[bug#64366] [PATCH]: Update webkitgtk to 2.40.3

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#64366] [PATCH]: Update webkitgtk to 2.40.3

From:	André A . Gomes
Subject:	[bug#64366] [PATCH]: Update webkitgtk to 2.40.3
Date:	Fri, 30 Jun 2023 17:55:02 +0300
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)

Hello Guix,

We should update webkitgtk ASAP since the vulnerability below has been
found.  Find the patch attached.  I didn't build it locally since my
machine isn't powerful enough.

CVE-2023-32439
    Versions affected: WebKitGTK and WPE WebKit before 2.40.3.
    Credit to an anonymous researcher.
    Impact: Processing maliciously crafted web content may lead to
    arbitrary code execution. Apple is aware of a report that this issue
    may have been actively exploited. Description: A type confusion
    issue was addressed with improved checks.

Thanks.


-- 
André A. Gomes
"You cannot even find the ruins..."

0001-gnu-webkitgtk-Update-to-2.40.3.patch
Description: Text Data

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#64366] [PATCH]: Update webkitgtk to 2.40.3, André A . Gomes <=

Prev by Date: [bug#64356] [PATCH v3 2/4] marionette: Allow passing custom OCR arguments.
Next by Date: [bug#64368] [PATCH] gnu: python-pyelftools: Update to 0.29
Previous by thread: [bug#64363] [PATCH] gnu: hwloc: Update to 2.9.2.
Next by thread: [bug#64368] [PATCH] gnu: python-pyelftools: Update to 0.29
Index(es):
- Date
- Thread