-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4976-1                   security@debian.org
https://www.debian.org/security/                           Alberto Garcia
September 20, 2021                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wpewebkit
CVE ID         : CVE-2021-30858

The following vulnerabilities have been discovered in the webkit2gtk
web engine:

CVE-2021-30858
    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to arbitrary code execution. Apple is
    aware of a report that this issue may have been actively
    exploited.

For the stable distribution (bullseye), this problem has been fixed in
version 2.32.4-1~deb11u1.

We recommend that you upgrade your wpewebkit packages.

For the detailed security status of wpewebkit please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wpewebkit

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmFJsE8ACgkQAAyEYu0C
2AKV0g//RZZv0o8nec9Qa8kbs6DToqRpxq1+ml5ULyPzBHr0GvFGMv0CgGnySv5E
tzZV3GIxVV913yL0CiAxG1wP2yEpAcnCjcFPbaug5TIdDwDH3ysz2RBy+3vWnFAF
4Y/l60p2VAAwcD7wezGL2mh0AgscD6PAumST1oFr3eS+1JKzkf9qszukZsTbUaTx
+iYLepFyAsPz+TXWtzIm25sP9qXdOhBI/Wpj7mpPB2mzvRyFYB0al8p6JMJdTS4M
zN5tgZdpcUnpB4kp4j2bHxmcYOV18qrBLXG6OGIkse/WZwqQus5/Kui4AlDYfd/M
iq3RK6CTJp5jcMQHwWl/YSnMR7Id1cVBB1kWqlZ9eI4uEIYtxcwSp6bwmj6A7cEk
Ac3GQUKgf58kDuOiUC8G/gVENHMxDg5WM6VqadzyTlLAvIxdbkGizpbzF+3vICmS
7nBQQbOLzJonwyWVHtmSw2Gj6GbxGpkkTcVRBD5OxQO5haVjOeUR7+R2qOLep92N
JvEpr9ubxwBpevBgFAczZnmduF7t7P8FYYBKgGiZJ6rq8g/dk7qgOE5x3qAz4h0j
/L/GfgYVIuIsaFLjRcEZ3PXvzsXQ2TThkNUMGFuZhKyRkpj1QcvoZd4aYPMFK2sd
q9zj9mbQBk3v1//sd8ZgAN/hDma8XoA3Uo30vI+MQkcRPZIHIyI=
=83R+
-----END PGP SIGNATURE-----