-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5219-1                   security@debian.org
https://www.debian.org/security/                           Alberto Garcia
August 27, 2022                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : webkit2gtk
CVE ID         : CVE-2022-32893

The following vulnerabilities have been discovered in the WebKitGTK
web engine:

CVE-2022-32893

    An anonymous researcher discovered that processing maliciously
    crafted web content may lead to arbitrary code execution. Apple is
    aware of a report that this issue may have been actively
    exploited.

For the stable distribution (bullseye), this problem has been fixed in
version 2.36.7-1~deb11u1.

We recommend that you upgrade your webkit2gtk packages.

For the detailed security status of webkit2gtk please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/webkit2gtk

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmMKLR4ACgkQAAyEYu0C
2AJDOA//V22fNdY0/G6glW0m9WDDKK+wqQHTI0kZehD7IuG8Y6wjeKff1ZvaGeW/
kOrAeg/jhxT1Q9gFOCfWmEimfEfnYUCORt/FTNVPG1inpPgkXOevnUbCpLZBQTJC
cjAc3+t7gXLo03fzAcDmPosQYyKyyxUDK6YKG/BQ9ZDHvS/vaE3zKzZOsFYgz6bg
bbPgu+O9PzrHmRO1iA5eLYbGBtc7CbRp3qWdxytDghnXBl3guG1HRFhoj0Gbk0lb
d0b9GABh3wpjCe44ny1/nvHO9xO538PcF0ZB36NRa9mHCIzqp2BxH4nf3jIiFjua
mKXGI48FIV/wL776l3B6DHNOY1hnuxe8C9p4ipBtxoLk50ffCuTBQwGlt9MLZ2zq
2GJcX8/iqIE3RlsXbVtZpqC01oCVnsYCujdKb6D9CEhE96V3S5qOh3aBQExM2UtQ
/c8JXwfo3J4lu42coF2oGbuMc0Sad35nvrIEocC50a2n3nsB4b3HSWwkDtn7OjxJ
k9HhRPETGK5sarE+JrlL/aslLq45LhBv0yHaMuE6jtYJ9o5t3GHzZvnzQYJ9rksk
2+Sv7iLBm9PbxUnIuzgTtgk+ghFy4q/KXJbayZ8ruqv1IQsp1wXq76kS3ywYk8Eg
AM8u3YbQiUmWPKuwz9Xe8TYYaAefs2jh/OMTe4W4+EAVu/EZfPc=
=aPej
-----END PGP SIGNATURE-----