-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5449-1 security@debian.org https://www.debian.org/security/ Alberto Garcia July 07, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2023-32439 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-32439 An anonymous researcher discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. For the oldstable distribution (bullseye), this problem has been fixed in version 2.40.3-2~deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 2.40.3-2~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmSnxE8ACgkQAAyEYu0C 2AILDQ//U2MDWIv7G/b/P2PVLmLpnkr7esLBp7LM55xtJxiwtmeMulSN41SIkT2G 0vXXa0/zpVpm46A+dFMMrALSX+cUi8QavuKn386HeFv+bIOgD1s6wHYMS17okggr N6pkJK6u2hgCtW0kW7Uuppmi5pAiKD6Uq4gALYidf4jirgW3HY1uf4l+PqUMhzqp tB32h0iUMBM/ht9eTRXfV3yye+5TVchJa0lLC2q98+PwrLvhSxG9gzsf1AUK5JBK ydO3xYbHYS3qcIuVBWB3WllCjnzMlLkZZY5ycRBudB0oOe6MGV/lnWmku4cZHdUu HMwhrwvciggkDYBIL+kl+q2xcfqO03PIHrQMzqaEWLXKu9dgy6DoOolHvRUkIUWU 8ge3MzU+pWcKANSn1jelArAclMbSrmWCFBQXyuzxj2WSo+99RhlQ0ZcOEL1JO1dl L0GcN7CavND11rUeeEYdTAj5nEIWE1DiVqKR8kR54hTLHRwU0hyunij4H1DnBOm+ FKPPlsKe7UB4aStHbh2xaPTywjxFmZ1GFgIAXLqkPbAtlOc5abtB2MQSwIXhZvVx 04ogyjBp8FwueO0G6vkoaFA7a/B+Stmh1vIIfct46GKQvwdkjuLQrkkU4SYOA+XR J5HASgl4LQ85n4B2MbOWDaCPSYIlINXoZf7UB011d7f25cw6SXw= =eEfc -----END PGP SIGNATURE-----