Updated webkit2 packages fix security vulnerability
Publication date: 15 Jun 2023Modification date: 15 Jun 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-28204 , CVE-2023-32373
Description
Out-of-bounds read (CVE-2023-28204)
Use-after-free issue (CVE-2023-32373)
References
- https://bugs.mageia.org/show_bug.cgi?id=31986
- https://support.apple.com/en-us/HT213762
- https://webkitgtk.org/security/WSA-2023-0004.html
- https://webkitgtk.org/2023/05/29/webkitgtk2.40.2-released.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28204
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32373
SRPMS
8/core
- unifdef-2.12-1.mga8
- libwpe-1.14.1-1.mga8
- wpebackend-fdo-1.14.2-1.mga8
- libavif-0.11.1-1.mga8
- webkit2-2.40.2-1.mga8