WebKitGTK+ (webkit2gtk): Security vunerbility on 2.26.2 #2135
Labels
aosa-pending
Pending AOSA (AOSC OS Security Advisory) assignment
security
Topic/issue involves a security issue/fixed
upgrade
Topic/issue involves a package upgrade
Comments
szclsya
added a commit
that referenced
this issue
Apr 17, 2020
- This patch is a cherrypick from 2.28.1, and should be removed when the version reaches 2.28.1.
MingcongBai
added
security
5 tasks
|
All done. @l2dy Please assign an AOSA. |
MingcongBai
added
the
aosa-pending
|
Use AOSA-2020-0081. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE IDs: CVE-2020-11793
Other security advisory IDs: WSA-2020-0004
Descriptions:
Processing maliciously crafted web content may lead to arbitrary code execution or application crash (denial of service)... A memory corruption issue (use-after-free) was addressed with improved memory handling.
Same as #2134, but on stable branch.
Patches: Cherry pick patch from 2.28.1.
PoC(s): N/A
Architectural progress:
amd64arm64armelppc64The text was updated successfully, but these errors were encountered: