drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in WebKitGTK
Name: |
Mehrere Probleme in WebKitGTK |
|
ID: |
USN-5394-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 21.10 |
|
Datum: |
Do, 28. April 2022, 16:45 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22624 |
|
Applikationen: |
WebKitGTK |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============0449581479389452638== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------r4E0r4hjAIFStWRSH9lwqr67"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------r4E0r4hjAIFStWRSH9lwqr67 Content-Type: multipart/mixed; boundary="------------dhGiYr9S2xVevkDter3BAvrm"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <1a8160c5-a99d-7599-14c4-d387d1fbde70@canonical.com> Subject: [USN-5394-1] WebKitGTK vulnerabilities
--------------dhGiYr9S2xVevkDter3BAvrm Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-5394-1 April 28, 2022
webkit2gtk vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10 - Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in WebKitGTK.
Software Description: - webkit2gtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: libjavascriptcoregtk-4.0-18 2.36.0-0ubuntu0.21.10.3 libwebkit2gtk-4.0-37 2.36.0-0ubuntu0.21.10.3
Ubuntu 20.04 LTS: libjavascriptcoregtk-4.0-18 2.36.0-0ubuntu0.20.04.3 libwebkit2gtk-4.0-37 2.36.0-0ubuntu0.20.04.3
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5394-1 CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22637
Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.36.0-0ubuntu0.21.10.3 https://launchpad.net/ubuntu/+source/webkit2gtk/2.36.0-0ubuntu0.20.04.3
--------------dhGiYr9S2xVevkDter3BAvrm--
--------------r4E0r4hjAIFStWRSH9lwqr67 Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmJqoP4ACgkQZWnYVadE vpPFOw/+LNC3JcjbujGokbsBqiDrmqGwuZq2INY53HfzEbO5RKaDXI0LlcDKLg72 0ED72PL+Icq8w+mm3It4pKMRJnDuq2xdaLKwitmaS5ZOrAnog3W9cKjhPeRe2/YU CtBhi/PfMcBAFQJdruX0buANsB1dSOT3/e+ZxOvRDLEeGcZPlZPG5/PlHMLZvtVv WEIlYTJzV8oHPeO+Cbf0bbfkFu0jVpQjBUPr2mH6BgbdrKsQCGKPdUriuc54dzFt 1q8FSg3yIQD7lwnnO/KQrZEQ5tcybUDTbnODk+uZDtW+WAqPUGeqAMYD30adI+LR o9yBURgRrEcuEUWecjTGJaaj9cHXF8MS2ol333itKmMMTbhup/qjGRkFdzr3TFUB rAPrGpJOSuKv3hbO9fI76WPcDDYtFSFCVEbDpyHavefJt51vBAaMDtLIojpioBO5 xGooF0Oi8qufMs+fNwgKRrXWKhOyTJ6LndvdAStNGJkHat9jtfCoHR15uACWycDH nT9jw4Y7s96PlDm27/Rc4oC6g+5y0APZJyn+OuKlDRb9tSFR5vIDwzEjGteJBQF3 fcHpNDRzdPzYyTbdnS1+ibRk8wmCMvxvxIowcWWgkcwccV8/+Hv9s97ZlrZu63Cr jpbNB09AtprdkKgzUWS3kbjBNt4kJfUCGuTDqJmMGJV41ovp1ko= =ts3L -----END PGP SIGNATURE-----
--------------r4E0r4hjAIFStWRSH9lwqr67--
--===============0449581479389452638== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============0449581479389452638==--
|
|
|
|