Updated webkit2 packages fix security vulnerabilities
Publication date: 28 Jan 2020Modification date: 28 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-8835 , CVE-2019-8844 , CVE-2019-8846
Description
Updated webkit2 packages fix security vulnerabilities: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844, CVE-2019-8846). For other fixes in this update, see the referenced release notes.
References
- https://bugs.mageia.org/show_bug.cgi?id=26127
- https://webkitgtk.org/security/WSA-2020-0001.html
- https://www.openwall.com/lists/oss-security/2020/01/23/2
- https://webkitgtk.org/2020/01/22/webkitgtk2.26.3-released.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8835
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8844
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8846
SRPMS
7/core
- webkit2-2.26.3-1.mga7