed in version 2.26.3-1~deb10u1.

webkit2gtk 패키지를 업그레이드 하는 게 좋습니다.

For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk