-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5241-1 security@debian.org https://www.debian.org/security/ Alberto Garcia September 28, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpewebkit CVE ID : CVE-2022-32886 The following vulnerabilities have been discovered in the WPE WebKit web engine: CVE-2022-32886 P1umer, afang5472 and xmzyshypnc discovered that processing maliciously crafted web content may lead to arbitrary code execution For the stable distribution (bullseye), this problem has been fixed in version 2.38.0-1~deb11u1. We recommend that you upgrade your wpewebkit packages. For the detailed security status of wpewebkit please refer to its security tracker page at: https://security-tracker.debian.org/tracker/wpewebkit Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEYrwugQBKzlHMYFizAAyEYu0C2AIFAmM0ErUACgkQAAyEYu0C 2AK/TA/9FNEyzGshSoog6XBZ7bQR3ATaCA1V2vUDSkv1kaq9V7nPtBLW16Kwcgxe AjFzS7BfdW8vN4tnEAx65RS6q60jlADTgXUihiDFRdeuteNXYuMUOp61EU71SKDb LmSdwfU8ule3s1UMtbSG9n7W0NvkuuB+RdZX580r7F/CFpwELQiTeGbOodVfpKfl pU9zSAiEa+hoOeFX7wQewnL60goSPfjhjGZqPR2w0cKOk+zYPYBrAYvxGN+HFpeo 7yx8y0x7RsL/UNLkObs+VWPrPb4LNN4vQck3CYAW1lY0aI2+bQ7Roo4Ax4NvPqMT tNs+72vq/j6d9fYlyVpNJcnwKUxpygqMnRxLW0C16zfqUm7/SvT1MuF9HK0O+7yM 8xGjEsVXMGPeYEGyE+tnujlHeem+YWpi3ODMCizY4bohVPJyLypc+DwABo98yP9v MrtRr94RjfMJV/Khjj0nxxpTmIMjbXBC4uA+zwFtmjZo0vOiU3NfHIbcIZpQu4RC p7olYPSltWkRFnfXPRf97BLCCPolRnTmiQGq7zeqFsxSXaLTBKGqOOiuxkyRObeU W+ybs+X5MDAmRUM93JArarjrnJVE2XvRhXIRkGPIN918lysFwbfr5HwBMCsvaS10 5z+BCqx+A1fCgIja02N2aEr3FaOCDy8I/WqoI/7FwDz/z2y8JxU= =gReZ -----END PGP SIGNATURE-----